starsgab.com Open in urlscan Pro
165.227.201.152 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://starsgab.com/
Effective URL:
https://starsgab.com/
Submission: On May 17 via manual (May 17th 2023, 9:27:15 pm UTC) from US — Scanned from US

Summary HTTP 260 Redirects Behaviour Indicators

Summary

This website contacted 57 IPs in 6 countries across 58 domains to perform 260 HTTP transactions. The main IP is 165.227.201.152, located in North Bergen, United States and belongs to DIGITALOCEAN-ASN, US. The main domain is starsgab.com. The Cisco Umbrella rank of the primary domain is 697958.
TLS certificate: Issued by R3 on March 14th 2023. Valid for: 3 months.

This is the only time starsgab.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
50	165.227.201.152 165.227.201.152	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
8	2607:f8b0:400... 2607:f8b0:400c:c1a::5f	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4006:806::2008	15169 (GOOGLE) (GOOGLE)
5	2600:1400:900... 2600:1400:9000::687e:74c9	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
13	2607:f8b0:400... 2607:f8b0:4006:80b::2002	15169 (GOOGLE) (GOOGLE)
2	192.0.76.3 192.0.76.3	2635 (AUTOMATTIC) (AUTOMATTIC)
1	2606:4700:303... 2606:4700:3038::6815:eb09	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	2607:f8b0:400... 2607:f8b0:4006:817::2003	15169 (GOOGLE) (GOOGLE)
2	65.108.0.253 65.108.0.253	24940 (HETZNER-AS) (HETZNER-AS)
6	2607:f8b0:400... 2607:f8b0:4006:824::2002	15169 (GOOGLE) (GOOGLE)
4	2001:4860:480... 2001:4860:4802:36::178	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:400c:c06::9b	15169 (GOOGLE) (GOOGLE)
3	2600:9000:24f... 2600:9000:24f7:f600:9:46dc:4700:93a1	16509 (AMAZON-02) (AMAZON-02)
3	108.138.107.138 108.138.107.138	16509 (AMAZON-02) (AMAZON-02)
7	2607:f8b0:400... 2607:f8b0:4006:81d::2002	15169 (GOOGLE) (GOOGLE)
1	2a04:4e42:400... 2a04:4e42:400::485	54113 (FASTLY) (FASTLY)
1	2606:4700:20:... 2606:4700:20::681a:68b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:20:... 2606:4700:20::681a:346	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.250.72.102 142.250.72.102	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:820::2002	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:400c:c14::9c	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:400c:c11::84	15169 (GOOGLE) (GOOGLE)
1	54.204.226.31 54.204.226.31	14618 (AMAZON-AES) (AMAZON-AES)
2	130.211.23.194 130.211.23.194	15169 (GOOGLE) (GOOGLE)
1	2602:803:c002... 2602:803:c002:200::32	26667 (RUBICONPR...) (RUBICONPROJECT)
1	104.36.115.111 104.36.115.111	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 3	68.67.161.208 68.67.161.208	29990 (ASN-APPNEX) (ASN-APPNEX)
3	52.3.128.253 52.3.128.253	14618 (AMAZON-AES) (AMAZON-AES)
1	18.164.98.157 18.164.98.157	16509 (AMAZON-02) (AMAZON-02)
24	2607:f8b0:400... 2607:f8b0:4006:821::2001	15169 (GOOGLE) (GOOGLE)
5	2607:f8b0:400... 2607:f8b0:400c:c04::9d	15169 (GOOGLE) (GOOGLE)
6	2607:f8b0:400... 2607:f8b0:400c:c38::5e	15169 (GOOGLE) (GOOGLE)
1 18	52.46.143.56 52.46.143.56	16509 (AMAZON-02) (AMAZON-02)
1 1	35.214.153.92 35.214.153.92	15169 (GOOGLE) (GOOGLE)
1 1	23.198.216.24 23.198.216.24	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	34.239.98.248 34.239.98.248	14618 (AMAZON-AES) (AMAZON-AES)
1 1	2600:9000:220... 2600:9000:2209:5a00:1b:5138:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
2 2	35.194.66.159 35.194.66.159	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 4	34.98.64.218 34.98.64.218	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	20.127.253.7 20.127.253.7	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2 2	162.19.138.82 162.19.138.82	16276 (OVH) (OVH)
4 4	2606:ae80:147... 2606:ae80:1471:1a::1400	25751 (VALUECLICK) (VALUECLICK)
4 9	3.224.220.47 3.224.220.47	14618 (AMAZON-AES) (AMAZON-AES)
2	104.118.8.253 104.118.8.253	16625 (AKAMAI-AS) (AKAMAI-AS)
1	34.236.25.118 34.236.25.118	14618 (AMAZON-AES) (AMAZON-AES)
1 5	198.148.27.139 198.148.27.139	19189 (PULSEPOINT) (PULSEPOINT)
4 22	35.71.139.29 35.71.139.29	16509 (AMAZON-02) (AMAZON-02)
1 2	2600:1f18:4e9... 2600:1f18:4e9:5a01:5d7a:95f2:7368:f3d	14618 (AMAZON-AES) (AMAZON-AES)
9 9	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
8 17	142.251.41.2 142.251.41.2	15169 (GOOGLE) (GOOGLE)
1 1	192.132.33.46 192.132.33.46	18568 (BIDTELLECT) (BIDTELLECT)
1 1	8.43.72.98 8.43.72.98	26667 (RUBICONPR...) (RUBICONPROJECT)
2 2	192.40.39.223 192.40.39.223	27381 (CASALE-MEDIA) (CASALE-MEDIA)
4	108.156.184.119 108.156.184.119	16509 (AMAZON-02) (AMAZON-02)
2	2607:f8b0:400... 2607:f8b0:4006:817::2004	15169 (GOOGLE) (GOOGLE)
3	3.216.16.167 3.216.16.167	14618 (AMAZON-AES) (AMAZON-AES)
4 4	199.127.204.142 199.127.204.142	26120 (RHYTHMONE) (RHYTHMONE)
2 2	2620:112:f002... 2620:112:f002:bbbb::21	6336 (TURN-US-ASN) (TURN-US-ASN)
4 6	34.111.113.62 34.111.113.62	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 2	104.36.115.113 104.36.115.113	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 2	207.198.113.87 207.198.113.87	13768 (COGECO-PEER1) (COGECO-PEER1)
2 2	52.86.219.236 52.86.219.236	14618 (AMAZON-AES) (AMAZON-AES)
1 2	151.101.130.49 151.101.130.49	54113 (FASTLY) (FASTLY)
1 1	199.38.167.130 199.38.167.130	54312 (ROCKETFUEL) (ROCKETFUEL)
4	162.248.18.37 162.248.18.37	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 2	52.0.82.32 52.0.82.32	14618 (AMAZON-AES) (AMAZON-AES)
1	8.28.7.83 8.28.7.83	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	3.225.4.30 3.225.4.30	14618 (AMAZON-AES) (AMAZON-AES)
1	159.203.145.121 159.203.145.121	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1 1	199.187.193.197 199.187.193.197	47043 (SMARTADSE...) (SMARTADSERVER)
1 1	124.146.215.46 124.146.215.46	2514 (INFOSPHER...) (INFOSPHERE NTT PC Communications)
1 1	3.225.218.10 3.225.218.10	14618 (AMAZON-AES) (AMAZON-AES)
1 1	35.208.249.213 35.208.249.213	15169 (GOOGLE) (GOOGLE)
2 6	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.225.223.81 13.225.223.81	16509 (AMAZON-02) (AMAZON-02)
1	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3 3	35.211.178.172 35.211.178.172	15169 (GOOGLE) (GOOGLE)
1 1	34.204.24.233 34.204.24.233	14618 (AMAZON-AES) (AMAZON-AES)
2 2	64.74.236.127 64.74.236.127	19024 (INTERNAP-...) (INTERNAP-BLK5)
1 1	104.76.100.229 104.76.100.229	16625 (AKAMAI-AS) (AKAMAI-AS)
1	162.248.18.34 162.248.18.34	62713 (AS-PUBMATIC) (AS-PUBMATIC)
260	57

50 165.227.201.152 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: 315146.cloudwaysapps.com

starsgab.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2607:f8b0:400c:c1a::5f (Charleston, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:806::2008 (Flushing, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2600:1400:9000::687e:74c9 (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)

cdn.fuseplatform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2607:f8b0:4006:80b::2002 (Flushing, United States)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.0.76.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

stats.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3038::6815:eb09 (United States)

ASN13335 (CLOUDFLARENET, US)

a.vdo.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2607:f8b0:4006:817::2003 (Flushing, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 65.108.0.253 (Helsinki, Finland)

ASN24940 (HETZNER-AS, DE)
PTR: static.253.0.108.65.clients.your-server.de

analytics.vdo.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2607:f8b0:4006:824::2002 (Flushing, United States)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2001:4860:4802:36::178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:400c:c06::9b (Charleston, United States)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:24f7:f600:9:46dc:4700:93a1 (United States)

ASN16509 (AMAZON-02, US)

cmp.quantcast.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 108.138.107.138 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-107-138.jfk50.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2607:f8b0:4006:81d::2002 (Flushing, United States)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:400::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:68b (United States)

ASN13335 (CLOUDFLARENET, US)

btloader.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:346 (United States)

ASN13335 (CLOUDFLARENET, US)

ad-delivery.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.72.102 (Staten Island, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s32-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:820::2002 (Flushing, United States)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:400c:c14::9c (Charleston, United States)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:400c:c11::84 (Charleston, United States)

ASN15169 (GOOGLE, US)

dc0b8ab8643cd81c1ff058aa8c270dfc.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.204.226.31 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-204-226-31.compute-1.amazonaws.com

apis.cmp.quantcast.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 130.211.23.194 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 194.23.211.130.bc.googleusercontent.com

api.btloader.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2602:803:c002:200::32 (United States)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.36.115.111 (United States)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 68.67.161.208 (New York, United States) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 806.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.3.128.253 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-3-128-253.compute-1.amazonaws.com

tlx.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.164.98.157 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-98-157.jfk50.r.cloudfront.net

aax.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2607:f8b0:4006:821::2001 (Flushing, United States)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2607:f8b0:400c:c04::9d (Charleston, United States)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2607:f8b0:400c:c38::5e (Charleston, United States)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 52.46.143.56 (Ashburn, United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.214.153.92 (Groningen, Netherlands) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 92.153.214.35.bc.googleusercontent.com

csync.loopme.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.198.216.24 (Piscataway, United States) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-198-216-24.deploy.static.akamaitechnologies.com

cs.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.239.98.248 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-239-98-248.compute-1.amazonaws.com

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2209:5a00:1b:5138:8a40:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.194.66.159 (Washington, United States) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 159.66.194.35.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.98.64.218 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com

u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 20.127.253.7 (Tappahannock, United States) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

sync.inmobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.19.138.82 (France) 2 redirects

ASN16276 (OVH, FR)
PTR: ns31532337.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:ae80:1471:1a::1400 (United States) 4 redirects

ASN25751 (VALUECLICK, US)

amazon-tam-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pulsepoint-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 3.224.220.47 (Ashburn, United States) 4 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-224-220-47.compute-1.amazonaws.com

match.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.118.8.253 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a104-118-8-253.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.236.25.118 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-236-25-118.compute-1.amazonaws.com

sync-amz.ads.yieldmo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 198.148.27.139 (New York, United States) 1 redirects

ASN19189 (PULSEPOINT, US)

bh.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 35.71.139.29 (United States) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: afb83dd09526a6517.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1f18:4e9:5a01:5d7a:95f2:7368:f3d (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 52.223.40.198 (United States) 9 redirects

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 142.251.41.2 (United States) 8 redirects

ASN15169 (GOOGLE, US)
PTR: lga34s40-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.132.33.46 (United States) 1 redirects

ASN18568 (BIDTELLECT, US)
PTR: NET-33-132-192.46.bidtellect.com

bttrack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 8.43.72.98 (United States) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.40.39.223 (Canada) 2 redirects

ASN27381 (CASALE-MEDIA, CA)

ssum.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 108.156.184.119 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-156-184-119.cmh68.r.cloudfront.net

ib.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:817::2004 (Flushing, United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.216.16.167 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-216-16-167.compute-1.amazonaws.com

ads.yieldmo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 199.127.204.142 (United States) 4 redirects

ASN26120 (RHYTHMONE, US)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:112:f002:bbbb::21 (United States) 2 redirects

ASN6336 (TURN-US-ASN, US)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 34.111.113.62 (Kansas City, United States) 4 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.36.115.113 (United States) 1 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 207.198.113.87 (Herndon, United States) 2 redirects

ASN13768 (COGECO-PEER1, CA)

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.86.219.236 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-86-219-236.compute-1.amazonaws.com

sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.130.49 (United States) 1 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.38.167.130 (United States) 1 redirects

ASN54312 (ROCKETFUEL, US)

p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 162.248.18.37 (United States)

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.0.82.32 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-0-82-32.compute-1.amazonaws.com

thrtle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 8.28.7.83 (United States)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.225.4.30 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-225-4-30.compute-1.amazonaws.com

rtb.adentifi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 159.203.145.121 (Clifton, United States)

ASN14061 (DIGITALOCEAN-ASN, US)

cs.chocolateplatform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.187.193.197 (Canada) 1 redirects

ASN47043 (SMARTADSERVER, CA)

ssbsync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 124.146.215.46 (Japan) 1 redirects

ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP)

tg.socdm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.225.218.10 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-225-218-10.compute-1.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.208.249.213 (Council Bluffs, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 213.249.208.35.bc.googleusercontent.com

trace.mediago.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2620:1ec:c11::200 (United States) 2 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.223.81 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-223-81.jfk51.r.cloudfront.net

img.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.211.178.172 (North Charleston, United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: 172.178.211.35.bc.googleusercontent.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.204.24.233 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-204-24-233.compute-1.amazonaws.com

beacon.lynx.cognitivlabs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 64.74.236.127 (United States) 2 redirects

ASN19024 (INTERNAP-BLK5, US)
PTR: chi.outbrain.com

b1sync.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.76.100.229 (Secaucus, United States) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-76-100-229.deploy.static.akamaitechnologies.com

stags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.248.18.34 (United States)

ASN62713 (AS-PUBMATIC, US)

simage4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
50	starsgab.com starsgab.com — Cisco Umbrella Rank: 697958	5 MB
40	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 93 dc0b8ab8643cd81c1ff058aa8c270dfc.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 132	447 KB
32	doubleclick.net 8 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 34 stats.g.doubleclick.net — Cisco Umbrella Rank: 76 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 184 ad.doubleclick.net — Cisco Umbrella Rank: 165 cm.g.doubleclick.net — Cisco Umbrella Rank: 210	330 KB
30	3lift.com 4 redirects tlx.3lift.com — Cisco Umbrella Rank: 508 eb2.3lift.com — Cisco Umbrella Rank: 358 ib.3lift.com — Cisco Umbrella Rank: 1345 img.3lift.com — Cisco Umbrella Rank: 2401	79 KB
22	amazon-adsystem.com 1 redirects c.amazon-adsystem.com — Cisco Umbrella Rank: 286 aax.amazon-adsystem.com — Cisco Umbrella Rank: 387 s.amazon-adsystem.com — Cisco Umbrella Rank: 273	74 KB
13	gstatic.com fonts.gstatic.com www.gstatic.com	212 KB
11	pubmatic.com 1 redirects hbopenbid.pubmatic.com — Cisco Umbrella Rank: 477 ads.pubmatic.com — Cisco Umbrella Rank: 492 image6.pubmatic.com — Cisco Umbrella Rank: 682 image2.pubmatic.com — Cisco Umbrella Rank: 820 simage2.pubmatic.com — Cisco Umbrella Rank: 660 simage4.pubmatic.com — Cisco Umbrella Rank: 1193	26 KB
9	adsrvr.org 9 redirects match.adsrvr.org — Cisco Umbrella Rank: 306	4 KB
9	sharethrough.com 4 redirects match.sharethrough.com — Cisco Umbrella Rank: 518	6 KB
8	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 35	7 KB
6	bing.com 2 redirects www.bing.com — Cisco Umbrella Rank: 69 c.bing.com — Cisco Umbrella Rank: 232	26 KB
6	tapad.com 4 redirects pixel.tapad.com — Cisco Umbrella Rank: 447	1 KB
5	contextweb.com 1 redirects bh.contextweb.com — Cisco Umbrella Rank: 550	5 KB
5	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 181	264 KB
5	google.com adservice.google.com — Cisco Umbrella Rank: 68 www.google.com — Cisco Umbrella Rank: 2	2 KB
5	fuseplatform.net cdn.fuseplatform.net — Cisco Umbrella Rank: 16564	150 KB
4	yieldmo.com sync-amz.ads.yieldmo.com — Cisco Umbrella Rank: 4701 ads.yieldmo.com — Cisco Umbrella Rank: 627	3 KB
4	dotomi.com 4 redirects amazon-tam-match.dotomi.com — Cisco Umbrella Rank: 4475 pulsepoint-match.dotomi.com — Cisco Umbrella Rank: 5958	1 KB
4	openx.net 1 redirects u.openx.net — Cisco Umbrella Rank: 619 us-u.openx.net — Cisco Umbrella Rank: 436	2 KB
4	quantcast.com cmp.quantcast.com — Cisco Umbrella Rank: 2644 apis.cmp.quantcast.com — Cisco Umbrella Rank: 5671	51 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 30	21 KB
3	bidswitch.net 3 redirects x.bidswitch.net — Cisco Umbrella Rank: 290	2 KB
3	1rx.io 3 redirects sync.1rx.io — Cisco Umbrella Rank: 514	2 KB
3	yahoo.com 2 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 423 ups.analytics.yahoo.com — Cisco Umbrella Rank: 272	2 KB
3	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 214	3 KB
3	btloader.com btloader.com — Cisco Umbrella Rank: 814 api.btloader.com — Cisco Umbrella Rank: 906	14 KB
3	vdo.ai a.vdo.ai — Cisco Umbrella Rank: 24802 analytics.vdo.ai — Cisco Umbrella Rank: 25338	7 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 40	163 KB
2	zemanta.com 2 redirects b1sync.zemanta.com — Cisco Umbrella Rank: 533	1 KB
2	thrtle.com 1 redirects thrtle.com — Cisco Umbrella Rank: 1209	683 B
2	everesttech.net 1 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 606	771 B
2	crwdcntrl.net 2 redirects sync.crwdcntrl.net — Cisco Umbrella Rank: 755	1 KB
2	sitescout.com 2 redirects pixel-sync.sitescout.com — Cisco Umbrella Rank: 607	1 KB
2	turn.com 2 redirects ad.turn.com — Cisco Umbrella Rank: 812	952 B
2	casalemedia.com 2 redirects ssum.casalemedia.com — Cisco Umbrella Rank: 1248	2 KB
2	id5-sync.com 2 redirects id5-sync.com — Cisco Umbrella Rank: 421	3 KB
2	simpli.fi 2 redirects um.simpli.fi — Cisco Umbrella Rank: 722	1 KB
2	bidr.io 2 redirects match.prod.bidr.io — Cisco Umbrella Rank: 520	1 KB
2	rubiconproject.com 1 redirects fastlane.rubiconproject.com — Cisco Umbrella Rank: 469 pixel.rubiconproject.com — Cisco Umbrella Rank: 315	2 KB
2	ad-delivery.net ad-delivery.net — Cisco Umbrella Rank: 886	1 KB
2	wp.com stats.wp.com — Cisco Umbrella Rank: 2626 pixel.wp.com — Cisco Umbrella Rank: 2471	5 KB
1	bluekai.com 1 redirects stags.bluekai.com — Cisco Umbrella Rank: 511	750 B
1	cognitivlabs.com 1 redirects beacon.lynx.cognitivlabs.com — Cisco Umbrella Rank: 1321	609 B
1	linkedin.com px.ads.linkedin.com — Cisco Umbrella Rank: 339	510 B
1	mediago.io 1 redirects trace.mediago.io — Cisco Umbrella Rank: 1160	452 B
1	socdm.com 1 redirects tg.socdm.com — Cisco Umbrella Rank: 969	1 KB
1	smartadserver.com 1 redirects ssbsync.smartadserver.com — Cisco Umbrella Rank: 724	457 B
1	chocolateplatform.com cs.chocolateplatform.com — Cisco Umbrella Rank: 4404	134 B
1	adentifi.com rtb.adentifi.com — Cisco Umbrella Rank: 1039	287 B
1	rfihub.com 1 redirects p.rfihub.com — Cisco Umbrella Rank: 728	792 B
1	unrulymedia.com 1 redirects sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1040	575 B
1	bttrack.com 1 redirects bttrack.com — Cisco Umbrella Rank: 780	413 B
1	inmobi.com 1 redirects sync.inmobi.com — Cisco Umbrella Rank: 1398	623 B
1	smaato.net 1 redirects s.ad.smaato.net — Cisco Umbrella Rank: 713	532 B
1	media.net 1 redirects cs.media.net — Cisco Umbrella Rank: 1383	665 B
1	loopme.me 1 redirects csync.loopme.me — Cisco Umbrella Rank: 849	235 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 902	602 B
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 344	1 KB
260	58

	Domain	Requested by
50	starsgab.com	starsgab.com
24	tpc.googlesyndication.com	starsgab.com dc0b8ab8643cd81c1ff058aa8c270dfc.safeframe.googlesyndication.com googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
22	eb2.3lift.com	4 redirects dc0b8ab8643cd81c1ff058aa8c270dfc.safeframe.googlesyndication.com s.amazon-adsystem.com starsgab.com ib.3lift.com eb2.3lift.com
18	s.amazon-adsystem.com	1 redirects c.amazon-adsystem.com s.amazon-adsystem.com u.openx.net match.sharethrough.com sync-amz.ads.yieldmo.com bh.contextweb.com ads.pubmatic.com
17	cm.g.doubleclick.net	8 redirects u.openx.net sync-amz.ads.yieldmo.com dc0b8ab8643cd81c1ff058aa8c270dfc.safeframe.googlesyndication.com starsgab.com eb2.3lift.com
13	pagead2.googlesyndication.com	starsgab.com pagead2.googlesyndication.com googleads.g.doubleclick.net dc0b8ab8643cd81c1ff058aa8c270dfc.safeframe.googlesyndication.com www.googletagservices.com tpc.googlesyndication.com
9	match.adsrvr.org	9 redirects
9	match.sharethrough.com	4 redirects s.amazon-adsystem.com match.sharethrough.com
8	fonts.googleapis.com	starsgab.com dc0b8ab8643cd81c1ff058aa8c270dfc.safeframe.googlesyndication.com googleads.g.doubleclick.net ib.3lift.com
7	securepubads.g.doubleclick.net	cdn.fuseplatform.net securepubads.g.doubleclick.net starsgab.com
7	fonts.gstatic.com	fonts.googleapis.com
6	pixel.tapad.com	4 redirects sync-amz.ads.yieldmo.com s.amazon-adsystem.com
6	www.gstatic.com	starsgab.com dc0b8ab8643cd81c1ff058aa8c270dfc.safeframe.googlesyndication.com googleads.g.doubleclick.net
6	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
5	www.bing.com	2 redirects dc0b8ab8643cd81c1ff058aa8c270dfc.safeframe.googlesyndication.com starsgab.com
5	bh.contextweb.com	1 redirects s.amazon-adsystem.com bh.contextweb.com
5	www.googletagservices.com	starsgab.com googleads.g.doubleclick.net dc0b8ab8643cd81c1ff058aa8c270dfc.safeframe.googlesyndication.com
5	cdn.fuseplatform.net	starsgab.com cdn.fuseplatform.net
4	image2.pubmatic.com	ads.pubmatic.com s.amazon-adsystem.com
4	ib.3lift.com	dc0b8ab8643cd81c1ff058aa8c270dfc.safeframe.googlesyndication.com ib.3lift.com
4	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	x.bidswitch.net	3 redirects
3	sync.1rx.io	3 redirects
3	ads.yieldmo.com	sync-amz.ads.yieldmo.com
3	tlx.3lift.com	cdn.fuseplatform.net dc0b8ab8643cd81c1ff058aa8c270dfc.safeframe.googlesyndication.com
3	ib.adnxs.com	2 redirects cdn.fuseplatform.net
3	dc0b8ab8643cd81c1ff058aa8c270dfc.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
3	adservice.google.com	pagead2.googlesyndication.com securepubads.g.doubleclick.net
3	c.amazon-adsystem.com	cdn.fuseplatform.net c.amazon-adsystem.com
3	cmp.quantcast.com	cdn.fuseplatform.net cmp.quantcast.com
3	www.googletagmanager.com	starsgab.com a.vdo.ai www.googletagmanager.com
2	b1sync.zemanta.com	2 redirects
2	thrtle.com	1 redirects s.amazon-adsystem.com
2	sync-tm.everesttech.net	1 redirects ads.pubmatic.com
2	sync.crwdcntrl.net	2 redirects
2	pixel-sync.sitescout.com	2 redirects
2	pulsepoint-match.dotomi.com	2 redirects
2	image6.pubmatic.com	1 redirects ads.pubmatic.com
2	ad.turn.com	2 redirects
2	www.google.com	dc0b8ab8643cd81c1ff058aa8c270dfc.safeframe.googlesyndication.com tpc.googlesyndication.com
2	ssum.casalemedia.com	2 redirects
2	us-u.openx.net	u.openx.net
2	pr-bh.ybp.yahoo.com	1 redirects u.openx.net
2	ads.pubmatic.com	s.amazon-adsystem.com
2	amazon-tam-match.dotomi.com	2 redirects
2	id5-sync.com	2 redirects
2	u.openx.net	1 redirects s.amazon-adsystem.com
2	um.simpli.fi	2 redirects
2	match.prod.bidr.io	2 redirects
2	api.btloader.com	btloader.com
2	ad-delivery.net	starsgab.com
2	analytics.vdo.ai	a.vdo.ai
1	simage4.pubmatic.com	ads.pubmatic.com
1	stags.bluekai.com	1 redirects
1	c.bing.com	eb2.3lift.com
1	beacon.lynx.cognitivlabs.com	1 redirects
1	px.ads.linkedin.com	eb2.3lift.com
1	img.3lift.com	dc0b8ab8643cd81c1ff058aa8c270dfc.safeframe.googlesyndication.com
1	trace.mediago.io	1 redirects
1	ups.analytics.yahoo.com	1 redirects
1	tg.socdm.com	1 redirects
1	ssbsync.smartadserver.com	1 redirects
1	cs.chocolateplatform.com	dc0b8ab8643cd81c1ff058aa8c270dfc.safeframe.googlesyndication.com
1	rtb.adentifi.com	dc0b8ab8643cd81c1ff058aa8c270dfc.safeframe.googlesyndication.com
1	simage2.pubmatic.com	s.amazon-adsystem.com
1	p.rfihub.com	1 redirects
1	sync.targeting.unrulymedia.com	1 redirects
1	pixel.rubiconproject.com	1 redirects
1	bttrack.com	1 redirects
1	sync-amz.ads.yieldmo.com	s.amazon-adsystem.com
1	sync.inmobi.com	1 redirects
1	s.ad.smaato.net	1 redirects
1	cs.media.net	1 redirects
1	csync.loopme.me	1 redirects
1	aax.amazon-adsystem.com	c.amazon-adsystem.com
1	hbopenbid.pubmatic.com	cdn.fuseplatform.net
1	fastlane.rubiconproject.com	cdn.fuseplatform.net
1	apis.cmp.quantcast.com	cmp.quantcast.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	ad.doubleclick.net	starsgab.com
1	btloader.com	cdn.fuseplatform.net
1	cdn.jsdelivr.net	cdn.fuseplatform.net
1	stats.g.doubleclick.net	www.google-analytics.com
1	pixel.wp.com	starsgab.com
1	a.vdo.ai	starsgab.com
1	stats.wp.com	starsgab.com
260	86

This site contains no links.

Subject Issuer	Validity	Valid
*.starsgab.com R3	`2023-03-14` - `2023-06-12`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-05-01` - `2023-07-24`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
cdn.fuseplatform.net R3	`2023-04-11` - `2023-07-10`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.wp.com Sectigo ECC Domain Validation Secure Server CA	`2022-11-14` - `2023-12-15`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-17` - `2023-06-17`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.vdo.ai Go Daddy Secure Certificate Authority - G2	`2022-08-19` - `2023-09-20`	a year	crt.sh
cmp.quantcast.com R3	`2023-04-14` - `2023-07-13`	3 months	crt.sh
c.amazon-adsystem.com Amazon RSA 2048 M01	`2023-02-28` - `2024-02-17`	a year	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2022 Q4	`2022-12-23` - `2024-01-24`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
api.btloader.com GTS CA 1D4	`2023-04-14` - `2023-07-13`	3 months	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-05` - `2024-04-03`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2022-06-13` - `2023-07-14`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
*.3lift.com Amazon RSA 2048 M02	`2023-04-13` - `2024-05-11`	a year	crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com Amazon RSA 2048 M01	`2023-03-16` - `2024-03-08`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
s.amazon-adsystem.com Amazon RSA 2048 M01	`2023-03-03` - `2024-02-19`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
*.sharethrough.com Amazon RSA 2048 M01	`2023-03-01` - `2023-08-12`	5 months	crt.sh
*.ads.yieldmo.com Amazon RSA 2048 M01	`2023-03-26` - `2024-04-23`	a year	crt.sh
*.contextweb.com DigiCert TLS RSA SHA256 2020 CA1	`2023-04-10` - `2024-05-09`	a year	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-04-04` - `2023-09-27`	6 months	crt.sh
www.google.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.everesttech.net GlobalSign Atlas R3 DV TLS CA 2022 Q4	`2022-11-07` - `2023-12-09`	a year	crt.sh
adentifi.com Amazon RSA 2048 M02	`2023-02-22` - `2023-09-03`	6 months	crt.sh
eu.chocolateplatform.com ZeroSSL RSA Domain Secure Site CA	`2023-03-16` - `2023-06-14`	3 months	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2023-02-16` - `2023-08-16`	6 months	crt.sh
www.linkedin.com DigiCert SHA2 Secure Server CA	`2023-03-07` - `2023-09-07`	6 months	crt.sh

This page contains 32 frames:

Primary Page: https://starsgab.com/
Frame ID: F938DB89D2891392C463473A0EC3583A
Requests: 108 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230515/r20190131/zrt_lookup.html
Frame ID: AA871E4D7CF891B201E21F821C45DB7F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-7063822928380888&output=html&adk=1812271804&adf=3025194257&lmt=1684352078&plat=8%3A64%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x945_l%7C212x945_r&format=0x0&url=https%3A%2F%2Fstarsgab.com%2F&ea=0&host=ca-host-pub-2644536267352236&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684358827200&bpp=4&bdt=602&idt=441&shv=r20230515&mjsv=m202305110101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8089077653030&frm=20&pv=2&ga_vid=272226744.1684358827&ga_sid=1684358828&ga_hid=224502909&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31074198%2C44782468%2C44788442%2C44792089&oid=2&pvsid=1926250560549949&tmod=400544391&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=1130
Frame ID: 51B6C644ED918E1255686B343114E830
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-7063822928380888&output=html&h=280&slotname=9412422483&adk=1367971372&adf=2572816547&pi=t.ma~as.9412422483&w=1164&fwrn=4&fwrnh=100&lmt=1684352078&rafmt=1&format=1164x280&url=https%3A%2F%2Fstarsgab.com%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684358827200&bpp=3&bdt=602&idt=464&shv=r20230515&mjsv=m202305110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8089077653030&frm=20&pv=1&ga_vid=272226744.1684358827&ga_sid=1684358828&ga_hid=224502909&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=218&ady=3323&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31074198%2C44782468%2C44788442%2C44792089&oid=2&pvsid=1926250560549949&tmod=400544391&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=7Ufb2BRlG6&p=https%3A//starsgab.com&dtd=1136
Frame ID: 2338079FE64F1780CCDCC197E9F6AE19
Requests: 14 HTTP requests in this frame

Frame: https://dc0b8ab8643cd81c1ff058aa8c270dfc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 46D263F5343E399D1851D74CEB85791F
Requests: 1 HTTP requests in this frame

Frame: https://dc0b8ab8643cd81c1ff058aa8c270dfc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 47BAD7897419880E79E232AC86D80FD3
Requests: 5 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 1247DC2145EE2227E487D7021D647B42
Requests: 7 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=n-LoopMe_n-MediaNet_n-Beeswax_ox-db5_n-inmobi_cnv_n-smaato_n-sharethrough_pm-db5_n-simpli.fi_ym_ppt_an-db5_3lift&dcc=t
Frame ID: 17FE379876F833A218E30C7E4DECBD62
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/A6DkqFxHDGl7nKslapf_JwSgNLk5S51nxKr2xdQhtdg.js
Frame ID: 513AC86B5CFDDDAB443AB7BA0E04634D
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/v3/pr?exlist=n-LoopMe_n-MediaNet_n-Beeswax_ox-db5_n-inmobi_cnv_n-smaato_n-sharethrough_pm-db5_n-simpli.fi_ym_ppt_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Frame ID: C1BBB6F1672DF0BA403884AF15017B9B
Requests: 6 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/A6DkqFxHDGl7nKslapf_JwSgNLk5S51nxKr2xdQhtdg.js
Frame ID: 900119DE979896E1DAB6E966F7723035
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D&gdpr=0
Frame ID: 058320665E8A9F46151E947ED39E95B8
Requests: 7 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=inmobi.com&id=ID5-97852UDJ5UJRvSt1nqj5031K9zpXyl2dTPuGCEdt0w
Frame ID: C82C7442CB745B2DAB35FC672354D73A
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=cnv.com&id=AAACBl2wBz3QiAMOlY2IAAAAAAA&expiration=1684445229&is_secure=true&gdpr=0
Frame ID: 84C7AF6D2CEF386390D72BAC4332429E
Requests: 1 HTTP requests in this frame

Frame: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D%24UID&gdpr=0
Frame ID: 5520DACC294AFE3628F523FBCA3AA345
Requests: 6 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID&gdpr=0
Frame ID: 4D0848D9F1BE654031C858E7BC6A54D8
Requests: 11 HTTP requests in this frame

Frame: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID&gdpr=0
Frame ID: BA3650F3EFB41C93115DB72980ED63ED
Requests: 7 HTTP requests in this frame

Frame: https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint&reat=1
Frame ID: 2AECCC75C873B83EEF1BC300E380F10D
Requests: 5 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?id=4487009920508811264&ex=appnexus.com&gdpr=0
Frame ID: FFCA73F5D1C99E358D06AA81D1C14453
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=4534774701754964275857
Frame ID: 794F0890058817A42A200E3923DF90A6
Requests: 1 HTTP requests in this frame

Frame: https://dc0b8ab8643cd81c1ff058aa8c270dfc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 545D74BA9C0CE141EA1FDA9BD8958763
Requests: 32 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 975213E61716DB966142717B7E1614D2
Requests: 9 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZGVGrgAAAQuM6gAD
Frame ID: 02ADA553BD697A4B3F10ECBA1608E97A
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=969751688619370358
Frame ID: 3B032D17666E413C476C1B3645BA8B6F
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=PM_UIDD7FE0180-68BE-4FCB-8462-A2AC6CA5B2EF
Frame ID: A42E2DB7499C1BCB644CD3B17FEC8E03
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230515/r20110914/zrt_lookup.html?fsb=1
Frame ID: 9BD194B8289FB2249773488866E58B67
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230515/r20110914/zrt_lookup.html?fsb=1
Frame ID: 3BF10196487E90CBF523A3A7D19D533B
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/A6DkqFxHDGl7nKslapf_JwSgNLk5S51nxKr2xdQhtdg.js
Frame ID: D9055B6D97D375D6500AF7371295915F
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/A6DkqFxHDGl7nKslapf_JwSgNLk5S51nxKr2xdQhtdg.js
Frame ID: CABE0EDF779802CC06CC7A13A398C9AB
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?max=10&gdpr=false&cb=43500
Frame ID: 0F84FA95C5CA92052B7914AA73EF2D46
Requests: 11 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 2BD9A9F51E2B0BF07B8BF71BEC145FFB
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 6295515CAC0D182E78D16ED0BD2ABFA9
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Home - Starsgab

Page URL History Show full URLs

http://starsgab.com/ HTTP 307
https://starsgab.com/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Underscore.js (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

underscore.*\.js(?:\?ver=([\d.]+))?

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

260
Requests

85 %
HTTPS

35 %
IPv6

58
Domains

86
Subdomains

57
IPs

6
Countries

7013 kB
Transfer

12093 kB
Size

98
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://starsgab.com/ HTTP 307
https://starsgab.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 118

https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=n-LoopMe_n-MediaNet_n-Beeswax_ox-db5_n-inmobi_cnv_n-smaato_n-sharethrough_pm-db5_n-simpli.fi_ym_ppt_an-db5_3lift HTTP 302
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=n-LoopMe_n-MediaNet_n-Beeswax_ox-db5_n-inmobi_cnv_n-smaato_n-sharethrough_pm-db5_n-simpli.fi_ym_ppt_an-db5_3lift&dcc=t

Request Chain 135

https://csync.loopme.me/?pubid=11405&redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dloopme.com%26id%3D%7Bviewer_token%7D&gdpr=0 HTTP 307
https://s.amazon-adsystem.com/ecm3?ex=loopme.com&id=f1219a0f-01f4-4331-bb4c-a13a9f8344fc&gdpr=0

Request Chain 136

https://cs.media.net/cksync?cs=31&type=tam&redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dmedia.net%26id%3D%3Cvsid%3E&gdpr=0 HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=media.net&id=3273604291524314000V10

Request Chain 137

https://match.prod.bidr.io/cookie-sync/amzn?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbeeswax.com%26id%3D%24UID&gdpr=0 HTTP 303
https://match.prod.bidr.io/cookie-sync/amzn?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbeeswax.com%26id%3D%24UID&gdpr=0&_bee_ppp=1 HTTP 303
https://s.amazon-adsystem.com/ecm3?id=AABfD07Iyo0AACDOwx1Gvw&ex=beeswax.com

Request Chain 138

https://s.ad.smaato.net/c/?adExInit=aps&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsmaato.com%26id%3D%24UID HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=smaato.com&id=66f2e323

Request Chain 139

https://um.simpli.fi/amazon/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsimpli.fi%26id%3D?gdpr=0 HTTP 302
https://s.amazon-adsystem.com/ecm3?id=3029843BC65B4AA3AA4568DFAA436D80&ex=simpli.fi&status=ok

Request Chain 140

https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D&gdpr=0 HTTP 302
https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D&gdpr=0

Request Chain 141

https://sync.inmobi.com/TAM?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dinmobi.com%26id%3D%7BID5UID%7D&gdpr=0 HTTP 302
https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=0&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dinmobi.com%26id%3D%7BID5UID%7D HTTP 302
https://id5-sync.com/c/495/0/0/1.gif?gdpr=0&gdpr_consent=&us_privacy= HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=inmobi.com&id=ID5-97852UDJ5UJRvSt1nqj5031K9zpXyl2dTPuGCEdt0w

Request Chain 142

https://amazon-tam-match.dotomi.com/match/bounce/current?networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D&gdpr=0 HTTP 302
https://amazon-tam-match.dotomi.com/match/bounce/current?DotomiTest=32473f0752f504fc&is_secure=true&networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D&gdpr=0 HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=cnv.com&id=AAACBl2wBz3QiAMOlY2IAAAAAAA&expiration=1684445229&is_secure=true&gdpr=0

Request Chain 146

https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint HTTP 302
https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint&reat=1

Request Chain 147

https://ib.adnxs.com/getuid?https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid=%24UID&ex=appnexus.com&gdpr=0 HTTP 302
https://s.amazon-adsystem.com/ecm3?id=4487009920508811264&ex=appnexus.com&gdpr=0

Request Chain 148

https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID&gdpr=0 HTTP 302
https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=4534774701754964275857

Request Chain 153

https://match.adsrvr.org/track/cmf/openx?oxid=0b077089-1abb-38b5-5c3e-0f1e342716c8&gdpr=0 HTTP 302
https://match.adsrvr.org/track/cmb/openx?oxid=0b077089-1abb-38b5-5c3e-0f1e342716c8&gdpr=0 HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072971&val=92674b22-8760-48d2-99d4-a804e14aff5a&ttd_puid=0b077089-1abb-38b5-5c3e-0f1e342716c8&gdpr=0&gdpr_consent=

Request Chain 155

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEGQ4mXACluqT56XOEv2fmAY&google_cver=1

Request Chain 157

https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=1 HTTP 302
https://bttrack.com/pixel/cookiesync?source=d0afdff5-c51e-4a8d-b07b-b52a29015170&secure=1 HTTP 302
https://match.sharethrough.com/sync/v1?source_id=FGhqNjC2WnFmmvNpTL32LMME&source_user_id=857186a3-c496-47b0-8165-8609f9df7f9c&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT}

Request Chain 158

https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=2 HTTP 302
https://pixel.rubiconproject.com/exchange/sync.php?p=18694&gdpr=0&gdpr_consent= HTTP 302
https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LHS7RA7L-Z-IZPT&gdpr=0

Request Chain 159

https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=3 HTTP 302
https://ssum.casalemedia.com/usermatchredir?s=186046&cb=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3DGM7HYz3VFjuymbiqnJLyjuPy%26source_user_id%3D__UID__ HTTP 302
https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3DGM7HYz3VFjuymbiqnJLyjuPy%26source_user_id%3D__UID__&s=186046&C=1 HTTP 302
https://match.sharethrough.com/sync/v1?source_id=GM7HYz3VFjuymbiqnJLyjuPy&source_user_id=ZGVGrqLcQoSv4EGKPZRM-QAA%261420

Request Chain 160

https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=4 HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=92674b22-8760-48d2-99d4-a804e14aff5a&gdpr=0&gdpr_consent=

Request Chain 172

https://cm.g.doubleclick.net/pixel?google_nid=yieldmo_dbm&google_cm&pn_id=c HTTP 302
https://ads.yieldmo.com/v000/sync?pn_id=c&google_gid=CAESENusGuxmV31Re-lpoLyn1wE&google_cver=1

Request Chain 173

https://sync.1rx.io/usersync2/rmpssp?sub=yieldmo&redir%3Dhttps%3A%2F%2Fads.yieldmo.com%2Fv000%2Fsync%3Fpn_id%3Dunl%26id%3D%5BRX_UUID%5D HTTP 302
https://sync.1rx.io/usersync2/rmpssp?sub=yieldmo&zcc=1&cb=1684358830119 HTTP 302
https://ad.turn.com/r/cs?pid=45&rndcb=1786671304 HTTP 302
https://sync.1rx.io/usersync/turn/9007274404191896346?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-85c47d01-6751-4e6a-ae20-1e334978fd09-005?redir=https%3A%2F%2Fads.yieldmo.com%2Fv000%2Fsync%3Fpn_id%3Dunl%26id%3DRX-85c47d01-6751-4e6a-ae20-1e334978fd09-005 HTTP 302
https://ads.yieldmo.com/v000/sync?pn_id=unl&id=RX-85c47d01-6751-4e6a-ae20-1e334978fd09-005

Request Chain 174

https://match.adsrvr.org/track/cmf/generic?ttd_pid=yieldmo&ttd_tpi=1&ttd_puid=g3ef7f9b5a23d7e50741 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=yieldmo&ttd_tpi=1&ttd_puid=g3ef7f9b5a23d7e50741 HTTP 302
https://ads.yieldmo.com/v000/sync?tdid=92674b22-8760-48d2-99d4-a804e14aff5a

Request Chain 175

https://pixel.tapad.com/idsync/ex/receive?partner_id=3107&partner_device_id=g3ef7f9b5a23d7e50741 HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3107&partner_device_id=g3ef7f9b5a23d7e50741 HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=963c9729-ad06-4e75-ba62-a8ab1db2611c%252C%252C&gdpr=0&gdpr_consent= HTTP 302
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=92674b22-8760-48d2-99d4-a804e14aff5a&ttd_puid=963c9729-ad06-4e75-ba62-a8ab1db2611c%2C%2C

Request Chain 177

https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc&google_hm=OXkzVTM0OXF0bmJtUml4YklaOVNZZw&gdpr=0&gdpr_consent= HTTP 302
https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=0&gdpr_consent=&ev=CAESEMSYPQjUI5kPcA7te_m_mhc&google_cver=1

Request Chain 178

https://pulsepoint-match.dotomi.com/match/bounce/current?networkId=14200&version=1&nuid= HTTP 302
https://pulsepoint-match.dotomi.com/match/bounce/current?DotomiTest=353ad3dda5bf19e5&is_secure=true&networkId=14200&version=1&nuid= HTTP 302
https://bh.contextweb.com/bh/rtset?do=add&pid=530912&ev=AAAH4fdmt7TulgNgsXDXAAAAAAA&expiration=1684445230&nuid=&is_secure=true

Request Chain 179

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=95&gdpr=0&gdpr_consent= HTTP 302
https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=95&gdpr=0&gdpr_consent= HTTP 302
https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=d99af396-dad5-489f-9cec-b8adadd6b557-646546ae-5553&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3Dd99af396-dad5-489f-9cec-b8adadd6b557-646546ae-5553%26partner_url%3Dhttps%253A%252F%252Fbh.contextweb.com%252Fbh%252Frtset%253Fdo%253Dadd%2526pid%253D543793%2526ev%253Dd99af396-dad5-489f-9cec-b8adadd6b557-646546ae-5553%2526gdpr_in_effect%253D0%2526gdpr_consent%253D HTTP 302
https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=d99af396-dad5-489f-9cec-b8adadd6b557-646546ae-5553&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3Dd99af396-dad5-489f-9cec-b8adadd6b557-646546ae-5553%26partner_url%3Dhttps%253A%252F%252Fbh.contextweb.com%252Fbh%252Frtset%253Fdo%253Dadd%2526pid%253D543793%2526ev%253Dd99af396-dad5-489f-9cec-b8adadd6b557-646546ae-5553%2526gdpr_in_effect%253D0%2526gdpr_consent%253D&ct=y HTTP 302
https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=d99af396-dad5-489f-9cec-b8adadd6b557-646546ae-5553&partner_url=https%3A%2F%2Fbh.contextweb.com%2Fbh%2Frtset%3Fdo%3Dadd%26pid%3D543793%26ev%3Dd99af396-dad5-489f-9cec-b8adadd6b557-646546ae-5553%26gdpr_in_effect%3D0%26gdpr_consent%3D HTTP 302
https://bh.contextweb.com/bh/rtset?do=add&pid=543793&ev=d99af396-dad5-489f-9cec-b8adadd6b557-646546ae-5553&gdpr_in_effect=0&gdpr_consent=

Request Chain 184

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent= HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZGVGrgAAAQuM6gAD

Request Chain 185

https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=969751688619370358

Request Chain 187

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=1_4BgGi-T8uEYqKsbKWy7w%3D%3D&gdpr=0&gdpr_consent= HTTP 302
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=

Request Chain 188

https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=D7FE0180-68BE-4FCB-8462-A2AC6CA5B2EF HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=963c9729-ad06-4e75-ba62-a8ab1db2611c%252C%252C&gdpr=0&gdpr_consent= HTTP 302
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=92674b22-8760-48d2-99d4-a804e14aff5a&ttd_puid=963c9729-ad06-4e75-ba62-a8ab1db2611c%2C%2C

Request Chain 190

https://thrtle.com/insync?vxii_pid=10067&vxii_pdid=D7FE0180-68BE-4FCB-8462-A2AC6CA5B2EF&gdpr=0&gdpr_consent= HTTP 302
https://thrtle.com/insync?gdpr=0&gdpr_consent=&vxii_pdid=D7FE0180-68BE-4FCB-8462-A2AC6CA5B2EF&vxii_pid=12&vxii_pid1=10067&vxii_rcid=47eeeecb-cff8-4150-b4ba-d93ff3acac41

Request Chain 191

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RDdGRTAxODAtNjhCRS00RkNCLTg0NjItQTJBQzZDQTVCMkVG&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

Request Chain 192

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESENJPzvk-J4Fzd1FmJOJnPUo&google_cver=1

Request Chain 193

https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:3029843BC65B4AA3AA4568DFAA436D80

Request Chain 194

https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8935216810153968410&gdpr=0&gdpr_consent=&us_privacy=

Request Chain 197

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEKR3CWqHBIsjdHzV7YjvGbI&google_cver=1&google_push=ATf1kGOZa9frKew4fT4ZZ0qB1HiEb2gfBv_4o4wxo7in_zWwraVFb-IGbMW8koetuZli5a6qeUOD-1voaof5VtL0u_MnZBS7rwYe HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=1_4BgGi-T8uEYqKsbKWy7w%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ATf1kGOZa9frKew4fT4ZZ0qB1HiEb2gfBv_4o4wxo7in_zWwraVFb-IGbMW8koetuZli5a6qeUOD-1voaof5VtL0u_MnZBS7rwYe

Request Chain 199

https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEDrbXfDu11LnvcCsjtnIqJw&google_cver=1&google_push=ATf1kGOzXS-25cg_4uJ3hkdpm_7YEiuvcUbUGuMtMUMbucSYqB0ZDOZ4LAXP6h8eyAgxB888Acsb4hx0Mk-ORgC3L7D9Mz-q2TWm HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=ATf1kGOzXS-25cg_4uJ3hkdpm_7YEiuvcUbUGuMtMUMbucSYqB0ZDOZ4LAXP6h8eyAgxB888Acsb4hx0Mk-ORgC3L7D9Mz-q2TWm&google_hm=NDA4NjM1MzM0MzI0OTA1NzU3NQ%3D%3D

Request Chain 200

https://tg.socdm.com/rtb/sync_before?proto=google_ebda&google_gid=CAESEEQ98F-Ta5x5L4LeaadhQxU&google_cver=1&google_push=ATf1kGNfJfs_OCZylt-YMeUbvrVRktX0rp4oHSH5c7rXX1Y1UvIQx2SeqGbfm9Avh_jEg6ycijI4eOfhkYjBPTyXGF4OQYwtdRs HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=ATf1kGNfJfs_OCZylt-YMeUbvrVRktX0rp4oHSH5c7rXX1Y1UvIQx2SeqGbfm9Avh_jEg6ycijI4eOfhkYjBPTyXGF4OQYwtdRs&google_hm=WkdWR3JzQ284WGNBQUUxMEpLVUFBQUFB

Request Chain 201

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEJ5IBkmSgEXvLfs-8tnO6nM&google_cver=1&google_push=ATf1kGMXDvSJCWANyA4Mzh9n49W6seBMxES44OUpQkGjRfzFMmU2FwvB9fCMTVN3TlyAj7qZ3Vjr1BbCeCRFbYZp0vOulh0iPcjG HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1JYkVkYURKRTJ1SDlhUWJrTXAzc2ZCQjlZVjlRbExkUH5B&google_push=ATf1kGMXDvSJCWANyA4Mzh9n49W6seBMxES44OUpQkGjRfzFMmU2FwvB9fCMTVN3TlyAj7qZ3Vjr1BbCeCRFbYZp0vOulh0iPcjG

Request Chain 202

https://trace.mediago.io/cs/google?google_gid=CAESELe4Lq1tFOZXr9yfCYDRJmE&google_cver=1&google_push=ATf1kGN1vtLqkaD2w5T0AsMhluyYGwm3tACFF1O-3hupOvkToOZGPjlN7T3f5wtdrCsw4Hb_o6k4Likgb4qynbmCeJjINijs6vB2Fw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=ATf1kGN1vtLqkaD2w5T0AsMhluyYGwm3tACFF1O-3hupOvkToOZGPjlN7T3f5wtdrCsw4Hb_o6k4Likgb4qynbmCeJjINijs6vB2Fw&google_hm=4397abc6546cc43e519b58653e844942

Request Chain 209

https://www.bing.com/api/v1/mediation/tracking?adUnit=11730374&auId=dd01bbde-6ff4-4d5b-9137-f38db60d6ce5&cmExpId=LV1&oAdUnit=11730374&publisherId=250152235&rId=e32e0186-7b1c-4b25-a08f-32345f5c5885&rlink=https%3A%2F%2Fwww.bing.com%2Faes%2Fc.gif%3FDI%3D0%26DIS%3DSB_1-1-0%3F%26RG%3D8907fd502887453c82e1b820b864e5c4%26SNR%3D1%26GV%3D2%26med%3D10&rtype=miFeedbackURL&tagId=237580&trafficGroup=gevcyryvsg_pcz&trafficSubGroup=erfreir&aid=26615974304785445321880&wp=1.608 HTTP 303
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_1-1-0?&RG=8907fd502887453c82e1b820b864e5c4&SNR=1&GV=2&med=10

Request Chain 241

https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://eb2.3lift.com/xuid?mid=3658&xuid=92674b22-8760-48d2-99d4-a804e14aff5a&dongle=0cfd&gdpr=0&gdpr_consent=

Request Chain 242

https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NDUzNDc3NDcwMTc1NDk2NDI3NTg1Nw%3D%3D HTTP 302
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=

Request Chain 243

https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESENvelmiu6F1xqPyfDfIKKWw&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1

Request Chain 244

https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NDUzNDc3NDcwMTc1NDk2NDI3NTg1Nw%3D%3D

Request Chain 246

https://x.bidswitch.net/sync?ssp=triplelift&user_id=4534774701754964275857&gdpr=0&gdpr_consent= HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=triplelift&user_id=4534774701754964275857&gdpr=0&gdpr_consent= HTTP 302
https://beacon.lynx.cognitivlabs.com/bidSwitch.gif?bidswitch_ssp_id=triplelift&bsw_custom_parameter=43248603-059b-4812-823e-428ecfeae06b HTTP 302
https://x.bidswitch.net/sync?dsp_id=425&user_group=1&expires=365&user_id=949971da-ddc0-4669-8631-d0d7e43bee0c&ssp=triplelift&bsw_param=43248603-059b-4812-823e-428ecfeae06b HTTP 302
https://eb2.3lift.com/xuid?mid=2409&xuid=43248603-059b-4812-823e-428ecfeae06b&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=

Request Chain 248

https://pr-bh.ybp.yahoo.com/sync/triplelift/4534774701754964275857?gdpr=0&gdpr_consent= HTTP 302
https://eb2.3lift.com/xuid?mid=2662&xuid=y-WHX3vP5E2oQzCfajyFM4iIwptOVAsQn.8VEQGNrHdQ--~A&dongle=0883

Request Chain 249

https://b1sync.zemanta.com/usersync/triplelift?gdpr=0&gdpr_consent= HTTP 302
https://stags.bluekai.com/site/23178?id=LWGHhB3wUnAF8DNGFyjz&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLEMJQTQJTFPBRWQYLOM5ST25DSNFYGYZLMNFTHIJTHMRYHEPJQEZWWSZB5GI2DMMBGPB2WSZB5JRLUOSDIIIZXOVLOIFDDQRCOI5DHS2T2&gdpr=0 HTTP 302
https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLEMJQTQJTFPBRWQYLOM5ST25DSNFYGYZLMNFTHIJTHMRYHEPJQEZWWSZB5GI2DMMBGPB2WSZB5JRLUOSDIIIZXOVLOIFDDQRCOI5DHS2T2 HTTP 302
https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=LWGHhB3wUnAF8DNGFyjz

Request Chain 250

https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=0%26gdpr_consent= HTTP 302
https://eb2.3lift.com/xuid?mid=3335&xuid=4487009920508811264&dongle=4d58&gdpr=0&gdpr_consent=

Request Chain 252

https://www.bing.com/api/v1/mediation/tracking?adUnit=11730374&auId=dd01bbde-6ff4-4d5b-9137-f38db60d6ce5&cmExpId=LV1&oAdUnit=11730374&publisherId=250152235&rId=e32e0186-7b1c-4b25-a08f-32345f5c5885&rlink=https%3A%2F%2Fwww.bing.com%2Faes%2Fc.gif%3Ftype%3Dmv%26reqver%3D1.0%26rg%3D8907fd502887453c82e1b820b864e5c4%26tids%3D1%26med%3D10&rtype=mvFeedbackURL&tagId=237580&trafficGroup=gevcyryvsg_pcz&trafficSubGroup=erfreir&aid=26615974304785445321880&wp=ZGVGrQACfWUKs94HAAPyoj8mexdD2y9eGaB7QQ HTTP 303
https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=8907fd502887453c82e1b820b864e5c4&tids=1&med=10

260 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
starsgab.com/
Redirect Chain

http://starsgab.com/
https://starsgab.com/

253 KB
38 KB

282ms
126ms

Document
text/html

165.227.201.152
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://starsgab.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

165.227.201.152 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

315146.cloudwaysapps.com

Software

nginx /

Resource Hash

d98c69b9a9d42abb5d0db877e5edc36e2e5d0aca83a8d4a6444afc5ce8aa84c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 6748
cache-control: max-age=0
cache-provider: CLOUDWAYS-CACHE-DC
content-encoding: gzip
content-length: 37909
content-type: text/html; charset=UTF-8
date: Wed, 17 May 2023 21:27:06 GMT
expires: Wed, 17 May 2023 19:34:37 GMT
last-modified: Wed, 17 May 2023 19:34:38 GMT
link: <https://starsgab.com/wp-json/>; rel="https://api.w.org/", <https://starsgab.com/wp-json/wp/v2/pages/59218>; rel="alternate"; type="application/json", <https://starsgab.com/>; rel=shortlink
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-cache: HIT

Redirect headers

Cross-Origin-Resource-Policy: Cross-Origin
Location: https://starsgab.com/
Non-Authoritative-Reason: HSTS

GET
H2 200 blocks.style.build.css
starsgab.com/wp-content/plugins/structured-content/dist/ 3 KB
1 KB 65ms
63ms Stylesheet
text/css 165.227.201.152
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://starsgab.com/wp-content/plugins/structured-content/dist/blocks.style.build.css?ver=1.4.6
Requested by: Host: starsgab.com
URL: https://starsgab.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 165.227.201.152 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 315146.cloudwaysapps.com
Software: nginx /
Resource Hash: 2a0ddf18b1c85a808a468c8b4853520a61e8cb4163e4152752c6610323dc30f0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://starsgab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 21:27:06 GMT
content-encoding: gzip
last-modified: Thu, 29 Jul 2021 08:00:40 GMT
server: nginx
etag: W/"61026028-ca0"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2592000

GET
H2 200 style.min.css
starsgab.com/wp-includes/css/dist/block-library/ 93 KB
12 KB 69ms
66ms Stylesheet
text/css 165.227.201.152
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://starsgab.com/wp-includes/css/dist/block-library/style.min.css?ver=6.1.2
Requested by: Host: starsgab.com
URL: https://starsgab.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 165.227.201.152 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 315146.cloudwaysapps.com
Software: nginx /
Resource Hash: c324ef26b20264369e4568dc9ef1c5cb1f325f6bc4e8b7c01f7fe93fa353276a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://starsgab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 21:27:06 GMT
content-encoding: gzip
last-modified: Sat, 21 Jan 2023 13:27:13 GMT
server: nginx
etag: W/"63cbe831-172a9"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2592000

GET
H2 200 mediaelementplayer-legacy.min.css
starsgab.com/wp-includes/js/mediaelement/ 11 KB
3 KB 69ms
66ms Stylesheet
text/css 165.227.201.152
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://starsgab.com/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.17
Requested by: Host: starsgab.com
URL: https://starsgab.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 165.227.201.152 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 315146.cloudwaysapps.com
Software: nginx /
Resource Hash: b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646

Request headers

accept-language: en-US,en;q=0.9
Referer: https://starsgab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 21:27:06 GMT
content-encoding: gzip
last-modified: Fri, 23 Jul 2021 08:14:48 GMT
server: nginx
etag: W/"60fa7a78-2bf8"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2592000

GET
H2 200 wp-mediaelement.min.css
starsgab.com/wp-includes/js/mediaelement/ 4 KB
1 KB 70ms
67ms Stylesheet
text/css 165.227.201.152
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://starsgab.com/wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=6.1.2
Requested by: Host: starsgab.com
URL: https://starsgab.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 165.227.201.152 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 315146.cloudwaysapps.com
Software: nginx /
Resource Hash: 2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe

Request headers

accept-language: en-US,en;q=0.9
Referer: https://starsgab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 21:27:06 GMT
content-encoding: gzip
last-modified: Tue, 28 Jul 2020 08:16:57 GMT
server: nginx
etag: W/"5f1fdef9-105a"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2592000

GET
H2 200 classic-themes.min.css
starsgab.com/wp-includes/css/ 217 B
347 B 70ms
68ms Stylesheet
text/css 165.227.201.152
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://starsgab.com/wp-includes/css/classic-themes.min.css?ver=1
Requested by: Host: starsgab.com
URL: https://starsgab.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 165.227.201.152 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 315146.cloudwaysapps.com
Software: nginx /
Resource Hash: 5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5

Request headers

accept-language: en-US,en;q=0.9
Referer: https://starsgab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 21:27:06 GMT
content-encoding: gzip
last-modified: Sat, 21 Jan 2023 13:27:13 GMT
server: nginx
etag: W/"63cbe831-d9"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2592000

GET
H2 200 style.css
starsgab.com/wp-content/plugins/td-composer/td-multi-purpose/ 37 KB
5 KB 71ms
68ms Stylesheet
text/css 165.227.201.152
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://starsgab.com/wp-content/plugins/td-composer/td-multi-purpose/style.css?ver=23f7cf05c1213c4bc7a6753a64c58bf1
Requested by: Host: starsgab.com
URL: https://starsgab.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 165.227.201.152 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 315146.cloudwaysapps.com
Software: nginx /
Resource Hash: 3ed2e42d3ce5e24dcb11cddde4126e4f07c3afc590f708ad2cfbf7669002f92e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://starsgab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 21:27:06 GMT
content-encoding: gzip
last-modified: Wed, 09 Feb 2022 09:44:19 GMT
server: nginx
etag: W/"62038cf3-92ec"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2592000

GET
H2 200 css
fonts.googleapis.com/ 15 KB
1 KB 191ms
74ms Stylesheet
text/css 2607:f8b0:400c:c1a::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?display=swap&family=Open+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700&ver=11.4.1

Requested by

Host: starsgab.com
URL: https://starsgab.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400c:c1a::5f Charleston, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4030e98dbf643d9fd052863c3621e1c78ff2b159188d4242afd4579b3f05b116

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://starsgab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 17 May 2023 21:27:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 17 May 2023 19:30:28 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 17 May 2023 21:27:06 GMT

GET
H2 200 tablepress-combined.min.css
starsgab.com/wp-content/ 5 KB
2 KB 71ms
69ms Stylesheet
text/css 165.227.201.152
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://starsgab.com/wp-content/tablepress-combined.min.css?ver=11
Requested by: Host: starsgab.com
URL: https://starsgab.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 165.227.201.152 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 315146.cloudwaysapps.com
Software: nginx /
Resource Hash: 43b5fa7b44c753dc489afa1400f20776fbcb1afda05a7dedc178d5bc98d96f09

Request headers

accept-language: en-US,en;q=0.9
Referer: https://starsgab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 21:27:06 GMT
content-encoding: gzip
last-modified: Thu, 23 Sep 2021 12:58:22 GMT
server: nginx
etag: W/"614c79ee-1432"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2592000

GET
H2 200 style.css
starsgab.com/wp-content/themes/Newspaper/ 146 KB
25 KB 100ms
98ms Stylesheet
text/css 165.227.201.152
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://starsgab.com/wp-content/themes/Newspaper/style.css?ver=11.4.1
Requested by: Host: starsgab.com
URL: https://starsgab.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 165.227.201.152 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 315146.cloudwaysapps.com
Software: nginx /
Resource Hash: 48db2bd4f6be481a3541ba1a839ecbf2a639baeabeaab6236fcd3288f11d3dc9

Request headers

accept-language: en-US,en;q=0.9
Referer: https://starsgab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 21:27:06 GMT
content-encoding: gzip
last-modified: Wed, 09 Feb 2022 09:39:14 GMT
server: nginx
etag: W/"62038bc2-2487a"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2592000

GET
H2 200 td_legacy_main.css
starsgab.com/wp-content/plugins/td-composer/legacy/Newspaper/assets/css/ 155 KB
23 KB 130ms
128ms Stylesheet
text/css 165.227.201.152
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://starsgab.com/wp-content/plugins/td-composer/legacy/Newspaper/assets/css/td_legacy_main.css?ver=23f7cf05c1213c4bc7a6753a64c58bf1
Requested by: Host: starsgab.com
URL: https://starsgab.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 165.227.201.152 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 315146.cloudwaysapps.com
Software: nginx /
Resource Hash: f2331563867ab257b27bcf2add845a4482d1c8fb6143e5c950640b2f7e1c78a5

Request headers

accept-language: en-US,en;q=0.9
Referer: https://starsgab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 21:27:06 GMT
content-encoding: gzip
last-modified: Wed, 09 Feb 2022 09:44:19 GMT
server: nginx
etag: W/"62038cf3-26dba"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2592000

GET
H2 200 td_standard_pack_main.css
starsgab.com/wp-content/plugins/td-standard-pack/Newspaper/assets/css/ 715 KB
61 KB 131ms
130ms Stylesheet
text/css 165.227.201.152
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://starsgab.com/wp-content/plugins/td-standard-pack/Newspaper/assets/css/td_standard_pack_main.css?ver=4168705b165f7662fff7e5fdf2db6ef8
Requested by: Host: starsgab.com
URL: https://starsgab.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 165.227.201.152 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 315146.cloudwaysapps.com
Software: nginx /
Resource Hash: 7a89d23287ae3c749a356c76da7ef88c34d0ed018c049701b05304c3f6601ab7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://starsgab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 21:27:06 GMT
content-encoding: gzip
last-modified: Thu, 06 Apr 2023 09:56:36 GMT
server: nginx
etag: W/"642e9754-b2ccc"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2592000

GET
H2 200 jetpack.css
starsgab.com/wp-content/plugins/jetpack/css/ 85 KB
17 KB 143ms
141ms Stylesheet
text/css 165.227.201.152
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://starsgab.com/wp-content/plugins/jetpack/css/jetpack.css?ver=10.2.1
Requested by: Host: starsgab.com
URL: https://starsgab.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 165.227.201.152 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 315146.cloudwaysapps.com
Software: nginx /
Resource Hash: 41b60d2262cffca90f6cd644983a2d813336dc959558bdd6ae54b35ef06dd9fb

Request headers

accept-language: en-US,en;q=0.9
Referer: https://starsgab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 21:27:06 GMT
content-encoding: gzip
last-modified: Sun, 24 Oct 2021 20:51:09 GMT
server: nginx
etag: W/"6175c73d-15494"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2592000

GET
H2 200 jquery.min.js Show response
starsgab.com/wp-includes/js/jquery/ 88 KB
31 KB 143ms
141ms Script
application/javascript 165.227.201.152
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://starsgab.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
Requested by: Host: starsgab.com
URL: https://starsgab.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 165.227.201.152 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 315146.cloudwaysapps.com
Software: nginx /
Resource Hash: cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981

Request headers

accept-language: en-US,en;q=0.9
Referer: https://starsgab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 21:27:06 GMT
content-encoding: gzip
last-modified: Sat, 21 Jan 2023 13:27:13 GMT
server: nginx
etag: W/"63cbe831-15e54"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=2592000

GET
H2 200 jquery-migrate.min.js Show response
starsgab.com/wp-includes/js/jquery/ 11 KB
4 KB 143ms
142ms Script
application/javascript 165.227.201.152
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://starsgab.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by: Host: starsgab.com
URL: https://starsgab.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 165.227.201.152 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 315146.cloudwaysapps.com
Software: nginx /
Resource Hash: 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

accept-language: en-US,en;q=0.9
Referer: https://starsgab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 21:27:06 GMT
content-encoding: gzip
last-modified: Fri, 23 Jul 2021 08:14:48 GMT
server: nginx
etag: W/"60fa7a78-2bd8"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=2592000

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 116 KB
46 KB 250ms
118ms Script
application/javascript 2607:f8b0:4006:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-153094083-1

Requested by

Host: starsgab.com
URL: https://starsgab.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:806::2008 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e591b066bb322161735e9cd425a9b0e47a675ddeb54d0857b815e4d9bc279284

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://starsgab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 21:27:07 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46246
x-xss-protection: 0
last-modified: Wed, 17 May 2023 21:08:09 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 17 May 2023 21:27:07 GMT

GET
H2 200 fuse.js Show response
cdn.fuseplatform.net/publift/tags/2/2743/ 277 KB
58 KB 574ms
208ms Script
application/x-javascript 2600:1400:9000::687e:74c9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.fuseplatform.net/publift/tags/2/2743/fuse.js
Requested by: Host: starsgab.com
URL: https://starsgab.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1400:9000::687e:74c9 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 62e8e9d73f2da8b6ad591b650cebab054a20f618f9925fbe807eb785ec9d648c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://starsgab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 21:27:07 GMT
content-encoding: gzip
last-modified: Tue, 21 Mar 2023 00:23:00 GMT
server: AkamaiNetStorage
etag: "9a0d128c54242f1626fa1ff7e340b028:1679358180.784343"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=1800
accept-ranges: bytes
content-length: 58880
expires: Wed, 17 May 2023 21:57:07 GMT

GET
H2 200 Starsgab-logo-e1644402268477.png
starsgab.com/wp-content/uploads/2021/07/ 1 KB
1 KB 84ms
82ms Image
image/png 165.227.201.152
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://starsgab.com/wp-content/uploads/2021/07/Starsgab-logo-e1644402268477.png
Requested by: Host: starsgab.com
URL: https://starsgab.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 165.227.201.152 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 315146.cloudwaysapps.com
Software: nginx /
Resource Hash: 6ab3f91621ac1f112b19fac783a68e585f83f6b9a8ecde4e2e0ac7695af4b7e1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://starsgab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 21:27:06 GMT
last-modified: Wed, 09 Feb 2022 10:24:28 GMT
server: nginx
etag: "6203965c-4a7"
content-type: image/png
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 1191

GET
H2 200 wp-emoji-release.min.js Show response
starsgab.com/wp-includes/js/ 18 KB
5 KB 84ms
82ms Script
application/javascript 165.227.201.152
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://starsgab.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1.2
Requested by: Host: starsgab.com
URL: https://starsgab.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 165.227.201.152 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 315146.cloudwaysapps.com
Software: nginx /
Resource Hash: 5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782

Request headers

accept-language: en-US,en;q=0.9
Referer: https://starsgab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 21:27:06 GMT
content-encoding: gzip
last-modified: Sat, 21 Jan 2023 13:27:13 GMT
server: nginx
etag: W/"63cbe831-48b9"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=2592000

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 138 KB
47 KB 251ms
98ms Script
text/javascript 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7063822928380888

Requested by

Host: starsgab.com
URL: https://starsgab.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

94fa71daca224dde8b1cd575ac66cdea069684b1d012351768bab4b12985cb82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://starsgab.com/
Origin: https://starsgab.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 21:27:07 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47557
x-xss-protection: 0
server: cafe
etag: 14553586077541362984
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 17 May 2023 21:27:07 GMT

GET
H2 200 underscore.min.js Show response
starsgab.com/wp-includes/js/ 18 KB
7 KB 65ms
65ms Script
application/javascript 165.227.201.152
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://starsgab.com/wp-includes/js/underscore.min.js?ver=1.13.4
Requested by: Host: starsgab.com
URL: https://starsgab.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 165.227.201.152 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 315146.cloudwaysapps.com
Software: nginx /
Resource Hash: 726b820e44f6ab90ad991d30a4bf26d3a5d71493cbcd1fb1efd0d14e89b9df2a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://starsgab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 21:27:06 GMT
content-encoding: gzip
last-modified: Sat, 21 Jan 2023 13:27:13 GMT
server: nginx
etag: W/"63cbe831-4991"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=2592000

GET
H2 200 js_posts_autoload.min.js Show response
starsgab.com/wp-content/plugins/td-cloud-library/assets/js/ 5 KB
2 KB 66ms
66ms Script
application/javascript 165.227.201.152
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://starsgab.com/wp-content/plugins/td-cloud-library/assets/js/js_posts_autoload.min.js?ver=ecd3ae9d894693e4aa2a268d920aa306
Requested by: Host: starsgab.com
URL: https://starsgab.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 165.227.201.152 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 315146.cloudwaysapps.com
Software: nginx /
Resource Hash: 1cb5dcdb11eda07425f9584041552e161f7ff7395cf52d201e023dcd869157f2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://starsgab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 21:27:06 GMT
content-encoding: gzip
last-modified: Wed, 09 Feb 2022 09:44:27 GMT
server: nginx
etag: W/"62038cfb-14a0"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=2592000

GET
H2 200 tagdiv_theme.min.js Show response
starsgab.com/wp-content/plugins/td-composer/legacy/Newspaper/js/ 267 KB
62 KB 72ms
69ms Script
application/javascript 165.227.201.152
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://starsgab.com/wp-content/plugins/td-composer/legacy/Newspaper/js/tagdiv_theme.min.js?ver=11.4.1
Requested by: Host: starsgab.com
URL: https://starsgab.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 165.227.201.152 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 315146.cloudwaysapps.com
Software: nginx /
Resource Hash: 08c19272c2f4f2e9182304fa928374ca3ae0bc94b9a34e8c2dff93d6bc8882f8

Request headers

accept-language: en-US,en;q=0.9
Referer: https://starsgab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 21:27:06 GMT
content-encoding: gzip
last-modified: Wed, 09 Feb 2022 09:44:18 GMT
server: nginx
etag: W/"62038cf2-42ae8"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=2592000

GET
H2 200 comment-reply.min.js Show response
starsgab.com/wp-includes/js/ 3 KB
1 KB 81ms
79ms Script
application/javascript 165.227.201.152
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://starsgab.com/wp-includes/js/comment-reply.min.js?ver=6.1.2
Requested by: Host: starsgab.com
URL: https://starsgab.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 165.227.201.152 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 315146.cloudwaysapps.com
Software: nginx /
Resource Hash: e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789

Request headers

accept-language: en-US,en;q=0.9
Referer: https://starsgab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 21:27:06 GMT
content-encoding: gzip
last-modified: Sat, 21 Jan 2023 13:27:13 GMT
server: nginx
etag: W/"63cbe831-ba5"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=2592000

GET
H2 200 wprt-script.js Show response
starsgab.com/wp-content/plugins/wp-responsive-table/assets/frontend/js/ 173 B
328 B 82ms
79ms Script
application/javascript 165.227.201.152
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://starsgab.com/wp-content/plugins/wp-responsive-table/assets/frontend/js/wprt-script.js?ver=1.2.6
Requested by: Host: starsgab.com
URL: https://starsgab.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 165.227.201.152 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 315146.cloudwaysapps.com
Software: nginx /
Resource Hash: 6e8060b67a9bc601a234fad07a2ffdf1ba56bab8d4fe01fcdece885bce46f0aa

Request headers

accept-language: en-US,en;q=0.9
Referer: https://starsgab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 21:27:06 GMT
content-encoding: gzip
last-modified: Thu, 23 Sep 2021 12:58:35 GMT
server: nginx
etag: W/"614c79fb-ad"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=2592000

GET
H2 200 intersection-observer.js Show response
starsgab.com/wp-content/plugins/jetpack/vendor/automattic/jetpack-lazy-images/dist/ 9 KB
3 KB 82ms
80ms Script
application/javascript 165.227.201.152
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://starsgab.com/wp-content/plugins/jetpack/vendor/automattic/jetpack-lazy-images/dist/intersection-observer.js?ver=1.1.3
Requested by: Host: starsgab.com
URL: https://starsgab.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 165.227.201.152 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 315146.cloudwaysapps.com
Software: nginx /
Resource Hash: ba58ed4e8dd5b19dda4a55b9ea0e7561c8365d5999673ddbcbb7269fca2d3dd0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://starsgab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 21:27:06 GMT
content-encoding: gzip
last-modified: Sun, 24 Oct 2021 20:51:09 GMT
server: nginx
etag: W/"6175c73d-2394"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=2592000

GET
H2 200 lazy-images.js Show response
starsgab.com/wp-content/plugins/jetpack/vendor/automattic/jetpack-lazy-images/dist/ 2 KB
1 KB 83ms
81ms Script
application/javascript 165.227.201.152
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://starsgab.com/wp-content/plugins/jetpack/vendor/automattic/jetpack-lazy-images/dist/lazy-images.js?ver=1.1.3
Requested by: Host: starsgab.com
URL: https://starsgab.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 165.227.201.152 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 315146.cloudwaysapps.com
Software: nginx /
Resource Hash: 0c97c6ce5fdeb2d91e4bc6263d3714ca800b990c1994cf0b6dac0f23c8fbabfe

Request headers

accept-language: en-US,en;q=0.9
Referer: https://starsgab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 21:27:06 GMT
content-encoding: gzip
last-modified: Sun, 24 Oct 2021 20:51:09 GMT
server: nginx
etag: W/"6175c73d-98f"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=2592000

GET
H2 200 js_files_for_front.min.js Show response
starsgab.com/wp-content/plugins/td-cloud-library/assets/js/ 37 KB
9 KB 83ms
81ms Script
application/javascript 165.227.201.152
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://starsgab.com/wp-content/plugins/td-cloud-library/assets/js/js_files_for_front.min.js?ver=ecd3ae9d894693e4aa2a268d920aa306
Requested by: Host: starsgab.com
URL: https://starsgab.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 165.227.201.152 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 315146.cloudwaysapps.com
Software: nginx /
Resource Hash: 3c31f194616ed5157c41e5e3ae46976fbf82a885584917b82fcfbeee0f10bf7b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://starsgab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 21:27:06 GMT
content-encoding: gzip
last-modified: Wed, 09 Feb 2022 09:44:27 GMT
server: nginx
etag: W/"62038cfb-946e"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=2592000

GET
H2 200 e-202320.js Show response
stats.wp.com/ 13 KB
4 KB 105ms
31ms Script
application/javascript 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.wp.com/e-202320.js
Requested by: Host: starsgab.com
URL: https://starsgab.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ab8517f3d5171dd42a8b9c22af6a2f944b41d00e7ea54ba02b4ed71a6c59e543

Request headers

accept-language: en-US,en;q=0.9
Referer: https://starsgab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-nc: HIT mia
date: Wed, 17 May 2023 21:27:06 GMT
content-encoding: br
last-modified: Sun, 19 Dec 2021 02:58:25 GMT
server: nginx
etag: W/"61be9fd1-3508"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
expires: Sun, 12 May 2024 13:26:38 GMT

GET
H2 200 vdo.ai.js Show response
a.vdo.ai/core/v-starsgab/ 24 KB
7 KB 232ms
103ms Script
text/javascript 2606:4700:3038::6815:eb09
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.vdo.ai/core/v-starsgab/vdo.ai.js
Requested by: Host: starsgab.com
URL: https://starsgab.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:eb09 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a307c65aacfe87e41d9909ea02467c696994a59cf3d0a6837e55f95f4a2983c1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://starsgab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 21:27:07 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Wed, 17 May 2023 21:00:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-cache: HIT
content-type: text/javascript;charset=UTF-8
vdo-server: Tag1
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4qt5PREYcXlbRD6JE2f6To6ezj%2FGSP09pMsAHlozD5%2BtzyLriwDRtd3i8o%2B6iKulmjY4eHRlQJUOHy2dWkZPvxNE7HN6yCpuR%2BvBBuRqxKofSfJyr%2FT0tDLLX7T0Qy1qiwanpW7njg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=1800
cf-ray: 7c8ef14ca817399e-IAD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 roux-lopez-3.png
starsgab.com/wp-content/uploads/2023/05/ 346 KB
347 KB 66ms
65ms Image
image/png 165.227.201.152
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://starsgab.com/wp-content/uploads/2023/05/roux-lopez-3.png
Requested by: Host: starsgab.com
URL: https://starsgab.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 165.227.201.152 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 315146.cloudwaysapps.com
Software: nginx /
Resource Hash: da68586d1771e22214fc6ddb97f8a66b241c1a9a4ee1e6c40c2efe860f971fdb

Request headers

accept-language: en-US,en;q=0.9
Referer: https://starsgab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 21:27:06 GMT
last-modified: Wed, 17 May 2023 19:29:15 GMT
server: nginx
etag: "64652b0b-56905"
content-type: image/png
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 354565

GET
H2 200 denise-luiso-3.png
starsgab.com/wp-content/uploads/2023/05/ 127 KB
127 KB 129ms
128ms Image
image/png 165.227.201.152
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://starsgab.com/wp-content/uploads/2023/05/denise-luiso-3.png
Requested by: Host: starsgab.com
URL: https://starsgab.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 165.227.201.152 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 315146.cloudwaysapps.com
Software: nginx /
Resource Hash: 55eac8083ebcb13568b485c3c87aeca5714f707fbb200d1e0d262e82f55760ee

Request headers

accept-language: en-US,en;q=0.9
Referer: https://starsgab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 21:27:06 GMT
last-modified: Wed, 17 May 2023 09:46:43 GMT
server: nginx
etag: "6464a283-1fb78"
content-type: image/png
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 129912

GET
H2 200 keri-dangelo-2.png
starsgab.com/wp-content/uploads/2023/05/ 363 KB
363 KB 129ms
128ms Image
image/png 165.227.201.152
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://starsgab.com/wp-content/uploads/2023/05/keri-dangelo-2.png
Requested by: Host: starsgab.com
URL: https://starsgab.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 165.227.201.152 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 315146.cloudwaysapps.com
Software: nginx /
Resource Hash: d2e7d61958e59555dbfdfa5b1793f3d8bb541a96864cdeb6797ddc8f78b52a6d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://starsgab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 21:27:06 GMT
last-modified: Wed, 17 May 2023 08:42:09 GMT
server: nginx
etag: "64649361-5aa18"
content-type: image/png
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 371224

GET
H2 200 penelope-cordeau-3.png
starsgab.com/wp-content/uploads/2023/05/ 257 KB
257 KB 128ms
128ms Image
image/png 165.227.201.152
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://starsgab.com/wp-content/uploads/2023/05/penelope-cordeau-3.png
Requested by: Host: starsgab.com
URL: https://starsgab.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 165.227.201.152 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 315146.cloudwaysapps.com
Software: nginx /
Resource Hash: 7cf435a359c687ffb3a53d04fa657b629f8ff28f83b7900d1c64edf50d8c0a05

Request headers

accept-language: en-US,en;q=0.9
Referer: https://starsgab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 21:27:06 GMT
last-modified: Tue, 16 May 2023 21:19:07 GMT
server: nginx
etag: "6463f34b-403ed"
content-type: image/png
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 263149

GET
H2 200 kaia-wright-net-worth-6-485x360.png
starsgab.com/wp-content/uploads/2023/05/ 220 KB
220 KB 128ms
128ms Image
image/png 165.227.201.152
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://starsgab.com/wp-content/uploads/2023/05/kaia-wright-net-worth-6-485x360.png
Requested by: Host: starsgab.com
URL: https://starsgab.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 165.227.201.152 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 315146.cloudwaysapps.com
Software: nginx /
Resource Hash: fba91ba36de9a27e8fdf868b39e28f0852ab6ffb6a6a80915e85e579baa22ba5

Request headers

accept-language: en-US,en;q=0.9
Referer: https://starsgab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 21:27:06 GMT
last-modified: Sat, 13 May 2023 21:01:59 GMT
server: nginx
etag: "645ffac7-3705c"
content-type: image/png
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 225372

GET
H2 200 robert-rushing-net-worth-5-218x150.png
starsgab.com/wp-content/uploads/2023/05/ 53 KB
53 KB 128ms
128ms Image
image/png 165.227.201.152
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://starsgab.com/wp-content/uploads/2023/05/robert-rushing-net-worth-5-218x150.png
Requested by: Host: starsgab.com
URL: https://starsgab.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 165.227.201.152 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 315146.cloudwaysapps.com
Software: nginx /
Resource Hash: 0c195b945ef8a2466479b6ac17e2fc828bad34d4caa1fe1d17df3cd44bd609e0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://starsgab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 21:27:06 GMT
last-modified: Tue, 09 May 2023 16:31:30 GMT
server: nginx
etag: "645a7562-d258"
content-type: image/png
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 53848

GET
H2 200 kirill-bichutsky-net-worth-3-218x150.png
starsgab.com/wp-content/uploads/2023/05/ 49 KB
49 KB 128ms
128ms Image
image/png 165.227.201.152
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://starsgab.com/wp-content/uploads/2023/05/kirill-bichutsky-net-worth-3-218x150.png
Requested by: Host: starsgab.com
URL: https://starsgab.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 165.227.201.152 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 315146.cloudwaysapps.com
Software: nginx /
Resource Hash: ea2217b6e03809c43c8d36500500b6b7d6d05ce7794bb7f619deb739618e01e4

Request headers

accept-language: en-US,en;q=0.9
Referer: https://starsgab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 21:27:06 GMT
last-modified: Sat, 06 May 2023 10:56:18 GMT
server: nginx
etag: "64563252-c4c5"
content-type: image/png
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 50373

GET
H2 200 jo-guest-net-worth-2-218x150.png
starsgab.com/wp-content/uploads/2023/05/ 47 KB
47 KB 128ms
128ms Image
image/png 165.227.201.152
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://starsgab.com/wp-content/uploads/2023/05/jo-guest-net-worth-2-218x150.png
Requested by: Host: starsgab.com
URL: https://starsgab.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 165.227.201.152 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 315146.cloudwaysapps.com
Software: nginx /
Resource Hash: 9da56eec138c9d2526c4361ffc8880d58fbf113ab878e863377d1f27ad786c41

Request headers

accept-language: en-US,en;q=0.9
Referer: https://starsgab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 21:27:06 GMT
last-modified: Thu, 04 May 2023 02:30:56 GMT
server: nginx
etag: "645318e0-bb7c"
content-type: image/png
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 47996

GET
H2 200 todd-hoffman-gold-rush-e1681833553439-218x150.png
starsgab.com/wp-content/uploads/2023/04/ 47 KB
47 KB 128ms
127ms Image
image/png 165.227.201.152
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://starsgab.com/wp-content/uploads/2023/04/todd-hoffman-gold-rush-e1681833553439-218x150.png
Requested by: Host: starsgab.com
URL: https://starsgab.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 165.227.201.152 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 315146.cloudwaysapps.com
Software: nginx /
Resource Hash: 3f4ae4b9dcb1ace8994b034d870dc9584beeb01d3138ed445cc1844e83ba4e71

Request headers

accept-language: en-US,en;q=0.9
Referer: https://starsgab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 21:27:06 GMT
last-modified: Tue, 18 Apr 2023 15:59:14 GMT
server: nginx
etag: "643ebe52-ba9c"
content-type: image/png
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 47772

GET
H2 200 keisha-grey-6.png
starsgab.com/wp-content/uploads/2023/05/ 310 KB
310 KB 127ms
127ms Image
image/png 165.227.201.152
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://starsgab.com/wp-content/uploads/2023/05/keisha-grey-6.png
Requested by: Host: starsgab.com
URL: https://starsgab.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 165.227.201.152 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 315146.cloudwaysapps.com
Software: nginx /
Resource Hash: 3850a9ce12b5874d87f1564f1bfa9d644a240c604aab6ecf636bf8d1d03d1b7b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://starsgab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 21:27:06 GMT
last-modified: Sun, 14 May 2023 11:02:30 GMT
server: nginx
etag: "6460bfc6-4d6c5"
content-type: image/png
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 317125

GET
H2 200 xaria-dotson-7.png
starsgab.com/wp-content/uploads/2023/05/ 493 KB
494 KB 127ms
127ms Image
image/png 165.227.201.152
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://starsgab.com/wp-content/uploads/2023/05/xaria-dotson-7.png
Requested by: Host: starsgab.com
URL: https://starsgab.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 165.227.201.152 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 315146.cloudwaysapps.com
Software: nginx /
Resource Hash: 6a6fef0ad1dcd1ec4cf7a3803295ab078d6924d088298a8750de355caedae65d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://starsgab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 21:27:06 GMT
last-modified: Fri, 12 May 2023 16:03:57 GMT
server: nginx
etag: "645e636d-7b5f3"
content-type: image/png
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 505331

GET
H2 200 isabel-gravitts-1.png
starsgab.com/wp-content/uploads/2023/05/ 328 KB
328 KB 126ms
126ms Image
image/png 165.227.201.152
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://starsgab.com/wp-content/uploads/2023/05/isabel-gravitts-1.png
Requested by: Host: starsgab.com
URL: https://starsgab.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 165.227.201.152 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 315146.cloudwaysapps.com
Software: nginx /
Resource Hash: 2be0eb4f24b2f3eb2e93b50fe5579d43192443840be3ee6747b3a9f5e8bc23c4

Request headers

accept-language: en-US,en;q=0.9
Referer: https://starsgab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 21:27:06 GMT
last-modified: Fri, 12 May 2023 08:40:13 GMT
server: nginx
etag: "645dfb6d-51fb6"
content-type: image/png
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 335798

GET
H2 200 newspaper.woff
starsgab.com/wp-content/themes/Newspaper/images/icons/ 28 KB
28 KB 126ms
126ms Font
application/font-woff 165.227.201.152
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://starsgab.com/wp-content/themes/Newspaper/images/icons/newspaper.woff?20
Requested by: Host: starsgab.com
URL: https://starsgab.com/wp-content/themes/Newspaper/style.css?ver=11.4.1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 165.227.201.152 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 315146.cloudwaysapps.com
Software: nginx /
Resource Hash: f9105ad89b0652997872724722eb0747fbabefd60ac84c4d47c374bc27529821

Request headers

Referer: https://starsgab.com/wp-content/themes/Newspaper/style.css?ver=11.4.1
Origin: https://starsgab.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 21:27:06 GMT
last-modified: Wed, 09 Feb 2022 09:39:14 GMT
server: nginx
etag: "62038bc2-6ee0"
content-type: application/font-woff
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 28384

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v35/ 47 KB
47 KB 293ms
155ms Font
font/woff2 2607:f8b0:4006:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?display=swap&family=Open+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700&ver=11.4.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2003 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://starsgab.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 16 May 2023 13:09:14 GMT
x-content-type-options: nosniff
age: 116273
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48412
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:08:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 15 May 2024 13:09:14 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 16 KB
16 KB 270ms
133ms Font
font/woff2 2607:f8b0:4006:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?display=swap&family=Open+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700&ver=11.4.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2003 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://starsgab.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 13 May 2023 17:16:32 GMT
x-content-type-options: nosniff
age: 360635
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 May 2024 17:16:32 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 215ms
79ms Font
font/woff2 2607:f8b0:4006:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?display=swap&family=Open+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700&ver=11.4.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2003 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://starsgab.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 13 May 2023 05:55:40 GMT
x-content-type-options: nosniff
age: 401487
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 May 2024 05:55:40 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 178ms
65ms Font
font/woff2 2607:f8b0:4006:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?display=swap&family=Open+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700&ver=11.4.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2003 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://starsgab.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 13 May 2023 05:55:38 GMT
x-content-type-options: nosniff
age: 401489
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 May 2024 05:55:38 GMT

GET
H2 200 roux-lopez-3-485x360.png
starsgab.com/wp-content/uploads/2023/05/ 288 KB
288 KB 149ms
149ms Image
image/png 165.227.201.152
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://starsgab.com/wp-content/uploads/2023/05/roux-lopez-3-485x360.png
Requested by: Host: starsgab.com
URL: https://starsgab.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 165.227.201.152 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 315146.cloudwaysapps.com
Software: nginx /
Resource Hash: 939967cd4a894b231399728106f91af38624eba8ef59f6f7d98b8f5295461238

Request headers

accept-language: en-US,en;q=0.9
Referer: https://starsgab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 21:27:06 GMT
last-modified: Wed, 17 May 2023 19:29:16 GMT
server: nginx
etag: "64652b0c-47eaa"
content-type: image/png
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 294570

GET
H2 200 keri-dangelo-2-439x360.png
starsgab.com/wp-content/uploads/2023/05/ 192 KB
192 KB 149ms
149ms Image
image/png 165.227.201.152
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://starsgab.com/wp-content/uploads/2023/05/keri-dangelo-2-439x360.png
Requested by: Host: starsgab.com
URL: https://starsgab.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 165.227.201.152 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 315146.cloudwaysapps.com
Software: nginx /
Resource Hash: b077a8dba7a548e4b4af8c9dfa318879d6f0a2074fec05e7ac5826faa7089666

Request headers

accept-language: en-US,en;q=0.9
Referer: https://starsgab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 21:27:06 GMT
last-modified: Wed, 17 May 2023 08:42:11 GMT
server: nginx
etag: "64649363-2ffb5"
content-type: image/png
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 196533

GET
H2 200 penelope-cordeau-3-391x360.png
starsgab.com/wp-content/uploads/2023/05/ 126 KB
126 KB 149ms
149ms Image
image/png 165.227.201.152
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://starsgab.com/wp-content/uploads/2023/05/penelope-cordeau-3-391x360.png
Requested by: Host: starsgab.com
URL: https://starsgab.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 165.227.201.152 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 315146.cloudwaysapps.com
Software: nginx /
Resource Hash: 5e3c520cdbfba4e50e612c8f4230c8b994b934b214ae4f39f17244c3af24ca64

Request headers

accept-language: en-US,en;q=0.9
Referer: https://starsgab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 21:27:06 GMT
last-modified: Tue, 16 May 2023 21:19:09 GMT
server: nginx
etag: "6463f34d-1f857"
content-type: image/png
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 129111

GET
H2 200 deanna-bastianich-1-459x360.png
starsgab.com/wp-content/uploads/2023/05/ 235 KB
236 KB 149ms
149ms Image
image/png 165.227.201.152
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://starsgab.com/wp-content/uploads/2023/05/deanna-bastianich-1-459x360.png
Requested by: Host: starsgab.com
URL: https://starsgab.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 165.227.201.152 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 315146.cloudwaysapps.com
Software: nginx /
Resource Hash: c25d59274315537d6a2063692821387477658607d9371f3b61fb4dd02f2e87c5

Request headers

accept-language: en-US,en;q=0.9
Referer: https://starsgab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 21:27:06 GMT
last-modified: Tue, 16 May 2023 12:09:03 GMT
server: nginx
etag: "6463725f-3adc8"
content-type: image/png
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 241096

GET
H2 200 amy-ferson-1.png
starsgab.com/wp-content/uploads/2023/05/ 219 KB
219 KB 149ms
148ms Image
image/png 165.227.201.152
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://starsgab.com/wp-content/uploads/2023/05/amy-ferson-1.png
Requested by: Host: starsgab.com
URL: https://starsgab.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 165.227.201.152 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 315146.cloudwaysapps.com
Software: nginx /
Resource Hash: bb305bd385a8b77572bbb3a369f335c42af9a8ee8d2742bb2d6fb0af50c2ec02

Request headers

accept-language: en-US,en;q=0.9
Referer: https://starsgab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 21:27:06 GMT
last-modified: Tue, 16 May 2023 10:30:46 GMT
server: nginx
etag: "64635b56-36b22"
content-type: image/png
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 224034

GET
H2 200 tru-kait-6-485x322.png
starsgab.com/wp-content/uploads/2023/05/ 178 KB
178 KB 149ms
148ms Image
image/png 165.227.201.152
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://starsgab.com/wp-content/uploads/2023/05/tru-kait-6-485x322.png
Requested by: Host: starsgab.com
URL: https://starsgab.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 165.227.201.152 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 315146.cloudwaysapps.com
Software: nginx /
Resource Hash: 86741c79dd961b2da3b1af29f8cf37ddc3937680b73ee9944caa8260a6f6b1f1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://starsgab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 21:27:06 GMT
last-modified: Tue, 16 May 2023 09:28:14 GMT
server: nginx
etag: "64634cae-2c80f"
content-type: image/png
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 182287

GET
H2 200 alina-kim-4-485x360.png
starsgab.com/wp-content/uploads/2023/05/ 231 KB
231 KB 210ms
203ms Image
image/png 165.227.201.152
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://starsgab.com/wp-content/uploads/2023/05/alina-kim-4-485x360.png
Requested by: Host: starsgab.com
URL: https://starsgab.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 165.227.201.152 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 315146.cloudwaysapps.com
Software: nginx /
Resource Hash: 92dfea243f42642241bad94d8b25c0de8f3fb8bae547e46b2b81f50207b2f039

Request headers

accept-language: en-US,en;q=0.9
Referer: https://starsgab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 21:27:06 GMT
last-modified: Tue, 16 May 2023 07:06:15 GMT
server: nginx
etag: "64632b67-39a1f"
content-type: image/png
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 236063

GET
H2 200 camelia-ortiz-2-457x360.png
starsgab.com/wp-content/uploads/2023/05/ 185 KB
185 KB 268ms
265ms Image
image/png 165.227.201.152
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://starsgab.com/wp-content/uploads/2023/05/camelia-ortiz-2-457x360.png
Requested by: Host: starsgab.com
URL: https://starsgab.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 165.227.201.152 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 315146.cloudwaysapps.com
Software: nginx /
Resource Hash: 5810767cff372ff7f37038c2847800c5829a943faee27aa6979424863b5b5a86

Request headers

accept-language: en-US,en;q=0.9
Referer: https://starsgab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 21:27:06 GMT
last-modified: Mon, 15 May 2023 20:39:12 GMT
server: nginx
etag: "64629870-2e3bc"
content-type: image/png
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 189372

GET
H2 200 josephine-riddick-hendrick-1-485x360.png
starsgab.com/wp-content/uploads/2023/05/ 211 KB
211 KB 269ms
266ms Image
image/png 165.227.201.152
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://starsgab.com/wp-content/uploads/2023/05/josephine-riddick-hendrick-1-485x360.png
Requested by: Host: starsgab.com
URL: https://starsgab.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 165.227.201.152 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 315146.cloudwaysapps.com
Software: nginx /
Resource Hash: 3bba24c50a5789cda4f15909277e954390f40b59191c528b78a95d9141366527

Request headers

accept-language: en-US,en;q=0.9
Referer: https://starsgab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 21:27:06 GMT
last-modified: Mon, 15 May 2023 19:32:19 GMT
server: nginx
etag: "646288c3-34bbc"
content-type: image/png
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 215996

GET
H2 200 footer_bg.jpg
starsgab.com/wp-content/uploads/2022/02/ 105 KB
105 KB 269ms
266ms Image
image/jpeg 165.227.201.152
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://starsgab.com/wp-content/uploads/2022/02/footer_bg.jpg
Requested by: Host: starsgab.com
URL: https://starsgab.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 165.227.201.152 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 315146.cloudwaysapps.com
Software: nginx /
Resource Hash: eeced1d8cb05e0490197eca352ff09680161f09b254df3fca1acb8e98593a275

Request headers

accept-language: en-US,en;q=0.9
Referer: https://starsgab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 21:27:06 GMT
last-modified: Wed, 09 Feb 2022 09:45:47 GMT
server: nginx
etag: "62038d4b-1a481"
content-type: image/jpeg
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 107649

GET
H2 200 roux-lopez-3-218x150.png
starsgab.com/wp-content/uploads/2023/05/ 63 KB
63 KB 269ms
267ms Image
image/png 165.227.201.152
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://starsgab.com/wp-content/uploads/2023/05/roux-lopez-3-218x150.png
Requested by: Host: starsgab.com
URL: https://starsgab.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 165.227.201.152 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 315146.cloudwaysapps.com
Software: nginx /
Resource Hash: a2eb1ef86b954f9953277905d294b8d87064037456444aecc15eeaf4099f8db8

Request headers

accept-language: en-US,en;q=0.9
Referer: https://starsgab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 21:27:06 GMT
last-modified: Wed, 17 May 2023 19:29:15 GMT
server: nginx
etag: "64652b0b-fb85"
content-type: image/png
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 64389

GET
H2 200 denise-luiso-3-218x150.png
starsgab.com/wp-content/uploads/2023/05/ 48 KB
48 KB 270ms
267ms Image
image/png 165.227.201.152
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://starsgab.com/wp-content/uploads/2023/05/denise-luiso-3-218x150.png
Requested by: Host: starsgab.com
URL: https://starsgab.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 165.227.201.152 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 315146.cloudwaysapps.com
Software: nginx /
Resource Hash: ccc0fba87f29e1c77b454dd9c57d736ec788b98085d36e12c754a77fe82dd452

Request headers

accept-language: en-US,en;q=0.9
Referer: https://starsgab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 21:27:06 GMT
last-modified: Wed, 17 May 2023 09:46:43 GMT
server: nginx
etag: "6464a283-bee9"
content-type: image/png
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 48873

GET
H2 200 keri-dangelo-2-218x150.png
starsgab.com/wp-content/uploads/2023/05/ 50 KB
50 KB 270ms
268ms Image
image/png 165.227.201.152
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://starsgab.com/wp-content/uploads/2023/05/keri-dangelo-2-218x150.png
Requested by: Host: starsgab.com
URL: https://starsgab.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 165.227.201.152 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 315146.cloudwaysapps.com
Software: nginx /
Resource Hash: f65b7775d6cafd989ca54f06b3410ebf63eb910bc3b800d2c721fbcbb56955d5

Request headers

accept-language: en-US,en;q=0.9
Referer: https://starsgab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 21:27:06 GMT
last-modified: Wed, 17 May 2023 08:42:10 GMT
server: nginx
etag: "64649362-c645"
content-type: image/png
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 50757

GET
H2 200 g.gif
pixel.wp.com/ 50 B
93 B 53ms
44ms Image
image/gif 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.wp.com/g.gif?v=ext&j=1%3A10.2.1&blog=196204585&post=59218&tz=0&srv=starsgab.com&host=starsgab.com&ref=&fcp=610&rand=0.7614187263799428
Requested by: Host: starsgab.com
URL: https://starsgab.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://starsgab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 17 May 2023 21:27:06 GMT
cache-control: no-cache
server: nginx
content-length: 50
content-type: image/gif

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 116 KB
45 KB 104ms
102ms Script
application/javascript 2607:f8b0:4006:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-113932176-46

Requested by

Host: a.vdo.ai
URL: https://a.vdo.ai/core/v-starsgab/vdo.ai.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:806::2008 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c32139223728fd8ff49175b6df2bf91b25fcd8e6a3807cc85e4421a473d2ba37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://starsgab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 21:27:07 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46231
x-xss-protection: 0
last-modified: Wed, 17 May 2023 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 17 May 2023 21:27:07 GMT

POST
H/1.1 200
OK logger Show response
analytics.vdo.ai/ 0
248 B 507ms
163ms XHR
text/html 65.108.0.253
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.vdo.ai/logger
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/v-starsgab/vdo.ai.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 65.108.0.253 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.253.0.108.65.clients.your-server.de
Software: openresty/1.19.9.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://starsgab.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: *
Date: Wed, 17 May 2023 21:27:07 GMT
Server: openresty/1.19.9.1
Connection: keep-alive
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html

POST
H/1.1 200
OK logger Show response
analytics.vdo.ai/ 0
248 B 537ms
174ms XHR
text/html 65.108.0.253
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.vdo.ai/logger
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/v-starsgab/vdo.ai.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 65.108.0.253 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.253.0.108.65.clients.your-server.de
Software: openresty/1.19.9.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://starsgab.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: *
Date: Wed, 17 May 2023 21:27:07 GMT
Server: openresty/1.19.9.1
Connection: keep-alive
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305110101/ 356 KB
120 KB 291ms
165ms Script
text/javascript 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305110101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7063822928380888

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1a1d8f790300fbf5b159bf1d91c42d45265f32ae462402786e62af3da95ac150

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://starsgab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 21:27:07 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 122562
x-xss-protection: 0
server: cafe
etag: 6210360859022737261
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 17 May 2023 21:27:07 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230515/r20190131/ Frame AA87 10 KB
5 KB 199ms
63ms Document
text/html 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230515/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7063822928380888

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://starsgab.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 13456
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4540
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 17 May 2023 17:42:51 GMT
etag: 15057649708203361565
expires: Wed, 31 May 2023 17:42:51 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 51 KB
21 KB 118ms
33ms Script
text/javascript 2001:4860:4802:36::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-153094083-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://starsgab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 17 May 2023 20:43:46 GMT
last-modified: Mon, 17 Apr 2023 22:36:01 GMT
server: Golfe2
age: 2601
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20737
expires: Wed, 17 May 2023 22:43:46 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 202 KB
73 KB 107ms
105ms Script
application/javascript 2607:f8b0:4006:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-PFW95074FZ&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-153094083-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:806::2008 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8df1183554a6cdfb35af306e910a3c741716dc6bd42ab3f5be655e1dcaa6731f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://starsgab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 21:27:07 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 74158
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 17 May 2023 21:27:07 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
204 B 48ms
47ms XHR
text/plain 2001:4860:4802:36::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j100&aip=1&a=224502909&t=pageview&_s=1&dl=https%3A%2F%2Fstarsgab.com%2F&ul=en-us&de=UTF-8&dt=Home%20-%20Starsgab&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBACUABBAAAACAAI~&jid=1421891812&gjid=123845053&cid=272226744.1684358827&tid=UA-153094083-1&_gid=600363536.1684358827&_r=1&gtm=457e35a0&did=dZTNiMT&gdid=dZTNiMT&jsscut=1&z=97572890

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://starsgab.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 17 May 2023 21:27:07 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://starsgab.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
68 B 45ms
44ms XHR
text/plain 2001:4860:4802:36::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j100&a=224502909&t=event&_s=1&dl=https%3A%2F%2Fstarsgab.com%2F&ul=en-us&de=UTF-8&dt=Home%20-%20Starsgab&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=vdoaijs&ea=loaded&el=v-starsgab&_u=YGDACUABBAAAACAAI~&jid=849183798&gjid=655245643&cid=272226744.1684358827&tid=UA-113932176-46&_gid=600363536.1684358827&_r=1&gtm=457e35a0&did=dZTNiMT&gdid=dZTNiMT&jsscut=1&z=744547154

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://starsgab.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 17 May 2023 21:27:07 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://starsgab.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
47 B 59ms
58ms Ping
text/plain 2001:4860:4802:36::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-PFW95074FZ&gtm=45je35a0&_p=224502909&gdid=dZTNiMT&cid=272226744.1684358827&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ngs=1&_s=1&sid=1684358827&sct=1&seg=0&dl=https%3A%2F%2Fstarsgab.com%2F&dt=Home%20-%20Starsgab&en=page_view&_fv=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-PFW95074FZ&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://starsgab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 May 2023 21:27:07 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://starsgab.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
343 B 194ms
57ms XHR
text/plain 2607:f8b0:400c:c06::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j100&tid=UA-153094083-1&cid=272226744.1684358827&jid=1421891812&gjid=123845053&_gid=600363536.1684358827&_u=YGBACUAABAAAACAAI~&z=429823892

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400c:c06::9b Charleston, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://starsgab.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 17 May 2023 21:27:07 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://starsgab.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 choice.js Show response
cmp.quantcast.com/choice/PRrmquD1Ggcb1/starsgab.com/ 10 KB
4 KB 407ms
244ms XHR
application/javascript 2600:9000:24f7:f600:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.quantcast.com/choice/PRrmquD1Ggcb1/starsgab.com/choice.js?tag_version=V2
Requested by: Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/publift/tags/2/2743/fuse.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:24f7:f600:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 89b9cdd65071ba167a6f39705f0ac244cad0f75669778ed58256d7908983a502

Request headers

accept-language: en-US,en;q=0.9
Referer: https://starsgab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 21:27:08 GMT
content-encoding: br
via: 1.1 6600f36fdbb63d37961eb0d99869f3fa.cloudfront.net (CloudFront)
x-amz-cf-pop: CMH68-P1
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
cross-origin-resource-policy: cross-origin
last-modified: Fri, 15 Jul 2022 05:19:05 GMT
server: AmazonS3
etag: W/"19d28e46201f081a02b5d264538c0dd9"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: https://starsgab.com
cache-control: max-age=3600
access-control-allow-credentials: true
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding
x-amz-cf-id: 4hfDNXhLxHwkhr7Mgy894Q9jkYi1aQnTsgsauUHlzArrS6ovfPRNsQ==

GET
H2 200 prebid-ada79c7d9d76b5af423a4c7afc1b2fe4.js Show response
cdn.fuseplatform.net/prebid/ 294 KB
91 KB 67ms
65ms Script
application/x-javascript 2600:1400:9000::687e:74c9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.fuseplatform.net/prebid/prebid-ada79c7d9d76b5af423a4c7afc1b2fe4.js
Requested by: Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/publift/tags/2/2743/fuse.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1400:9000::687e:74c9 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 83ae2e1111156aa32b458e4a3fe070f297a044ecb2855caf1ba7da118ad5fe65

Request headers

accept-language: en-US,en;q=0.9
Referer: https://starsgab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 21:27:07 GMT
content-encoding: gzip
last-modified: Fri, 10 Mar 2023 07:01:34 GMT
server: AkamaiNetStorage
etag: "91ff2b335c010625ddf2e82987d8679c:1678431694.361658"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=86400000
accept-ranges: bytes
content-length: 93160
expires: Tue, 10 Feb 2026 21:27:07 GMT

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 230 KB
57 KB 292ms
69ms Script
application/javascript 108.138.107.138
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/publift/tags/2/2743/fuse.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.107.138 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-107-138.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a95e7d0a3cb18909649c1c1cf3a03b867df399d7a68a95438700d0c250190ea5

Request headers

accept-language: en-US,en;q=0.9
Referer: https://starsgab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 21:18:22 GMT
content-encoding: gzip
via: 1.1 2b0c54ffe9876882253b010d44184bdc.cloudfront.net (CloudFront), 1.1 0667564db9d2ec4ceec667e46b842a9c.cloudfront.net (CloudFront)
last-modified: Wed, 10 May 2023 21:23:10 GMT
server: AmazonS3
x-amz-cf-pop: IAD89-P2, JFK50-P3
age: 526
x-amz-server-side-encryption: AES256
etag: W/"7495a9027cbb36cfc88c8eb9e9614a3b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=3600
x-amz-cf-id: xVU9kHR37v_utM2jwuX4B85XUscc83ZZnPW6QCwTxD7jhhsdqGAXDQ==

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 75 KB
25 KB 272ms
124ms Script
text/javascript 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/publift/tags/2/2743/fuse.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a473a695162892ed842f775045d584922e4f1cd3668eed5821b6ab824d4cfd81

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://starsgab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 21:27:07 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25313
x-xss-protection: 0
server: cafe
etag: 676 / 19494 / m202305110101 / config-hash: 3044622800276234104
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 17 May 2023 21:27:07 GMT

GET
H2 200 noconsent Show response
cdn.fuseplatform.net/telemetry/ 1 B
212 B 255ms
65ms Fetch
text/plain 2600:1400:9000::687e:74c9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.fuseplatform.net/telemetry/noconsent?v=1&ttm=1684358827495&cookie=true&res=1600x1200&device=desktop&browser=chrome&fuuid=b4fb8ace-359f-555e-93b4-6579f9a77acb&fid=2743&pubid=1&url=https%3A%2F%2Fstarsgab.com%2F&sid=392a665bc1d28615d032&srate=100&adserver=gpt&etm=1184&e=fuse-load
Requested by: Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/publift/tags/2/2743/fuse.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1400:9000::687e:74c9 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 2d711642b726b04401627ca9fbac32f5c8530fb1903cc4db02258717921a4881

Request headers

accept-language: en-US,en;q=0.9
Referer: https://starsgab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 21:27:07 GMT
last-modified: Wed, 10 Aug 2022 11:31:51 GMT
server: AkamaiNetStorage
etag: "9dd4e461268c8034f5c8564e155c67a6:1660131111.248793"
vary: Origin
content-type: text/plain
access-control-allow-origin: https://starsgab.com
cache-control: max-age=1800
accept-ranges: bytes
content-length: 1
expires: Wed, 17 May 2023 21:57:07 GMT

GET
H2 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 2 KB
1 KB 119ms
32ms XHR
application/json 2a04:4e42:400::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20230517

Requested by

Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/prebid/prebid-ada79c7d9d76b5af423a4c7afc1b2fe4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

bb12d4c4ae5fd53be24d22d7986932390dced153f1920133ca4efe5ff555afbe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://starsgab.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 17 May 2023 21:27:07 GMT
x-content-type-options: nosniff
content-encoding: br
age: 19579
x-jsd-version: 1.0.1699
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 833
x-served-by: cache-fra-eddf8230103-FRA, cache-mia-kmia1760035-MIA
x-jsd-version-type: version
etag: W/"63b-V8h/lme10kyBaIL5aWQ7pOSf4nk"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305110101/ 406 KB
125 KB 63ms
62ms Script
text/javascript 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305110101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1724b4bef54c6783a92933aad501fd9fe01ceb5225301c744ff0883030e72f00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://starsgab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 11:14:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 36744
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 128048
x-xss-protection: 0
server: cafe
etag: 352811828592807000
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Thu, 16 May 2024 11:14:43 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 2 KB
519 B 207ms
80ms XHR
application/json 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=starsgab.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c1878305208d1e0690076c78a0fa2bebfc6521551f27b0ac2b0817b1a304a9ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://starsgab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 21:27:08 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 494
x-xss-protection: 0
expires: Wed, 17 May 2023 21:27:08 GMT

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 181ms
60ms XHR
application/javascript 108.138.107.138
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.107.138 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-107-138.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: en-US,en;q=0.9
Referer: https://starsgab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-amz-version-id: yHpogsakS7iCluwAmUa6Y9ccBYm32d5h
content-encoding: gzip
via: 1.1 ed8dbde89917eaa6ca93ba7fad809c48.cloudfront.net (CloudFront)
date: Wed, 17 May 2023 01:39:18 GMT
x-amz-cf-pop: JFK50-P3
age: 71271
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Thu, 11 May 2023 21:16:48 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: AGFaffz0WdSfXnRh82Y7kRnRQiNnRHxkgXBCee8W3hAOeaz4GWfhKw==

GET
H2 204 config Show response
c.amazon-adsystem.com/cdn/prod/ 0
309 B 61ms
60ms XHR
text/plain 108.138.107.138
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fstarsgab.com&pubid=8b48e249-e9e6-4a52-8b48-396ea93403e8
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.107.138 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-107-138.jfk50.r.cloudfront.net
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://starsgab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 16:35:20 GMT
via: 1.1 0667564db9d2ec4ceec667e46b842a9c.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: JFK50-P3
age: 17506
x-cache: Hit from cloudfront
access-control-allow-origin: https://starsgab.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-id: UksTU68O-yaqOrnJdT7GPDROLV5U_GZat9rqOWClNZyywnCKbYtoww==

GET
H2 200 choice.js Show response
cmp.quantcast.com/choice/PRrmquD1Ggcb1/starsgab.com/ 10 KB
4 KB 266ms
138ms Script
application/javascript 2600:9000:24f7:f600:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.quantcast.com/choice/PRrmquD1Ggcb1/starsgab.com/choice.js?tag_version=V2
Requested by: Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/publift/tags/2/2743/fuse.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:24f7:f600:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 89b9cdd65071ba167a6f39705f0ac244cad0f75669778ed58256d7908983a502

Request headers

accept-language: en-US,en;q=0.9
Referer: https://starsgab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 21:27:09 GMT
content-encoding: br
via: 1.1 e98f0b9968088109138df73e2c009a08.cloudfront.net (CloudFront)
last-modified: Fri, 15 Jul 2022 05:19:05 GMT
server: AmazonS3
x-amz-cf-pop: CMH68-P1
x-amz-server-side-encryption: AES256
etag: W/"19d28e46201f081a02b5d264538c0dd9"
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
cross-origin-resource-policy: cross-origin
x-amz-cf-id: cgobg0DSSnh1X4wjQDdtaI_F5k4800HZbgN8PlyNCvtrHklgW3pToQ==

GET
H2 200 tag Show response
btloader.com/ 55 KB
14 KB 182ms
60ms Script
application/javascript 2606:4700:20::681a:68b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://btloader.com/tag?o=5708166709903360&upapi=true
Requested by: Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/publift/tags/2/2743/fuse.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:68b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4d91b4e1a48fe8e0acbb39b5297cdd57133da3588a79d88d6b6d39fa5ba2ad0f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://starsgab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 21:27:08 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 17 May 2023 20:32:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3176
etag: W/"c51fd1e8cb870479d62c62d1a0312dab"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CX1niJsrH7LrEzX5Yw%2FZjneyXyBMZZRGro7xwn%2BqNjBtf%2FVgDyT01D1FB6Uj0BeGMcU%2B%2BIXbWGYHb9iGyLh%2FQ330DjHaxB3LJ7WtxjUrVwNT9Z1PavAPrG7Ng5rpPA287v2gYzRT9508gg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
cf-ray: 7c8ef1543d4cb03e-ATL

GET
H2 200 cmp2.js Show response
cmp.quantcast.com/tcfv2/ 178 KB
44 KB 72ms
72ms Script
text/javascript 2600:9000:24f7:f600:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.quantcast.com/tcfv2/cmp2.js?referer=starsgab.com
Requested by: Host: cmp.quantcast.com
URL: https://cmp.quantcast.com/choice/PRrmquD1Ggcb1/starsgab.com/choice.js?tag_version=V2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:24f7:f600:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 253dbb7cdf8b323dd7701b955a3557228e07163d34c34a09844928005b2107dd

Request headers

accept-language: en-US,en;q=0.9
Referer: https://starsgab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 21:20:23 GMT
content-encoding: br
via: 1.1 e98f0b9968088109138df73e2c009a08.cloudfront.net (CloudFront)
x-amz-cf-pop: CMH68-P1
age: 406
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
last-modified: Wed, 05 Apr 2023 15:47:13 GMT
server: AmazonS3
etag: W/"44b9dae010477f4d1d41d5d25cbbc7af"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=3600
vary: Accept-Encoding
x-amz-cf-id: HffCtp2iGmiNiztSffvGs3JBMrewiiQiiUfKjNiSzQg0mogwsek40A==

GET
H2 200 px.gif
ad-delivery.net/ 43 B
337 B 167ms
64ms Image
image/gif 2606:4700:20::681a:346
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-delivery.net/px.gif?ch=2
Requested by: Host: starsgab.com
URL: https://starsgab.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:346 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-US,en;q=0.9
Referer: https://starsgab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 21:27:08 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 581104
x-guploader-uploadid: ADPycdvpinxvif3oLKhmdgmTNdl_MKA2TNlQVXJbutnVNZDJkh7Z4ol8n9WoD8Zz7KLtorJKthof9BgzZH8jWGX7oY7rfA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
content-length: 43
last-modified: Wed, 05 May 2021 19:25:32 GMT
server: cloudflare
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
vary: Accept-Encoding
x-goog-generation: 1620242732037093
content-type: image/gif
access-control-allow-origin: *
x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=86400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eNQJ4iPjrIEtbHpJB5Ks5YRgnsdrqwalmfv%2BskPFEe7k8o6qftndD1z74yeIv7yhRABOMS11YfeBvYSerxE2cw5OvJkdZJo72iPTTEZ6YbTxyUQzhc6MacUMvS0mPyFSu%2BRjDJM8QY4%2BwnukeA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 43
accept-ranges: bytes
cf-ray: 7c8ef1554c69b05c-ATL
expires: Thu, 18 May 2023 21:27:08 GMT

GET
H2 200 favicon.ico
ad.doubleclick.net/ 1 KB
571 B 198ms
61ms Image
image/x-icon 142.250.72.102
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250

Requested by

Host: starsgab.com
URL: https://starsgab.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.72.102 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s32-in-f6.1e100.net

Software

sffe /

Resource Hash

d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://starsgab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 16:20:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 18425
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 104
x-xss-protection: 0
last-modified: Tue, 08 May 2012 13:08:06 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/x-icon
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 18 May 2023 16:20:03 GMT

GET
H2 200 px.gif
ad-delivery.net/ 43 B
932 B 163ms
60ms Image
image/gif 2606:4700:20::681a:346
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-delivery.net/px.gif?ch=1&e=0.22679583566924366
Requested by: Host: starsgab.com
URL: https://starsgab.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:346 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-US,en;q=0.9
Referer: https://starsgab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 21:27:08 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 581104
x-guploader-uploadid: ADPycdvpinxvif3oLKhmdgmTNdl_MKA2TNlQVXJbutnVNZDJkh7Z4ol8n9WoD8Zz7KLtorJKthof9BgzZH8jWGX7oY7rfA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
content-length: 43
last-modified: Wed, 05 May 2021 19:25:32 GMT
server: cloudflare
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
vary: Accept-Encoding
x-goog-generation: 1620242732037093
content-type: image/gif
access-control-allow-origin: *
x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=86400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FSW59prpsKFM7G6JNQxX7mYAa7LO0vuXtK6Pn4IusBZS68d5JcLUriL8XehH%2Bwd2%2FDZSwx%2FXxM3PhI2qoC2JG90BMd3YiA8z3OBYKtQ%2F4k047aUt%2FgikIrzk9gQdm%2B0VP6zgBKfy2CcSDhAvlA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 43
accept-ranges: bytes
cf-ray: 7c8ef1554c6cb05c-ATL
expires: Thu, 18 May 2023 21:27:08 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 391 B
602 B 238ms
78ms Script
text/javascript 2607:f8b0:4006:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=starsgab.com&callback=_gfp_s_&client=ca-pub-7063822928380888

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305110101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2002 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7eccd4b30f7e42958d57f085badcd82cdfe1574c5adb11f5f2cacfc546eb092e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://starsgab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 21:27:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 251
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 185ms
59ms Script
application/javascript 2607:f8b0:400c:c14::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=starsgab.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305110101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400c:c14::9c Charleston, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://starsgab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 21:27:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 51B6 271 KB
54 KB 1686ms
1685ms Document
text/html 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-7063822928380888&output=html&adk=1812271804&adf=3025194257&lmt=1684352078&plat=8%3A64%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x945_l%7C212x945_r&format=0x0&url=https%3A%2F%2Fstarsgab.com%2F&ea=0&host=ca-host-pub-2644536267352236&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684358827200&bpp=4&bdt=602&idt=441&shv=r20230515&mjsv=m202305110101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8089077653030&frm=20&pv=2&ga_vid=272226744.1684358827&ga_sid=1684358828&ga_hid=224502909&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31074198%2C44782468%2C44788442%2C44792089&oid=2&pvsid=1926250560549949&tmod=400544391&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=1130

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305110101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6e6b00ba0d7120c44c2b712740171d3e99d5aa4af15605628cc05ea90eb0449a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://starsgab.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 55502
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 17 May 2023 21:27:09 GMT
expires: Wed, 17 May 2023 21:27:09 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 2338 104 KB
35 KB 853ms
853ms Document
text/html 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-7063822928380888&output=html&h=280&slotname=9412422483&adk=1367971372&adf=2572816547&pi=t.ma~as.9412422483&w=1164&fwrn=4&fwrnh=100&lmt=1684352078&rafmt=1&format=1164x280&url=https%3A%2F%2Fstarsgab.com%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684358827200&bpp=3&bdt=602&idt=464&shv=r20230515&mjsv=m202305110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8089077653030&frm=20&pv=1&ga_vid=272226744.1684358827&ga_sid=1684358828&ga_hid=224502909&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=218&ady=3323&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31074198%2C44782468%2C44788442%2C44792089&oid=2&pvsid=1926250560549949&tmod=400544391&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=7Ufb2BRlG6&p=https%3A//starsgab.com&dtd=1136

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305110101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cdc5fffba2268382012bd596e13cbad3e6a502ef15cd5cca57d25574532a8409

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://starsgab.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 35860
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 17 May 2023 21:27:09 GMT
expires: Wed, 17 May 2023 21:27:09 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 151 KB
44 KB 484ms
483ms XHR
text/plain 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1926250560549949&correlator=3301438792321061&eid=31072019%2C44780990%2C44777628&output=ldjh&gdfp_req=1&vrg=202305110101&ptt=17&impl=fifs&gdpr=0&iu_parts=71161633%3A22529950538%2CSTRSGB_starsgab%2Cweb_interstitial&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=3&adks=1193411053&didk=875459403&sfv=1-0-40&ists=1&fas=8&eri=1&cust_params=fuse_profanity%3Dfalse%26fuse_site%3Dstarsgab.com%26fuse_path%3D%252F%26fuse_query%3D%26fuse_category%3D%26fuse_industry%3DIAB14%26testmode%3Dfalse%26inskin_yes%3Dtrue%26fuse_uuid%3Db4fb8ace-359f-555e-93b4-6579f9a77acb%26fuse_publication_id%3D1%26GPT_READY_MS%3D1500-1999%26PREBID_READY_MS%3D1000-1499%26UAM_READY_MS%3D1500-1999%26CMP_DETERMINED_MS%3Dnot_ready%26CMP_GDPR_CACHED%3Dfalse%26FUSE_LOADED_MS%3D1000-1499%26CMP_JURISDICTION%3Dunknown%26CMP_ALLOW_PERSONAL%3Dfalse&sc=1&cookie_enabled=1&abxe=1&dt=1684358828380&lmt=1684352078&dlt=1684358826598&idt=1434&adxs=-9&adys=-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fstarsgab.com%2F&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=272226744.1684358827&ga_sid=1684358828&ga_hid=224502909&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305110101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f170ddeaec8aa361e39bba211f2c7783512797d97d6b34f2f588b070e7f71ea7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://starsgab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 21:27:08 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 45479
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://starsgab.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 noconsent Show response
cdn.fuseplatform.net/telemetry/ 1 B
212 B 66ms
66ms Fetch
text/plain 2600:1400:9000::687e:74c9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.fuseplatform.net/telemetry/noconsent?auid=22692390428&cmpj=unknown&v=1&ttm=1684358828387&cookie=true&res=1600x1200&device=desktop&browser=chrome&fuuid=b4fb8ace-359f-555e-93b4-6579f9a77acb&fid=2743&pubid=1&url=https%3A%2F%2Fstarsgab.com%2F&sid=392a665bc1d28615d032&srate=100&adserver=gpt&etm=2076&e=slot-request
Requested by: Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/publift/tags/2/2743/fuse.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1400:9000::687e:74c9 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 2d711642b726b04401627ca9fbac32f5c8530fb1903cc4db02258717921a4881

Request headers

accept-language: en-US,en;q=0.9
Referer: https://starsgab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 21:27:08 GMT
last-modified: Wed, 10 Aug 2022 11:31:51 GMT
server: AkamaiNetStorage
etag: "9dd4e461268c8034f5c8564e155c67a6:1660131111.248793"
vary: Origin
content-type: text/plain
access-control-allow-origin: https://starsgab.com
cache-control: max-age=1800
accept-ranges: bytes
content-length: 1
expires: Wed, 17 May 2023 21:57:08 GMT

GET
H2 200 container.html Show response
dc0b8ab8643cd81c1ff058aa8c270dfc.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 46D2 6 KB
3 KB 215ms
57ms Document
text/html 2607:f8b0:400c:c11::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://dc0b8ab8643cd81c1ff058aa8c270dfc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305110101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400c:c11::84 Charleston, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://starsgab.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 17 May 2023 21:27:08 GMT
expires: Thu, 16 May 2024 21:27:08 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pubads_impl_page_level_ads.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305110101/ 36 KB
13 KB 62ms
62ms Script
text/javascript 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305110101/pubads_impl_page_level_ads.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305110101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a94c4d395ab543caa272eca358cb98f6a7030a7575fd1d29d45699a92484b75f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://starsgab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 16:19:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18481
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12846
x-xss-protection: 0
server: cafe
etag: 10233486887902752293
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Thu, 16 May 2024 16:19:07 GMT

GET
H2 200 geoip Show response
apis.cmp.quantcast.com/ 49 B
170 B 194ms
56ms XHR
application/json 54.204.226.31
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://apis.cmp.quantcast.com/geoip
Requested by: Host: cmp.quantcast.com
URL: https://cmp.quantcast.com/tcfv2/cmp2.js?referer=starsgab.com
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.204.226.31 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-204-226-31.compute-1.amazonaws.com
Software: /
Resource Hash: 1ea50329b826918b0b803777e2f5ac48a3570aa1f9c06bc92b6a1731ae37654a

Request headers

Accept: application/json, text/plain, */*
Referer: https://starsgab.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 17 May 2023 21:27:08 GMT
content-type: application/json; charset=utf-8
content-length: 49
x-geo-ip-version: 1.2

GET
H2 200 country Show response
api.btloader.com/ 16 B
203 B 147ms
73ms Fetch
application/json 130.211.23.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.btloader.com/country
Requested by: Host: btloader.com
URL: https://btloader.com/tag?o=5708166709903360&upapi=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.23.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 194.23.211.130.bc.googleusercontent.com
Software: /
Resource Hash: 30c714bf4216e577686d238b98561d093672cb25bf90baab50dd956f75cda4b3

Request headers

accept-language: en-US,en;q=0.9
Referer: https://starsgab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 21:27:08 GMT
via: 1.1 google
vary: Origin
content-type: application/json
access-control-allow-origin: *
cache-control: private, max-age=300, stale-while-revalidate=600, stale-if-error=600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16

GET
H2 204 pv Show response
api.btloader.com/ 0
66 B 150ms
76ms XHR
text/plain 130.211.23.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.btloader.com/pv?tid=lGnMQElPJE&w=6269873651449856&o=5708166709903360&cv=2.1.11-3-gabc8642&r=false&vr=1600x1200&pageURL=https%3A%2F%2Fstarsgab.com%2F&sid=fOuA7kga&upapi=true
Requested by: Host: btloader.com
URL: https://btloader.com/tag?o=5708166709903360&upapi=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.23.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 194.23.211.130.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://starsgab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 17 May 2023 21:27:08 GMT
cache-control: no-cache, no-store, must-revalidate
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary: Origin

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 306 B
854 B 329ms
67ms XHR
application/json 2602:803:c002:200::32
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20884&site_id=426250&zone_id=2420966&size_id=2&alt_size_ids=55%2C57&gdpr=0&rp_schain=1.0,1!publift.com,01FX7NP7ZPVGJ8WSPCN8ERWHKT,1,,,&rf=https%3A%2F%2Fstarsgab.com%2F&tk_flint=pbjs_lite_v6.27.0&x_source.tid=311bca09-f02c-4bda-82c2-8d748672f485&l_pb_bid_id=287d6cb4dd3ee2&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.3074224438769477
Requested by: Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/prebid/prebid-ada79c7d9d76b5af423a4c7afc1b2fe4.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c002:200::32 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 8f648bc56fdb2e826893d3965d2073e29ebc4d229762f25c9c895062baf329a8

Request headers

Referer: https://starsgab.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 17 May 2023 21:27:08 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://starsgab.com
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 306
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
113 B 309ms
169ms XHR
text/plain 104.36.115.111
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/prebid/prebid-ada79c7d9d76b5af423a4c7afc1b2fe4.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.36.115.111 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://starsgab.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://starsgab.com
date: Wed, 17 May 2023 21:27:08 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 144 B
1 KB 368ms
218ms XHR
application/json 68.67.161.208
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/prebid/prebid-ada79c7d9d76b5af423a4c7afc1b2fe4.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

68.67.161.208 New York, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

806.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.23.2 /

Resource Hash

d87b3497d66616544488b93a41bc1a384f62aabfc55a8cdf12b4081358ee6d52

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://starsgab.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 17 May 2023 21:27:08 GMT
AN-X-Request-Uuid: 321733f0-820b-4bb4-9549-d5a68944debe
Server: nginx/1.23.2
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://starsgab.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 38.132.118.75; 38.132.118.75; 806.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length: 144
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 auction Show response
tlx.3lift.com/header/ 19 B
504 B 278ms
158ms XHR
application/json 52.3.128.253
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=6.27.0&referrer=https%3A%2F%2Fstarsgab.com%2F&tmax=1000&gdpr=false

Requested by

Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/prebid/prebid-ada79c7d9d76b5af423a4c7afc1b2fe4.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.3.128.253 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-3-128-253.compute-1.amazonaws.com

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://starsgab.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 17 May 2023 21:27:08 GMT
accept-ch: sec-ch-ua-full-version,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-viewport-width,sec-ch-ua-platform,sec-ch-viewport-height,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua,sec-ch-ua-bitness,sec-ch-prefers-color-scheme,sec-ch-width,sec-ch-ect,user-agent,sec-ch-downlink,sec-ch-ua-mobile,sec-ch-save-data,sec-ch-device-memory,sec-ch-dpr
content-type: application/json; charset=utf-8
access-control-allow-origin: https://starsgab.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 723 B
1 KB 414ms
248ms XHR
text/javascript 18.164.98.157
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fstarsgab.com%2F&pid=zd6JzixxJi8m2&cb=0&ws=1600x1200&v=23.505.1627&t=2000&slots=%5B%7B%22sd%22%3A%22fuse-slot-22856155447-1%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%2C%22970x250%22%5D%2C%22sn%22%3A%22%2F71161633%2C22529950538%2FSTRSGB_starsgab%2Fscrolling_sticky_footer%22%7D%5D&sg=%7B%22ortb2%22%3A%7B%22device%22%3A%7B%22sua%22%3A%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%2C%22source%22%3A2%2C%22browsers%22%3A%5B%5D%7D%7D%7D%7D&schain=1.0%2C1!publift.com%2C01FX7NP7ZPVGJ8WSPCN8ERWHKT%2C1%2C%2C%2C&pubid=8b48e249-e9e6-4a52-8b48-396ea93403e8&gdpre=0&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.164.98.157 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-164-98-157.jfk50.r.cloudfront.net

Software

Server /

Resource Hash

e2c862b09395046721f1cbaacd35a54f2f532b7f12db75fa691409f74ccdca81

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://starsgab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 21:27:09 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 6ea9421ec132e3640100792ef9535494.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: JFK50-P5
x-amz-rid: S7JTS378A7F7J7KH7V90
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://starsgab.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 723
x-amz-cf-id: cH1_mLX3rFv8z1CZ7ICNXU84O0DwXMHJCQJDMVd3nIfoKC-ussE5Kw==

GET
H2 200 container.html Show response
dc0b8ab8643cd81c1ff058aa8c270dfc.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 47BA 6 KB
3 KB 59ms
57ms Document
text/html 2607:f8b0:400c:c11::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://dc0b8ab8643cd81c1ff058aa8c270dfc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305110101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400c:c11::84 Charleston, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://starsgab.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 17 May 2023 21:27:08 GMT
expires: Thu, 16 May 2024 21:27:08 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css2
fonts.googleapis.com/ Frame 47BA 4 KB
768 B 67ms
66ms Stylesheet
text/css 2607:f8b0:400c:c1a::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: dc0b8ab8643cd81c1ff058aa8c270dfc.safeframe.googlesyndication.com
URL: https://dc0b8ab8643cd81c1ff058aa8c270dfc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400c:c1a::5f Charleston, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dc0b8ab8643cd81c1ff058aa8c270dfc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 17 May 2023 21:27:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 17 May 2023 19:55:36 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 17 May 2023 21:27:09 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 1247 9 KB
1005 B 66ms
66ms Stylesheet
text/css 2607:f8b0:400c:c1a::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: starsgab.com
URL: https://starsgab.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400c:c1a::5f Charleston, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b1289ccca476df0a33259965671579525261926bf8ea0a9f4fb3ba67535c4f69

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dc0b8ab8643cd81c1ff058aa8c270dfc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 17 May 2023 21:27:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 17 May 2023 20:04:42 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 17 May 2023 21:27:09 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230515/r20110914/client/ Frame 1247 2 KB
818 B 223ms
80ms Script
text/javascript 2607:f8b0:4006:821::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230515/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: starsgab.com
URL: https://starsgab.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2001 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dc0b8ab8643cd81c1ff058aa8c270dfc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 17:35:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13927
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 31 May 2023 17:35:02 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230515/r20110914/ Frame 1247 22 KB
9 KB 203ms
62ms Script
text/javascript 2607:f8b0:4006:821::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230515/r20110914/abg_lite_fy2021.js

Requested by

Host: starsgab.com
URL: https://starsgab.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2001 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0404b8f16c2bf5646486ab39a0e263cdca58fda4d3dac01e141e0ea824555d24

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dc0b8ab8643cd81c1ff058aa8c270dfc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 17:35:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13927
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8792
x-xss-protection: 0
server: cafe
etag: 17790305885526540289
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 31 May 2023 17:35:02 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230515/r20110914/client/ Frame 1247 3 KB
1 KB 221ms
81ms Script
text/javascript 2607:f8b0:4006:821::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230515/r20110914/client/window_focus_fy2021.js

Requested by

Host: starsgab.com
URL: https://starsgab.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2001 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dc0b8ab8643cd81c1ff058aa8c270dfc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 18:03:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12242
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 31 May 2023 18:03:07 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230515/r20110914/client/ Frame 1247 19 KB
8 KB 211ms
70ms Script
text/javascript 2607:f8b0:4006:821::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230515/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: starsgab.com
URL: https://starsgab.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2001 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b9a274f1064b3c46d5fc2cbf160884681342b40cb1504b5abfc3567c7244e498

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dc0b8ab8643cd81c1ff058aa8c270dfc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 21:09:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1041
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7961
x-xss-protection: 0
server: cafe
etag: 850764377161688706
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 31 May 2023 21:09:48 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1247 170 KB
53 KB 182ms
59ms Script
text/javascript 2607:f8b0:400c:c04::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: starsgab.com
URL: https://starsgab.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400c:c04::9d Charleston, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f3e707799c4b8c1017aaed1c78432af2cc213ea88229312c1b2d621aa0ade9ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dc0b8ab8643cd81c1ff058aa8c270dfc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 21:27:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53845
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1684150324481819"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 May 2023 21:27:09 GMT

GET
H2 200 a0d8c68f3de0718362c8759993c4ce7f.js Show response
www.gstatic.com/mysidia/ Frame 1247 32 KB
14 KB 174ms
57ms Script
text/javascript 2607:f8b0:400c:c38::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/a0d8c68f3de0718362c8759993c4ce7f.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: starsgab.com
URL: https://starsgab.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400c:c38::5e Charleston, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

daf9dc6664474a6b01d9e293a39749d0e9b637629239cbe512dd4a0f0854a8eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dc0b8ab8643cd81c1ff058aa8c270dfc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 12 May 2023 21:54:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 430330
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13639
x-xss-protection: 0
last-modified: Fri, 12 May 2023 20:16:05 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 10 Aug 2023 21:54:59 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230515/r20110914/elements/html/ Frame 47BA 20 KB
8 KB 219ms
82ms Script
text/javascript 2607:f8b0:4006:821::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230515/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: dc0b8ab8643cd81c1ff058aa8c270dfc.safeframe.googlesyndication.com
URL: https://dc0b8ab8643cd81c1ff058aa8c270dfc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2001 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fd4f1c9d69a243c7240669fd0fedbe8a66953243d409f75ae02dc4824b17cf68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dc0b8ab8643cd81c1ff058aa8c270dfc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 17:35:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13897
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8271
x-xss-protection: 0
server: cafe
etag: 10419244916965318868
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 31 May 2023 17:35:32 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 47BA 205 B
296 B 184ms
71ms Image
image/png 2607:f8b0:400c:c38::5e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: dc0b8ab8643cd81c1ff058aa8c270dfc.safeframe.googlesyndication.com
URL: https://dc0b8ab8643cd81c1ff058aa8c270dfc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400c:c38::5e Charleston, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dc0b8ab8643cd81c1ff058aa8c270dfc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 10 May 2023 23:22:32 GMT
x-content-type-options: nosniff
age: 597877
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 09 May 2024 23:22:32 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 47BA 604 B
919 B 181ms
69ms Image
image/png 2607:f8b0:400c:c38::5e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: dc0b8ab8643cd81c1ff058aa8c270dfc.safeframe.googlesyndication.com
URL: https://dc0b8ab8643cd81c1ff058aa8c270dfc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400c:c38::5e Charleston, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dc0b8ab8643cd81c1ff058aa8c270dfc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 13:18:42 GMT
x-content-type-options: nosniff
age: 29307
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 16 May 2024 13:18:42 GMT

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 60ms
58ms Script
application/javascript 2607:f8b0:400c:c14::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=starsgab.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305110101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400c:c14::9c Charleston, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://starsgab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 21:27:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 35 KB
15 KB 605ms
605ms XHR
text/plain 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1926250560549949&correlator=1201269467173607&eid=31072019%2C44780990%2C44777628&output=ldjh&gdfp_req=1&vrg=202305110101&ptt=17&impl=fifs&gdpr=0&us_privacy=1---&iu_parts=71161633%3A22529950538%2CSTRSGB_starsgab%2Cscrolling_sticky_footer&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90%7C970x90%7C970x250&ifi=4&adks=3080386561&didk=2515108757&sfv=1-0-40&prev_scp=amznbid%3D1mmls74%26amznp%3D1arl534%26amzniid%3DJKGVN_u7KYGvTSguC4HtbLIAAAGIK5wTxwEAAAJYAQBhcHNfdHhuX2JpZDEgICBhcHNfdHhuX2ltcDEgICC6aXZG%26amznsz%3D970x250%26is_refresh%3Dfalse%26slot_prev_count%3D0%26adunit_prev_count%3D0&eri=1&cust_params=fuse_profanity%3Dfalse%26fuse_site%3Dstarsgab.com%26fuse_path%3D%252F%26fuse_query%3D%26fuse_category%3D%26fuse_industry%3DIAB14%26testmode%3Dfalse%26inskin_yes%3Dtrue%26fuse_uuid%3Db4fb8ace-359f-555e-93b4-6579f9a77acb%26fuse_publication_id%3D1%26GPT_READY_MS%3D1500-1999%26PREBID_READY_MS%3D1000-1499%26UAM_READY_MS%3D1500-1999%26CMP_DETERMINED_MS%3D2000-2499%26CMP_GDPR_CACHED%3Dfalse%26FUSE_LOADED_MS%3D1000-1499%26CMP_JURISDICTION%3Dnone%26CMP_ALLOW_PERSONAL%3Dtrue%26GPT_AUCTION_START_MS%3D2500-2999%26CMP_LOAD_FINISH_MS%3D2000-2499%26FIRST_ZONE_MS%3D2000-2499%26HB_AUCTION_START_MS%3D2000-2499&sc=1&cookie=ID%3Df521385e1389d4d0%3AT%3D1684358828%3AS%3DALNI_MZK9GHuiGeIC3uBneYoVpfoH_y3zw&gpic=UID%3D00000bfab108d5b6%3AT%3D1684358828%3ART%3D1684358828%3AS%3DALNI_MYZDIZSjbHJUcL674fx3pDpLlTKzg&abxe=1&dt=1684358829055&lmt=1684352078&dlt=1684358826598&idt=1434&adxs=436&adys=1200&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fstarsgab.com%2F&frm=20&vis=1&psz=0x-1&msz=728x-1&fws=644&ohw=1600&ga_vid=272226744.1684358827&ga_sid=1684358828&ga_hid=224502909&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305110101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9913caf1dbe9391c0f817f9af4e46e7b46a0f47da1d486981a8a2e32b9693533

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://starsgab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 21:27:09 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: 100507
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14897
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-mediationtag-id: 428507
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://starsgab.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 noconsent Show response
cdn.fuseplatform.net/telemetry/ 1 B
212 B 65ms
65ms Fetch
text/plain 2600:1400:9000::687e:74c9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.fuseplatform.net/telemetry/noconsent?auid=22856155447&cmpj=none&v=1&ttm=1684358829061&cookie=true&res=1600x1200&device=desktop&browser=chrome&fuuid=b4fb8ace-359f-555e-93b4-6579f9a77acb&fid=2743&pubid=1&url=https%3A%2F%2Fstarsgab.com%2F&sid=392a665bc1d28615d032&srate=100&adserver=gpt&etm=2750&e=slot-request
Requested by: Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/publift/tags/2/2743/fuse.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1400:9000::687e:74c9 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 2d711642b726b04401627ca9fbac32f5c8530fb1903cc4db02258717921a4881

Request headers

accept-language: en-US,en;q=0.9
Referer: https://starsgab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 21:27:09 GMT
last-modified: Wed, 10 Aug 2022 11:31:51 GMT
server: AkamaiNetStorage
etag: "9dd4e461268c8034f5c8564e155c67a6:1660131111.248793"
vary: Origin
content-type: text/plain
access-control-allow-origin: https://starsgab.com
cache-control: max-age=1800
accept-ranges: bytes
content-length: 1
expires: Wed, 17 May 2023 21:57:09 GMT

GET
H/1.1

200
OK

iu3 Show response
s.amazon-adsystem.com/ Frame 17FE
Redirect Chain

https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=n-LoopMe_n-MediaNet_n-Beeswax_ox-db5_n-inmobi_cnv_n-smaato_n-sharethrough_pm-db5_n-simpli.fi_ym_ppt_an-db5_3lift
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=n-LoopMe_n-MediaNet_n-Beeswax_ox-db5_n-inmobi_cnv_n-smaato_n-sharethrough_pm-db5_n-simpli.fi_ym_ppt_an-db5_3lift&dcc=t

384 B
1 KB

82ms
82ms

Document
text/html

52.46.143.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=n-LoopMe_n-MediaNet_n-Beeswax_ox-db5_n-inmobi_cnv_n-smaato_n-sharethrough_pm-db5_n-simpli.fi_ym_ppt_an-db5_3lift&dcc=t

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

38670d62dd189155307a4a5c2a9f34c7a5852b55048c810605cc5e34121ff489

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer: https://starsgab.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 384
Content-Type: text/html;charset=ISO-8859-1
Date: Wed, 17 May 2023 21:27:09 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: B207JGXGB6JX7B04QNW2

Redirect headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Date: Wed, 17 May 2023 21:27:09 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=n-LoopMe_n-MediaNet_n-Beeswax_ox-db5_n-inmobi_cnv_n-smaato_n-sharethrough_pm-db5_n-simpli.fi_ym_ppt_an-db5_3lift&dcc=t
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: 7J8GVYTPW2B15ZMRJN42

GET
H3 200 css
fonts.googleapis.com/ Frame 2338 9 KB
932 B 67ms
66ms Stylesheet
text/css 2607:f8b0:400c:c1a::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-7063822928380888&output=html&h=280&slotname=9412422483&adk=1367971372&adf=2572816547&pi=t.ma~as.9412422483&w=1164&fwrn=4&fwrnh=100&lmt=1684352078&rafmt=1&format=1164x280&url=https%3A%2F%2Fstarsgab.com%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684358827200&bpp=3&bdt=602&idt=464&shv=r20230515&mjsv=m202305110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8089077653030&frm=20&pv=1&ga_vid=272226744.1684358827&ga_sid=1684358828&ga_hid=224502909&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=218&ady=3323&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31074198%2C44782468%2C44788442%2C44792089&oid=2&pvsid=1926250560549949&tmod=400544391&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=7Ufb2BRlG6&p=https%3A//starsgab.com&dtd=1136

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400c:c1a::5f Charleston, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b1289ccca476df0a33259965671579525261926bf8ea0a9f4fb3ba67535c4f69

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 17 May 2023 21:27:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 17 May 2023 20:36:09 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 17 May 2023 21:27:09 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230516/r20110914/client/ Frame 2338 2 KB
827 B 77ms
77ms Script
text/javascript 2607:f8b0:4006:821::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230516/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2001 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 17:42:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13471
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 31 May 2023 17:42:38 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 2338 0
0 93ms
92ms Fetch
text/html 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CdLwVrEZlZKaZGMjXxtYPn-q6gA2Z5ofTcJDpkPjQEbfaor3AARABIITsl3tgyYaAgNyjxBCgAf7OisQoyAEJqAMByAPLBKoEzQFP0JlFfE2kRg9Bw2nQlDki_9VTq4lCB_IWQruTNPB50MFiqfgzNW9TlwVzxMI6xU3FTXPWdBtSlLafEY6ucH76KliaYurjEXLvJ6SqPwS1NhRhudgRvLWg8qC_PeQv5QNp181g0FjeuBNXTKqb_ZXX58jEPtdf9E54EE5j1iSrY7GrmXYzrIq-MfcXCmRnx1w5GiJOQVMQw0EAC4HV7nvZDFvKL0M4eqzDHQIz-qB7N0tsCrO-yh5GqELQ97gQhFheDCtYR2QnuqR5Y8T9wASM7-feggSSBQQIBBgBkgUECAUYBKAGLoAH_obbowOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBDItB_SCBQIgGEQARgfMgKKAjoCgEBIvf3BOoAKAcgLAdgTDNAVAZgWAYAXAbIXHAoaCAASFHB1Yi03MDYzODIyOTI4MzgwODg4GAA&sigh=R9j-rheCm0o&uach_m=[UACH]&cid=CAQSGwBygQiDvjMDU2ChwBWLCe90c7dBydEiZ6C_lBgB&template_id=5000

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-7063822928380888&output=html&h=280&slotname=9412422483&adk=1367971372&adf=2572816547&pi=t.ma~as.9412422483&w=1164&fwrn=4&fwrnh=100&lmt=1684352078&rafmt=1&format=1164x280&url=https%3A%2F%2Fstarsgab.com%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684358827200&bpp=3&bdt=602&idt=464&shv=r20230515&mjsv=m202305110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8089077653030&frm=20&pv=1&ga_vid=272226744.1684358827&ga_sid=1684358828&ga_hid=224502909&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=218&ady=3323&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31074198%2C44782468%2C44788442%2C44792089&oid=2&pvsid=1926250560549949&tmod=400544391&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=7Ufb2BRlG6&p=https%3A//starsgab.com&dtd=1136
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 17 May 2023 21:27:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 17 May 2023 21:27:09 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/8157343494653399258/ Frame 2338 27 KB
28 KB 74ms
74ms Image
image/png 2607:f8b0:4006:821::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/8157343494653399258/14763004658117789537?w=600&h=314

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2001 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0f5f9aca26804e60170dd15c75445b8e5bfed675a06e6c680f44e208fb7effd7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 16 May 2023 09:06:39 GMT
x-content-type-options: nosniff
age: 130830
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27812
x-xss-protection: 0
last-modified: Thu, 09 Feb 2023 22:27:49 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 15 May 2024 09:06:39 GMT

GET
DATA 200
OK truncated
/ Frame 2338 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 2338 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230516/r20110914/ Frame 2338 22 KB
9 KB 77ms
76ms Script
text/javascript 2607:f8b0:4006:821::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230516/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2001 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

756997924e97f09793e32520f153591ff455188cf2fd5e2f8d95b6d427b9e87b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 16:42:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 17101
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8780
x-xss-protection: 0
server: cafe
etag: 16540081610679671253
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 31 May 2023 16:42:08 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230516/r20110914/client/ Frame 2338 3 KB
1 KB 89ms
87ms Script
text/javascript 2607:f8b0:4006:821::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230516/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2001 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 16:41:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 17116
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 31 May 2023 16:41:53 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230516/r20110914/client/ Frame 2338 19 KB
8 KB 94ms
93ms Script
text/javascript 2607:f8b0:4006:821::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230516/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2001 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9df1ad09e8ee902ee6a76cf88df57306868ca4ee532d74830fbcfe4db8bdf39d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 16:41:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 17116
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7953
x-xss-protection: 0
server: cafe
etag: 16153819885643670827
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 31 May 2023 16:41:53 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2338 170 KB
53 KB 60ms
58ms Script
text/javascript 2607:f8b0:400c:c04::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400c:c04::9d Charleston, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f3e707799c4b8c1017aaed1c78432af2cc213ea88229312c1b2d621aa0ade9ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 21:27:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53845
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1684150324481819"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 May 2023 21:27:09 GMT

GET
H2 200 a0d8c68f3de0718362c8759993c4ce7f.js Show response
www.gstatic.com/mysidia/ Frame 2338 32 KB
13 KB 58ms
57ms Script
text/javascript 2607:f8b0:400c:c38::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/a0d8c68f3de0718362c8759993c4ce7f.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400c:c38::5e Charleston, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

daf9dc6664474a6b01d9e293a39749d0e9b637629239cbe512dd4a0f0854a8eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 12 May 2023 21:54:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 430330
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13639
x-xss-protection: 0
last-modified: Fri, 12 May 2023 20:16:05 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 10 Aug 2023 21:54:59 GMT

GET
H3 200 A6DkqFxHDGl7nKslapf_JwSgNLk5S51nxKr2xdQhtdg.js Show response
pagead2.googlesyndication.com/bg/ Frame 513A 37 KB
14 KB 65ms
63ms Script
text/javascript 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/A6DkqFxHDGl7nKslapf_JwSgNLk5S51nxKr2xdQhtdg.js

Requested by

Host: starsgab.com
URL: https://starsgab.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

03a0e4a85c470c697b9cab256a97ff2704a034b9394b9d67c4aaf6c5d421b5d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dc0b8ab8643cd81c1ff058aa8c270dfc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 16 May 2023 09:47:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 128391
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14779
x-xss-protection: 0
last-modified: Mon, 08 May 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 15 May 2024 09:47:18 GMT

GET
DATA 200
OK truncated
/ Frame 2338 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dc72f1784558403ebdb968e3b3e7ef72bfaa9ddea3a25abca1fcc31852912ffd

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK pr Show response
s.amazon-adsystem.com/v3/ Frame C1BB 3 KB
4 KB 81ms
81ms Document
text/html 52.46.143.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.amazon-adsystem.com/v3/pr?exlist=n-LoopMe_n-MediaNet_n-Beeswax_ox-db5_n-inmobi_cnv_n-smaato_n-sharethrough_pm-db5_n-simpli.fi_ym_ppt_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0

Requested by

Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=n-LoopMe_n-MediaNet_n-Beeswax_ox-db5_n-inmobi_cnv_n-smaato_n-sharethrough_pm-db5_n-simpli.fi_ym_ppt_an-db5_3lift&dcc=t

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

732d67ff6d89c0425f6ee8e07ff2c655359aa3cd3fa0dfd8330096b54911074a

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=n-LoopMe_n-MediaNet_n-Beeswax_ox-db5_n-inmobi_cnv_n-smaato_n-sharethrough_pm-db5_n-simpli.fi_ym_ppt_an-db5_3lift&dcc=t
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 3537
Content-Type: text/html;charset=ISO-8859-1
Date: Wed, 17 May 2023 21:27:09 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
x-amz-rid: G8RKTA2WCEB3VQHT6TF6

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v46/ Frame 2338 29 KB
29 KB 64ms
63ms Font
font/woff2 2607:f8b0:4006:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v46/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2003 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

45a61a04904fc2115c440a349a65dc93d2965b0b24dc5a8172bd8b792bdbf103

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 16 May 2023 07:28:51 GMT
x-content-type-options: nosniff
age: 136698
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29728
x-xss-protection: 0
last-modified: Mon, 03 Apr 2023 16:59:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 15 May 2024 07:28:51 GMT

GET
H3 200 A6DkqFxHDGl7nKslapf_JwSgNLk5S51nxKr2xdQhtdg.js Show response
pagead2.googlesyndication.com/bg/ Frame 9001 37 KB
14 KB 64ms
64ms Script
text/javascript 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/A6DkqFxHDGl7nKslapf_JwSgNLk5S51nxKr2xdQhtdg.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

03a0e4a85c470c697b9cab256a97ff2704a034b9394b9d67c4aaf6c5d421b5d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 16 May 2023 09:47:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 128391
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14779
x-xss-protection: 0
last-modified: Mon, 08 May 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 15 May 2024 09:47:18 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame C1BB
Redirect Chain

https://csync.loopme.me/?pubid=11405&redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dloopme.com%26id%3D%7Bviewer_token%7D&gdpr=0
https://s.amazon-adsystem.com/ecm3?ex=loopme.com&id=f1219a0f-01f4-4331-bb4c-a13a9f8344fc&gdpr=0

43 B
479 B

64ms
63ms

Image
image/gif

52.46.143.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=loopme.com&id=f1219a0f-01f4-4331-bb4c-a13a9f8344fc&gdpr=0

Requested by

Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-LoopMe_n-MediaNet_n-Beeswax_ox-db5_n-inmobi_cnv_n-smaato_n-sharethrough_pm-db5_n-simpli.fi_ym_ppt_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0

Protocol

HTTP/1.1

Server

52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 17 May 2023 21:27:10 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: YXBSBJ393A232KQY3G96
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?ex=loopme.com&id=f1219a0f-01f4-4331-bb4c-a13a9f8344fc&gdpr=0
date: Wed, 17 May 2023 21:27:10 GMT
server: _
content-length: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame C1BB
Redirect Chain

https://cs.media.net/cksync?cs=31&type=tam&redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dmedia.net%26id%3D%3Cvsid%3E&gdpr=0
https://s.amazon-adsystem.com/ecm3?ex=media.net&id=3273604291524314000V10

43 B
479 B

209ms
77ms

Image
image/gif

52.46.143.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=media.net&id=3273604291524314000V10

Requested by

Protocol

HTTP/1.1

Server

52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 17 May 2023 21:27:10 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 2ZNW77FH9QGTA100KGGT
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 17 May 2023 21:27:09 GMT
Server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Location: https://s.amazon-adsystem.com/ecm3?ex=media.net&id=3273604291524314000V10
Content-Type: text/html
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 154
x-mnet-hl2: E
Expires: Wed, 17 May 2023 21:27:09 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame C1BB
Redirect Chain

https://match.prod.bidr.io/cookie-sync/amzn?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbeeswax.com%26id%3D%24UID&gdpr=0
https://match.prod.bidr.io/cookie-sync/amzn?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbeeswax.com%26id%3D%24UID&gdpr=0&_bee_ppp=1
https://s.amazon-adsystem.com/ecm3?id=AABfD07Iyo0AACDOwx1Gvw&ex=beeswax.com

43 B
479 B

121ms
63ms

Image
image/gif

52.46.143.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=AABfD07Iyo0AACDOwx1Gvw&ex=beeswax.com

Requested by

Protocol

HTTP/1.1

Server

52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 17 May 2023 21:27:10 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: FQSKK4H0WHBF7DXCDC27
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?id=AABfD07Iyo0AACDOwx1Gvw&ex=beeswax.com
Date: Wed, 17 May 2023 21:27:09 GMT
strict-transport-security: max-age=2592000; includeSubDomains
Server: gunicorn
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame C1BB
Redirect Chain

https://s.ad.smaato.net/c/?adExInit=aps&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsmaato.com%26id%3D%24UID
https://s.amazon-adsystem.com/ecm3?ex=smaato.com&id=66f2e323

43 B
479 B

178ms
67ms

Image
image/gif

52.46.143.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=smaato.com&id=66f2e323

Requested by

Protocol

HTTP/1.1

Server

52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 17 May 2023 21:27:09 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: JGADBX8135EC56YX9AG1
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date: Wed, 17 May 2023 21:27:09 GMT
via: 1.1 17da55c14108bb8cae904f764f67c0e0.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: EWR53-P1
x-cache: FunctionGeneratedResponse from cloudfront
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://s.amazon-adsystem.com/ecm3?ex=smaato.com&id=66f2e323
cache-control: no-cache, must-revalidate
content-length: 0
x-amz-cf-id: U0NydFM1sJfEMfUQbsz-OjxsMhx0vZqRKZ1BGW0BgPGrFAtTM7V_gQ==

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame C1BB
Redirect Chain

https://um.simpli.fi/amazon/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsimpli.fi%26id%3D?gdpr=0
https://s.amazon-adsystem.com/ecm3?id=3029843BC65B4AA3AA4568DFAA436D80&ex=simpli.fi&status=ok

43 B
479 B

185ms
63ms

Image
image/gif

52.46.143.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=3029843BC65B4AA3AA4568DFAA436D80&ex=simpli.fi&status=ok

Requested by

Protocol

HTTP/1.1

Server

52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 17 May 2023 21:27:09 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 11Q71CADDMB9TC4TM36E
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date: Wed, 17 May 2023 21:27:09 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://s.amazon-adsystem.com/ecm3?id=3029843BC65B4AA3AA4568DFAA436D80&ex=simpli.fi&status=ok
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Tue, 16 May 2023 21:27:09 GMT

GET
H2

200

cm Show response
u.openx.net/w/1.0/ Frame 0583
Redirect Chain

https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7...
https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX...

693 B
733 B

49ms
48ms

Document
text/html

34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D&gdpr=0
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-LoopMe_n-MediaNet_n-Beeswax_ox-db5_n-inmobi_cnv_n-smaato_n-sharethrough_pm-db5_n-simpli.fi_ym_ppt_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 8ed7efe8fdd57d3f400bc02b2c625538fb646b922852a7c9d609b29eab8f2755

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 399
content-type: text/html
date: Wed, 17 May 2023 21:27:09 GMT
p3p: CP="CUR ADM OUR NOR STA NID"
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Wed, 17 May 2023 21:27:09 GMT
location: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D&gdpr=0
p3p: CP="CUR ADM OUR NOR STA NID"
server: OXGW/0.0.0
via: 1.1 google

GET
H/1.1

200
OK

ecm3 Show response
s.amazon-adsystem.com/ Frame C82C
Redirect Chain

https://sync.inmobi.com/TAM?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dinmobi.com%26id%3D%7BID5UID%7D&gdpr=0
https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=0&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dinmobi.com%26id%3D%7BID5UID%7D
https://id5-sync.com/c/495/0/0/1.gif?gdpr=0&gdpr_consent=&us_privacy=
https://s.amazon-adsystem.com/ecm3?ex=inmobi.com&id=ID5-97852UDJ5UJRvSt1nqj5031K9zpXyl2dTPuGCEdt0w

43 B
479 B

70ms
69ms

Document
image/gif

52.46.143.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.amazon-adsystem.com/ecm3?ex=inmobi.com&id=ID5-97852UDJ5UJRvSt1nqj5031K9zpXyl2dTPuGCEdt0w

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif
Date: Wed, 17 May 2023 21:27:10 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
x-amz-rid: H11KR0BJJSPZPA30H75R

Redirect headers

date: Wed, 17 May 2023 21:27:09 GMT
location: https://s.amazon-adsystem.com/ecm3?ex=inmobi.com&id=ID5-97852UDJ5UJRvSt1nqj5031K9zpXyl2dTPuGCEdt0w
p3p: CP="CAO PSA OUR"
strict-transport-security: max-age=63072000; includeSubDomains; preload
transfer-encoding: chunked
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

GET
H/1.1

200
OK

ecm3 Show response
s.amazon-adsystem.com/ Frame 84C7
Redirect Chain

https://amazon-tam-match.dotomi.com/match/bounce/current?networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D&gdpr=0
https://amazon-tam-match.dotomi.com/match/bounce/current?DotomiTest=32473f0752f504fc&is_secure=true&networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D&...
https://s.amazon-adsystem.com/ecm3?ex=cnv.com&id=AAACBl2wBz3QiAMOlY2IAAAAAAA&expiration=1684445229&is_secure=true&gdpr=0

43 B
479 B

81ms
68ms

Document
image/gif

52.46.143.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.amazon-adsystem.com/ecm3?ex=cnv.com&id=AAACBl2wBz3QiAMOlY2IAAAAAAA&expiration=1684445229&is_secure=true&gdpr=0

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif
Date: Wed, 17 May 2023 21:27:09 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
x-amz-rid: K9JZFKNJPJ1ABYTBKJJY

Redirect headers

cache-control: no-cache, private, max-age=0, no-store
content-length: 0
date: Wed, 17 May 2023 21:27:09 GMT
expires: 0
location: https://s.amazon-adsystem.com/ecm3?ex=cnv.com&id=AAACBl2wBz3QiAMOlY2IAAAAAAA&expiration=1684445229&is_secure=true&gdpr=0
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
pragma: no-cache
server: nginx

GET
H2 200 / Show response
match.sharethrough.com/jwumXNuB/v1/ Frame 5520 427 B
935 B 311ms
56ms Document
text/html 3.224.220.47
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D%24UID&gdpr=0
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-LoopMe_n-MediaNet_n-Beeswax_ox-db5_n-inmobi_cnv_n-smaato_n-sharethrough_pm-db5_n-simpli.fi_ym_ppt_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.224.220.47 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-224-220-47.compute-1.amazonaws.com
Software: /
Resource Hash: 8cc3f513eaf3e434e464d2bcf52776412be74dffaf48af280180638b835dfa4f

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-length: 427
date: Wed, 17 May 2023 21:27:09 GMT

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 4D08 16 KB
6 KB 317ms
64ms Document
text/html 104.118.8.253
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID&gdpr=0
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-LoopMe_n-MediaNet_n-Beeswax_ox-db5_n-inmobi_cnv_n-smaato_n-sharethrough_pm-db5_n-simpli.fi_ym_ppt_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.118.8.253 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-118-8-253.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=128568
content-encoding: gzip
content-length: 5554
content-type: text/html
date: Wed, 17 May 2023 21:27:09 GMT
expires: Fri, 19 May 2023 09:09:57 GMT
last-modified: Fri, 16 Dec 2022 06:36:49 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 200 tamptsync Show response
sync-amz.ads.yieldmo.com/ Frame BA36 1 KB
1 KB 311ms
59ms Document
text/html 34.236.25.118
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID&gdpr=0
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-LoopMe_n-MediaNet_n-Beeswax_ox-db5_n-inmobi_cnv_n-smaato_n-sharethrough_pm-db5_n-simpli.fi_ym_ppt_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.236.25.118 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-236-25-118.compute-1.amazonaws.com
Software: /
Resource Hash: 5d808238c1caed60e672b820110195ba445160ba4e3dd3e2b8d7f68193061cad

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-headers: Cache-Control, Pragma, *
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: *
content-encoding: gzip
content-type: text/html;charset=utf-8
date: Wed, 17 May 2023 21:27:09 GMT
pragma: no-cache
vary: accept-encoding

GET
H2

200

visitormatch Show response
bh.contextweb.com/ Frame 2AEC
Redirect Chain

https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint
https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint&reat=1

930 B
2 KB

73ms
66ms

Document
text/html

198.148.27.139
PULSEPOINT

General

Check archive.org

Show headers Download Go to

Full URL

https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint&reat=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

198.148.27.139 New York, United States, ASN19189 (PULSEPOINT, US),

Reverse DNS

Software

Jetty(10.0.14) /

Resource Hash

a9b2e418e7b3fe61a9c697fa550b2cfde788cf933bcd5597411efce9f5a958e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
cache-control: private, max-age=0, no-cache, no-store
content-language: en-US
content-length: 930
content-type: text/html;charset=iso-8859-1
cw-server: bh-deployment-7d6bb5d45b-7dzj9
expires: -1
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
server: Jetty(10.0.14)
strict-transport-security: max-age=15768000

Redirect headers

accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
cache-control: private, max-age=0, no-cache, no-store
content-language: en-US
cw-server: bh-deployment-7d6bb5d45b-7dzj9
expires: -1
location: /visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint&reat=1
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
server: Jetty(10.0.14)
strict-transport-security: max-age=15768000

GET
H/1.1

200
OK

ecm3 Show response
s.amazon-adsystem.com/ Frame FFCA
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid=%24UID&ex=appnexus.com&gdpr=0
https://s.amazon-adsystem.com/ecm3?id=4487009920508811264&ex=appnexus.com&gdpr=0

43 B
479 B

79ms
79ms

Document
image/gif

52.46.143.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.amazon-adsystem.com/ecm3?id=4487009920508811264&ex=appnexus.com&gdpr=0

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif
Date: Wed, 17 May 2023 21:27:09 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
x-amz-rid: CKY6VMP3BZBKP2RMG0KA

Redirect headers

AN-X-Request-Uuid: 28784664-9028-4f58-a6aa-6ad0d95231a6
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Length: 0
Content-Type: text/html; charset=utf-8
Date: Wed, 17 May 2023 21:27:09 GMT
Expires: Sat, 15 Nov 2008 16:00:00 GMT
Location: https://s.amazon-adsystem.com/ecm3?id=4487009920508811264&ex=appnexus.com&gdpr=0
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma: no-cache
Server: nginx/1.23.2
X-Proxy-Origin: 38.132.118.75; 38.132.118.75; 806.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
X-XSS-Protection: 0

GET
H/1.1

200
OK

ecm3 Show response
s.amazon-adsystem.com/ Frame 794F
Redirect Chain

https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID&gdpr=0
https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID
https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=4534774701754964275857

43 B
479 B

129ms
69ms

Document
image/gif

52.46.143.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=4534774701754964275857

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif
Date: Wed, 17 May 2023 21:27:09 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
x-amz-rid: VBWMEYJCMAZQDED6QEM8

Redirect headers

cache-control: no-cache, no-store, must-revalidate
content-length: 0
date: Wed, 17 May 2023 21:27:09 GMT
location: https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=4534774701754964275857
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H3 200 container.html Show response
dc0b8ab8643cd81c1ff058aa8c270dfc.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 545D 6 KB
3 KB 68ms
57ms Document
text/html 2607:f8b0:400c:c11::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://dc0b8ab8643cd81c1ff058aa8c270dfc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305110101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400c:c11::84 Charleston, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://starsgab.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 17 May 2023 21:27:08 GMT
expires: Thu, 16 May 2024 21:27:08 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK ecm3
s.amazon-adsystem.com/ Frame 0583 43 B
479 B 67ms
67ms Image
image/gif 52.46.143.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=openx.com&id=53d10cf4-0611-834f-9c30-8d895c14dd28

Requested by

Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D&gdpr=0

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 17 May 2023 21:27:09 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 54FR6T0CWF0GB5ZQ4K55
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 9fc016cd-8a17-aafc-6de9-19ebcb70db81
pr-bh.ybp.yahoo.com/sync/openx/ Frame 0583 43 B
603 B 198ms
65ms Image
image/gif 2600:1f18:4e9:5a01:5d7a:95f2:7368:f3d
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/openx/9fc016cd-8a17-aafc-6de9-19ebcb70db81?gdpr=0

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:1f18:4e9:5a01:5d7a:95f2:7368:f3d Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 21:27:09 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

GET
H/1.1 200
OK dcm
s.amazon-adsystem.com/ Frame 0583 43 B
855 B 194ms
65ms Image
image/gif 52.46.143.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=53d10cf4-0611-834f-9c30-8d895c14dd28

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 17 May 2023 21:27:09 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: PWKT12AQPP12809NY9BY
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 0583
Redirect Chain

https://match.adsrvr.org/track/cmf/openx?oxid=0b077089-1abb-38b5-5c3e-0f1e342716c8&gdpr=0
https://match.adsrvr.org/track/cmb/openx?oxid=0b077089-1abb-38b5-5c3e-0f1e342716c8&gdpr=0
https://us-u.openx.net/w/1.0/sd?id=537072971&val=92674b22-8760-48d2-99d4-a804e14aff5a&ttd_puid=0b077089-1abb-38b5-5c3e-0f1e342716c8&gdpr=0&gdpr_consent=

43 B
249 B

52ms
51ms

Image
image/gif

34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072971&val=92674b22-8760-48d2-99d4-a804e14aff5a&ttd_puid=0b077089-1abb-38b5-5c3e-0f1e342716c8&gdpr=0&gdpr_consent=
Requested by: Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D&gdpr=0
Protocol: H2
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-US,en;q=0.9
Referer: https://u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 May 2023 21:27:10 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 17 May 2023 21:27:10 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://us-u.openx.net/w/1.0/sd?id=537072971&val=92674b22-8760-48d2-99d4-a804e14aff5a&ttd_puid=0b077089-1abb-38b5-5c3e-0f1e342716c8&gdpr=0&gdpr_consent=
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 335

GET
H2 200 pixel
cm.g.doubleclick.net/ Frame 0583 170 B
243 B 229ms
82ms Image
image/png 142.251.41.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=Mjc2OGEzNDMtZDNjYy02NjExLTQ5ZGUtNTVhN2ZlYzVkOGE4

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.41.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s40-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 May 2023 21:27:09 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 0583
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEGQ4mXACluqT56XOEv2fmAY&google_cver=1

43 B
180 B

51ms
47ms

Image
image/gif

34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEGQ4mXACluqT56XOEv2fmAY&google_cver=1
Requested by: Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D&gdpr=0
Protocol: H2
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-US,en;q=0.9
Referer: https://u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 May 2023 21:27:10 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 17 May 2023 21:27:09 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEGQ4mXACluqT56XOEv2fmAY&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK ecm3
s.amazon-adsystem.com/ Frame 5520 43 B
479 B 165ms
65ms Image
image/gif 52.46.143.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=sharethrough.com&id=e41cfe07-da3f-47bc-acad-0a7510475a3b

Requested by

Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D%24UID&gdpr=0

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://match.sharethrough.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 17 May 2023 21:27:09 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: MH0CA14CBYG89GTDWJ6W
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

v1
match.sharethrough.com/sync/ Frame 5520
Redirect Chain

https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=1
https://bttrack.com/pixel/cookiesync?source=d0afdff5-c51e-4a8d-b07b-b52a29015170&secure=1
https://match.sharethrough.com/sync/v1?source_id=FGhqNjC2WnFmmvNpTL32LMME&source_user_id=857186a3-c496-47b0-8165-8609f9df7f9c&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT}

68 B
604 B

57ms
57ms

Image
image/png

3.224.220.47
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/sync/v1?source_id=FGhqNjC2WnFmmvNpTL32LMME&source_user_id=857186a3-c496-47b0-8165-8609f9df7f9c&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT}
Requested by: Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D%24UID&gdpr=0
Protocol: H2
Server: 3.224.220.47 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-224-220-47.compute-1.amazonaws.com
Software: /
Resource Hash: 6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language: en-US,en;q=0.9
Referer: https://match.sharethrough.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 21:27:10 GMT
cache-control: no-cache
content-length: 68
content-type: image/png

Redirect headers

x-servername: Track004-iad
pragma: no-cache
date: Wed, 17 May 2023 21:26:18 GMT
strict-transport-security: max-age=31536000;
content-type: text/html; charset=utf-8
location: https://match.sharethrough.com/sync/v1?source_id=FGhqNjC2WnFmmvNpTL32LMME&source_user_id=857186a3-c496-47b0-8165-8609f9df7f9c&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT}
cache-control: private,no-cache
content-length: 296
expires: -1

GET
H2

200

v1
match.sharethrough.com/sync/ Frame 5520
Redirect Chain

https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=2
https://pixel.rubiconproject.com/exchange/sync.php?p=18694&gdpr=0&gdpr_consent=
https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LHS7RA7L-Z-IZPT&gdpr=0

68 B
606 B

58ms
58ms

Image
image/png

3.224.220.47
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LHS7RA7L-Z-IZPT&gdpr=0
Requested by: Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D%24UID&gdpr=0
Protocol: H2
Server: 3.224.220.47 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-224-220-47.compute-1.amazonaws.com
Software: /
Resource Hash: 6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language: en-US,en;q=0.9
Referer: https://match.sharethrough.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 21:27:10 GMT
cache-control: no-cache
content-length: 68
content-type: image/png

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LHS7RA7L-Z-IZPT&gdpr=0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 6734403d2cb3625dc1fef1bbd4a17cf3
Expires: 0

GET
H2

200

v1
match.sharethrough.com/sync/ Frame 5520
Redirect Chain

https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=3
https://ssum.casalemedia.com/usermatchredir?s=186046&cb=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3DGM7HYz3VFjuymbiqnJLyjuPy%26source_user_id%3D__UID__
https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3DGM7HYz3VFjuymbiqnJLyjuPy%26source_user_id%3D__UID__&s=186046&C=1
https://match.sharethrough.com/sync/v1?source_id=GM7HYz3VFjuymbiqnJLyjuPy&source_user_id=ZGVGrqLcQoSv4EGKPZRM-QAA%261420

68 B
606 B

58ms
57ms

Image
image/png

3.224.220.47
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/sync/v1?source_id=GM7HYz3VFjuymbiqnJLyjuPy&source_user_id=ZGVGrqLcQoSv4EGKPZRM-QAA%261420
Requested by: Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D%24UID&gdpr=0
Protocol: H2
Server: 3.224.220.47 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-224-220-47.compute-1.amazonaws.com
Software: /
Resource Hash: 6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language: en-US,en;q=0.9
Referer: https://match.sharethrough.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 21:27:10 GMT
cache-control: no-cache
content-length: 68
content-type: image/png

Redirect headers

Pragma: no-cache
Date: Wed, 17 May 2023 21:27:10 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://match.sharethrough.com/sync/v1?source_id=GM7HYz3VFjuymbiqnJLyjuPy&source_user_id=ZGVGrqLcQoSv4EGKPZRM-QAA%261420
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 0
Expires: 0

GET
H2

200

v1
match.sharethrough.com/sync/ Frame 5520
Redirect Chain

https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=4
https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmb/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr=0&gdpr_consent=
https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=92674b22-8760-48d2-99d4-a804e14aff5a&gdpr=0&gdpr_consent=

68 B
607 B

58ms
57ms

Image
image/png

3.224.220.47
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=92674b22-8760-48d2-99d4-a804e14aff5a&gdpr=0&gdpr_consent=
Requested by: Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D%24UID&gdpr=0
Protocol: H2
Server: 3.224.220.47 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-224-220-47.compute-1.amazonaws.com
Software: /
Resource Hash: 6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language: en-US,en;q=0.9
Referer: https://match.sharethrough.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 21:27:10 GMT
cache-control: no-cache
content-length: 68
content-type: image/png

Redirect headers

pragma: no-cache
date: Wed, 17 May 2023 21:27:10 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=92674b22-8760-48d2-99d4-a804e14aff5a&gdpr=0&gdpr_consent=
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 323

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 545D 0
0 109ms
93ms Fetch
text/html 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C_b9irUZlZOX6CYe8zwWi5Y_AA-6StZNcv6KFx-QFwI23ARABIABgyYaAgNyjxBCCARdjYS1wdWItNTg4NDI5NDQ3OTM5MTYzOMgBCeACAKgDAaoEgQJP0FjJUJjFNe_86mDvCeZylRKjTGXLLK0htgXC_fV9neneRFb95UTp0ZPGO_o9PG-MxCFQww5QI3VohmKGyuCJuyAACZTqts_rqJg8vuPvXmB_Sibfo7c4-beVGRV5sQTR8vZyWSdkJDHT5LLt5klR2q7rQYhb0q47pYU2RK7uhD8KhxDyfIgEiKICoibATXJR8acBX4aMClg3QrZa05T4ajCHQxef6QnVBV7aXljXH_BDeLNNhRWQpAJLjvCIcMf7tTl5hGjBTjpZAEyKz9bmTUl7dhSsh_rU4CNrfYGFOs_hd7MVe6ViYLSJoc6ZUUu2b6Y4imeovL3ogQUbZRM6WuAEAYAGi679raTL5LO4AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBAgAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTU4ODQyOTQ0NzkzOTE2MzgYmdIh&sigh=6ivpGSD_3iI&uach_m=[UACH]&cid=CAQSPABygQiDt2Q-q30f-qcq8O_KpWgm0FfDET4bjbbxcQFwLSwOs-fHZ_bhhxISk8SmFf48qdnk-IRyH1UphRgB
Requested by: Host: starsgab.com
URL: https://starsgab.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:81d::2002 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dc0b8ab8643cd81c1ff058aa8c270dfc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

GET
H2 200 ttj Show response
ib.3lift.com/ Frame 545D 14 KB
5 KB 245ms
66ms Script
application/javascript 108.156.184.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ib.3lift.com/ttj?inv_code=Starsgab_StandardDisplay_OB&tid=206226
Requested by: Host: dc0b8ab8643cd81c1ff058aa8c270dfc.safeframe.googlesyndication.com
URL: https://dc0b8ab8643cd81c1ff058aa8c270dfc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.156.184.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-156-184-119.cmh68.r.cloudfront.net
Software: /
Resource Hash: 050fd9fe89bc2a49a37d2559f9887bb834cb4eddf7308bff6d9018e4c5b36787

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dc0b8ab8643cd81c1ff058aa8c270dfc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 21:18:08 GMT
content-encoding: gzip
via: 1.1 e82b003e5929abce569292fc53dbf254.cloudfront.net (CloudFront)
x-amz-cf-pop: CMH68-P2
age: 542
etag: "7dc2c70e6b3fba684a252ceebc08e2a893f2952d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=900
alt-svc: h3=":443"; ma=86400
content-length: 4791
x-amz-cf-id: J2V-z2iZ6I-IDfw67VUruuf9T45tg9zQZBdMtaZnbptfuvVnHYCSVw==

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230515/r20110914/client/ Frame 545D 3 KB
1 KB 83ms
67ms Script
text/javascript 2607:f8b0:4006:821::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230515/r20110914/client/window_focus_fy2021.js

Requested by

Host: dc0b8ab8643cd81c1ff058aa8c270dfc.safeframe.googlesyndication.com
URL: https://dc0b8ab8643cd81c1ff058aa8c270dfc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2001 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dc0b8ab8643cd81c1ff058aa8c270dfc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 18:03:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12242
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 31 May 2023 18:03:07 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230515/r20110914/client/ Frame 545D 19 KB
8 KB 88ms
74ms Script
text/javascript 2607:f8b0:4006:821::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230515/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: dc0b8ab8643cd81c1ff058aa8c270dfc.safeframe.googlesyndication.com
URL: https://dc0b8ab8643cd81c1ff058aa8c270dfc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2001 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b9a274f1064b3c46d5fc2cbf160884681342b40cb1504b5abfc3567c7244e498

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dc0b8ab8643cd81c1ff058aa8c270dfc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 21:09:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1041
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7961
x-xss-protection: 0
server: cafe
etag: 850764377161688706
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 31 May 2023 21:09:48 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 545D 0
0 231ms
79ms Image
text/html 2607:f8b0:4006:817::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaS8GRKRNYY4tg2cqweCvnrQj8amO21zsAYRVWz7wQCTLy4UgTHZ5Hsck7i_je6yV4E07khSDto8BFlwDZRPH5JQyWL8eA
Requested by: Host: dc0b8ab8643cd81c1ff058aa8c270dfc.safeframe.googlesyndication.com
URL: https://dc0b8ab8643cd81c1ff058aa8c270dfc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:817::2004 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dc0b8ab8643cd81c1ff058aa8c270dfc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 545D 24 KB
6 KB 84ms
70ms Script
text/javascript 2607:f8b0:4006:821::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: dc0b8ab8643cd81c1ff058aa8c270dfc.safeframe.googlesyndication.com
URL: https://dc0b8ab8643cd81c1ff058aa8c270dfc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2001 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dc0b8ab8643cd81c1ff058aa8c270dfc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 00:36:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 75069
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 16 May 2024 00:36:00 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 545D 170 KB
53 KB 72ms
58ms Script
text/javascript 2607:f8b0:400c:c04::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: dc0b8ab8643cd81c1ff058aa8c270dfc.safeframe.googlesyndication.com
URL: https://dc0b8ab8643cd81c1ff058aa8c270dfc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400c:c04::9d Charleston, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f3e707799c4b8c1017aaed1c78432af2cc213ea88229312c1b2d621aa0ade9ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dc0b8ab8643cd81c1ff058aa8c270dfc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 21:27:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53845
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1684150324481819"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 May 2023 21:27:09 GMT

GET
H2 200 notify
tlx.3lift.com/s2s/ Frame 545D 37 B
220 B 76ms
61ms Image
image/gif 52.3.128.253
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tlx.3lift.com/s2s/notify?px=1&pr=ZGVGrQACfWUKs94HAAPyoj8mexdD2y9eGaB7QQ&ts=1684358829&aid=26615974304785445321880&ec=5563_66529_OAIP.70d117cd7fd314151070af50d55931c6&n=GrUCaHR0cHM6Ly93d3cuYmluZy5jb20vYXBpL3YxL21lZGlhdGlvbi90cmFja2luZz9hZFVuaXQ9MTE3MzAzNzQmYXVJZD1lMzJlMDE4Ni03YjFjLTRiMjUtYTA4Zi0zMjM0NWY1YzU4ODUmY21FeHBJZD1MVjEmb0FkVW5pdD0xMTczMDM3NCZwdWJsaXNoZXJJZD0yNTAxNTIyMzUmcklkPWUzMmUwMTg2LTdiMWMtNGIyNS1hMDhmLTMyMzQ1ZjVjNTg4NSZydHlwZT1udXJsJnRhZ0lkPTIzNzU4MCZ0cmFmZmljR3JvdXA9Z2V2Y3lyeXZzZ19wY3omdHJhZmZpY1N1Ykdyb3VwPWVyZnJlaXImYWlkPTI2NjE1OTc0MzA0Nzg1NDQ1MzIxODgwJndwPTEuNjA48gLxAQgAEhcyNjYxNTk3NDMwNDc4NTQ0NTMyMTg4MBgAIAEouysw4YcEQAFIAFABYBJoCnCHBJABAJgBAKgB%2F%2F%2F%2F%2F%2F%2F%2F%2F%2F%2F%2FAbgBuAPAAbYJyAHIDPABkssM%2BAHIDIACtgmRAgAAAAAAAPA%2FmQIAAAAAAADQP6gCALACAsgCAtgCAPECZmZmZmZm5j%2F4AuQ6kAMAmAMAoAMAuAPFnJwByAMA0gMlT0FJUC43MGQxMTdjZDdmZDMxNDE1MTA3MGFmNTBkNTU5MzFjNuAD3%2FitLukDAAAAAAAAAADwA8gM%2BQMAAAAAAAAAAIAECIkEAAAAAAAA0D%2F4AgWIAwGSAwQ5ODk1mAMAoAOMwA6oAwA%3D
Requested by: Host: dc0b8ab8643cd81c1ff058aa8c270dfc.safeframe.googlesyndication.com
URL: https://dc0b8ab8643cd81c1ff058aa8c270dfc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.3.128.253 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-3-128-253.compute-1.amazonaws.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dc0b8ab8643cd81c1ff058aa8c270dfc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Wed, 17 May 2023 21:27:09 GMT
cache-control: no-cache, no-store, must-revalidate, no-cache, no-store, must-revalidate
content-length: 37
expires: Thu, 15 Oct 1992 20:10:00 GMT

GET
H2 200 pe
eb2.3lift.com/ Frame 545D 37 B
139 B 74ms
60ms Image
image/gif 35.71.139.29
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/pe?fid=18&peid=0&aid=26615974304785445321880
Requested by: Host: dc0b8ab8643cd81c1ff058aa8c270dfc.safeframe.googlesyndication.com
URL: https://dc0b8ab8643cd81c1ff058aa8c270dfc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: afb83dd09526a6517.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dc0b8ab8643cd81c1ff058aa8c270dfc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 21:27:09 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H/1.1 200
OK ecm3
s.amazon-adsystem.com/ Frame BA36 43 B
479 B 179ms
64ms Image
image/gif 52.46.143.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=ym.com&id=g3ef7f9b5a23d7e50741&gdpr=0

Requested by

Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID&gdpr=0

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sync-amz.ads.yieldmo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 17 May 2023 21:27:09 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 5SH584NN097BEKK0HVS1
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 pixel
cm.g.doubleclick.net/ Frame BA36 170 B
232 B 187ms
82ms Image
image/png 142.251.41.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yieldmo_dbm&google_hm=ZzNlZjdmOWI1YTIzZDdlNTA3NDE=

Requested by

Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID&gdpr=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.41.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s40-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sync-amz.ads.yieldmo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 May 2023 21:27:09 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sync
ads.yieldmo.com/v000/ Frame BA36
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=yieldmo_dbm&google_cm&pn_id=c
https://ads.yieldmo.com/v000/sync?pn_id=c&google_gid=CAESENusGuxmV31Re-lpoLyn1wE&google_cver=1

43 B
470 B

194ms
59ms

Image
image/gif

3.216.16.167
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.yieldmo.com/v000/sync?pn_id=c&google_gid=CAESENusGuxmV31Re-lpoLyn1wE&google_cver=1
Requested by: Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID&gdpr=0
Protocol: H2
Server: 3.216.16.167 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-216-16-167.compute-1.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sync-amz.ads.yieldmo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 May 2023 21:27:10 GMT
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods: POST, GET, OPTIONS
content-type: image/gif;charset=utf-8
access-control-allow-origin: *
access-control-allow-headers: Cache-Control, Pragma, *
content-length: 43

Redirect headers

pragma: no-cache
date: Wed, 17 May 2023 21:27:09 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ads.yieldmo.com/v000/sync?pn_id=c&google_gid=CAESENusGuxmV31Re-lpoLyn1wE&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 299
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sync
ads.yieldmo.com/v000/ Frame BA36
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=yieldmo&redir%3Dhttps%3A%2F%2Fads.yieldmo.com%2Fv000%2Fsync%3Fpn_id%3Dunl%26id%3D%5BRX_UUID%5D
https://sync.1rx.io/usersync2/rmpssp?sub=yieldmo&zcc=1&cb=1684358830119
https://ad.turn.com/r/cs?pid=45&rndcb=1786671304
https://sync.1rx.io/usersync/turn/9007274404191896346?dspret=1&gdpr=&gdpr_consent=&us_privacy=
https://sync.targeting.unrulymedia.com/csync/RX-85c47d01-6751-4e6a-ae20-1e334978fd09-005?redir=https%3A%2F%2Fads.yieldmo.com%2Fv000%2Fsync%3Fpn_id%3Dunl%26id%3DRX-85c47d01-6751-4e6a-ae20-1e334978fd...
https://ads.yieldmo.com/v000/sync?pn_id=unl&id=RX-85c47d01-6751-4e6a-ae20-1e334978fd09-005

43 B
707 B

58ms
58ms

Image
image/gif

3.216.16.167
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.yieldmo.com/v000/sync?pn_id=unl&id=RX-85c47d01-6751-4e6a-ae20-1e334978fd09-005
Requested by: Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID&gdpr=0
Protocol: H2
Server: 3.216.16.167 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-216-16-167.compute-1.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sync-amz.ads.yieldmo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 May 2023 21:27:10 GMT
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods: POST, GET, OPTIONS
content-type: image/gif;charset=utf-8
access-control-allow-origin: *
access-control-allow-headers: Cache-Control, Pragma, *
content-length: 43

Redirect headers

Location: https://ads.yieldmo.com/v000/sync?pn_id=unl&id=RX-85c47d01-6751-4e6a-ae20-1e334978fd09-005
Date: Wed, 17 May 2023 21:27:10 GMT
Content-Type: text/html
Connection: keep-alive
ETag: RX85c47d0167514e6aae201e334978fd09005
Transfer-Encoding: chunked
P3P: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"

GET
H2

200

sync
ads.yieldmo.com/v000/ Frame BA36
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=yieldmo&ttd_tpi=1&ttd_puid=g3ef7f9b5a23d7e50741
https://match.adsrvr.org/track/cmb/generic?ttd_pid=yieldmo&ttd_tpi=1&ttd_puid=g3ef7f9b5a23d7e50741
https://ads.yieldmo.com/v000/sync?tdid=92674b22-8760-48d2-99d4-a804e14aff5a

43 B
475 B

166ms
58ms

Image
image/gif

3.216.16.167
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.yieldmo.com/v000/sync?tdid=92674b22-8760-48d2-99d4-a804e14aff5a
Requested by: Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID&gdpr=0
Protocol: H2
Server: 3.216.16.167 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-216-16-167.compute-1.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sync-amz.ads.yieldmo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 May 2023 21:27:10 GMT
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods: POST, GET, OPTIONS
content-type: image/gif;charset=utf-8
access-control-allow-origin: *
access-control-allow-headers: Cache-Control, Pragma, *
content-length: 43

Redirect headers

pragma: no-cache
date: Wed, 17 May 2023 21:27:10 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://ads.yieldmo.com/v000/sync?tdid=92674b22-8760-48d2-99d4-a804e14aff5a
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 181

GET
H3

200

receive
pixel.tapad.com/idsync/ex/ Frame BA36
Redirect Chain

https://pixel.tapad.com/idsync/ex/receive?partner_id=3107&partner_device_id=g3ef7f9b5a23d7e50741
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3107&partner_device_id=g3ef7f9b5a23d7e50741
https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=963c9729-ad06-4e75-ba62-a8ab1db2611c%252C%252C&gdpr=0&gdpr_consent=
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=92674b22-8760-48d2-99d4-a804e14aff5a&ttd_puid=963c9729-ad06-4e75-ba62-a8ab1db2611c%2C%2C

95 B
123 B

54ms
54ms

Image
image/png

34.111.113.62
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=92674b22-8760-48d2-99d4-a804e14aff5a&ttd_puid=963c9729-ad06-4e75-ba62-a8ab1db2611c%2C%2C

Requested by

Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID&gdpr=0

Protocol

Server

34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

62.113.111.34.bc.googleusercontent.com

Software

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sync-amz.ads.yieldmo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 21:27:10 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
content-type: image/png
access-control-allow-origin: *
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 95

Redirect headers

pragma: no-cache
date: Wed, 17 May 2023 21:27:10 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=92674b22-8760-48d2-99d4-a804e14aff5a&ttd_puid=963c9729-ad06-4e75-ba62-a8ab1db2611c%2C%2C
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 359

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 4D08 2 KB
2 KB 222ms
62ms Script
text/html 104.36.115.113
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=59449964&p=156011&s=165626&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID&gdpr=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.36.115.113 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: d17b87e9740ee2e2e6b07956e0e7c7ba83f0b0554a06bd360aad8cc9e3e79655

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date: Wed, 17 May 2023 21:27:09 GMT
content-length: 1677
content-type: text/html; charset=UTF-8

GET
H2

200

rtset
bh.contextweb.com/bh/ Frame 2AEC
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc&google_hm=OXkzVTM0OXF0bmJtUml4YklaOVNZZw&gdpr=0&gdpr_consent=
https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=0&gdpr_consent=&ev=CAESEMSYPQjUI5kPcA7te_m_mhc&google_cver=1

49 B
805 B

66ms
65ms

Image
image/gif

198.148.27.139
PULSEPOINT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=0&gdpr_consent=&ev=CAESEMSYPQjUI5kPcA7te_m_mhc&google_cver=1

Requested by

Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint&reat=1

Protocol

Server

198.148.27.139 New York, United States, ASN19189 (PULSEPOINT, US),

Reverse DNS

Software

Jetty(10.0.14) /

Resource Hash

d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bh.contextweb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=15768000
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server: Jetty(10.0.14)
content-language: en-US
content-type: image/gif;charset=iso-8859-1
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control: private, max-age=0, no-cache, no-store
cw-server: bh-deployment-7d6bb5d45b-7dzj9
expires: -1

Redirect headers

pragma: no-cache
date: Wed, 17 May 2023 21:27:09 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=0&gdpr_consent=&ev=CAESEMSYPQjUI5kPcA7te_m_mhc&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 335
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

rtset
bh.contextweb.com/bh/ Frame 2AEC
Redirect Chain

https://pulsepoint-match.dotomi.com/match/bounce/current?networkId=14200&version=1&nuid=
https://pulsepoint-match.dotomi.com/match/bounce/current?DotomiTest=353ad3dda5bf19e5&is_secure=true&networkId=14200&version=1&nuid=
https://bh.contextweb.com/bh/rtset?do=add&pid=530912&ev=AAAH4fdmt7TulgNgsXDXAAAAAAA&expiration=1684445230&nuid=&is_secure=true

49 B
833 B

65ms
65ms

Image
image/gif

198.148.27.139
PULSEPOINT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bh.contextweb.com/bh/rtset?do=add&pid=530912&ev=AAAH4fdmt7TulgNgsXDXAAAAAAA&expiration=1684445230&nuid=&is_secure=true

Requested by

Protocol

Server

198.148.27.139 New York, United States, ASN19189 (PULSEPOINT, US),

Reverse DNS

Software

Jetty(10.0.14) /

Resource Hash

d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bh.contextweb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=15768000
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server: Jetty(10.0.14)
content-language: en-US
content-type: image/gif;charset=iso-8859-1
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control: private, max-age=0, no-cache, no-store
cw-server: bh-deployment-7d6bb5d45b-7dzj9
expires: -1

Redirect headers

pragma: no-cache
date: Wed, 17 May 2023 21:27:10 GMT
server: nginx
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location: https://bh.contextweb.com/bh/rtset?do=add&pid=530912&ev=AAAH4fdmt7TulgNgsXDXAAAAAAA&expiration=1684445230&nuid=&is_secure=true
cache-control: no-cache, private, max-age=0, no-store
content-length: 0
expires: 0

GET
H2

200

rtset
bh.contextweb.com/bh/ Frame 2AEC
Redirect Chain

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=95&gdpr=0&gdpr_consent=
https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=95&gdpr=0&gdpr_consent=
https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=d99af396-dad5-489f-9cec-b8adadd6b557-646546ae-5553&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%...
https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=d99af396-dad5-489f-9cec-b8adadd6b557-646546ae-5553&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%...
https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=d99af396-dad5-489f-9cec-b8adadd6b557-646546ae-5553&partner_url=https%3A%2F%2Fbh.contextweb.com%2Fbh%2Frtset%3Fdo%3Dadd%26pid...
https://bh.contextweb.com/bh/rtset?do=add&pid=543793&ev=d99af396-dad5-489f-9cec-b8adadd6b557-646546ae-5553&gdpr_in_effect=0&gdpr_consent=

49 B
885 B

68ms
68ms

Image
image/gif

198.148.27.139
PULSEPOINT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bh.contextweb.com/bh/rtset?do=add&pid=543793&ev=d99af396-dad5-489f-9cec-b8adadd6b557-646546ae-5553&gdpr_in_effect=0&gdpr_consent=

Requested by

Protocol

Server

198.148.27.139 New York, United States, ASN19189 (PULSEPOINT, US),

Reverse DNS

Software

Jetty(10.0.14) /

Resource Hash

d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bh.contextweb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=15768000
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server: Jetty(10.0.14)
content-language: en-US
content-type: image/gif;charset=iso-8859-1
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control: private, max-age=0, no-cache, no-store
cw-server: bh-deployment-7d6bb5d45b-7dzj9
expires: -1

Redirect headers

date: Wed, 17 May 2023 21:27:10 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin: *
location: https://bh.contextweb.com/bh/rtset?do=add&pid=543793&ev=d99af396-dad5-489f-9cec-b8adadd6b557-646546ae-5553&gdpr_in_effect=0&gdpr_consent=
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H/1.1 200
OK ecm3
s.amazon-adsystem.com/ Frame 2AEC 43 B
479 B 143ms
68ms Image
image/gif 52.46.143.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=cJvSOIsfd2j6&ex=Pulsepoint

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bh.contextweb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 17 May 2023 21:27:10 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: VVNGTQHV1XJ161ZS2RWE
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305110101/ 152 KB
51 KB 98ms
98ms Script
text/javascript 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305110101/reactive_library_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305110101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0fde3664ce78f4b935f69b04bacf7f82d2f81fee4c265bd064bb94155d7627fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://starsgab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 21:27:10 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52584
x-xss-protection: 0
server: cafe
etag: 17997488407826092525
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 17 May 2023 21:27:10 GMT

GET
H2 200 bundle.js Show response
ib.3lift.com/rev/22822be39ea1b8d30894dab7d32b07102272a8e2/dist/ Frame 545D 181 KB
58 KB 77ms
76ms Script
text/javascript 108.156.184.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ib.3lift.com/rev/22822be39ea1b8d30894dab7d32b07102272a8e2/dist/bundle.js
Requested by: Host: ib.3lift.com
URL: https://ib.3lift.com/ttj?inv_code=Starsgab_StandardDisplay_OB&tid=206226
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.156.184.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-156-184-119.cmh68.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f66d776620953c0805676cad9701a599129cc0d63afbd5abe4c04c8cbe7274d4

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dc0b8ab8643cd81c1ff058aa8c270dfc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 05 May 2023 18:35:40 GMT
content-encoding: gzip
via: 1.1 e82b003e5929abce569292fc53dbf254.cloudfront.net (CloudFront)
x-amz-cf-pop: CMH68-P2
age: 1047091
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 59092
last-modified: Fri, 05 May 2023 18:35:24 GMT
server: AmazonS3
etag: "122ea7342a1771e61e0e84426c1a3608"
content-type: text/javascript
cache-control: max-age=31536000, immutable
accept-ranges: bytes
x-amz-cf-id: 09G9RSbf3gz5vIg7R3arbPN8fFiXdNdpL8LC-tEPiUXEq5fyLS6xiQ==

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 9752 1 KB
643 B 63ms
62ms Document
text/html 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: dc0b8ab8643cd81c1ff058aa8c270dfc.safeframe.googlesyndication.com
URL: https://dc0b8ab8643cd81c1ff058aa8c270dfc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dc0b8ab8643cd81c1ff058aa8c270dfc.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 9384
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 17 May 2023 18:50:46 GMT
etag: 48472445140208031
expires: Thu, 18 May 2023 18:50:46 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

b9pj45k4 Show response
sync-tm.everesttech.net/ct/upi/pid/ Frame 02AD
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_con...
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_...

85 B
236 B

59ms
59ms

Document
image/png

151.101.130.49
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZGVGrgAAAQuM6gAD
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID&gdpr=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Jetty(9.4.35.v20201120) /
Resource Hash: acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: no-cache
content-length: 85
content-type: image/png
date: Wed, 17 May 2023 21:27:10 GMT
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma: no-cache
server: Jetty(9.4.35.v20201120)
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-mia-kmia1760044-MIA
x-timer: S1684358830.372376,VS0,VE28

Redirect headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: no-cache
content-length: 0
date: Wed, 17 May 2023 21:27:10 GMT
location: https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZGVGrgAAAQuM6gAD
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma: no-cache
server: Jetty(9.4.35.v20201120)
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-mia-kmia1760044-MIA
x-timer: S1684358830.287082,VS0,VE52

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame 3B03
Redirect Chain

https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=969751688619370358

42 B
194 B

63ms
62ms

Document
image/gif

162.248.18.37
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=969751688619370358
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID&gdpr=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Wed, 17 May 2023 21:27:10 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

Content-Length: 0
Date: Wed, 17 May 2023 21:27:10 GMT
Location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=969751688619370358
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server: Jetty(9.4.51.v20230217)

GET
H/1.1 200
OK ecm3 Show response
s.amazon-adsystem.com/ Frame A42E 43 B
479 B 65ms
64ms Document
image/gif 52.46.143.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=PM_UIDD7FE0180-68BE-4FCB-8462-A2AC6CA5B2EF

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID&gdpr=0

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif
Date: Wed, 17 May 2023 21:27:10 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
x-amz-rid: 98R9B49KJCPWVV33BF3G

GET
H2

200

user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 4D08
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=1_4BgGi-T8uEYqKsbKWy7w%3D%3D&gdpr=0&gdpr_consent=
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=

16 KB
16 KB

65ms
64ms

Image
text/html

104.118.8.253
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-LoopMe_n-MediaNet_n-Beeswax_ox-db5_n-inmobi_cnv_n-smaato_n-sharethrough_pm-db5_n-simpli.fi_ym_ppt_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol: H2
Server: 104.118.8.253 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-118-8-253.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 21:27:10 GMT
content-encoding: gzip
last-modified: Fri, 16 Dec 2022 06:36:49 GMT
server: Apache
vary: Accept-Encoding
content-type: text/html
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=128567
accept-ranges: bytes
content-length: 5554
expires: Fri, 19 May 2023 09:09:57 GMT

Redirect headers

pragma: no-cache
date: Wed, 17 May 2023 21:27:10 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 301
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

receive
pixel.tapad.com/idsync/ex/ Frame 4D08
Redirect Chain

https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=D7FE0180-68BE-4FCB-8462-A2AC6CA5B2EF
https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=963c9729-ad06-4e75-ba62-a8ab1db2611c%252C%252C&gdpr=0&gdpr_consent=
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=92674b22-8760-48d2-99d4-a804e14aff5a&ttd_puid=963c9729-ad06-4e75-ba62-a8ab1db2611c%2C%2C

95 B
123 B

54ms
53ms

Image
image/png

34.111.113.62
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=92674b22-8760-48d2-99d4-a804e14aff5a&ttd_puid=963c9729-ad06-4e75-ba62-a8ab1db2611c%2C%2C

Requested by

Protocol

Server

34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

62.113.111.34.bc.googleusercontent.com

Software

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 21:27:10 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
content-type: image/png
access-control-allow-origin: *
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 95

Redirect headers

pragma: no-cache
date: Wed, 17 May 2023 21:27:10 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=92674b22-8760-48d2-99d4-a804e14aff5a&ttd_puid=963c9729-ad06-4e75-ba62-a8ab1db2611c%2C%2C
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 359

GET
H2 200 xuid
eb2.3lift.com/ Frame 4D08 37 B
354 B 63ms
60ms Image
image/gif 35.71.139.29
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=7976&xuid=D7FE0180-68BE-4FCB-8462-A2AC6CA5B2EF&dongle=u6nf&gdpr=0&gdpr_consent=
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-LoopMe_n-MediaNet_n-Beeswax_ox-db5_n-inmobi_cnv_n-smaato_n-sharethrough_pm-db5_n-simpli.fi_ym_ppt_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: afb83dd09526a6517.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-type: image/gif
date: Wed, 17 May 2023 21:27:10 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2

200

insync
thrtle.com/ Frame 4D08
Redirect Chain

https://thrtle.com/insync?vxii_pid=10067&vxii_pdid=D7FE0180-68BE-4FCB-8462-A2AC6CA5B2EF&gdpr=0&gdpr_consent=
https://thrtle.com/insync?gdpr=0&gdpr_consent=&vxii_pdid=D7FE0180-68BE-4FCB-8462-A2AC6CA5B2EF&vxii_pid=12&vxii_pid1=10067&vxii_rcid=47eeeecb-cff8-4150-b4ba-d93ff3acac41

43 B
294 B

62ms
59ms

Image
image/gif

52.0.82.32
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thrtle.com/insync?gdpr=0&gdpr_consent=&vxii_pdid=D7FE0180-68BE-4FCB-8462-A2AC6CA5B2EF&vxii_pid=12&vxii_pid1=10067&vxii_rcid=47eeeecb-cff8-4150-b4ba-d93ff3acac41
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-LoopMe_n-MediaNet_n-Beeswax_ox-db5_n-inmobi_cnv_n-smaato_n-sharethrough_pm-db5_n-simpli.fi_ym_ppt_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol: H2
Server: 52.0.82.32 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-0-82-32.compute-1.amazonaws.com
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

p3p: CP="NOI OUR BUS UNI COM NAV"
date: Wed, 17 May 2023 21:27:10 GMT
content-length: 43
content-type: image/gif

Redirect headers

location: https://thrtle.com/insync?gdpr=0&gdpr_consent=&vxii_pdid=D7FE0180-68BE-4FCB-8462-A2AC6CA5B2EF&vxii_pid=12&vxii_pid1=10067&vxii_rcid=47eeeecb-cff8-4150-b4ba-d93ff3acac41
date: Wed, 17 May 2023 21:27:10 GMT
content-type: text/html; charset=utf-8
content-length: 211
p3p: CP="NOI OUR BUS UNI COM NAV"

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 4D08
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RDdGRTAxODAtNjhCRS00RkNCLTg0NjItQTJBQzZDQTVCMkVG&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

42 B
95 B

192ms
79ms

Image
image/gif

162.248.18.37
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-LoopMe_n-MediaNet_n-Beeswax_ox-db5_n-inmobi_cnv_n-smaato_n-sharethrough_pm-db5_n-simpli.fi_ym_ppt_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol: H2
Server: 162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Wed, 17 May 2023 21:27:09 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Wed, 17 May 2023 21:27:10 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 4D08
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESENJPzvk-J4Fzd1FmJOJnPUo&google_cver=1

42 B
530 B

191ms
78ms

Image
image/gif

162.248.18.37
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESENJPzvk-J4Fzd1FmJOJnPUo&google_cver=1
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-LoopMe_n-MediaNet_n-Beeswax_ox-db5_n-inmobi_cnv_n-smaato_n-sharethrough_pm-db5_n-simpli.fi_ym_ppt_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol: H2
Server: 162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Wed, 17 May 2023 21:27:10 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Wed, 17 May 2023 21:27:10 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESENJPzvk-J4Fzd1FmJOJnPUo&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 379
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 4D08
Redirect Chain

https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:3029843BC65B4AA3AA4568DFAA436D80

42 B
364 B

216ms
79ms

Image
image/gif

162.248.18.37
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:3029843BC65B4AA3AA4568DFAA436D80
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-LoopMe_n-MediaNet_n-Beeswax_ox-db5_n-inmobi_cnv_n-smaato_n-sharethrough_pm-db5_n-simpli.fi_ym_ppt_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol: H2
Server: 162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Wed, 17 May 2023 21:27:09 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

date: Wed, 17 May 2023 21:27:10 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:3029843BC65B4AA3AA4568DFAA436D80
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Tue, 16 May 2023 21:27:10 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 4D08
Redirect Chain

https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8935216810153968410&gdpr=0&gdpr_consent=&us_privacy=

1 B
405 B

190ms
56ms

Image
text/html

8.28.7.83
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8935216810153968410&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-LoopMe_n-MediaNet_n-Beeswax_ox-db5_n-inmobi_cnv_n-smaato_n-sharethrough_pm-db5_n-simpli.fi_ym_ppt_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol: H2
Server: 8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-type: text/html; charset=utf-8
date: Wed, 17 May 2023 21:27:10 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8935216810153968410&gdpr=0&gdpr_consent=&us_privacy=
pragma: no-cache
date: Wed, 17 May 2023 21:27:10 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
DATA 200
OK truncated
/ Frame 545D 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6f92cd394eab3c4e4b4d45e2c42b7d44b5da08418ab87e57da1b1764ff369fde

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 204 CookieSyncAdX
rtb.adentifi.com/ Frame 9752 0
287 B 196ms
56ms Image
text/plain 3.225.4.30
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.adentifi.com/CookieSyncAdX?google_gid=CAESEIArXwoX2nFqmuK9FBN84Ik&google_cver=1&google_push=ATf1kGPzv4ZWdgaIQoWe0IuUCS35lIOQxJGA3ogTMieS7n3y4nebLQ4XeT9IQ_hrLJACLSf_S5Mm3sDUHQtcb8GEZFmZf5kAie-t
Requested by: Host: dc0b8ab8643cd81c1ff058aa8c270dfc.safeframe.googlesyndication.com
URL: https://dc0b8ab8643cd81c1ff058aa8c270dfc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.225.4.30 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-225-4-30.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 21:27:10 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9752
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=1_4BgGi-T8uEYqKsbKWy7w%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

78ms
78ms

Image
image/png

142.251.41.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=1_4BgGi-T8uEYqKsbKWy7w%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ATf1kGOZa9frKew4fT4ZZ0qB1HiEb2gfBv_4o4wxo7in_zWwraVFb-IGbMW8koetuZli5a6qeUOD-1voaof5VtL0u_MnZBS7rwYe

Requested by

Host: dc0b8ab8643cd81c1ff058aa8c270dfc.safeframe.googlesyndication.com
URL: https://dc0b8ab8643cd81c1ff058aa8c270dfc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.251.41.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s40-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 May 2023 21:27:10 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=1_4BgGi-T8uEYqKsbKWy7w%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ATf1kGOZa9frKew4fT4ZZ0qB1HiEb2gfBv_4o4wxo7in_zWwraVFb-IGbMW8koetuZli5a6qeUOD-1voaof5VtL0u_MnZBS7rwYe
date: Wed, 17 May 2023 21:27:09 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H/1.1 200
OK pub
cs.chocolateplatform.com/ Frame 9752 0
134 B 457ms
68ms Image
text/plain 159.203.145.121
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.chocolateplatform.com/pub?pid=ebda&google_gid=CAESEFet5OvBY6l616AZ-zZT3ME&google_cver=1&google_push=ATf1kGOCu4gYsXsemL6d87KZ9ZzCnDhZpDAjkF8UeGmpI2P7EwVVbqe926tn3p7fxQzQnnGIfm4h9PlArdIduJHEuUNG3SaKnYIE
Requested by: Host: dc0b8ab8643cd81c1ff058aa8c270dfc.safeframe.googlesyndication.com
URL: https://dc0b8ab8643cd81c1ff058aa8c270dfc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 159.203.145.121 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: CookieSync Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 17 May 2023 21:27:10 GMT
server: CookieSync Server
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9752
Redirect Chain

https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEDrbXfDu11LnvcCsjtnIqJw&google_cver=1&google_push=ATf1kGOzXS-25cg_4uJ3hkdpm_7YEiuvcUbUGuMtMUMbucSYqB0ZDOZ4LAXP6h8eyAgxB888Acsb4h...
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=ATf1kGOzXS-25cg_4uJ3hkdpm_7YEiuvcUbUGuMtMUMbucSYqB0ZDOZ4LAXP6h8eyAgxB888Acsb4hx0Mk-ORgC3L7D9Mz-q2TWm&google_hm=NDA4NjM1Mz...

170 B
188 B

78ms
77ms

Image
image/png

142.251.41.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=ATf1kGOzXS-25cg_4uJ3hkdpm_7YEiuvcUbUGuMtMUMbucSYqB0ZDOZ4LAXP6h8eyAgxB888Acsb4hx0Mk-ORgC3L7D9Mz-q2TWm&google_hm=NDA4NjM1MzM0MzI0OTA1NzU3NQ%3D%3D

Requested by

Host: dc0b8ab8643cd81c1ff058aa8c270dfc.safeframe.googlesyndication.com
URL: https://dc0b8ab8643cd81c1ff058aa8c270dfc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.251.41.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s40-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 May 2023 21:27:10 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=ATf1kGOzXS-25cg_4uJ3hkdpm_7YEiuvcUbUGuMtMUMbucSYqB0ZDOZ4LAXP6h8eyAgxB888Acsb4hx0Mk-ORgC3L7D9Mz-q2TWm&google_hm=NDA4NjM1MzM0MzI0OTA1NzU3NQ%3D%3D
date: Wed, 17 May 2023 21:27:10 GMT
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9752
Redirect Chain

https://tg.socdm.com/rtb/sync_before?proto=google_ebda&google_gid=CAESEEQ98F-Ta5x5L4LeaadhQxU&google_cver=1&google_push=ATf1kGNfJfs_OCZylt-YMeUbvrVRktX0rp4oHSH5c7rXX1Y1UvIQx2SeqGbfm9Avh_jEg6ycijI4e...
https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=ATf1kGNfJfs_OCZylt-YMeUbvrVRktX0rp4oHSH5c7rXX1Y1UvIQx2SeqGbfm9Avh_jEg6ycijI4eOfhkYjBPTyXGF4OQYwtdRs&google_hm=WkdWR3JzQ284...

170 B
188 B

77ms
76ms

Image
image/png

142.251.41.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=ATf1kGNfJfs_OCZylt-YMeUbvrVRktX0rp4oHSH5c7rXX1Y1UvIQx2SeqGbfm9Avh_jEg6ycijI4eOfhkYjBPTyXGF4OQYwtdRs&google_hm=WkdWR3JzQ284WGNBQUUxMEpLVUFBQUFB

Requested by

Host: starsgab.com
URL: https://starsgab.com/

Protocol

Server

142.251.41.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s40-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 May 2023 21:27:10 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

X-SO-Cluster-ID: 0
Date: Wed, 17 May 2023 21:27:10 GMT
X-SO-LB-Data: {"ban":false,"clean_query":"\/rtb\/sync_before?proto=google_ebda&google_gid=CAESEEQ98F-Ta5x5L4LeaadhQxU&google_cver=1&google_push=ATf1kGNfJfs_OCZylt-YMeUbvrVRktX0rp4oHSH5c7rXX1Y1UvIQx2SeqGbfm9Avh_jEg6ycijI4eOfhkYjBPTyXGF4OQYwtdRs","cluster_id":0,"gdpr":false,"ipv4":"38.132.118.75","key":"ZGVGrsCo8XcAAE10JKUAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"a-ad40122"}
X-SO-Key: ZGVGrsCo8XcAAE10JKUAAAAA
Server: nginx
X-SO-Upstream-ID: a-ad40122
P3P: CP="See also http://www.scaleout.jp/privacy/"
Location: https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=ATf1kGNfJfs_OCZylt-YMeUbvrVRktX0rp4oHSH5c7rXX1Y1UvIQx2SeqGbfm9Avh_jEg6ycijI4eOfhkYjBPTyXGF4OQYwtdRs&google_hm=WkdWR3JzQ284WGNBQUUxMEpLVUFBQUFB
Cache-Control: private
X-SO-HostName: a-ad40122.dc2p.scaleout.jp
Connection: keep-alive
X-SO-Ads-Time: 2
Content-Length: 0
X-SO-LB-Hostname: m-tgng19.dc4p.scaleout.jp
X-SO-IP: 38.132.118.75

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9752
Redirect Chain

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEJ5IBkmSgEXvLfs-8tnO6nM&google_cver=1&google_push=ATf1kGMXDvSJCWANyA4Mzh9n49W6seBMxES44OUpQkGjRfzFMmU2FwvB9fCMTVN3TlyAj7qZ3V...
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1JYkVkYURKRTJ1SDlhUWJrTXAzc2ZCQjlZVjlRbExkUH5B&google_push=ATf1kGMXDvSJCWANyA4Mzh9n49W6seBMxES44OUpQkGjRfzFMmU2FwvB9...

170 B
188 B

77ms
77ms

Image
image/png

142.251.41.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1JYkVkYURKRTJ1SDlhUWJrTXAzc2ZCQjlZVjlRbExkUH5B&google_push=ATf1kGMXDvSJCWANyA4Mzh9n49W6seBMxES44OUpQkGjRfzFMmU2FwvB9fCMTVN3TlyAj7qZ3Vjr1BbCeCRFbYZp0vOulh0iPcjG

Requested by

Host: dc0b8ab8643cd81c1ff058aa8c270dfc.safeframe.googlesyndication.com
URL: https://dc0b8ab8643cd81c1ff058aa8c270dfc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.251.41.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s40-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 May 2023 21:27:10 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1JYkVkYURKRTJ1SDlhUWJrTXAzc2ZCQjlZVjlRbExkUH5B&google_push=ATf1kGMXDvSJCWANyA4Mzh9n49W6seBMxES44OUpQkGjRfzFMmU2FwvB9fCMTVN3TlyAj7qZ3Vjr1BbCeCRFbYZp0vOulh0iPcjG
date: Wed, 17 May 2023 21:27:10 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.57
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9752
Redirect Chain

https://trace.mediago.io/cs/google?google_gid=CAESELe4Lq1tFOZXr9yfCYDRJmE&google_cver=1&google_push=ATf1kGN1vtLqkaD2w5T0AsMhluyYGwm3tACFF1O-3hupOvkToOZGPjlN7T3f5wtdrCsw4Hb_o6k4Likgb4qynbmCeJjINijs6...
https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=ATf1kGN1vtLqkaD2w5T0AsMhluyYGwm3tACFF1O-3hupOvkToOZGPjlN7T3f5wtdrCsw4Hb_o6k4Likgb4qynbmCeJjINijs6vB2Fw&google_hm=4397abc6546c...

170 B
188 B

82ms
80ms

Image
image/png

142.251.41.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=ATf1kGN1vtLqkaD2w5T0AsMhluyYGwm3tACFF1O-3hupOvkToOZGPjlN7T3f5wtdrCsw4Hb_o6k4Likgb4qynbmCeJjINijs6vB2Fw&google_hm=4397abc6546cc43e519b58653e844942

Requested by

Host: dc0b8ab8643cd81c1ff058aa8c270dfc.safeframe.googlesyndication.com
URL: https://dc0b8ab8643cd81c1ff058aa8c270dfc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.251.41.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s40-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 May 2023 21:27:10 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=ATf1kGN1vtLqkaD2w5T0AsMhluyYGwm3tACFF1O-3hupOvkToOZGPjlN7T3f5wtdrCsw4Hb_o6k4Likgb4qynbmCeJjINijs6vB2Fw&google_hm=4397abc6546cc43e519b58653e844942
date: Wed, 17 May 2023 21:27:10 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 248
content-type: text/html; charset=utf-8

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 9752 0
50 B 78ms
77ms Image
text/html 142.251.41.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Kg9GhEhOH9qCBPwGFiPfBrHiLAu7XTueYNL9fIbitc4XVc4BUUGI6ClIpFKmBZYZZO4qWJr58

Requested by

Host: dc0b8ab8643cd81c1ff058aa8c270dfc.safeframe.googlesyndication.com
URL: https://dc0b8ab8643cd81c1ff058aa8c270dfc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.41.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s40-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 21:27:10 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 60ms
59ms Script
application/javascript 2607:f8b0:400c:c14::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=starsgab.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305110101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400c:c14::9c Charleston, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://starsgab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 21:27:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230515/r20110914/ Frame 9BD1 10 KB
4 KB 63ms
62ms Document
text/html 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230515/r20110914/zrt_lookup.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305110101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://starsgab.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 12393
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4540
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 17 May 2023 18:00:37 GMT
etag: 15057649708203361565
expires: Wed, 31 May 2023 18:00:37 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230515/r20110914/ Frame 3BF1 10 KB
4 KB 63ms
62ms Document
text/html 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230515/r20110914/zrt_lookup.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305110101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://starsgab.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 12393
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4540
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 17 May 2023 18:00:37 GMT
etag: 15057649708203361565
expires: Wed, 31 May 2023 18:00:37 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 notify
tlx.3lift.com/s2s/ Frame 545D 37 B
220 B 58ms
57ms Image
image/gif 52.3.128.253
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tlx.3lift.com/s2s/notify?px=1&pr=ZGVGrQACfWUKs94HAAPyoj8mexdD2y9eGaB7QQ&ts=1684358829&aid=26615974304785445321880&ec=5563_66529_OAIP.70d117cd7fd314151070af50d55931c6&n=GrUCaHR0cHM6Ly93d3cuYmluZy5jb20vYXBpL3YxL21lZGlhdGlvbi90cmFja2luZz9hZFVuaXQ9MTE3MzAzNzQmYXVJZD1lMzJlMDE4Ni03YjFjLTRiMjUtYTA4Zi0zMjM0NWY1YzU4ODUmY21FeHBJZD1MVjEmb0FkVW5pdD0xMTczMDM3NCZwdWJsaXNoZXJJZD0yNTAxNTIyMzUmcklkPWUzMmUwMTg2LTdiMWMtNGIyNS1hMDhmLTMyMzQ1ZjVjNTg4NSZydHlwZT1udXJsJnRhZ0lkPTIzNzU4MCZ0cmFmZmljR3JvdXA9Z2V2Y3lyeXZzZ19wY3omdHJhZmZpY1N1Ykdyb3VwPWVyZnJlaXImYWlkPTI2NjE1OTc0MzA0Nzg1NDQ1MzIxODgwJndwPTEuNjA48gLxAQgAEhcyNjYxNTk3NDMwNDc4NTQ0NTMyMTg4MBgAIAEouysw4YcEQAFIAFABYBJoCnCHBJABAJgBAKgB%2F%2F%2F%2F%2F%2F%2F%2F%2F%2F%2F%2FAbgBuAPAAbYJyAHIDPABkssM%2BAHIDIACtgmRAgAAAAAAAPA%2FmQIAAAAAAADQP6gCALACAsgCAtgCAPECZmZmZmZm5j%2F4AuQ6kAMAmAMAoAMAuAPFnJwByAMA0gMlT0FJUC43MGQxMTdjZDdmZDMxNDE1MTA3MGFmNTBkNTU5MzFjNuAD3%2FitLukDAAAAAAAAAADwA8gM%2BQMAAAAAAAAAAIAECIkEAAAAAAAA0D%2F4AgWIAwGSAwQ5ODk1mAMAoAOMwA6oAwA%3D&b=1
Requested by: Host: dc0b8ab8643cd81c1ff058aa8c270dfc.safeframe.googlesyndication.com
URL: https://dc0b8ab8643cd81c1ff058aa8c270dfc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.3.128.253 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-3-128-253.compute-1.amazonaws.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dc0b8ab8643cd81c1ff058aa8c270dfc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Wed, 17 May 2023 21:27:10 GMT
cache-control: no-cache, no-store, must-revalidate, no-cache, no-store, must-revalidate
content-length: 37
expires: Thu, 15 Oct 1992 20:10:00 GMT

GET
H2 200 r
eb2.3lift.com/ Frame 545D 37 B
139 B 59ms
58ms Image
image/gif 35.71.139.29
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/r?inv_code=Starsgab_StandardDisplay_OB&aid=26615974304785445321880&rev=22822be&pr=can%27t%2520access%2520top%2520document&bc=1.608&bmid=5563&biid=7524&sid=66529&brid=519&adid=&crid=97221727&ts=1684358829&bcud=1608&ss=5&caid=0&unid=0&domain=dc0b8ab8643cd81c1ff058aa8c270dfc.safeframe.googlesyndication.com&ref=https%253A%252F%252Fstarsgab.com%252F&rr=creative&fid=18&rb=10&g=0&tmplid=206226&cb=12884
Requested by: Host: dc0b8ab8643cd81c1ff058aa8c270dfc.safeframe.googlesyndication.com
URL: https://dc0b8ab8643cd81c1ff058aa8c270dfc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: afb83dd09526a6517.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dc0b8ab8643cd81c1ff058aa8c270dfc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 21:27:10 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H2

200

c.gif
www.bing.com/aes/ Frame 545D
Redirect Chain

https://www.bing.com/api/v1/mediation/tracking?adUnit=11730374&auId=dd01bbde-6ff4-4d5b-9137-f38db60d6ce5&cmExpId=LV1&oAdUnit=11730374&publisherId=250152235&rId=e32e0186-7b1c-4b25-a08f-32345f5c5885&...
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_1-1-0?&RG=8907fd502887453c82e1b820b864e5c4&SNR=1&GV=2&med=10

0
242 B

64ms
63ms

Image
text/plain

2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/aes/c.gif?DI=0&DIS=SB_1-1-0?&RG=8907fd502887453c82e1b820b864e5c4&SNR=1&GV=2&med=10
Requested by: Host: dc0b8ab8643cd81c1ff058aa8c270dfc.safeframe.googlesyndication.com
URL: https://dc0b8ab8643cd81c1ff058aa8c270dfc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dc0b8ab8643cd81c1ff058aa8c270dfc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 May 2023 21:27:09 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 3A90B8E02144475994B46DB966D8C528 Ref B: MIAEDGE2521 Ref C: 2023-05-17T21:27:10Z
vary: Origin
x-cache: CONFIG_NOCACHE
p3p: CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
cache-control: private,no-store
content-length: 0

Redirect headers

pragma: no-cache
strict-transport-security: max-age=15724800; includeSubDomains
date: Wed, 17 May 2023 21:27:09 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: F73FCD0FD1474E11A298D62BD372C62B Ref B: MIAEDGE2521 Ref C: 2023-05-17T21:27:10Z
vary: Origin
x-cache: CONFIG_NOCACHE
content-type: text/html; charset=utf-8
location: https://www.bing.com/aes/c.gif?DI=0&DIS=SB_1-1-0?&RG=8907fd502887453c82e1b820b864e5c4&SNR=1&GV=2&med=10
cache-control: no-cache, no-store, must-revalidate
content-length: 150
expires: 0

GET
H2 200 th
www.bing.com/ Frame 545D 23 KB
24 KB 153ms
80ms Image
image/jpeg 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/th?id=OAIP.70d117cd7fd314151070af50d55931c6&pid=AdsNative&c=3&w=300&h=300&dynsize=1
Requested by: Host: dc0b8ab8643cd81c1ff058aa8c270dfc.safeframe.googlesyndication.com
URL: https://dc0b8ab8643cd81c1ff058aa8c270dfc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 318636eed422efbaa1741027197c1b3eaa7d08402e3929b86f6169df08a7f686

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dc0b8ab8643cd81c1ff058aa8c270dfc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 21:27:09 GMT
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 1C7F149D16D34902B9BDB4A5EE48A96B Ref B: MIAEDGE2521 Ref C: 2023-05-17T21:27:10Z
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
x-cache: TCP_MISS
access-control-allow-origin: *
content-type: image/jpeg
cache-control: public, max-age=2592000
timing-allow-origin: *
access-control-allow-headers: *
content-length: 23776

GET
H2 200 blank
img.3lift.com/ Frame 545D 908 B
1 KB 202ms
63ms Image
image/png 13.225.223.81
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.3lift.com/blank?width=300&height=300
Requested by: Host: dc0b8ab8643cd81c1ff058aa8c270dfc.safeframe.googlesyndication.com
URL: https://dc0b8ab8643cd81c1ff058aa8c270dfc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.223.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-223-81.jfk51.r.cloudfront.net
Software: /
Resource Hash: e5256bea79dd64abe02ec0b6031a5cf9e93ace05957297b59ffb42e21782297f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dc0b8ab8643cd81c1ff058aa8c270dfc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 12 May 2023 10:06:41 GMT
via: 1.1 086617c9385713660fb060f989a2a626.cloudfront.net (CloudFront)
last-modified: Fri, 12 May 2023 10:06:41 GMT
x-amz-cf-pop: JFK51-C1
age: 472829
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=604800
alt-svc: h3=":443"; ma=86400
content-length: 908
x-amz-cf-id: MRXsEGHkYdtpHH9J4-YLnFZKb89VkDhDHjsLpkhoDnFez26FWoU0Vw==

GET
H3 200 OBA_TRANS.png
ib.3lift.com/static/buttons/edaa/ Frame 545D 3 KB
3 KB 64ms
63ms Image
image/png 108.156.184.119
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ib.3lift.com/static/buttons/edaa/OBA_TRANS.png
Requested by: Host: dc0b8ab8643cd81c1ff058aa8c270dfc.safeframe.googlesyndication.com
URL: https://dc0b8ab8643cd81c1ff058aa8c270dfc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 108.156.184.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-156-184-119.cmh68.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2fd4c3ae6afc2b4026d9f0b64b8ff1110ecfcf47b90bc988c06e844b3921cbf6

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dc0b8ab8643cd81c1ff058aa8c270dfc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 15 May 2023 05:34:25 GMT
via: 1.1 d20643381b69d20c57164843f598201e.cloudfront.net (CloudFront)
last-modified: Thu, 05 Aug 2021 17:23:36 GMT
server: AmazonS3
age: 485272
x-amz-cf-pop: CMH68-P2
etag: "ddf020e069f1706b72b7698b28fede09"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=604800,s-maxage=604800,public
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 3125
x-amz-cf-id: MoUWqlJfZzlrr_Lzi8WCCDMI1HGU6mHT6rcsDCPeJBGxdFo2D2INow==

GET
H3 200 OBA_UK.png
ib.3lift.com/static/buttons/edaa/ Frame 545D 3 KB
4 KB 65ms
64ms Image
image/png 108.156.184.119
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ib.3lift.com/static/buttons/edaa/OBA_UK.png
Requested by: Host: dc0b8ab8643cd81c1ff058aa8c270dfc.safeframe.googlesyndication.com
URL: https://dc0b8ab8643cd81c1ff058aa8c270dfc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 108.156.184.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-156-184-119.cmh68.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 08285afd2f0c11a2a9d89f00dce769479e4d164e62caa39eceea9f1eb551afa9

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dc0b8ab8643cd81c1ff058aa8c270dfc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 12 May 2023 10:18:45 GMT
via: 1.1 d20643381b69d20c57164843f598201e.cloudfront.net (CloudFront)
last-modified: Thu, 05 Aug 2021 17:23:31 GMT
server: AmazonS3
age: 472106
x-amz-cf-pop: CMH68-P2
etag: "7ceab27af00fa466072a3c3360041755"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=604800,s-maxage=604800,public
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 3518
x-amz-cf-id: EBz7sX5LOl3BxXDIaZ4RZ3RjbBSiGxTfB0koUrBQi9UDJlmiS3wmfg==

GET
H2 200 ctar
eb2.3lift.com/ Frame 545D 37 B
139 B 59ms
57ms Image
image/gif 35.71.139.29
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/ctar?inv_code=Starsgab_StandardDisplay_OB&aid=26615974304785445321880&rev=22822be&cta_render_method=2&cta_render_text=Learn%20more&cb=82943
Requested by: Host: dc0b8ab8643cd81c1ff058aa8c270dfc.safeframe.googlesyndication.com
URL: https://dc0b8ab8643cd81c1ff058aa8c270dfc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: afb83dd09526a6517.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dc0b8ab8643cd81c1ff058aa8c270dfc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 21:27:10 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H3 200 css
fonts.googleapis.com/ Frame 9BD1 9 KB
932 B 82ms
81ms Stylesheet
text/css 2607:f8b0:400c:c1a::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230515/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400c:c1a::5f Charleston, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b1289ccca476df0a33259965671579525261926bf8ea0a9f4fb3ba67535c4f69

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 17 May 2023 21:27:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 17 May 2023 20:10:17 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 17 May 2023 21:27:10 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230516/r20110914/client/ Frame 9BD1 2 KB
765 B 78ms
78ms Script
text/javascript 2607:f8b0:4006:821::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230516/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230515/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2001 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 17:42:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13472
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 31 May 2023 17:42:38 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230516/r20110914/ Frame 9BD1 22 KB
9 KB 77ms
77ms Script
text/javascript 2607:f8b0:4006:821::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230516/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230515/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2001 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

756997924e97f09793e32520f153591ff455188cf2fd5e2f8d95b6d427b9e87b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 16:42:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 17102
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8780
x-xss-protection: 0
server: cafe
etag: 16540081610679671253
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 31 May 2023 16:42:08 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230516/r20110914/client/ Frame 9BD1 3 KB
1 KB 77ms
76ms Script
text/javascript 2607:f8b0:4006:821::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230516/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230515/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2001 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 16:41:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 17117
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 31 May 2023 16:41:53 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230516/r20110914/client/ Frame 9BD1 19 KB
8 KB 78ms
77ms Script
text/javascript 2607:f8b0:4006:821::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230516/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230515/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2001 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9df1ad09e8ee902ee6a76cf88df57306868ca4ee532d74830fbcfe4db8bdf39d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 16:41:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 17117
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7953
x-xss-protection: 0
server: cafe
etag: 16153819885643670827
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 31 May 2023 16:41:53 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9BD1 170 KB
53 KB 73ms
72ms Script
text/javascript 2607:f8b0:400c:c04::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230515/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400c:c04::9d Charleston, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f3e707799c4b8c1017aaed1c78432af2cc213ea88229312c1b2d621aa0ade9ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 21:27:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53845
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1684150324481819"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 May 2023 21:27:10 GMT

GET
H3 200 a0d8c68f3de0718362c8759993c4ce7f.js Show response
www.gstatic.com/mysidia/ Frame 9BD1 32 KB
13 KB 74ms
74ms Script
text/javascript 2607:f8b0:400c:c38::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/a0d8c68f3de0718362c8759993c4ce7f.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230515/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400c:c38::5e Charleston, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

daf9dc6664474a6b01d9e293a39749d0e9b637629239cbe512dd4a0f0854a8eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 12 May 2023 21:54:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 430331
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13639
x-xss-protection: 0
last-modified: Fri, 12 May 2023 20:16:05 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 10 Aug 2023 21:54:59 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 3BF1 6 KB
706 B 78ms
78ms Stylesheet
text/css 2607:f8b0:400c:c1a::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230515/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400c:c1a::5f Charleston, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 17 May 2023 21:27:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 17 May 2023 19:55:46 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 17 May 2023 21:27:10 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230516/r20110914/client/ Frame 3BF1 2 KB
765 B 66ms
66ms Script
text/javascript 2607:f8b0:4006:821::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230516/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230515/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2001 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 17:42:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13472
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 31 May 2023 17:42:38 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230516/r20110914/ Frame 3BF1 22 KB
9 KB 65ms
65ms Script
text/javascript 2607:f8b0:4006:821::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230516/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230515/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2001 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

756997924e97f09793e32520f153591ff455188cf2fd5e2f8d95b6d427b9e87b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 16:42:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 17102
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8780
x-xss-protection: 0
server: cafe
etag: 16540081610679671253
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 31 May 2023 16:42:08 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230516/r20110914/client/ Frame 3BF1 3 KB
1 KB 84ms
82ms Script
text/javascript 2607:f8b0:4006:821::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230516/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230515/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2001 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 16:41:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 17117
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 31 May 2023 16:41:53 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230516/r20110914/client/ Frame 3BF1 19 KB
8 KB 74ms
72ms Script
text/javascript 2607:f8b0:4006:821::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230516/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230515/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2001 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9df1ad09e8ee902ee6a76cf88df57306868ca4ee532d74830fbcfe4db8bdf39d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 16:41:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 17117
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7953
x-xss-protection: 0
server: cafe
etag: 16153819885643670827
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 31 May 2023 16:41:53 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3BF1 170 KB
53 KB 62ms
60ms Script
text/javascript 2607:f8b0:400c:c04::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230515/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400c:c04::9d Charleston, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f3e707799c4b8c1017aaed1c78432af2cc213ea88229312c1b2d621aa0ade9ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 21:27:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53845
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1684150324481819"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 May 2023 21:27:10 GMT

GET
H3 200 a0d8c68f3de0718362c8759993c4ce7f.js Show response
www.gstatic.com/mysidia/ Frame 3BF1 32 KB
13 KB 62ms
60ms Script
text/javascript 2607:f8b0:400c:c38::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/a0d8c68f3de0718362c8759993c4ce7f.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230515/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400c:c38::5e Charleston, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

daf9dc6664474a6b01d9e293a39749d0e9b637629239cbe512dd4a0f0854a8eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 12 May 2023 21:54:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 430331
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13639
x-xss-protection: 0
last-modified: Fri, 12 May 2023 20:16:05 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 10 Aug 2023 21:54:59 GMT

GET
H3 200 A6DkqFxHDGl7nKslapf_JwSgNLk5S51nxKr2xdQhtdg.js Show response
pagead2.googlesyndication.com/bg/ Frame D905 37 KB
14 KB 64ms
63ms Script
text/javascript 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/A6DkqFxHDGl7nKslapf_JwSgNLk5S51nxKr2xdQhtdg.js

Requested by

Host: starsgab.com
URL: https://starsgab.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

03a0e4a85c470c697b9cab256a97ff2704a034b9394b9d67c4aaf6c5d421b5d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 16 May 2023 09:47:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 128392
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14779
x-xss-protection: 0
last-modified: Mon, 08 May 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 15 May 2024 09:47:18 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 545D 2 KB
587 B 70ms
70ms Stylesheet
text/css 2607:f8b0:400c:c1a::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:600,900&display=swap

Requested by

Host: ib.3lift.com
URL: https://ib.3lift.com/rev/22822be39ea1b8d30894dab7d32b07102272a8e2/dist/bundle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400c:c1a::5f Charleston, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0b9ffac16148c8938c6d9f2df28a17207f62a7f92d3401a48a58c0b22f17b0b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dc0b8ab8643cd81c1ff058aa8c270dfc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 17 May 2023 21:27:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 17 May 2023 20:36:49 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 17 May 2023 21:27:10 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 545D 3 KB
676 B 96ms
96ms Stylesheet
text/css 2607:f8b0:400c:c1a::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans&display=swap

Requested by

Host: ib.3lift.com
URL: https://ib.3lift.com/rev/22822be39ea1b8d30894dab7d32b07102272a8e2/dist/bundle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400c:c1a::5f Charleston, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

94ff72f0e7d4d5fb406082c4572aeb6514c4e32266aec78e93edbb03e9cf9628

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dc0b8ab8643cd81c1ff058aa8c270dfc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 17 May 2023 21:27:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 17 May 2023 20:38:39 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 17 May 2023 21:27:10 GMT

GET
H2 200 sce
eb2.3lift.com/ Frame 545D 37 B
139 B 59ms
59ms Image
image/gif 35.71.139.29
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/sce?block=Custom%20Template%20Code&ref=https%3A%2F%2Fdc0b8ab8643cd81c1ff058aa8c270dfc.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&lvl=3&inv_code=Starsgab_StandardDisplay_OB&e=Not%20in%20friendly%20iframe
Requested by: Host: dc0b8ab8643cd81c1ff058aa8c270dfc.safeframe.googlesyndication.com
URL: https://dc0b8ab8643cd81c1ff058aa8c270dfc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: afb83dd09526a6517.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dc0b8ab8643cd81c1ff058aa8c270dfc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 21:27:10 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H2 200 aop
eb2.3lift.com/ Frame 545D 37 B
139 B 57ms
57ms Image
image/gif 35.71.139.29
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/aop?inv_code=Starsgab_StandardDisplay_OB&aid=26615974304785445321880&rev=22822be&pr=can%27t%2520access%2520top%2520document&bc=1.608&bmid=5563&biid=7524&sid=66529&brid=519&adid=&crid=97221727&ts=1684358829&bcud=1608&ss=5&caid=0&unid=0&domain=dc0b8ab8643cd81c1ff058aa8c270dfc.safeframe.googlesyndication.com&ref=https%253A%252F%252Fstarsgab.com%252F&rr=creative&fid=18&rb=10&g=0&tmplid=206226&cb=29171
Requested by: Host: dc0b8ab8643cd81c1ff058aa8c270dfc.safeframe.googlesyndication.com
URL: https://dc0b8ab8643cd81c1ff058aa8c270dfc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: afb83dd09526a6517.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dc0b8ab8643cd81c1ff058aa8c270dfc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 21:27:10 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H2 200 dr
eb2.3lift.com/ Frame 545D 37 B
139 B 57ms
57ms Image
image/gif 35.71.139.29
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/dr?inv_code=Starsgab_StandardDisplay_OB&aid=26615974304785445321880&rev=22822be&disclosure_render_method=3&disclosure_render_text=Sponsored%20By&cb=57286
Requested by: Host: dc0b8ab8643cd81c1ff058aa8c270dfc.safeframe.googlesyndication.com
URL: https://dc0b8ab8643cd81c1ff058aa8c270dfc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: afb83dd09526a6517.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dc0b8ab8643cd81c1ff058aa8c270dfc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 21:27:10 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H3 200 A6DkqFxHDGl7nKslapf_JwSgNLk5S51nxKr2xdQhtdg.js Show response
pagead2.googlesyndication.com/bg/ Frame CABE 37 KB
14 KB 64ms
63ms Script
text/javascript 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/A6DkqFxHDGl7nKslapf_JwSgNLk5S51nxKr2xdQhtdg.js

Requested by

Host: starsgab.com
URL: https://starsgab.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

03a0e4a85c470c697b9cab256a97ff2704a034b9394b9d67c4aaf6c5d421b5d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 16 May 2023 09:47:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 128392
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14779
x-xss-protection: 0
last-modified: Mon, 08 May 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 15 May 2024 09:47:18 GMT

GET
H2 200 ev1
eb2.3lift.com/ Frame 545D 37 B
139 B 59ms
58ms Image
image/gif 35.71.139.29
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/ev1?inv_code=Starsgab_StandardDisplay_OB&aid=26615974304785445321880&rev=22822be&pr=ZGVGrQACfWUKs94HAAPyoj8mexdD2y9eGaB7QQ&bc=1.608&bmid=5563&biid=7524&sid=66529&brid=519&adid=&crid=97221727&ts=1684358829&bcud=1608&ss=5&caid=0&unid=0&cepos=0&ceid=-1&cb=47612
Requested by: Host: dc0b8ab8643cd81c1ff058aa8c270dfc.safeframe.googlesyndication.com
URL: https://dc0b8ab8643cd81c1ff058aa8c270dfc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: afb83dd09526a6517.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dc0b8ab8643cd81c1ff058aa8c270dfc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 21:27:10 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H3 200 KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 545D 15 KB
15 KB 64ms
63ms Font
font/woff2 2607:f8b0:4006:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmYUtfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:600,900&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2003 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7e262106f82cc52663e403f5b73795bbeab9ca0630c33c03579354fbcd4fae1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://dc0b8ab8643cd81c1ff058aa8c270dfc.safeframe.googlesyndication.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 00:37:47 GMT
x-content-type-options: nosniff
age: 74963
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15752
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 16 May 2024 00:37:47 GMT

GET
H3 200 memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
fonts.gstatic.com/s/opensans/v35/ Frame 545D 18 KB
18 KB 64ms
63ms Font
font/woff2 2607:f8b0:4006:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v35/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2003 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

441e23601fe7525a142857c98cbb2784997579d51a17f736d7964dceee609709

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://dc0b8ab8643cd81c1ff058aa8c270dfc.safeframe.googlesyndication.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 16 May 2023 21:20:42 GMT
x-content-type-options: nosniff
age: 86788
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18664
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:19:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 15 May 2024 21:20:42 GMT

GET
H2 200 sce
eb2.3lift.com/ Frame 545D 37 B
139 B 58ms
58ms Image
image/gif 35.71.139.29
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/sce?inv_code=Starsgab_StandardDisplay_OB&aid=26615974304785445321880&rev=22822be&e=Error%20getting%20gdpr%20CMPData%3A%20There%20was%20an%20error%20in%20the%20publisher%20CMP%20API%3A%20Blocked%20a%20frame%20with%20origin%20%22https%3A%2F%2Fdc0b8ab8643cd81c1ff058aa8c270dfc.safeframe.googlesyndication.com%22%20from%20accessing%20a%20cross-origin%20frame.&block=post_render&lvl=3&dc=%7B%7D&cb=61831
Requested by: Host: starsgab.com
URL: https://starsgab.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: afb83dd09526a6517.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dc0b8ab8643cd81c1ff058aa8c270dfc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 21:27:10 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H2 200 sync Show response
eb2.3lift.com/ Frame 0F84 1 KB
2 KB 57ms
57ms Document
text/html 35.71.139.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eb2.3lift.com/sync?max=10&gdpr=false&cb=43500
Requested by: Host: ib.3lift.com
URL: https://ib.3lift.com/rev/22822be39ea1b8d30894dab7d32b07102272a8e2/dist/bundle.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: afb83dd09526a6517.awsglobalaccelerator.com
Software: /
Resource Hash: d01fafc47d0e5514ea2935bf43fbd7027fafae36880ca2d3c1d32b8b115e22eb

Request headers

Referer: https://dc0b8ab8643cd81c1ff058aa8c270dfc.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: no-cache, no-store, must-revalidate
content-length: 1114
content-type: text/html; charset=utf-8
date: Wed, 17 May 2023 21:27:10 GMT
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2

200

xuid
eb2.3lift.com/ Frame 0F84
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent=
https://eb2.3lift.com/xuid?mid=3658&xuid=92674b22-8760-48d2-99d4-a804e14aff5a&dongle=0cfd&gdpr=0&gdpr_consent=

37 B
354 B

60ms
59ms

Image
image/gif

35.71.139.29
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=3658&xuid=92674b22-8760-48d2-99d4-a804e14aff5a&dongle=0cfd&gdpr=0&gdpr_consent=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&gdpr=false&cb=43500
Protocol: H2
Server: 35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: afb83dd09526a6517.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-type: image/gif
date: Wed, 17 May 2023 21:27:10 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma: no-cache
date: Wed, 17 May 2023 21:27:10 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://eb2.3lift.com/xuid?mid=3658&xuid=92674b22-8760-48d2-99d4-a804e14aff5a&dongle=0cfd&gdpr=0&gdpr_consent=
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 251

GET
H2

200

ebda
eb2.3lift.com/ Frame 0F84
Redirect Chain

https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NDUzNDc3NDcwMTc1NDk2NDI3NTg1Nw%3D%3D
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=

37 B
139 B

59ms
59ms

Image
image/gif

35.71.139.29
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&gdpr=false&cb=43500
Protocol: H2
Server: 35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: afb83dd09526a6517.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 21:27:11 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

Redirect headers

pragma: no-cache
date: Wed, 17 May 2023 21:27:10 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 248
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

xuid
eb2.3lift.com/ Frame 0F84
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent=
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESENvelmiu6F1xqPyfDfIKKWw&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1

37 B
354 B

60ms
60ms

Image
image/gif

35.71.139.29
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=5989&xuid=CAESENvelmiu6F1xqPyfDfIKKWw&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&gdpr=false&cb=43500
Protocol: H2
Server: 35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: afb83dd09526a6517.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-type: image/gif
date: Wed, 17 May 2023 21:27:10 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma: no-cache
date: Wed, 17 May 2023 21:27:10 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://eb2.3lift.com/xuid?mid=5989&xuid=CAESENvelmiu6F1xqPyfDfIKKWw&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 332
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0F84
Redirect Chain

https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NDUzNDc3NDcwMTc1NDk2NDI3NTg1Nw%3D%3D

170 B
188 B

77ms
76ms

Image
image/png

142.251.41.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NDUzNDc3NDcwMTc1NDk2NDI3NTg1Nw%3D%3D

Requested by

Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&gdpr=false&cb=43500

Protocol

Server

142.251.41.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s40-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 May 2023 21:27:10 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NDUzNDc3NDcwMTc1NDk2NDI3NTg1Nw%3D%3D
date: Wed, 17 May 2023 21:27:10 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 200 setuid
px.ads.linkedin.com/ Frame 0F84 0
510 B 200ms
121ms Image
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=4534774701754964275857&dbredirect=true&gdpr=0&consent=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&gdpr=false&cb=43500
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 21:27:10 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 9584D9B230484F09A912E20152074196 Ref B: MIAEDGE1612 Ref C: 2023-05-17T21:27:10Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAX76lnLy1C9jnM+FyX/iw==

GET
H2

200

xuid
eb2.3lift.com/ Frame 0F84
Redirect Chain

https://x.bidswitch.net/sync?ssp=triplelift&user_id=4534774701754964275857&gdpr=0&gdpr_consent=
https://x.bidswitch.net/ul_cb/sync?ssp=triplelift&user_id=4534774701754964275857&gdpr=0&gdpr_consent=
https://beacon.lynx.cognitivlabs.com/bidSwitch.gif?bidswitch_ssp_id=triplelift&bsw_custom_parameter=43248603-059b-4812-823e-428ecfeae06b
https://x.bidswitch.net/sync?dsp_id=425&user_group=1&expires=365&user_id=949971da-ddc0-4669-8631-d0d7e43bee0c&ssp=triplelift&bsw_param=43248603-059b-4812-823e-428ecfeae06b
https://eb2.3lift.com/xuid?mid=2409&xuid=43248603-059b-4812-823e-428ecfeae06b&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=

37 B
354 B

61ms
61ms

Image
image/gif

35.71.139.29
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=2409&xuid=43248603-059b-4812-823e-428ecfeae06b&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&gdpr=false&cb=43500
Protocol: H2
Server: 35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: afb83dd09526a6517.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-type: image/gif
date: Wed, 17 May 2023 21:27:11 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Location: //eb2.3lift.com/xuid?mid=2409&xuid=43248603-059b-4812-823e-428ecfeae06b&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Date: Wed, 17 May 2023 21:27:11 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H2 200 c.gif
c.bing.com/ Frame 0F84 42 B
505 B 66ms
59ms Image
image/gif 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.bing.com/c.gif?xid=4534774701754964275857&Red3=TLMS_pd
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&gdpr=false&cb=43500
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 May 2023 21:27:10 GMT
last-modified: Thu, 04 May 2023 15:33:06 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: DAEEDF9C2E3544DFB6F81C610EDF96C8 Ref B: MIAEDGE2521 Ref C: 2023-05-17T21:27:10Z
etag: "cd7fe5b89d7ed91:0"
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-type: image/gif
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-length: 42

GET
H2

200

xuid
eb2.3lift.com/ Frame 0F84
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/triplelift/4534774701754964275857?gdpr=0&gdpr_consent=
https://eb2.3lift.com/xuid?mid=2662&xuid=y-WHX3vP5E2oQzCfajyFM4iIwptOVAsQn.8VEQGNrHdQ--~A&dongle=0883

37 B
354 B

60ms
60ms

Image
image/gif

35.71.139.29
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=2662&xuid=y-WHX3vP5E2oQzCfajyFM4iIwptOVAsQn.8VEQGNrHdQ--~A&dongle=0883
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&gdpr=false&cb=43500
Protocol: H2
Server: 35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: afb83dd09526a6517.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-type: image/gif
date: Wed, 17 May 2023 21:27:10 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date: Wed, 17 May 2023 21:27:10 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://eb2.3lift.com/xuid?mid=2662&xuid=y-WHX3vP5E2oQzCfajyFM4iIwptOVAsQn.8VEQGNrHdQ--~A&dongle=0883
content-length: 0

GET
H2

200

xuid
eb2.3lift.com/ Frame 0F84
Redirect Chain

https://b1sync.zemanta.com/usersync/triplelift?gdpr=0&gdpr_consent=
https://stags.bluekai.com/site/23178?id=LWGHhB3wUnAF8DNGFyjz&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLE...
https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLEMJQTQJTFPBRWQYLOM5ST25DSNFYGYZLMNFTHIJTHMRYHEPJQEZWWSZB5GI2DMMBGPB2WSZB5JRLUOSDIIIZXO...
https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=LWGHhB3wUnAF8DNGFyjz

37 B
354 B

60ms
59ms

Image
image/gif

35.71.139.29
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=LWGHhB3wUnAF8DNGFyjz
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&gdpr=false&cb=43500
Protocol: H2
Server: 35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: afb83dd09526a6517.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-type: image/gif
date: Wed, 17 May 2023 21:27:11 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Pragma: no-cache
Date: Wed, 17 May 2023 21:27:11 GMT
Content-Type: text/html; charset=utf-8
Location: https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=LWGHhB3wUnAF8DNGFyjz
P3p: CP="We do not support P3P header."
Cache-Control: no-cache, no-store, must-revalidate
Content-Length: 115
Expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2

200

xuid
eb2.3lift.com/ Frame 0F84
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=0%26gdpr_consent=
https://eb2.3lift.com/xuid?mid=3335&xuid=4487009920508811264&dongle=4d58&gdpr=0&gdpr_consent=

37 B
354 B

60ms
60ms

Image
image/gif

35.71.139.29
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=3335&xuid=4487009920508811264&dongle=4d58&gdpr=0&gdpr_consent=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&gdpr=false&cb=43500
Protocol: H2
Server: 35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: afb83dd09526a6517.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-type: image/gif
date: Wed, 17 May 2023 21:27:10 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Date: Wed, 17 May 2023 21:27:10 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 38.132.118.75; 38.132.118.75; 806.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 3e677d40-ef9e-404a-b7c7-680dbc5ec545
Server: nginx/1.23.2
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://eb2.3lift.com/xuid?mid=3335&xuid=4487009920508811264&dongle=4d58&gdpr=0&gdpr_consent=
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 ev
eb2.3lift.com/ Frame 545D 37 B
139 B 58ms
58ms Image
image/gif 35.71.139.29
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/ev?inv_code=Starsgab_StandardDisplay_OB&aid=26615974304785445321880&rev=22822be&pr=ZGVGrQACfWUKs94HAAPyoj8mexdD2y9eGaB7QQ&bc=1.608&bmid=5563&biid=7524&sid=66529&brid=519&adid=&crid=97221727&ts=1684358829&bcud=1608&ss=5&caid=0&unid=0&cepos=0&ceid=-1&cb=62060
Requested by: Host: starsgab.com
URL: https://starsgab.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: afb83dd09526a6517.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dc0b8ab8643cd81c1ff058aa8c270dfc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 21:27:11 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H2

200

c.gif
www.bing.com/aes/ Frame 545D
Redirect Chain

https://www.bing.com/api/v1/mediation/tracking?adUnit=11730374&auId=dd01bbde-6ff4-4d5b-9137-f38db60d6ce5&cmExpId=LV1&oAdUnit=11730374&publisherId=250152235&rId=e32e0186-7b1c-4b25-a08f-32345f5c5885&...
https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=8907fd502887453c82e1b820b864e5c4&tids=1&med=10

0
196 B

61ms
61ms

Image
text/plain

2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=8907fd502887453c82e1b820b864e5c4&tids=1&med=10
Requested by: Host: starsgab.com
URL: https://starsgab.com/
Protocol: H2
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dc0b8ab8643cd81c1ff058aa8c270dfc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 May 2023 21:27:10 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: B870E64E39A74D11AB4AD214A3E958F1 Ref B: MIAEDGE2521 Ref C: 2023-05-17T21:27:11Z
vary: Origin
x-cache: CONFIG_NOCACHE
p3p: CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
cache-control: private,no-store
content-length: 0

Redirect headers

pragma: no-cache
strict-transport-security: max-age=15724800; includeSubDomains
date: Wed, 17 May 2023 21:27:10 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: CA5EC910B1DB45FB9AD63D384C2A8966 Ref B: MIAEDGE2521 Ref C: 2023-05-17T21:27:11Z
vary: Origin
x-cache: CONFIG_NOCACHE
content-type: text/html; charset=utf-8
location: https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=8907fd502887453c82e1b820b864e5c4&tids=1&med=10
cache-control: no-cache, no-store, must-revalidate
content-length: 142
expires: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 92ms
92ms XHR
application/json 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230515&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305110101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5db7f4a9bf4db4fd329847b7a1c3c5c777882a296eab78ac3a5f57109f30e774

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://starsgab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 21:27:11 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11379
x-xss-protection: 0

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 545D 42 B
174 B 83ms
82ms Fetch
image/gif 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssY2mSKxa9GwCWpPldhSQobKrMf_9XnO_VEUiPLV-E1IMYB0bE0IAy8y2p4coyuInAEv3RLN2mz7SnLaSmVOnnzpHVV&sig=Cg0ArKJSzHsh7Ls_o9AaEAE&id=lidar2&mcvt=1000&p=1074,315,1324,1285&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&v=20230515&bin=7&avms=nio&bs=0,0&mc=0.5&if=1&vu=1&app=0&itpl=20&adk=3080386561&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1684358829675&rpt=1118&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dc0b8ab8643cd81c1ff058aa8c270dfc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 May 2023 21:27:11 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 88ms
87ms Script
text/javascript 2607:f8b0:4006:821::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305110101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2001 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://starsgab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 21:27:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 17 May 2023 21:27:11 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 2BD9 13 KB
5 KB 64ms
63ms Document
text/html 2607:f8b0:4006:821::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2001 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://starsgab.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 5846
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 17 May 2023 19:49:45 GMT
expires: Thu, 16 May 2024 19:49:45 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 6295 783 B
1000 B 83ms
82ms Document
text/html 2607:f8b0:4006:817::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2004 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

67751354ba4ca1c1afb99449066ea3cc52468a45861dba795614467f7adbf0f7

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-KrGZ_Vs0o5TSsAVKjr-2lg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://starsgab.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-KrGZ_Vs0o5TSsAVKjr-2lg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 17 May 2023 21:27:11 GMT
expires: Wed, 17 May 2023 21:27:11 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 A6DkqFxHDGl7nKslapf_JwSgNLk5S51nxKr2xdQhtdg.js Show response
pagead2.googlesyndication.com/bg/ Frame 2BD9 37 KB
14 KB 65ms
64ms Script
text/javascript 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/A6DkqFxHDGl7nKslapf_JwSgNLk5S51nxKr2xdQhtdg.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

03a0e4a85c470c697b9cab256a97ff2704a034b9394b9d67c4aaf6c5d421b5d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 16 May 2023 09:47:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 128394
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14779
x-xss-protection: 0
last-modified: Mon, 08 May 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 15 May 2024 09:47:18 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 6295 0
0 80ms
80ms Image
text/html 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230515&jk=1926250560549949&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:80b::2002 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 2BD9 0
10 B 63ms
62ms Image
text/plain 2607:f8b0:4006:821::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?AWBw9Q
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:821::2001 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 21:27:12 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 SPug Show response
simage4.pubmatic.com/AdServer/ Frame 4D08 0
260 B 219ms
62ms Script
text/plain 162.248.18.34
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage4.pubmatic.com/AdServer/SPug?partnerID=156011&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID&gdpr=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 162.248.18.34 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 21:27:10 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 83ms
82ms Image
text/html 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230515&jk=1926250560549949&bg=!trWlteHNAAYldGN0BXQ7ADkAdvg8WjMnJpneK0wjpvHbNmwOnprSg6a4bt7AWtx2l3iWEPm81y5w2J4bx-RS-HCud6_FC4mwOKECAAAAS1IAAAACaAEHCgDUH4z5fBrNADoO0jYMaWM89aXm30h2x8ndlwCfyCaKkAQ40E7LWwShzxUPrrwgnTTYbg0TmDTe2Nr4ng27XhxUK5wdIMrTFpfAOfQv7yyq3vIrem7nTfWR4e81pGzErehoKtpo1MCEVUuuw_OaaTfwFj9ABUHPtX627PTVLlzW6VsRpF6m_Lzh5npAEWGSgmDFIcSc3OkoNiRmSdnqo1eWXA4cvfsK3fXBp-uJ-ckhIR9bCLwdwcZdXU6ZKi9u8vF8JzavQZwN02xWmFKNrBan0yHKDMSZAqMWWB6T07xPohLJsc7bH3TQcIE_EbAzJ2k7dL8MIPCrMnT4C-6SeR9woWIdKICYadxcttvuNB01CCkxX96qlieCsYN9H-jSYl7LQRfF9bu1Z5xpg8bDfZsZLuF1GIf469WtHDSYf-_JC-KSFXEaqLom9yVxo9MB0bKDGB9010bIpO_tm9b7T3Pc7Te2kvbNnDHBmDvjRJvx5oDpQ4MLfDJuqf75ojN3k4OdYr3b5HT7IhCNgfBxpl5hH4guJnhRpYsn9DGP1lM4RKFqsST493drhnT9Bhsvjl5S63gtwEnPvdXAWi1AkfErb0ubPlrGNBmu6KV0Nq6CO4DCS80wsdMLfwL6WIYoIkSjSvAqArui8THqDGCm0eUquztredy24xvQ6RebTx27d-Jw5S27ciTECY76DBUxcfZSg1FOEIzVPcm9GqvR3G06TxZ07tW2vIoa06okgb7yeERDCwwST82tFoCtwztz_58yBH8Ij2RvUToZg6J1edKPvrL1vQf9o6Ez1rDbc_IiNQItyswPT0HmpsMw1DXnAzljIXVh5c0fIOaENFcrUI_8uRlm9v9lQJo-Fwk4HGifd9CNaeKWuo3QWTwJet7oMWrAbyENBFSvuwJkWQ21wxg2zLX6FIENYkoNGZQHi6uUKHqvw373B8X3gUcs_D7rZh22rU56kWiJVgtRIO8TRq7ImrCTegs3dcv_rNLT7IJr8BtNVx8_GsFkP24Y32xXdmxSp3cqs6i0dNOm9wyfUUY0imbwMriBfuJdc23BWf6eMdlTIO8mZk5pjpWfVtQD5MgMJXKWQQF21YuGpIZMWhXst_6yWrg1GNgPmWxUeQHUG5SE2Or3vA0ROPn5xxf5fxyQU_Hmfl20mJQvPIxcoJB8Yke5UMMTomFJoTQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:80b::2002 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://starsgab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

217 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

98 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.3lift.com/sync	1970-01-20 14:02:14	Name: sync Value: CgoIoQEQ77Xw3IIxCgoI4gEQ77Xw3IIxCgoI5gEQ77Xw3IIxCgoIhwIQ77Xw3IIxCgkICRDvtfDcgjEKCQg6EO-18NyCMQoJCAsQ77Xw3IIxCgoIjAIQ77Xw3IIxCgkIXxDvtfDcgjEKCQgfEO-18NyCMQ==
.starsgab.com/	1970-01-20 11:54:05	Name: _gid Value: GA1.2.600363536.1684358827
.starsgab.com/	1970-01-20 11:52:38	Name: _gat_gtag_UA_153094083_1 Value: 1
.starsgab.com/	1970-01-20 11:52:38	Name: _gat_gtag_UA_113932176_46 Value: 1
.starsgab.com/	1970-01-20 21:28:38	Name: _ga_PFW95074FZ Value: GS1.1.1684358827.1.0.1684358827.0.0.0
.starsgab.com/	1970-01-20 21:28:38	Name: _ga Value: GA1.1.272226744.1684358827
.starsgab.com/	1970-01-20 21:14:14	Name: __gads Value: ID=f521385e1389d4d0:T=1684358828:S=ALNI_MZK9GHuiGeIC3uBneYoVpfoH_y3zw
.starsgab.com/	1970-01-20 21:14:14	Name: __gpi Value: UID=00000bfab108d5b6:T=1684358828:RT=1684358828:S=ALNI_MYZDIZSjbHJUcL674fx3pDpLlTKzg
.rubiconproject.com/	1970-01-20 20:38:14	Name: khaos Value: LHS7RA7L-Z-IZPT
.adnxs.com/	1970-01-20 14:02:14	Name: icu Value: ChgIzYp-EAoYASABKAEwrI2VowY4AUABSAEQrI2VowYYAA..
.adnxs.com/	1970-01-20 14:02:14	Name: uuid2 Value: 4487009920508811264
.amazon-adsystem.com/	1970-01-20 17:22:24	Name: ad-id Value: AylgRn88d02tq5QePd6RsDc
.amazon-adsystem.com/	1970-01-20 21:28:38	Name: ad-privacy Value: 0
.openx.net/	1970-01-20 20:38:14	Name: i Value: d8ab4fd0-b33c-0742-06e8-c7f650002535\|1684358829
.doubleclick.net/	1970-01-20 21:28:38	Name: IDE Value: AHWqTUmJSzScK5fR0HM-QrNQMCNKo4QUIJTWM5Mxrz848XYSbDdzxMJkNBiZQfjSCSA
.3lift.com/	1970-01-20 14:02:14	Name: tluid Value: 4534774701754964275857
.openx.net/	1970-01-20 12:14:14	Name: pd Value: v2\|1684358829\|vMgavPkWgy
.simpli.fi/	1970-01-20 20:39:41	Name: suid Value: 3029843BC65B4AA3AA4568DFAA436D80
.sharethrough.com/	1970-01-20 12:35:50	Name: stx_user_id Value: e41cfe07-da3f-47bc-acad-0a7510475a3b
.yieldmo.com/	1970-01-20 20:38:14	Name: yieldmo_id Value: g3ef7f9b5a23d7e50741%7C1684358829794%7C0%7C
.ads.yieldmo.com/	1970-01-20 20:38:14	Name: rptr Value: unl%3D1170533%7Cc%3D1170533%7Ct%3D1170533%7Ctapad%3D1170533%7Cdv360%3D1170533
.contextweb.com/	1970-01-20 20:31:02	Name: V Value: cJvSOIsfd2j6
bh.contextweb.com/	1969-12-31 23:59:59	Name: INGRESSCOOKIE Value: 3070530501a5416f
.smaato.net/	1970-01-20 12:22:53	Name: SCM Value: 66f2e323
.smaato.net/	1970-01-20 12:07:46	Name: SCMaps Value: 66f2e323
.media.net/	1970-01-20 20:38:14	Name: visitor-id Value: 3273604291524314000V10
.bidr.io/	1970-01-20 21:21:12	Name: bito Value: AABfD07Iyo0AACDOwx1Gvw
.bidr.io/	1970-01-20 21:21:12	Name: bitoIsSecure Value: ok
.adsrvr.org/	1970-01-20 20:39:41	Name: TDID Value: 92674b22-8760-48d2-99d4-a804e14aff5a
.yahoo.com/	1970-01-20 20:38:36	Name: A3 Value: d=AQABBK1GZWQCEGHdBhinez0toZvJcbJarJQFEgEBAQGYZmRvZAAAAAAA_eMAAA&S=AQAAAm24ON6dXJ7CAQJCpIAenAk
.tapad.com/	1970-01-20 13:19:02	Name: TapAd_TS Value: 1684358829971
.tapad.com/	1970-01-20 13:19:02	Name: TapAd_DID Value: 963c9729-ad06-4e75-ba62-a8ab1db2611c
.doubleclick.net/	1970-01-20 11:52:39	Name: test_cookie Value: CheckForPermission
.pubmatic.com/	1970-01-20 20:38:14	Name: KADUSERCOOKIE Value: D7FE0180-68BE-4FCB-8462-A2AC6CA5B2EF
.pubmatic.com/	1970-01-20 14:02:14	Name: chkChromeAb67Sec Value: 1
.pubmatic.com/	1970-01-20 11:54:05	Name: pi Value: 156011:2
.pubmatic.com/	1970-01-20 14:02:14	Name: DPSync3 Value: 1685491200%3A201_263_262%7C1684886400%3A248
.pubmatic.com/	1970-01-20 14:02:14	Name: SyncRTB3 Value: 1685491200%3A220_21_13_22_46%7C1684886400%3A2
.openx.net/	1970-01-20 12:14:14	Name: univ_id Value: 537072971\|92674b22-8760-48d2-99d4-a804e14aff5a\|1684358830091614
.sitescout.com/	1970-01-20 20:38:14	Name: ssi Value: d99af396-dad5-489f-9cec-b8adadd6b557#1684358830093
.bttrack.com/	1970-01-20 14:02:14	Name: GLOBALID Value: 2uKlc8-sIBd987FnpwfDGWT-fgoAX1B6dHM4nXW0ILsKPTxpiIrBL4JKnGbXn3VWJmr2B40zYZQC4TM1
.dotomi.com/	1970-01-20 11:52:38	Name: DotomiTest Value: 353ad3dda5bf19e5
.rubiconproject.com/	1970-01-20 20:38:14	Name: audit Value: 1\|mFVHqHkj5bG8Ti9v/6xLiqS5Bv7H1ouoxdnNVF8ci14Z8yAUmIv1rE7chwvvx6b4wEDYBkYu1wgNe49tfASOdiL5hAXvaZVpn6lrSsNekyw=
.casalemedia.com/	1970-01-20 20:38:14	Name: CMID Value: ZGVGrqLcQoSv4EGKPZRM-QAA
.casalemedia.com/	1970-01-20 14:02:14	Name: CMPS Value: 1420
.casalemedia.com/	1970-01-20 14:02:14	Name: CMPRO Value: 1420
.sitescout.com/	1970-01-20 12:35:50	Name: _ssuma Value: eyIyNyI6MTY4NDM1ODgzMDE4MiwiMzkiOjE2ODQzNTg4MzAxODIsIjciOjE2ODQzNTg4MzAxODJ9
.ads.yieldmo.com/	1970-01-20 20:38:14	Name: ptrt Value: 92674b22-8760-48d2-99d4-a804e14aff5a
.ads.yieldmo.com/	1970-01-20 20:38:14	Name: ptrc Value: CAESENusGuxmV31Re-lpoLyn1wE
.id5-sync.com/	1970-01-20 11:52:39	Name: cf Value:
.id5-sync.com/	1970-01-20 11:52:39	Name: cip Value:
.id5-sync.com/	1970-01-20 11:52:39	Name: cnac Value:
.id5-sync.com/	1970-01-20 11:52:39	Name: car Value:
.id5-sync.com/	1970-01-20 11:52:39	Name: gdpr Value:
match.sharethrough.com/	1970-01-20 12:02:43	Name: AWSALBCORS Value: 6kiu+MiL+rnlX3VYwGcmufpnzKeF1DOnyxuC0JHAENvHQZEG1qXSAfoOuHygQIcXH6gHImmmlxAdwzAU5OYQTaK2KwotFTx3Avp6GfqKszkEdujvOHW/EWtHUgnd
.csync.loopme.me/	1970-01-20 14:05:07	Name: viewer_token Value: f1219a0f-01f4-4331-bb4c-a13a9f8344fc
.everesttech.net/	1970-01-20 20:38:14	Name: everest_g_v2 Value: g_surferid~ZGVGrgAAAQuM6gAD
.turn.com/	1970-01-20 16:11:50	Name: uid Value: 9007274404191896346
.tapad.com/	1970-01-20 13:19:02	Name: TapAd_3WAY_SYNCS Value: 1!3309
.id5-sync.com/	1970-01-20 14:02:14	Name: id5 Value: 1ea7ae19-41a7-7579-ab78-d0e72a092835#1684358830216#2
.id5-sync.com/	1970-01-20 14:02:14	Name: 3pi Value:
.id5-sync.com/	1970-01-20 11:52:39	Name: callback Value:
.adentifi.com/	1970-01-20 21:28:38	Name: adtheorent[cuid] Value: cuid_951c5750-f4f9-11ed-9744-120817463c8f
.pubmatic.com/	1970-01-20 12:35:50	Name: KRTBCOOKIE_80 Value: 16514-CAESENJPzvk-J4Fzd1FmJOJnPUo&KRTB&22987-CAESENJPzvk-J4Fzd1FmJOJnPUo&KRTB&23025-CAESENJPzvk-J4Fzd1FmJOJnPUo&KRTB&23386-CAESENJPzvk-J4Fzd1FmJOJnPUo
.pubmatic.com/	1970-01-20 12:35:50	Name: KRTBCOOKIE_148 Value: 19421-uid:3029843BC65B4AA3AA4568DFAA436D80&KRTB&23486-uid:3029843BC65B4AA3AA4568DFAA436D80&KRTB&23489-uid:3029843BC65B4AA3AA4568DFAA436D80
.mediago.io/	1970-01-20 20:38:14	Name: __mguid_ Value: 4397abc6546cc43e519b58653e844942
.thrtle.com/	1970-01-20 16:40:38	Name: mc Value: eyJpZCI6IjQ3ZWVlZWNiLWNmZjgtNDE1MC1iNGJhLWQ5M2ZmM2FjYWM0MSIsImwiOjE2ODQzNTg4MzA0MzEsInQiOjF9
.1rx.io/	1970-01-20 20:38:14	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-85c47d01-6751-4e6a-ae20-1e334978fd09-005%22%2C%22nxtrdr%22%3Afalse%7D
.bing.com/	1970-01-20 21:14:14	Name: MUID Value: 3C4A09C663516B3421601AD2624D6A00
.crwdcntrl.net/	1970-01-20 18:21:25	Name: _cc_dc Value: 0
.crwdcntrl.net/	1970-01-20 18:21:25	Name: _cc_id Value: 23842b4ea98dcad17aad354069597e20
.crwdcntrl.net/	1970-01-20 18:21:26	Name: _cc_cc Value: "ACZ4XmNQMDK2MDFKMklNtLRISU5MMTRPTEwxNjUxMLM0tTRPNTJgAIKUVLd1IBoKAFEDCm8%3D"
.crwdcntrl.net/	1970-01-20 18:21:26	Name: _cc_aud Value: "ABR4XmNgYGBISXVbB6SgAAAVbQG%2B"
.rfihub.com/	1970-01-20 21:14:14	Name: eud Value: H4sIAAAAAAAA_9vEyGtoZmFibGphYWxgYmQBAGgWO0MQAAAA
.rfihub.com/	1970-01-20 21:14:14	Name: rud Value: H4sIAAAAAAAA_-MSsjSzNDc1NLOwMDO0NDY3MDa1EOIz1HXOMnGOT88wi_LMCAMA1V0v4iQAAAA
.rfihub.com/	1969-12-31 23:59:59	Name: ruds Value: H4sIAAAAAAAA_-MSsjSzNDc1NLOwMDO0NDY3MDa1EOIz1HXOMnGOT88wi_LMCAMA1V0v4iQAAAA
.analytics.yahoo.com/	1970-01-20 20:38:14	Name: IDSYNC Value: 18yx~2bp9
.pubmatic.com/	1970-01-20 12:35:50	Name: KRTBCOOKIE_18 Value: 22947-969751688619370358
.pubmatic.com/	1970-01-20 12:35:50	Name: PugT Value: 1684358830
.pubmatic.com/	1970-01-20 12:35:50	Name: KRTBCOOKIE_22 Value: 14911-8935216810153968410&KRTB&23150-8935216810153968410
.contextweb.com/	1970-01-20 20:38:14	Name: pb_rtb_ev Value: 3-1kn4\|2N.0.AAAH4fdmt7TulgNgsXDXAAAAAAA\|3oy.0.d99af396-dad5-489f-9cec-b8adadd6b557-646546ae-5553\|4is.0.CAESEMSYPQjUI5kPcA7te_m_mhc\|7TY.0
.smartadserver.com/	1970-01-20 21:22:53	Name: pid Value: 4086353343249057575
.targeting.unrulymedia.com/	1970-01-20 20:38:14	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-85c47d01-6751-4e6a-ae20-1e334978fd09-005%22%7D
.ads.yieldmo.com/	1970-01-20 20:38:14	Name: ptrunl Value: RX-85c47d01-6751-4e6a-ae20-1e334978fd09-005
.socdm.com/	1970-01-20 21:28:38	Name: SOC Value: ZGVGrsCo8XcAAE10JKUAAAAA
.adsrvr.org/	1970-01-20 20:39:41	Name: TDCPM Value: CAESFAoFdGFwYWQSCwj-1bOY8MnrOxAFEhYKB3N2eDl0NTASCwiC5aKe8MnrOxAFGAEgASgCMgsIgt2ly4bK6zsQBTgBWgdzdng5dDUwYAI.
.c.bing.com/	1970-01-20 12:02:43	Name: MR Value: 0
.linkedin.com/	1970-01-20 20:38:14	Name: bcookie Value: "v=2&d0f62d4e-6d0b-4e73-8ea9-70f12c70c7bb"
.linkedin.com/	1970-01-20 11:54:05	Name: lidc Value: "b=OGST04:s=O:r=O:a=O:p=O:g=2890:u=1:x=1:i=1684358831:t=1684445231:v=2:sig=AQE25BTssacWeTqTqa87g3-2_r7D3yGN"
.bidswitch.net/	1970-01-20 20:38:14	Name: tuuid Value: 43248603-059b-4812-823e-428ecfeae06b
.bidswitch.net/	1970-01-20 20:38:14	Name: c Value: 1684358831
.bidswitch.net/	1970-01-20 20:38:14	Name: tuuid_lu Value: 1684358831
.zemanta.com/	1970-01-20 20:38:14	Name: zuid Value: LWGHhB3wUnAF8DNGFyjz
beacon.lynx.cognitivlabs.com/	1970-01-20 20:39:41	Name: UID Value: 949971da-ddc0-4669-8631-d0d7e43bee0c
beacon.lynx.cognitivlabs.com/	1970-01-20 20:39:41	Name: ss Value: jgCxwZaf%2FEI7OY2BpooY8wWSxtjCHTdtw2StB0GKtVXIp%2BKFMvWnwetxeDD6ghD8fEsMXIOpray6EmdzhudTDA%3D%3D
.bluekai.com/	1970-01-20 16:17:36	Name: bku Value: ikG99v2sjVxdrmy8
.bluekai.com/	1970-01-20 16:17:36	Name: bkpa Value: KJyWy1NrQM9z9wY73DK5dXg6RCSh2ZL+DaoUb9tOEvR098Ca7lbdh5CBfxnyzgl8bJ3+XG04Rdhlfc56xhJs7pIFt59tlq92E2B2HcicQYvQoIUTfmF83fNPdPEBb2Xq9FGRttaX2MDYKgGItAFP/SON5qtK3F3YQYJ1sTHJWQ1UvIvTvmhfDcLZYL/yAEg94kUineAVCRZDNsq+OzSoMMpfpBHOuIm15eunzt2vkKg/mGi/EVMJ03O6xC6U67s5kd0xuU1/l+LxH6y96EoZVxpKCMiurE3ZkQQCxoaI3PHxxA0IE6PWr9DcLIdZwZp4dQz9a2oVS9==
.pubmatic.com/	1970-01-20 12:35:50	Name: SPugT Value: 1684358830

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://googleads.g.doubleclick.net/pagead/html/r20230515/r20110914/zrt_lookup.html?fsb=1#RS-0-&adk=1812271803&client=ca-pub-7063822928380888&fa=3&ifi=5&uci=a!5&btvi=2&xpc=f9KmdrdX9n&p=https%3A//starsgab.com Message: The resource https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://googleads.g.doubleclick.net/pagead/html/r20230515/r20110914/zrt_lookup.html?fsb=1#RS-1-&adk=1812271804&client=ca-pub-7063822928380888&fa=4&ifi=6&uci=a!6&btvi=3&xpc=zjD0ZxjYhS&p=https%3A//starsgab.com Message: The resource https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.vdo.ai
aax.amazon-adsystem.com
ad-delivery.net
ad.doubleclick.net
ad.turn.com
ads.pubmatic.com
ads.yieldmo.com
adservice.google.com
amazon-tam-match.dotomi.com
analytics.vdo.ai
api.btloader.com
apis.cmp.quantcast.com
b1sync.zemanta.com
beacon.lynx.cognitivlabs.com
bh.contextweb.com
btloader.com
bttrack.com
c.amazon-adsystem.com
c.bing.com
cdn.fuseplatform.net
cdn.jsdelivr.net
cm.g.doubleclick.net
cmp.quantcast.com
cs.chocolateplatform.com
cs.media.net
csync.loopme.me
dc0b8ab8643cd81c1ff058aa8c270dfc.safeframe.googlesyndication.com
eb2.3lift.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
hbopenbid.pubmatic.com
ib.3lift.com
ib.adnxs.com
id5-sync.com
image2.pubmatic.com
image6.pubmatic.com
img.3lift.com
match.adsrvr.org
match.prod.bidr.io
match.sharethrough.com
p.rfihub.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel-sync.sitescout.com
pixel.rubiconproject.com
pixel.tapad.com
pixel.wp.com
pr-bh.ybp.yahoo.com
pulsepoint-match.dotomi.com
px.ads.linkedin.com
rtb.adentifi.com
s.ad.smaato.net
s.amazon-adsystem.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
ssbsync.smartadserver.com
ssum.casalemedia.com
stags.bluekai.com
starsgab.com
stats.g.doubleclick.net
stats.wp.com
sync-amz.ads.yieldmo.com
sync-tm.everesttech.net
sync.1rx.io
sync.crwdcntrl.net
sync.inmobi.com
sync.targeting.unrulymedia.com
tg.socdm.com
thrtle.com
tlx.3lift.com
tpc.googlesyndication.com
trace.mediago.io
u.openx.net
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
www.bing.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
104.118.8.253
104.36.115.111
104.36.115.113
104.76.100.229
108.138.107.138
108.156.184.119
124.146.215.46
13.225.223.81
130.211.23.194
142.250.72.102
142.251.41.2
151.101.130.49
159.203.145.121
162.19.138.82
162.248.18.34
162.248.18.37
165.227.201.152
18.164.98.157
192.0.76.3
192.132.33.46
192.40.39.223
198.148.27.139
199.127.204.142
199.187.193.197
199.38.167.130
20.127.253.7
2001:4860:4802:36::178
207.198.113.87
23.198.216.24
2600:1400:9000::687e:74c9
2600:1f18:4e9:5a01:5d7a:95f2:7368:f3d
2600:9000:2209:5a00:1b:5138:8a40:93a1
2600:9000:24f7:f600:9:46dc:4700:93a1
2602:803:c002:200::32
2606:4700:20::681a:346
2606:4700:20::681a:68b
2606:4700:3038::6815:eb09
2606:ae80:1471:1a::1400
2607:f8b0:4006:806::2008
2607:f8b0:4006:80b::2002
2607:f8b0:4006:817::2003
2607:f8b0:4006:817::2004
2607:f8b0:4006:81d::2002
2607:f8b0:4006:820::2002
2607:f8b0:4006:821::2001
2607:f8b0:4006:824::2002
2607:f8b0:400c:c04::9d
2607:f8b0:400c:c06::9b
2607:f8b0:400c:c11::84
2607:f8b0:400c:c14::9c
2607:f8b0:400c:c1a::5f
2607:f8b0:400c:c38::5e
2620:112:f002:bbbb::21
2620:1ec:21::14
2620:1ec:c11::200
2a04:4e42:400::485
3.216.16.167
3.224.220.47
3.225.218.10
3.225.4.30
34.111.113.62
34.204.24.233
34.236.25.118
34.239.98.248
34.98.64.218
35.194.66.159
35.208.249.213
35.211.178.172
35.214.153.92
35.71.139.29
52.0.82.32
52.223.40.198
52.3.128.253
52.46.143.56
52.86.219.236
54.204.226.31
64.74.236.127
65.108.0.253
68.67.161.208
8.28.7.83
8.43.72.98
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
03a0e4a85c470c697b9cab256a97ff2704a034b9394b9d67c4aaf6c5d421b5d8
0404b8f16c2bf5646486ab39a0e263cdca58fda4d3dac01e141e0ea824555d24
050fd9fe89bc2a49a37d2559f9887bb834cb4eddf7308bff6d9018e4c5b36787
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
08285afd2f0c11a2a9d89f00dce769479e4d164e62caa39eceea9f1eb551afa9
08c19272c2f4f2e9182304fa928374ca3ae0bc94b9a34e8c2dff93d6bc8882f8
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0b9ffac16148c8938c6d9f2df28a17207f62a7f92d3401a48a58c0b22f17b0b4
0c195b945ef8a2466479b6ac17e2fc828bad34d4caa1fe1d17df3cd44bd609e0
0c97c6ce5fdeb2d91e4bc6263d3714ca800b990c1994cf0b6dac0f23c8fbabfe
0f5f9aca26804e60170dd15c75445b8e5bfed675a06e6c680f44e208fb7effd7
0fde3664ce78f4b935f69b04bacf7f82d2f81fee4c265bd064bb94155d7627fb
1724b4bef54c6783a92933aad501fd9fe01ceb5225301c744ff0883030e72f00
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1a1d8f790300fbf5b159bf1d91c42d45265f32ae462402786e62af3da95ac150
1cb5dcdb11eda07425f9584041552e161f7ff7395cf52d201e023dcd869157f2
1ea50329b826918b0b803777e2f5ac48a3570aa1f9c06bc92b6a1731ae37654a
253dbb7cdf8b323dd7701b955a3557228e07163d34c34a09844928005b2107dd
2a0ddf18b1c85a808a468c8b4853520a61e8cb4163e4152752c6610323dc30f0
2be0eb4f24b2f3eb2e93b50fe5579d43192443840be3ee6747b3a9f5e8bc23c4
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2d711642b726b04401627ca9fbac32f5c8530fb1903cc4db02258717921a4881
2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe
2fd4c3ae6afc2b4026d9f0b64b8ff1110ecfcf47b90bc988c06e844b3921cbf6
30c714bf4216e577686d238b98561d093672cb25bf90baab50dd956f75cda4b3
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
318636eed422efbaa1741027197c1b3eaa7d08402e3929b86f6169df08a7f686
3850a9ce12b5874d87f1564f1bfa9d644a240c604aab6ecf636bf8d1d03d1b7b
38670d62dd189155307a4a5c2a9f34c7a5852b55048c810605cc5e34121ff489
3bba24c50a5789cda4f15909277e954390f40b59191c528b78a95d9141366527
3c31f194616ed5157c41e5e3ae46976fbf82a885584917b82fcfbeee0f10bf7b
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3ed2e42d3ce5e24dcb11cddde4126e4f07c3afc590f708ad2cfbf7669002f92e
3f4ae4b9dcb1ace8994b034d870dc9584beeb01d3138ed445cc1844e83ba4e71
4030e98dbf643d9fd052863c3621e1c78ff2b159188d4242afd4579b3f05b116
41b60d2262cffca90f6cd644983a2d813336dc959558bdd6ae54b35ef06dd9fb
43b5fa7b44c753dc489afa1400f20776fbcb1afda05a7dedc178d5bc98d96f09
441e23601fe7525a142857c98cbb2784997579d51a17f736d7964dceee609709
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
45a61a04904fc2115c440a349a65dc93d2965b0b24dc5a8172bd8b792bdbf103
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48db2bd4f6be481a3541ba1a839ecbf2a639baeabeaab6236fcd3288f11d3dc9
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4d91b4e1a48fe8e0acbb39b5297cdd57133da3588a79d88d6b6d39fa5ba2ad0f
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55eac8083ebcb13568b485c3c87aeca5714f707fbb200d1e0d262e82f55760ee
5810767cff372ff7f37038c2847800c5829a943faee27aa6979424863b5b5a86
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5d808238c1caed60e672b820110195ba445160ba4e3dd3e2b8d7f68193061cad
5db7f4a9bf4db4fd329847b7a1c3c5c777882a296eab78ac3a5f57109f30e774
5e3c520cdbfba4e50e612c8f4230c8b994b934b214ae4f39f17244c3af24ca64
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62e8e9d73f2da8b6ad591b650cebab054a20f618f9925fbe807eb785ec9d648c
67751354ba4ca1c1afb99449066ea3cc52468a45861dba795614467f7adbf0f7
6a6fef0ad1dcd1ec4cf7a3803295ab078d6924d088298a8750de355caedae65d
6ab3f91621ac1f112b19fac783a68e585f83f6b9a8ecde4e2e0ac7695af4b7e1
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6e6b00ba0d7120c44c2b712740171d3e99d5aa4af15605628cc05ea90eb0449a
6e8060b67a9bc601a234fad07a2ffdf1ba56bab8d4fe01fcdece885bce46f0aa
6f92cd394eab3c4e4b4d45e2c42b7d44b5da08418ab87e57da1b1764ff369fde
726b820e44f6ab90ad991d30a4bf26d3a5d71493cbcd1fb1efd0d14e89b9df2a
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48
732d67ff6d89c0425f6ee8e07ff2c655359aa3cd3fa0dfd8330096b54911074a
756997924e97f09793e32520f153591ff455188cf2fd5e2f8d95b6d427b9e87b
7a89d23287ae3c749a356c76da7ef88c34d0ed018c049701b05304c3f6601ab7
7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5
7cf435a359c687ffb3a53d04fa657b629f8ff28f83b7900d1c64edf50d8c0a05
7e262106f82cc52663e403f5b73795bbeab9ca0630c33c03579354fbcd4fae1e
7eccd4b30f7e42958d57f085badcd82cdfe1574c5adb11f5f2cacfc546eb092e
83ae2e1111156aa32b458e4a3fe070f297a044ecb2855caf1ba7da118ad5fe65
86741c79dd961b2da3b1af29f8cf37ddc3937680b73ee9944caa8260a6f6b1f1
89b9cdd65071ba167a6f39705f0ac244cad0f75669778ed58256d7908983a502
8cc3f513eaf3e434e464d2bcf52776412be74dffaf48af280180638b835dfa4f
8df1183554a6cdfb35af306e910a3c741716dc6bd42ab3f5be655e1dcaa6731f
8ed7efe8fdd57d3f400bc02b2c625538fb646b922852a7c9d609b29eab8f2755
8f648bc56fdb2e826893d3965d2073e29ebc4d229762f25c9c895062baf329a8
92dfea243f42642241bad94d8b25c0de8f3fb8bae547e46b2b81f50207b2f039
939967cd4a894b231399728106f91af38624eba8ef59f6f7d98b8f5295461238
94fa71daca224dde8b1cd575ac66cdea069684b1d012351768bab4b12985cb82
94ff72f0e7d4d5fb406082c4572aeb6514c4e32266aec78e93edbb03e9cf9628
9913caf1dbe9391c0f817f9af4e46e7b46a0f47da1d486981a8a2e32b9693533
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9da56eec138c9d2526c4361ffc8880d58fbf113ab878e863377d1f27ad786c41
9df1ad09e8ee902ee6a76cf88df57306868ca4ee532d74830fbcfe4db8bdf39d
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a2eb1ef86b954f9953277905d294b8d87064037456444aecc15eeaf4099f8db8
a307c65aacfe87e41d9909ea02467c696994a59cf3d0a6837e55f95f4a2983c1
a473a695162892ed842f775045d584922e4f1cd3668eed5821b6ab824d4cfd81
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a94c4d395ab543caa272eca358cb98f6a7030a7575fd1d29d45699a92484b75f
a95e7d0a3cb18909649c1c1cf3a03b867df399d7a68a95438700d0c250190ea5
a9b2e418e7b3fe61a9c697fa550b2cfde788cf933bcd5597411efce9f5a958e6
ab8517f3d5171dd42a8b9c22af6a2f944b41d00e7ea54ba02b4ed71a6c59e543
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b077a8dba7a548e4b4af8c9dfa318879d6f0a2074fec05e7ac5826faa7089666
b1289ccca476df0a33259965671579525261926bf8ea0a9f4fb3ba67535c4f69
b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646
b9a274f1064b3c46d5fc2cbf160884681342b40cb1504b5abfc3567c7244e498
ba58ed4e8dd5b19dda4a55b9ea0e7561c8365d5999673ddbcbb7269fca2d3dd0
bb12d4c4ae5fd53be24d22d7986932390dced153f1920133ca4efe5ff555afbe
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb305bd385a8b77572bbb3a369f335c42af9a8ee8d2742bb2d6fb0af50c2ec02
c1878305208d1e0690076c78a0fa2bebfc6521551f27b0ac2b0817b1a304a9ef
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c25d59274315537d6a2063692821387477658607d9371f3b61fb4dd02f2e87c5
c32139223728fd8ff49175b6df2bf91b25fcd8e6a3807cc85e4421a473d2ba37
c324ef26b20264369e4568dc9ef1c5cb1f325f6bc4e8b7c01f7fe93fa353276a
cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981
ccc0fba87f29e1c77b454dd9c57d736ec788b98085d36e12c754a77fe82dd452
cdc5fffba2268382012bd596e13cbad3e6a502ef15cd5cca57d25574532a8409
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d01fafc47d0e5514ea2935bf43fbd7027fafae36880ca2d3c1d32b8b115e22eb
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
d17b87e9740ee2e2e6b07956e0e7c7ba83f0b0554a06bd360aad8cc9e3e79655
d2e7d61958e59555dbfdfa5b1793f3d8bb541a96864cdeb6797ddc8f78b52a6d
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
d87b3497d66616544488b93a41bc1a384f62aabfc55a8cdf12b4081358ee6d52
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
d98c69b9a9d42abb5d0db877e5edc36e2e5d0aca83a8d4a6444afc5ce8aa84c6
da68586d1771e22214fc6ddb97f8a66b241c1a9a4ee1e6c40c2efe860f971fdb
daf9dc6664474a6b01d9e293a39749d0e9b637629239cbe512dd4a0f0854a8eb
dc72f1784558403ebdb968e3b3e7ef72bfaa9ddea3a25abca1fcc31852912ffd
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789
e2c862b09395046721f1cbaacd35a54f2f532b7f12db75fa691409f74ccdca81
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5256bea79dd64abe02ec0b6031a5cf9e93ace05957297b59ffb42e21782297f
e591b066bb322161735e9cd425a9b0e47a675ddeb54d0857b815e4d9bc279284
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
ea2217b6e03809c43c8d36500500b6b7d6d05ce7794bb7f619deb739618e01e4
eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d
eeced1d8cb05e0490197eca352ff09680161f09b254df3fca1acb8e98593a275
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f170ddeaec8aa361e39bba211f2c7783512797d97d6b34f2f588b070e7f71ea7
f2331563867ab257b27bcf2add845a4482d1c8fb6143e5c950640b2f7e1c78a5
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f3e707799c4b8c1017aaed1c78432af2cc213ea88229312c1b2d621aa0ade9ef
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f65b7775d6cafd989ca54f06b3410ebf63eb910bc3b800d2c721fbcbb56955d5
f66d776620953c0805676cad9701a599129cc0d63afbd5abe4c04c8cbe7274d4
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f9105ad89b0652997872724722eb0747fbabefd60ac84c4d47c374bc27529821
fba91ba36de9a27e8fdf868b39e28f0852ab6ffb6a6a80915e85e579baa22ba5
fd4f1c9d69a243c7240669fd0fedbe8a66953243d409f75ae02dc4824b17cf68

starsgab.com Open in urlscan Pro 165.227.201.152 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

260 Requests

85 %HTTPS

35 %IPv6

58 Domains

86 Subdomains

57 IPs

6 Countries

7013 kBTransfer

12093 kBSize

98 Cookies

0 Outgoing links

Page URL History

Redirected requests

260 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

starsgab.com Open in urlscan Pro
165.227.201.152 Public Scan

Screenshot
Live screenshot

Full Image

260
Requests

85 %
HTTPS

35 %
IPv6

58
Domains

86
Subdomains

57
IPs

6
Countries

7013 kB
Transfer

12093 kB
Size

98
Cookies

260 HTTP transactions
4 data transactions