urlscan.io logo urlscan.io
SecurityTrails logo

www.the-star.co.ke Open in urlscan Pro
2606:4700:3032::6815:31d2  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://the-star.co.ke/
Effective URL: https://www.the-star.co.ke/
Submission: On December 14 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 63 IPs in 7 countries across 60 domains to perform 394 HTTP transactions. The main IP is 2606:4700:3032::6815:31d2, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.the-star.co.ke. The Cisco Umbrella rank of the primary domain is 221849.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 16th 2022. Valid for: a year.
This is the only time www.the-star.co.ke was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 16 2606:4700:303... 13335 (CLOUDFLAR...)
1 7 2606:4700:303... 13335 (CLOUDFLAR...)
17 2a00:1450:400... 15169 (GOOGLE)
8 2a00:1450:400... 15169 (GOOGLE)
30 2a00:1450:400... 15169 (GOOGLE)
3 2a06:98c1:312... 13335 (CLOUDFLAR...)
7 151.101.1.195 54113 (FASTLY)
14 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 142.93.104.37 14061 (DIGITALOC...)
1 3.19.54.139 16509 (AMAZON-02)
2 2606:50c0:800... 54113 (FASTLY)
2 2606:4700::68... 13335 (CLOUDFLAR...)
2 151.101.193.44 54113 (FASTLY)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
2 2a03:2880:f01... 32934 (FACEBOOK)
1 2001:4860:480... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
14 151.139.128.10 20446 (STACKPATH...)
7 23.55.110.82 20940 (AKAMAI-ASN1)
2 3 18.194.50.17 16509 (AMAZON-02)
2 2 35.210.53.219 19527 (GOOGLE-2)
2 2 18.156.0.31 16509 (AMAZON-02)
1 3.69.101.30 16509 (AMAZON-02)
2 184.30.21.51 16625 (AKAMAI-AS)
1 54.231.236.32 16509 (AMAZON-02)
11 2a00:1450:400... 15169 (GOOGLE)
24 2a00:1450:400... 15169 (GOOGLE)
16 146.20.128.137 27357 (RACKSPACE)
2 4 2a00:1450:400... 15169 (GOOGLE)
2 2 35.214.223.115 15169 (GOOGLE)
8 43 146.20.132.149 27357 (RACKSPACE)
2 47.252.78.131 45102 (ALIBABA-C...)
2 2 8.2.110.134 46636 (NATCOWEB)
2 2 2001:678:cb4:... 56396 (AMOBEE)
3 3 44.205.120.122 14618 (AMAZON-AES)
1 184.24.1.49 16625 (AKAMAI-AS)
2 2.18.232.7 16625 (AKAMAI-AS)
3 2606:4700::68... 13335 (CLOUDFLAR...)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
17 146.20.132.146 27357 (RACKSPACE)
1 1 34.107.184.81 396982 (GOOGLE-CL...)
5 193.0.160.129 54312 (ROCKETFUEL)
2 2 2606:4700::68... 13335 (CLOUDFLAR...)
2 2 52.213.183.212 16509 (AMAZON-02)
10 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a02:2638:1::2 44788 (ASN-CRITE...)
2 2a02:2638:1::4 44788 (ASN-CRITE...)
8 2a00:1450:400... 15169 (GOOGLE)
20 2.18.233.180 16625 (AKAMAI-AS)
24 2a02:2638:1::8 44788 (ASN-CRITE...)
3 178.250.2.148 44788 (ASN-CRITE...)
14 2a02:2638::3 44788 (ASN-CRITE...)
2 2600:9000:223... 16509 (AMAZON-02)
2 2a02:2638::21 44788 (ASN-CRITE...)
1 1 2620:116:800d... 16509 (AMAZON-02)
1 1 142.250.181.226 15169 (GOOGLE)
1 35.244.174.68 15169 (GOOGLE)
4 54.147.255.25 14618 (AMAZON-AES)
1 1 198.148.27.140 19189 (PULSEPOINT)
2 2 151.101.194.49 54113 (FASTLY)
1 1 34.234.229.82 14618 (AMAZON-AES)
1 162.19.80.91 16276 (OVH)
1 185.94.180.123 35220 (SPOTX-AMS)
6 6 2a05:d018:24:... 16509 (AMAZON-02)
2 2 18.172.153.4 16509 (AMAZON-02)
1 1 2001:678:cb4:... 56396 (AMOBEE)
1 1 34.243.172.78 16509 (AMAZON-02)
1 1 184.30.24.201 ()
1 54.78.254.47 ()
1 15.197.193.217 16509 (AMAZON-02)
394 63
16    2606:4700:3033::ac43:c18c (United States)

ASN13335 (CLOUDFLARENET, US)
the-star.co.ke
www.the-star.co.ke
7    2606:4700:3032::6815:31d2 (United States)

ASN13335 (CLOUDFLARENET, US)
the-star.co.ke
www.the-star.co.ke
17    2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
www.googletagservices.com
8    2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
30    2a00:1450:4001:806::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
lh3.googleusercontent.com
3    2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)
www.myjobsinkenya.com
www.mgazeti.com
cdn.mgazeti.com
7    151.101.1.195 (United States)

ASN54113 (FASTLY, US)
polls.the-star.co.ke
14    2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2a00:1450:4001:80e::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    142.93.104.37 (Frankfurt am Main, Germany)

ASN14061 (DIGITALOCEAN-ASN, US)
cdn.onthe.io
1    3.19.54.139 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-19-54-139.us-east-2.compute.amazonaws.com
ads.vidoomy.com
2    2606:50c0:8002::153 (United States)

ASN54113 (FASTLY, US)
radioafricagroup.github.io
2    2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)
maxcdn.bootstrapcdn.com
2    151.101.193.44 (United States)

ASN54113 (FASTLY, US)
cdn.taboola.com
1    2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.co.uk
1    2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
5    2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
b8e0ce453c4825c070d42c0107d46d94.safeframe.googlesyndication.com
2    2a03:2880:f01c:216:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
1    2a00:1450:400c:c08::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
6    2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
14    151.139.128.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map3.hwcdn.net
ad.lkqd.net
7    23.55.110.82 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-55-110-82.deploy.static.akamaitechnologies.com
ads.stickyadstv.com
3    18.194.50.17 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-194-50-17.eu-central-1.compute.amazonaws.com
x.bidswitch.net
2    35.210.53.219 (Brussels, Belgium)

ASN19527 (GOOGLE-2, US)
PTR: 219.53.210.35.bc.googleusercontent.com
pool.admedo.com
2    18.156.0.31 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
1    3.69.101.30 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-69-101-30.eu-central-1.compute.amazonaws.com
a.vidoomy.com
2    184.30.21.51 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-21-51.deploy.static.akamaitechnologies.com
a.teads.tv
1    54.231.236.32 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com
s3.amazonaws.com
11    2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube.com
24    2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
16    146.20.128.137 (United States)

ASN27357 (RACKSPACE, US)
v.lkqd.net
4    2a00:1450:4001:830::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    35.214.223.115 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 115.223.214.35.bc.googleusercontent.com
csync.loopme.me
43    146.20.132.149 (United States)

ASN27357 (RACKSPACE, US)
cs.lkqd.net
t.lkqd.net
2    47.252.78.131 (United States)

ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN)
event.clientgear.com
2    8.2.110.134 (United States)

ASN46636 (NATCOWEB, US)
cs.krushmedia.com
2    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
3    44.205.120.122 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-205-120-122.compute-1.amazonaws.com
sync.srv.stackadapt.com
1    184.24.1.49 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-24-1-49.deploy.static.akamaitechnologies.com
sync.teads.tv
2    2.18.232.7 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-7.deploy.static.akamaitechnologies.com
t.teads.tv
3    2606:4700::6812:1f97 (United States)

ASN13335 (CLOUDFLARENET, US)
signals.aimtell.com
beacon.aimtell.com
2    2606:4700:10::6816:46e7 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.aimtell.io
17    146.20.132.146 (United States)

ASN27357 (RACKSPACE, US)
t.lkqd.net
1    34.107.184.81 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 81.184.107.34.bc.googleusercontent.com
nxd.adhaven.com
5    193.0.160.129 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
2    2606:4700::6812:18ad (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
2    52.213.183.212 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-213-183-212.eu-west-1.compute.amazonaws.com
match.prod.bidr.io
10    2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
cdn.ampproject.org
6    2a00:1450:4001:82a::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
6    2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2a00:1450:4001:800::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
static.doubleclick.net
4    2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
jnn-pa.googleapis.com
1    2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
yt3.ggpht.com
1    2a00:1450:4001:80f::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
i.ytimg.com
3    2a02:2638:1::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
rtb.nl.eu.criteo.com
2    2a02:2638:1::4 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
ads.eu.criteo.com
8    2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
20    2.18.233.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com
vpaid.pubmatic.com
24    2a02:2638:1::8 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
pix.eu.criteo.net
3    178.250.2.148 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
cat.nl.eu.criteo.com
14    2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
2    2600:9000:223c:8000:1e:a43d:b640:93a1 (United States)

ASN16509 (AMAZON-02, US)
secure-gl.imrworldwide.com
2    2a02:2638::21 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
csm.eu.criteo.net
1    2620:116:800d:21:b314:a0ef:ab7c:d546 (United States)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
1    142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net
cm.g.doubleclick.net
1    35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
idsync.rlcdn.com
4    54.147.255.25 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-147-255-25.compute-1.amazonaws.com
rtb.adentifi.com
1    198.148.27.140 (New York, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
2    151.101.194.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    34.234.229.82 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-234-229-82.compute-1.amazonaws.com
media.sabio.us
1    162.19.80.91 (France)

ASN16276 (OVH, FR)
PTR: ns3011793.ip-162-19-80.eu
gu.dyntrk.com
1    185.94.180.123 (Amsterdam, Netherlands)

ASN35220 (SPOTX-AMS, US)
search.spotxchange.com
6    2a05:d018:24:b002:d133:9dc2:a783:2cd2 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
sync.tidaltv.com
2    18.172.153.4 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-172-153-4.lhr50.r.cloudfront.net
sb.scorecardresearch.com
1    2001:678:cb4:bbbb::13 (United Kingdom)

ASN56396 (AMOBEE, GB)
d.turn.com
1    34.243.172.78 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-243-172-78.eu-west-1.compute.amazonaws.com
dpm.demdex.net
1    184.30.24.201 (None, )

ASN- ()
tags.bluekai.com
1    54.78.254.47 (None, )

ASN- ()
loadm.exelator.com
1    15.197.193.217 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
Apex Domain
Subdomains		 Transfer
90 lkqd.net
ad.lkqd.net — Cisco Umbrella Rank: 23093
v.lkqd.net — Cisco Umbrella Rank: 7752
cs.lkqd.net — Cisco Umbrella Rank: 2811
t.lkqd.net — Cisco Umbrella Rank: 18573
428 KB
40 criteo.net
pix.eu.criteo.net — Cisco Umbrella Rank: 11597
static.criteo.net — Cisco Umbrella Rank: 662
csm.eu.criteo.net — Cisco Umbrella Rank: 11957
168 KB
35 googlesyndication.com
b8e0ce453c4825c070d42c0107d46d94.safeframe.googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 103
tpc.googlesyndication.com — Cisco Umbrella Rank: 139
175 KB
30 googleusercontent.com
lh3.googleusercontent.com — Cisco Umbrella Rank: 65
2 MB
30 the-star.co.ke
the-star.co.ke — Cisco Umbrella Rank: 218996
www.the-star.co.ke — Cisco Umbrella Rank: 221849
polls.the-star.co.ke
635 KB
22 gstatic.com
fonts.gstatic.com
www.gstatic.com
343 KB
22 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 193
stats.g.doubleclick.net — Cisco Umbrella Rank: 81
googleads.g.doubleclick.net — Cisco Umbrella Rank: 34
static.doubleclick.net — Cisco Umbrella Rank: 199
cm.g.doubleclick.net — Cisco Umbrella Rank: 215
281 KB
20 pubmatic.com
vpaid.pubmatic.com — Cisco Umbrella Rank: 4851
17 KB
12 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 37
jnn-pa.googleapis.com — Cisco Umbrella Rank: 185
36 KB
11 youtube.com
www.youtube.com — Cisco Umbrella Rank: 73
862 KB
10 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 388
217 KB
8 criteo.com
rtb.nl.eu.criteo.com — Cisco Umbrella Rank: 18634
ads.eu.criteo.com — Cisco Umbrella Rank: 11394
cat.nl.eu.criteo.com — Cisco Umbrella Rank: 14558
112 KB
7 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 636
5 KB
6 tidaltv.com
sync.tidaltv.com — Cisco Umbrella Rank: 1376
2 KB
6 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 269
3 MB
6 google.com
adservice.google.com — Cisco Umbrella Rank: 72
region1.analytics.google.com — Cisco Umbrella Rank: 6986
www.google.com — Cisco Umbrella Rank: 2
16 KB
5 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 713
3 KB
5 teads.tv
a.teads.tv — Cisco Umbrella Rank: 1403
sync.teads.tv — Cisco Umbrella Rank: 1250
t.teads.tv — Cisco Umbrella Rank: 2609
132 KB
4 adentifi.com
rtb.adentifi.com — Cisco Umbrella Rank: 1113
137 B
4 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 192
187 KB
3 aimtell.com
signals.aimtell.com — Cisco Umbrella Rank: 4248
beacon.aimtell.com — Cisco Umbrella Rank: 22364
437 B
3 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 692
2 KB
3 turn.com
ad.turn.com — Cisco Umbrella Rank: 743
d.turn.com — Cisco Umbrella Rank: 1154
1 KB
3 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 290
964 B
2 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 156
577 B
2 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 572
610 B
2 imrworldwide.com
secure-gl.imrworldwide.com — Cisco Umbrella Rank: 1470
1 KB
2 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 476
1007 B
2 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 795
s.tribalfusion.com — Cisco Umbrella Rank: 1875
940 B
2 aimtell.io
cdn.aimtell.io — Cisco Umbrella Rank: 7148
1 KB
2 krushmedia.com
cs.krushmedia.com — Cisco Umbrella Rank: 6395
1 KB
2 clientgear.com
event.clientgear.com — Cisco Umbrella Rank: 1858
211 B
2 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 764
427 B
2 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 287
542 B
2 admedo.com
pool.admedo.com — Cisco Umbrella Rank: 4786
750 B
2 mgazeti.com
www.mgazeti.com — Cisco Umbrella Rank: 953400
cdn.mgazeti.com
433 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 152
87 KB
2 taboola.com
cdn.taboola.com — Cisco Umbrella Rank: 1066
178 KB
2 bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 750
24 KB
2 github.io
radioafricagroup.github.io — Cisco Umbrella Rank: 877969
179 KB
2 vidoomy.com
ads.vidoomy.com — Cisco Umbrella Rank: 23685
a.vidoomy.com — Cisco Umbrella Rank: 8466
6 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 47
120 KB
1 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 323
265 B
1 exelator.com
loadm.exelator.com
324 B
1 spotxchange.com
search.spotxchange.com — Cisco Umbrella Rank: 515
1 KB
1 dyntrk.com
gu.dyntrk.com — Cisco Umbrella Rank: 998
1 sabio.us
media.sabio.us — Cisco Umbrella Rank: 32036
234 B
1 bluekai.com
tags.bluekai.com Failed
527 B
1 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 206 Failed
563 B
1 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 526
392 B
1 rlcdn.com
idsync.rlcdn.com — Cisco Umbrella Rank: 335
98 B
1 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 644
496 B
1 ytimg.com
i.ytimg.com — Cisco Umbrella Rank: 87
63 KB
1 ggpht.com
yt3.ggpht.com — Cisco Umbrella Rank: 212
4 KB
1 adhaven.com
nxd.adhaven.com — Cisco Umbrella Rank: 46695
276 B
1 amazonaws.com
s3.amazonaws.com
13 KB
1 google.de
www.google.de — Cisco Umbrella Rank: 7952
501 B
1 google.co.uk
adservice.google.co.uk — Cisco Umbrella Rank: 7344
792 B
1 onthe.io
cdn.onthe.io — Cisco Umbrella Rank: 19130
tt.onthe.io Failed
20 KB
1 myjobsinkenya.com
www.myjobsinkenya.com
myjobsinkenya.com Failed
394 60
Domain Requested by
34 t.lkqd.net ad.lkqd.net
30 lh3.googleusercontent.com www.the-star.co.ke
26 cs.lkqd.net 8 redirects ad.lkqd.net
24 pix.eu.criteo.net b8e0ce453c4825c070d42c0107d46d94.safeframe.googlesyndication.com
ads.eu.criteo.com
24 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.the-star.co.ke
b8e0ce453c4825c070d42c0107d46d94.safeframe.googlesyndication.com
cdn.ampproject.org
21 www.the-star.co.ke www.the-star.co.ke
polls.the-star.co.ke
20 vpaid.pubmatic.com ad.lkqd.net
16 v.lkqd.net ad.lkqd.net
14 static.criteo.net ads.eu.criteo.com
14 ad.lkqd.net www.the-star.co.ke
ad.lkqd.net
14 fonts.gstatic.com fonts.googleapis.com
www.youtube.com
13 securepubads.g.doubleclick.net www.the-star.co.ke
securepubads.g.doubleclick.net
b8e0ce453c4825c070d42c0107d46d94.safeframe.googlesyndication.com
11 www.youtube.com www.the-star.co.ke
www.youtube.com
10 cdn.ampproject.org securepubads.g.doubleclick.net
8 www.gstatic.com b8e0ce453c4825c070d42c0107d46d94.safeframe.googlesyndication.com
www.youtube.com
www.gstatic.com
8 fonts.googleapis.com www.the-star.co.ke
polls.the-star.co.ke
securepubads.g.doubleclick.net
b8e0ce453c4825c070d42c0107d46d94.safeframe.googlesyndication.com
7 ads.stickyadstv.com ad.lkqd.net
7 polls.the-star.co.ke www.the-star.co.ke
polls.the-star.co.ke
6 sync.tidaltv.com 6 redirects
6 googleads.g.doubleclick.net www.the-star.co.ke
www.youtube.com
b8e0ce453c4825c070d42c0107d46d94.safeframe.googlesyndication.com
6 s0.2mdn.net www.the-star.co.ke
cdn.ampproject.org
b8e0ce453c4825c070d42c0107d46d94.safeframe.googlesyndication.com
6 pagead2.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
5 p.rfihub.com ad.lkqd.net
5 b8e0ce453c4825c070d42c0107d46d94.safeframe.googlesyndication.com securepubads.g.doubleclick.net
4 rtb.adentifi.com ad.lkqd.net
4 www.googletagservices.com b8e0ce453c4825c070d42c0107d46d94.safeframe.googlesyndication.com
4 jnn-pa.googleapis.com www.youtube.com
4 www.google.com 2 redirects tpc.googlesyndication.com
www.youtube.com
3 cat.nl.eu.criteo.com b8e0ce453c4825c070d42c0107d46d94.safeframe.googlesyndication.com
ads.eu.criteo.com
3 rtb.nl.eu.criteo.com www.the-star.co.ke
b8e0ce453c4825c070d42c0107d46d94.safeframe.googlesyndication.com
3 sync.srv.stackadapt.com 3 redirects
3 x.bidswitch.net 2 redirects
2 sb.scorecardresearch.com 2 redirects
2 sync-tm.everesttech.net 2 redirects
2 beacon.aimtell.com s3.amazonaws.com
2 csm.eu.criteo.net ads.eu.criteo.com
2 secure-gl.imrworldwide.com ads.eu.criteo.com
2 ads.eu.criteo.com b8e0ce453c4825c070d42c0107d46d94.safeframe.googlesyndication.com
2 match.prod.bidr.io 2 redirects
2 cdn.aimtell.io s3.amazonaws.com
2 t.teads.tv
2 ad.turn.com 2 redirects
2 cs.krushmedia.com 2 redirects
2 event.clientgear.com ad.lkqd.net
2 csync.loopme.me 2 redirects
2 a.teads.tv www.googletagmanager.com
a.teads.tv
2 ups.analytics.yahoo.com 2 redirects
2 pool.admedo.com 2 redirects
2 connect.facebook.net www.the-star.co.ke
connect.facebook.net
2 cdn.taboola.com www.the-star.co.ke
cdn.taboola.com
2 maxcdn.bootstrapcdn.com polls.the-star.co.ke
2 radioafricagroup.github.io www.the-star.co.ke
polls.the-star.co.ke
2 www.googletagmanager.com www.the-star.co.ke
2 the-star.co.ke 2 redirects
1 match.adsrvr.org ad.lkqd.net
1 loadm.exelator.com ad.lkqd.net
1 d.turn.com 1 redirects
1 search.spotxchange.com ad.lkqd.net
1 gu.dyntrk.com ad.lkqd.net
1 media.sabio.us 1 redirects
1 tags.bluekai.com ad.lkqd.net
1 dpm.demdex.net ad.lkqd.net
1 bh.contextweb.com 1 redirects
1 idsync.rlcdn.com ad.lkqd.net
1 cm.g.doubleclick.net 1 redirects
1 cms.quantserve.com 1 redirects
1 i.ytimg.com www.youtube.com
1 yt3.ggpht.com www.youtube.com
1 static.doubleclick.net www.youtube.com
1 s.tribalfusion.com 1 redirects
1 a.tribalfusion.com 1 redirects
1 nxd.adhaven.com 1 redirects
1 signals.aimtell.com s3.amazonaws.com
1 sync.teads.tv a.teads.tv
1 cdn.mgazeti.com
1 s3.amazonaws.com www.the-star.co.ke
1 a.vidoomy.com
1 www.mgazeti.com www.the-star.co.ke
1 www.google.de
1 stats.g.doubleclick.net www.googletagmanager.com
1 region1.analytics.google.com www.googletagmanager.com
1 adservice.google.com securepubads.g.doubleclick.net
1 adservice.google.co.uk securepubads.g.doubleclick.net
1 ads.vidoomy.com www.the-star.co.ke
1 cdn.onthe.io www.the-star.co.ke
1 www.myjobsinkenya.com www.the-star.co.ke
0 myjobsinkenya.com Failed www.the-star.co.ke
0 tt.onthe.io Failed cdn.onthe.io
394 88
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-16 -
2023-06-16		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-11-07 -
2023-01-30		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-11-07 -
2023-01-30		 3 months crt.sh
*.googleusercontent.com
GTS CA 1C3		 2022-11-07 -
2023-01-30		 3 months crt.sh
msgoflove.com
GTS CA 1D4		 2022-12-02 -
2023-03-02		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-11-07 -
2023-01-30		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-11-07 -
2023-01-30		 3 months crt.sh
*.onthe.io
Sectigo RSA Domain Validation Secure Server CA		 2022-06-02 -
2023-07-02		 a year crt.sh
*.vidoomy.com
Sectigo RSA Domain Validation Secure Server CA		 2022-09-01 -
2023-10-02		 a year crt.sh
*.github.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-04-07 -
2023-04-07		 a year crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-11-28 -
2022-12-29		 a year crt.sh
*.google.co.uk
GTS CA 1C3		 2022-11-07 -
2023-01-30		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-11-07 -
2023-01-30		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-09-22 -
2022-12-21		 3 months crt.sh
www.google.de
GTS CA 1C3		 2022-11-07 -
2023-01-30		 3 months crt.sh
ad.lkqd.net
R3		 2022-11-29 -
2023-02-27		 3 months crt.sh
*.ads.stickyadstv.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-06-14 -
2023-06-16		 a year crt.sh
teads.tv
R3		 2022-10-27 -
2023-01-25		 3 months crt.sh
s3.amazonaws.com
Amazon		 2022-04-01 -
2023-03-30		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-11-07 -
2023-01-30		 3 months crt.sh
*.lkqd.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-06-27 -
2023-07-18		 a year crt.sh
www.google.com
GTS CA 1C3		 2022-11-07 -
2023-01-30		 3 months crt.sh
aimtell.com
Cloudflare Inc ECC CA-3		 2022-05-09 -
2023-05-08		 a year crt.sh
*.rfihub.com
Sectigo RSA Domain Validation Secure Server CA		 2022-05-24 -
2023-05-24		 a year crt.sh
misc-sni.google.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-11-07 -
2023-01-30		 3 months crt.sh
edgestatic.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.nl.eu.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-10-10 -
2023-01-10		 3 months crt.sh
*.eu.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-10-14 -
2023-01-13		 3 months crt.sh
*.pubmatic.com
DigiCert SHA2 Secure Server CA		 2022-02-04 -
2023-02-03		 a year crt.sh
*.eu.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-11-01 -
2023-02-04		 3 months crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-11-08 -
2023-02-04		 3 months crt.sh
*.imrworldwide.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-01-04 -
2023-02-03		 a year crt.sh
adentifi.com
Amazon		 2022-08-05 -
2023-09-03		 a year crt.sh
*.spotxchange.com
GeoTrust RSA CA 2018		 2022-03-11 -
2023-03-29		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh

This page contains 36 frames:

Primary Page: https://www.the-star.co.ke/
Frame ID: F924A7C6D6AE11888AAEC84808F1769E
Requests: 163 HTTP requests in this frame

Frame: https://polls.the-star.co.ke/polls/?p=/embed/poll/-NJEAttc2Gb0_iDDorBm
Frame ID: DC87F03632E7A71D451AF6A9885B1EED
Requests: 16 HTTP requests in this frame

Frame: https://b8e0ce453c4825c070d42c0107d46d94.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 7F72F6F43856E4D2AEF32FC589DEE1A1
Requests: 1 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/formats.js
Frame ID: B4644C3E2866DE3B69158029E0F8BA77
Requests: 6 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/formats.js
Frame ID: 8EA632D105B0DA1D85BD7A83AAC32E59
Requests: 2 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: CF43637EEB1A8F04C518690BADE15837
Requests: 6 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: 6967C171E6AF3B827669094792F195DA
Requests: 6 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 157F9E64931C4803B02757E61B2BF96A
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 796CC6F5B45572E8744F18E736EA21A5
Requests: 2 HTTP requests in this frame

Frame: https://sync.teads.tv/wigo-no-slot
Frame ID: 65989A5A0EAF44340A72D5904B309D90
Requests: 1 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: 6DAEA87AFAE68B3CC95D43E27C2C8F62
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/EgTiqgN79WQ?playsinline=1&enablejsapi=1&origin=https%3A%2F%2Fwww.the-star.co.ke&widgetid=1
Frame ID: 1F1B0768C3F36E916B275C72C6DFC6EA
Requests: 21 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: 360863B5574B35EDCF80A01844EF9596
Requests: 1 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Frame ID: 76C5F0F0E74BFADE2B5DDE71DFBC02F3
Requests: 2 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: E20EFD8A574796AEF13753BB95C9E4CB
Requests: 6 HTTP requests in this frame

Frame: https://b8e0ce453c4825c070d42c0107d46d94.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: A1323DB2D7F6F5F96ED990C3033E06B9
Requests: 8 HTTP requests in this frame

Frame: https://b8e0ce453c4825c070d42c0107d46d94.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 91243C2AAE896E95E8961E0FC00D9D7C
Requests: 22 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012211060024000/amp4ads-v0.mjs
Frame ID: 1BFDB0A36A55074ACA2A193FD932E5EC
Requests: 12 HTTP requests in this frame

Frame: https://b8e0ce453c4825c070d42c0107d46d94.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 26108FA8994C2BF653FF678AF793533A
Requests: 16 HTTP requests in this frame

Frame: https://b8e0ce453c4825c070d42c0107d46d94.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 362BC79B81D2512F904C9DF68600AF72
Requests: 8 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012211060024000/amp4ads-v0.mjs
Frame ID: 6AD17630CD54D083A0DDA640340DA720
Requests: 22 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: F5678016A4B819D542BB6532195E5576
Requests: 3 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y5lrbQABPlUIu_DfAAKOjyd4EUmv-z6SKLz16Q&u=%7CuM%2FixoU45EWOo8Z%2BcKMCB3l%2B0z4XRLRf4XbFyXPcEAE%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0UEJ8w8gW49kLu82w_1JkF0eXUkR_DJS_xwsB1NFJwZQ_zWE2GS2SUxmkpSNJF6gLcsICd0Z_oFKmrVu8vwq48vl1A42x-pPwtJXkfplzkAZCc6wY_MF9ny75_bWryQUyLpV4fh14hyKUbzPl_KmVH0k1kcKKUWhUxOxn0IhexrkETfGahJFWgYHTFRXcajPaO_BQyPE7erMH5lOZ7yds7GC3qwvEPvPJ6rvIei0AAI-ulO-aNxjqr530zTWWVQWBIwTQs_PUho-M4UtAX9VnUbcvIZPwWgAAdXxZh0_dZBIOvtBhlvXLoJU9adRCpgIJrSqhkIQTzATf59GPZR7MOGJAjE3ReCXRtFORidzGC3pOj9YsvyJx6_hOScSbXg16d97eGwnkZQZo6Cq0UF1Dy9g0Pluo0RdcBRb6U5nWbvcNlS_PYNMUTWu-uvsY6pbNZ1UKPprYyo6FUTxyxGMMCXxlOMYZ13u6rWFMkJwSude0smxAKESew7N8Fi0fmS28Aj8MI87cRS7sBJlvkxxmVgqulj9IojYewXdJm_GWuGd8r2BRt88ulYKcvULr8KYdsAPnJRmHFCx&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCvvyVbWuZY9X8BN_h7_UPj52K2A3JntKxXNWdkfdwwI23ARABIABglYKAgLQHggEXY2EtcHViLTY5MjY5OTI3MzY1OTg2MDTIAQmpAmNNThsE1LE-4AIAqAMBqgSUAk_QOYMcFrjDtyWqMLVT7Cl-I-b_N-mBoEyXtwdXlvTdU1fIMMxr2wro4SJXLGh7J8feDVTIzD1p9hmZxEMsdepXSNQ1gxmb_yKOG4iwTQF_cAjsIyH19xm3pXmZTypHXgq9inARZc8iENVXt4HaW2auudoYBX2S4ZsnkxCT5-FI801P1dOpUUvrQvQBrvPe77lmS12R7r2Rd4odrq3XXlYmEKGfoCnffX0SpPQ_tUuumuZ9dFp0LSR_i_u9tkfymwclLIjcMcRvPxrnQMeaTAR8DSrxKqg4bCm6lSsuD0a6Y0nUAoIUkzkznWHcjVFsdP1EEgjN4PZNu8l37dfFeVEEcDMROGxWVLNegmIr6ykDbKxBa-AEAYAGrfmcm8mIzNaFAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAcBABMgLrAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3QL2-3Vck5yM6BFUmuke7_FT__zA%26client%3Dca-pub-6926992736598604%26adurl%3D
Frame ID: 2CF360F135336A3DEE766E2E6C3F7D75
Requests: 23 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y5lrbQABPlkIu_DfAAKOj0AL24kZp1HPQOnCiA&u=%7CuM%2FixoU45EWLmTovdEX1WdbR2CRNns7nlr50wPdyMZI%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0UEJ8w8gW49kLu82w_1JkF0eXUkR_DJS_xwsB1NFJwZQtYbq4157A19pZsVWGgarYKvoI_1_v7YmNPxqbNo_oztDVFaBl1X1RWZeB76VrMjmQirk4BxZhx4JOH1fsmAp6Fn17F5cQlU5JmJtUIGH-RXRmKMxpWTdIyG0OelipQe7MV-G95PKfSdvPLDlaoDfLRuJSFhe1xJb9cgBc7KpN65YSSZFzRutxcKHwYgoP-yTkPEPG6rivXksUcarhB52DNzqqhX_JJv5vByWNRLwWx9dLjC8_zjINmR5mKE0Unw5FhdiOWVqecBtgm9MHejRcl1UDTGIonHHCXG-t82YVQqcXlOMNznjri8gggJ0j7E4HsxR7Yo3GyJQXd90q5xvXWzCQDfPyxhLImT-R5ElkmrR7HptetsTK6CLIGPQH1fPPN8lCoG_gx3o9q8k8WZnNTxJ4pEfjKjUON3-Sgpzdd8OsUgOabE00no9VZgWdvrNx5TZ-rGFXDP82Mtt2YYYHERdVLVL1bGedKeKvh8oGQncTRV-H1hXvw3oJPgb15IsvdGBVZR1vP9z7DzTee1Oj_EqwoxZ0Oon&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCDFuWbWuZY9n8BN_h7_UPj52K2A3JntKxXNWdkfdwwI23ARABIABglYKAgLQHggEXY2EtcHViLTY5MjY5OTI3MzY1OTg2MDTIAQmpAmNNThsE1LE-4AIAqAMBqgSVAk_QzEe1HXW76UlfbkYrtU_ATJ4Z3M-1V7mT6MMEs2cjlIRY_xvdp4qApEvBs210y1FeNKzghWMSOfGKIdpEOFLDEPd7YvQE-yZyFO3MOy6BnUxvc4Crk_97ZkUqL3T1quHGYuY7-zXM00Pym_0gSgixbZRnz3AbmWlgArGPVt_B9oiJZY0SqImQrYSGaEjpuEHm9F8A652BmMydxkBo7HxQ4uld76RC0Po3s6xsdgHR_lJZWDSKH64fvykDqU2chdQl73MZy-6PhpATl0RoJjB34fe9hqIZOSH5XnwwBvQ-HpjJfxnrkGfQNb6b-gLWPyrVZEBfiipxqMYCDggcscbwVsviSSELZS8T9NuwFiNfTxLCY_jgBAGABq35nJvJiMzWhQGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgHAQATIC6wI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1GCghKHKJnenMGqEudnpMBOnFbbA%26client%3Dca-pub-6926992736598604%26adurl%3D
Frame ID: C33DD15E3337519B1541B0DAA52159DE
Requests: 21 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Frame ID: ECFBB6403FCAB8EA3A83EBE7DA1C6B5E
Requests: 2 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: A59A20AF539982AE958D8FA5731343E1
Requests: 6 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: 59A0DEBA7E1A7BD9271D68151F8AE77F
Requests: 3 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Frame ID: 5E9C03B2AF6A952B072FCC6A580B8FC8
Requests: 2 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: 2F1A26D8DB1D413CC7C42C261A54B61D
Requests: 6 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: 473EE5CF0F21279CBF07356308624520
Requests: 3 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Frame ID: B1AEDCC0FE9A37A01502B2924F0A97CD
Requests: 2 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: B93EDBA27C218E7CAB7260E45D682B36
Requests: 6 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: 93141681172F0241C0D9A7070FD4018A
Requests: 3 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Frame ID: 72BAE0002B7A58EC894CFBA544B727A8
Requests: 2 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: A70B326CF93F8976D1567805F28F9AE8
Requests: 6 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: 7021BE5DCE77F07D3CC533EE2E529D10
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

The Star

Page URL History Show full URLs

  1. http://the-star.co.ke/ HTTP 301
    https://the-star.co.ke/ HTTP 301
    https://www.the-star.co.ke/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • cdn\.aimtell\.\w+/
Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googleapis\.com/.+webfont
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com

Page Statistics

394
Requests

92 %
HTTPS

52 %
IPv6

60
Domains

88
Subdomains

63
IPs

7
Countries

9241 kB
Transfer

19327 kB
Size

59
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://the-star.co.ke/ HTTP 301
    https://the-star.co.ke/ HTTP 301
    https://www.the-star.co.ke/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 129
  • https://x.bidswitch.net/sync?ssp=vidoomy&user_id=671637069.83914111239924245.73109683 HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=vidoomy&user_id=671637069.83914111239924245.73109683 HTTP 302
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=vidoomy&bsw_custom_parameter=0375164a-3d98-41b8-8a2c-704d8e362c4e HTTP 302
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=vidoomy&bsw_custom_parameter=0375164a-3d98-41b8-8a2c-704d8e362c4e HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=966975cf-d556-4473-9f1a-b66650d36f0b&user_group=1&ssp=vidoomy&bsw_param=0375164a-3d98-41b8-8a2c-704d8e362c4e
Request Chain 130
  • https://ups.analytics.yahoo.com/ups/58610/occ HTTP 302
  • https://ups.analytics.yahoo.com/ups/58610/occ?verify=true HTTP 302
  • https://a.vidoomy.com/api/rtbserver/cookie?i=YAH&uid=y-.TeFx_1E2uEtRApvPutq5WIYVHtdr3qZ7SrU9VY-~A
Request Chain 149
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D54%26partnerUserId%3D%7Bdevice_id%7D HTTP 307
  • https://cs.lkqd.net/cs?partnerId=54&partnerUserId=9d8c06e2-68a7-4c12-a643-d606d019c2ec
Request Chain 150
  • https://cs.lkqd.net/cs?partnerId=103&redirect=https%3A%2F%2Fevent.clientgear.com%2Fcookie%2Flkqd%3Fpartner%3Dlkqd%26cookieid%3D%24%24rawlkqduserid%24%24&r=if HTTP 302
  • https://event.clientgear.com/cookie/lkqd?partner=lkqd&cookieid=CdWemTsj8hY
Request Chain 151
  • https://cs.lkqd.net/cs?partnerId=102&redirect=https%3A%2F%2Fcs.krushmedia.com%2Fcd607442bfdf172cfcec45014a5f4ece.gif%3Fpuid%3D%24%24rawlkqduserid%24%24%26redir%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D102%2526partnerUserId%253D%255BUID%255D&r=if HTTP 302
  • https://cs.krushmedia.com/cd607442bfdf172cfcec45014a5f4ece.gif?puid=OSgiodnfxIo&redir=https://cs.lkqd.net/cs?partnerId%3D102%26partnerUserId%3D%5BUID%5D HTTP 302
  • https://cs.lkqd.net/cs?partnerId=102&partnerUserId=55393d48-e1d0-42a4-ac45-8651a5eeb62f
Request Chain 152
  • https://ad.turn.com/r/cs?pid=65 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=94&partnerUserId=2811016568733304569
Request Chain 153
  • https://sync.srv.stackadapt.com/sync?nid=161 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=93&partnerUserId=WUXhsN68Th1Y3T4lBrb9morHJoQ
Request Chain 154
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D54%26partnerUserId%3D%7Bdevice_id%7D HTTP 307
  • https://cs.lkqd.net/cs?partnerId=54&partnerUserId=fd449806-8077-43a3-b3be-29effb9385b4
Request Chain 155
  • https://cs.lkqd.net/cs?partnerId=103&redirect=https%3A%2F%2Fevent.clientgear.com%2Fcookie%2Flkqd%3Fpartner%3Dlkqd%26cookieid%3D%24%24rawlkqduserid%24%24&r=if HTTP 302
  • https://event.clientgear.com/cookie/lkqd?partner=lkqd&cookieid=cQKFGM8aiLM
Request Chain 156
  • https://cs.lkqd.net/cs?partnerId=102&redirect=https%3A%2F%2Fcs.krushmedia.com%2Fcd607442bfdf172cfcec45014a5f4ece.gif%3Fpuid%3D%24%24rawlkqduserid%24%24%26redir%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D102%2526partnerUserId%253D%255BUID%255D&r=if HTTP 302
  • https://cs.krushmedia.com/cd607442bfdf172cfcec45014a5f4ece.gif?puid=ol5w2TCE31Q&redir=https://cs.lkqd.net/cs?partnerId%3D102%26partnerUserId%3D%5BUID%5D HTTP 302
  • https://cs.lkqd.net/cs?partnerId=102&partnerUserId=34e47b4b-0439-4ba7-80fc-13dbceeb235a
Request Chain 157
  • https://ad.turn.com/r/cs?pid=65 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=94&partnerUserId=2594843786619520761
Request Chain 158
  • https://sync.srv.stackadapt.com/sync?nid=161 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=93&partnerUserId=zHifoJlHRURIOr-5AzrDporHJoQ
Request Chain 187
  • https://sync.srv.stackadapt.com/sync?nid=161 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=93&partnerUserId=DcqToBH7TgRbsiPmgBAhRYrHJoQ
Request Chain 188
  • https://nxd.adhaven.com/bid-engine/cs/2e288610711ad6050acd86a3fc72a6c3/v1?rd=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D90%26partnerUserId%3D%24UID HTTP 302
  • https://cs.lkqd.net/cs?partnerId=90&partnerUserId=4c_033ac60a-6973-41be-9af3-34cb467e4999
Request Chain 190
  • https://cs.lkqd.net/cs?partnerId=85&redirect=https%3A%2F%2Fa.tribalfusion.com%2Fi.match%3Fp%3Db30%26u%3D%24%24rawlkqduserid%24%24%26redirect%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D85%2526partnerUserId%253D%2524TF_USER_ID_ENC%2524&r=if HTTP 302
  • https://a.tribalfusion.com/i.match?p=b30&u=_xt7vX3zMtk&redirect=https://cs.lkqd.net/cs?partnerId%3D85%26partnerUserId%3D$TF_USER_ID_ENC$ HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b30&u=_xt7vX3zMtk&redirect=https://cs.lkqd.net/cs?partnerId%3D85%26partnerUserId%3D$TF_USER_ID_ENC$ HTTP 302
  • https://cs.lkqd.net/cs?partnerId%3D85%26partnerUserId%3D18072662277490772174
Request Chain 191
  • https://match.prod.bidr.io/cookie-sync/lkq HTTP 303
  • https://match.prod.bidr.io/cookie-sync/lkq?_bee_ppp=1 HTTP 303
  • https://cs.lkqd.net/cs?partnerId=80&partnerUserId=AAGCck7HMtcAACAJ4unM0Q
Request Chain 265
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 271
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 357
  • https://cms.quantserve.com/pixel/p-E357uSpKxfQzx.gif?idmatch=0 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=76&&partnerUserId=7PEz2OygPIf39mmEuPYng-mha9D39jmC7_Dihr6h
Request Chain 358
  • https://cs.lkqd.net/cs?partnerId=59&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dlkqd_dbm%26google_cm%26google_hm%3D%24%24rawlkqduserid%7Cbase64%24%24&r=if HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=lkqd_dbm&google_cm&google_hm=X3h0N3ZYM3pNdGs HTTP 302
  • https://cs.lkqd.net/cs?partnerId=59&partnerUserId=CAESEJ48Muo5w10xR45ip7I1KoA&google_cver=1
Request Chain 359
  • https://cs.lkqd.net/cs?partnerId=55&redirect=https%3A%2F%2Fidsync.rlcdn.com%2F464986.gif%3Fpartner_uid%3D%24%24rawlkqduserid%24%24&r=if HTTP 302
  • https://idsync.rlcdn.com/464986.gif?partner_uid=_xt7vX3zMtk
Request Chain 382
  • https://bh.contextweb.com/bh/rtset?pid=561322&ev=1&rurl=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D53%26partnerUserId%3D%25%25VGUID%25%25 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=53&partnerUserId=F9WkjGDl8fJ0&ev=1&pid=561322
Request Chain 383
  • https://sync-tm.everesttech.net/upi/pid/aUTuBPNf?redir=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D52%26partnerUserId%3D%24%7BUSER_ID%7D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/aUTuBPNf?redir=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D52%26partnerUserId%3D%24%7BUSER_ID%7D&_test=Y5lrcAAAAkGtpAAo HTTP 302
  • https://cs.lkqd.net/cs?partnerId=52&partnerUserId=Y5lrcAAAAkGtpAAo&_test=Y5lrcAAAAkGtpAAo
Request Chain 384
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=lkqd HTTP 302
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=lkqd&s_h=1 HTTP 302
  • https://sb.scorecardresearch.com/p?c1=9&c2=5989497&cs_xi=31d4987b-b3d0-437f-9f40-c9a38950c7b7&rn=TIMESTAMP&cs_xs=3315&r=https%3A%2F%2Fsync.tidaltv.com%2Fgenericusersync.ashx%3Fdpid%3D1266&gdpr=1&gdpr_consent= HTTP 302
  • https://sb.scorecardresearch.com/p2?c1=9&c2=5989497&cs_xi=31d4987b-b3d0-437f-9f40-c9a38950c7b7&rn=TIMESTAMP&cs_xs=3315&r=https%3A%2F%2Fsync.tidaltv.com%2Fgenericusersync.ashx%3Fdpid%3D1266&gdpr=1&gdpr_consent= HTTP 302
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=1266 HTTP 302
  • https://d.turn.com/r/du/id/L2NzaWQvMS9tcGlkLzMxODMxNDE0/mpuid/31d4987b-b3d0-437f-9f40-c9a38950c7b7/rnd/0/url/https://sync.tidaltv.com/GenericUserSync.ashx?dpid=1261%2F&gdpr=1&gdpr_consent= HTTP 302
  • https://sync.tidaltv.com/GenericUserSync.ashx?dpid=1261%2F&gdpr=1&gdpr_consent= HTTP 302
  • https://dpm.demdex.net/ibs:dpid=445&dpuuid=31d4987b-b3d0-437f-9f40-c9a38950c7b7?redir=https%3A%2F%2Fsync.tidaltv.com%2Fgenericusersync.ashx%3Fdpid%3D1262&gdpr=1&gdpr_consent=
Request Chain 403
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=lkqd HTTP 302
  • https://sb.scorecardresearch.com/p?c1=9&c2=5989497&cs_xi=31d4987b-b3d0-437f-9f40-c9a38950c7b7&rn=TIMESTAMP&cs_xs=3315&r=https%3A%2F%2Fsync.tidaltv.com%2Fgenericusersync.ashx%3Fdpid%3D1266&gdpr=1&gdpr_consent= HTTP 302
  • https://sb.scorecardresearch.com/p2?c1=9&c2=5989497&cs_xi=31d4987b-b3d0-437f-9f40-c9a38950c7b7&rn=TIMESTAMP&cs_xs=3315&r=https%3A%2F%2Fsync.tidaltv.com%2Fgenericusersync.ashx%3Fdpid%3D1266&gdpr=1&gdpr_consent= HTTP 302
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=1266 HTTP 302
  • https://d.turn.com/r/du/id/L2NzaWQvMS9tcGlkLzMxODMxNDE0/mpuid/31d4987b-b3d0-437f-9f40-c9a38950c7b7/rnd/0/url/https://sync.tidaltv.com/GenericUserSync.ashx?dpid=1261%2F&gdpr=1&gdpr_consent= HTTP 302
  • https://sync.tidaltv.com/GenericUserSync.ashx?dpid=1261%2F&gdpr=1&gdpr_consent= HTTP 302
  • https://dpm.demdex.net/ibs:dpid=445&dpuuid=31d4987b-b3d0-437f-9f40-c9a38950c7b7?redir=https%3A%2F%2Fsync.tidaltv.com%2Fgenericusersync.ashx%3Fdpid%3D1262&gdpr=1&gdpr_consent= HTTP 302
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=1262 HTTP 302
  • https://tags.bluekai.com/site/5379?id=31d4987b-b3d0-437f-9f40-c9a38950c7b7&redir=https%3A%2F%2Fsync.tidaltv.com%2Fgenericusersync.ashx%3Fdpid%3D1263&gdpr=1&gdpr_consent=
Request Chain 404
  • https://media.sabio.us/imp_pixel?invsrc=11&secure=1 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=39&partnerUserId=514795109016775980
Request Chain 405
  • https://cs.lkqd.net/cs?partnerId=25&redirect=https%3A%2F%2Fgu.dyntrk.com%2Fadx%2Flkqd%2Fus.php%3Fdynk%3Dl1k4q1d4%26gdpr%3D%24%24gdpr%24%24%26gdpr_consent%3D%24%24gdprcs%24%24&r=if HTTP 302
  • https://gu.dyntrk.com/adx/lkqd/us.php?dynk=l1k4q1d4&gdpr=$$gdpr$$&gdpr_consent=$$gdprcs$$
Request Chain 426
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=lkqd HTTP 302
  • https://sb.scorecardresearch.com/p?c1=9&c2=5989497&cs_xi=31d4987b-b3d0-437f-9f40-c9a38950c7b7&rn=TIMESTAMP&cs_xs=3315&r=https%3A%2F%2Fsync.tidaltv.com%2Fgenericusersync.ashx%3Fdpid%3D1266&gdpr=1&gdpr_consent= HTTP 302
  • https://sb.scorecardresearch.com/p2?c1=9&c2=5989497&cs_xi=31d4987b-b3d0-437f-9f40-c9a38950c7b7&rn=TIMESTAMP&cs_xs=3315&r=https%3A%2F%2Fsync.tidaltv.com%2Fgenericusersync.ashx%3Fdpid%3D1266&gdpr=1&gdpr_consent= HTTP 302
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=1266 HTTP 302
  • https://d.turn.com/r/du/id/L2NzaWQvMS9tcGlkLzMxODMxNDE0/mpuid/31d4987b-b3d0-437f-9f40-c9a38950c7b7/rnd/0/url/https://sync.tidaltv.com/GenericUserSync.ashx?dpid=1261%2F&gdpr=1&gdpr_consent= HTTP 302
  • https://sync.tidaltv.com/GenericUserSync.ashx?dpid=1261%2F&gdpr=1&gdpr_consent= HTTP 302
  • https://dpm.demdex.net/ibs:dpid=445&dpuuid=31d4987b-b3d0-437f-9f40-c9a38950c7b7?redir=https%3A%2F%2Fsync.tidaltv.com%2Fgenericusersync.ashx%3Fdpid%3D1262&gdpr=1&gdpr_consent= HTTP 302
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=1262 HTTP 302
  • https://tags.bluekai.com/site/5379?id=31d4987b-b3d0-437f-9f40-c9a38950c7b7&redir=https%3A%2F%2Fsync.tidaltv.com%2Fgenericusersync.ashx%3Fdpid%3D1263&gdpr=1&gdpr_consent= HTTP 302
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=1263&gdpr=1&gdpr_consent= HTTP 302
  • https://loadm.exelator.com/load/?p=204&g=281&buid=31d4987b-b3d0-437f-9f40-c9a38950c7b7&j=0&ru=https%3A%2F%2Fsync.tidaltv.com%2Fgenericusersync.ashx%3Fdpid%3D1265&gdpr=1&gdpr_consent=
Request Chain 427
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3162 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=23&partnerUserId=31d4987b-b3d0-437f-9f40-c9a38950c7b7&gdpr=1&gdpr_consent=

394 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.the-star.co.ke/
Redirect Chain
  • http://the-star.co.ke/
  • https://the-star.co.ke/
  • https://www.the-star.co.ke/
358 KB
52 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.the-star.co.ke/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:3032::6815:31d2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
25bc555ee72e3b016bd92686344c0ef1a5ccdcefe2045e7862742a5bee8f9341
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
7794d6fe893a9271-FRA
content-encoding
br
content-type
text/html; charset=utf-8
date
Wed, 14 Dec 2022 06:21:32 GMT
expires
Wed, 14 Dec 2022 06:21:32 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0qxRzyUXSobTHra5mCrt8MQI5K3gvE%2FGbnCNphbvLpxVJtCabYZas7%2FxsG85ywECjF3y1NpuOatrmBwr2jZ91n8NXF6uarB3ed8ubwtJLVszC5v6iG4Xayaol6oOmIP%2FpFx52dtC2ci9f6T6eMfaj%2FQ%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-cloud-trace-context
877ca93e516e1488dfbc0815e879bf3c
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-ua-compatible
IE=edge
x-xss-protection
1; mode=block

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=3600
cf-ray
7794d6fe38cb9271-FRA
date
Wed, 14 Dec 2022 06:21:31 GMT
expires
Wed, 14 Dec 2022 07:21:31 GMT
location
https://www.the-star.co.ke/
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B52jhTNq3P0gmqPNedckq3MeSKarZlGkw%2BYZ7M172lgL2o02WEemCFTorAUrN9DIWFGSikn33cduq8RRSx6ydaVfgAgqp5Bz8gXV2tLy1LCul6cW27jtCuPyxHoNZ9FDjc%2FsDw9pxctQbOKrvg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
priority.75c6ecdc078e20fc1da8.bundle.js
www.the-star.co.ke/build/chunks/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.the-star.co.ke/build/chunks/priority.75c6ecdc078e20fc1da8.bundle.js
Requested by
Host: www.the-star.co.ke
URL: https://www.the-star.co.ke/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:3032::6815:31d2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7ff0a74af02c5fd32ced1f281f2ab9dc0c279e8f872f31301936a7e5b9b90b01

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.the-star.co.ke/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 06:21:32 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
597
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
server
cloudflare
etag
W/"Vc_dBA"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Vw5YMg3zYIL0SLc0wgKvIVOIdJUQtVuw0a7FHZ6omDfPoe0vu%2BFk3KW6EXjt7%2FSJRTAqZyOtK8w7j402ELx42PkWlzddQNiVAJO6OWjCsXow0%2B4MmK9qgFFcx%2BfrKnpd37UkFa6I6Ghxb%2FWdCC9L1aM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-cloud-trace-context
62258d62f96ea950f6a05aed8c942545
cache-control
public, max-age=31536000
cf-ray
7794d70459ba9271-FRA
expires
Thu, 14 Dec 2023 06:11:35 GMT
priority.75c6ecdc078e20fc1da8.bundle.css
www.the-star.co.ke/build/chunks/ 		365 B
575 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.the-star.co.ke/build/chunks/priority.75c6ecdc078e20fc1da8.bundle.css
Requested by
Host: www.the-star.co.ke
URL: https://www.the-star.co.ke/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:3032::6815:31d2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a0e0a7a96cb99a0c3b5693f6d8c0210a0b945c9feeede5851e5aa4a7c9920672

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.the-star.co.ke/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 06:21:32 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
597
cf-polished
origSize=366
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
server
cloudflare
etag
W/"Vc_dBA"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=piHao6TCtFyATYQCz6%2BUTjpL9BIi1zOG0lr9tnmlI4eKRL7LbVeZI0BIk0%2FZfGiIjXLsHEPDxfuhjee%2BaTFVI3DEERbIAoXFegjkHvlkm43gLEdZYFLQeNyTGxWBI3UU%2FAk4HdoXW%2F7kmxSm1nSFYg8%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
x-cloud-trace-context
4b8654d22cf10b1787ae02b15d2252cc
cache-control
public, max-age=31536000
cf-ray
7794d70459bd9271-FRA
expires
Thu, 14 Dec 2023 06:11:35 GMT
entry.b723c523bed74f30766d.bundle.css
www.the-star.co.ke/build/chunks/ 		182 KB
26 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.the-star.co.ke/build/chunks/entry.b723c523bed74f30766d.bundle.css
Requested by
Host: www.the-star.co.ke
URL: https://www.the-star.co.ke/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:3032::6815:31d2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
30eb99425a0afc0ccc7802996844c817100b8cec24009e6dd98f531ea3829a44

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.the-star.co.ke/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 06:21:32 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
597
cf-polished
origSize=186832
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
server
cloudflare
etag
W/"Vc_dBA"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RhBmRo3fqiVYAb%2Bdh8eK8UKiPbD7lTugu%2BriGlU6z1ZJSH8uibR9vg37iDDzC73YwkuIS8LNYLBzLDlmisTwGlC8AaleDCgPa692L%2BTKmAIK4bd2NKzZhedlbf95hJEH31bVLeg7UR9ZHkg18nRmeYQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
x-cloud-trace-context
d955e10acb93b7fbeea0100813612b79
cache-control
public, max-age=31536000
cf-ray
7794d70459c09271-FRA
expires
Thu, 14 Dec 2023 06:11:35 GMT
section.aa88f88387d06b738191.bundle.css
www.the-star.co.ke/build/chunks/pages/ 		92 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.the-star.co.ke/build/chunks/pages/section.aa88f88387d06b738191.bundle.css
Requested by
Host: www.the-star.co.ke
URL: https://www.the-star.co.ke/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:3032::6815:31d2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2e98ef142a087c8c7da0afd1c303dc1e7f2e6e9eec1e8fa8a9448d35f38fcd8c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.the-star.co.ke/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 06:21:32 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1046383
cf-polished
origSize=95116
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
server
cloudflare
etag
W/"wPZf7Q"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9xQpEkFpc0ps5kLeoZ0bW05FhdnUuQib6tNYT1dEOZBUeYtq8EEMh96Oa0FvSaJURZMVM63ci8%2FFwGr%2FX8GbN3RzJp3PXx6tOj4x0MqzI1R3nz4LWmqjy7ixSsAUbwPXCk0KU%2FBCwVLsJecZfhr4Yb0%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
x-cloud-trace-context
dc864fe5e6943d2680dfeba2d73bb158
cache-control
public, max-age=31536000
cf-ray
7794d70459c49271-FRA
expires
Sat, 02 Dec 2023 03:41:49 GMT
rocket-loader.min.js
www.the-star.co.ke/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.the-star.co.ke/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: www.the-star.co.ke
URL: https://www.the-star.co.ke/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:3032::6815:31d2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.the-star.co.ke/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 06:21:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 07 Dec 2022 18:45:45 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6390df59-302c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uq5XOfDfc%2BVWGwD2Ucu%2F%2FCFUAu3SuDqVvVgT2rCo1U%2BD02%2B7tEsLA2zsoigHX0KQENmEpjYIyKDlwxgQNODQG3gtX%2FNjG7yuXCWR4t%2BorGpZt1jAklb%2BFIuEN%2FNjZU349gncqWrrG1KF%2BZGEVq71dYs%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
7794d70459c69271-FRA
expires
Fri, 16 Dec 2022 06:21:32 GMT
u_search.png
www.the-star.co.ke/publication/custom/static/ 		432 B
962 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.the-star.co.ke/publication/custom/static/u_search.png
Requested by
Host: www.the-star.co.ke
URL: https://www.the-star.co.ke/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:c18c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8767a153c7e72f2c42693bf86cda7bb2613802be672e650a3ff0809cb1527aef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.the-star.co.ke/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 06:21:32 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
66282
etag
"Vc_dBA"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MRbS%2BZk2frEWp9ChAjYvjPl93lxT3vX2tDSvvvPEmdJV7CPVlRSE7flwht36TVq0wf5GwwSCKAWtRkK%2FjavTxIOwdHYCUvzasi5i7OMqwDsgrNTLkj7Jr0ekktpzY93jgEQhlwHiJ2P8iRx3TqGbQko%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
x-cloud-trace-context
39505cc6625e13a6629c44f034c6b7a1
cache-control
public, max-age=86400
cf-ray
7794d704bd609b34-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Wed, 14 Dec 2022 11:56:50 GMT
logo.png
www.the-star.co.ke/publication/custom/static/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.the-star.co.ke/publication/custom/static/logo.png
Requested by
Host: www.the-star.co.ke
URL: https://www.the-star.co.ke/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:c18c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2dc41532218c4aedb2e069256335e97cfce9ee7307fd71530240499636493fca

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.the-star.co.ke/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 06:21:32 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
68616
etag
"Vc_dBA"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u9SiIbllUqVW2N%2FPXIgP7jQnjnFwCZ73%2B1jnjArCR3mJPVkkWPd09d79F%2Bz5WEt0wZA1kpmXl0BvMxwUmaz92YEOrck%2FHlV%2F5DMiPh0u%2Bwajdle4zKx5kYmG4fKvVGTNCFReiEMkxesfQMaI19rw8mw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
x-cloud-trace-context
964cb3d582255f77c4a7f02cbd894556
cache-control
public, max-age=86400
cf-ray
7794d704bd629b34-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Wed, 14 Dec 2022 11:17:56 GMT
fi_user.png
www.the-star.co.ke/publication/custom/static/ 		980 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.the-star.co.ke/publication/custom/static/fi_user.png
Requested by
Host: www.the-star.co.ke
URL: https://www.the-star.co.ke/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:c18c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
498340b5ce57af046941ab37ea458fa90fb70d7561fd4507db89d6510c7bdde2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.the-star.co.ke/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 06:21:32 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
68616
etag
"Vc_dBA"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y76Q713XiYlJOf2xD1%2BVYNHjVKNulPQ3T5ZrpRppf48aBWcDZ1lWKZr0UKYBZF3G04dafyAnMguSvQn5LXd42e7UksBPI9hdBNGFXutIMQDj9KTyj50jjhVKNnjv1ZamC4HuI%2B5PUGQRiw8oNF19FbE%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
x-cloud-trace-context
66e78d057931edac57758514db13ba36
cache-control
public, max-age=86400
cf-ray
7794d704bd649b34-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Wed, 14 Dec 2022 11:17:56 GMT
email-decode.min.js
www.the-star.co.ke/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.the-star.co.ke/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: www.the-star.co.ke
URL: https://www.the-star.co.ke/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:c18c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.the-star.co.ke/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 06:21:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 07 Dec 2022 18:45:45 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6390df59-4d7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iIKCOI1syhbCJdvSbaikW3gl3SRxnaTFgQzJJpdw97kBqhCTT%2FjMjTTkCixpMWKX69pH03Af6fcjWsPaszlMMD8xDEMmHO1o1PYN%2BTfyJ%2FKsq1ncQf7ThZ6vje2PnItahUEX1mF3s6LhvtB5jAqot9g%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
7794d704bd499b34-FRA
expires
Fri, 16 Dec 2022 06:21:32 GMT
main-padlock.svg
www.the-star.co.ke/static/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.the-star.co.ke/static/main-padlock.svg
Requested by
Host: www.the-star.co.ke
URL: https://www.the-star.co.ke/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:c18c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
498d521089ab4acd1cae9ffcc81f4fafec6c3f5a0c2c167af2c23bdfa2a726c8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.the-star.co.ke/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 06:21:32 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
48943
etag
W/"Vc_dBA"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sqWMe0GSfIvocHrERr%2BIABHe6JeXmXdKaFvldBu6ivUE139zRq2zS0CD0QUtaRbsYUeKl8Lo%2BOJUj1Kcucu%2FntvoMd%2F%2BPCudVdj6F2ltXYEfZFf8vZtheZcT6vs28GLlT%2Fn5RzxFQPli84LbUJr1rEg%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
x-cloud-trace-context
fef9237bf5c7dc27c351b8e1108a4f6f
cache-control
public, max-age=86400
cf-ray
7794d704bd669b34-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Wed, 14 Dec 2022 16:45:49 GMT
entry.b723c523bed74f30766d.bundle.js
www.the-star.co.ke/build/chunks/ 		240 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.the-star.co.ke/build/chunks/entry.b723c523bed74f30766d.bundle.js
Requested by
Host: www.the-star.co.ke
URL: https://www.the-star.co.ke/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:c18c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
24ed15e9fb058e344618b8c7a68b56b5765ea51b1765fac3372a040955da6877

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.the-star.co.ke/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 06:21:32 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1958720
cf-polished
origSize=245716
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
server
cloudflare
etag
W/"BnZoGA"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EylwrGiphzMw1uYQdrGphsBcbBgKO4YLHvFhznad7qTI6YpGkCazf%2FJLALA2Bm5NS8BF04Ht4dPyRhI73iyELd3zEj6h8zNiVTsZywT9zIL5ahSKcTozQJSPj%2B84wRNmzbs9dgWGRx2UYzQWKT499eI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-cloud-trace-context
0f672ad1942d0ec5596eef5283ce47d4
cache-control
public, max-age=31536000
cf-ray
7794d704bd529b34-FRA
expires
Tue, 21 Nov 2023 14:16:12 GMT
section.aa88f88387d06b738191.bundle.js
www.the-star.co.ke/build/chunks/pages/ 		417 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.the-star.co.ke/build/chunks/pages/section.aa88f88387d06b738191.bundle.js
Requested by
Host: www.the-star.co.ke
URL: https://www.the-star.co.ke/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:c18c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
539eb6d2511a5017738b539919b691bb7b2b7265b97b4f06673eef710612069b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.the-star.co.ke/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 06:21:32 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1674503
cf-polished
origSize=427516
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
server
cloudflare
etag
W/"QRnG8g"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gJSZ2iZXRqsDzcZblmtvwCdwjW6lfgTYsx3Wssi%2FJDvCyRiBjsncDgBzWcCsMLYON2sJ6SwL5ChYjtPxCDpMGiq1LNGiOuc%2FZOvOztbOWl%2FijXwnY6l7h1QS%2BOk4VhIJVekA4QJ55caLaUIBOmb4Xkg%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-cloud-trace-context
afdd183c33edf60fed6bb27ff0c1d28c
cache-control
public, max-age=31536000
cf-ray
7794d704bd5d9b34-FRA
expires
Fri, 24 Nov 2023 21:13:09 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.the-star.co.ke
URL: https://www.the-star.co.ke/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2ca894bf1b052d3850519b33f5874b9eb22693471114ba1eadfe61fbd4783c3e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.the-star.co.ke/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 06:21:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27538
x-xss-protection
0
server
sffe
etag
"1421 / 39 of 1000 / last-modified: 1670587517"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 14 Dec 2022 06:21:32 GMT
css
fonts.googleapis.com/ 		28 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:300,300i,400,400i,700,700i,800|Merriweather:300,300i,400,400i,700,700i
Requested by
Host: www.the-star.co.ke
URL: https://www.the-star.co.ke/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1700f83003b043d183ab54ed4925d06ec9f28639c45cd8444c85403acaeab533
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.the-star.co.ke/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 14 Dec 2022 06:21:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 14 Dec 2022 05:31:39 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 14 Dec 2022 06:21:32 GMT
truncated
/ 		448 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a2cc385b3adf3199bc4c73b1fb63c3dca41f27e094b2011aa8bda1598eaeb5e0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type
image/jpg
truncated
/ 		457 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dbbe34e3621b349c931a185ec2379c82d68b40f7265c2a914506a5c15b03a3e1

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type
image/jpg
truncated
/ 		953 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
701d511fc415613bd03681506371a60e966db7a858142dcf5c7e497d2a6606cf

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type
image/jpg
truncated
/ 		1023 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
edb3ad39da49fc271ad343fa141104e847059c17a189c40024bbfeb8432a3977

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type
image/jpg
truncated
/ 		434 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5205891d52040fe7348f8724599c00040f3c69b5dfb19fe4f191b871f4cad1b5

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type
image/jpg
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
72ab663925ecacafce058db542850be48a01953885fd418c1ee3717193c9bbb4

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type
image/jpg
fontawesome-webfont.af7ae505a9eed503f8b8e6982036873e.woff2
www.the-star.co.ke/build/publication/fonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.the-star.co.ke/build/publication/fonts/fontawesome-webfont.af7ae505a9eed503f8b8e6982036873e.woff2
Requested by
Host: www.the-star.co.ke
URL: https://www.the-star.co.ke/build/chunks/entry.b723c523bed74f30766d.bundle.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:c18c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer
https://www.the-star.co.ke/build/chunks/entry.b723c523bed74f30766d.bundle.css
Origin
https://www.the-star.co.ke
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 06:21:32 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
21846788
etag
"xAmqlg"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1FFByxkOwXSZ%2FMi09CRWYY83DcHjdHmdKXoUz1YTLbMpDxpx8Vssz6Ie2WyB2%2BYq9GzPg1MAaTSqKCj3vGPp1AuhjWsjYLwjITaz4iDgyQAQf4KMkzkv8hULiB8gB7GJQ3gGOb5D%2BxD4G1VABQY4T6c%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
x-cloud-trace-context
e51fc6b596febe417dda4ed973b91110
cache-control
public, max-age=31536000
cf-ray
7794d704edaf9b34-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Wed, 05 Apr 2023 09:48:23 GMT
GdLfYcDqPMsasPWdC7tEUytCqnXi5_YCKbT069c1eMYxXf4D0eD-EEog-u4hf3OGoM5XopnOtQkkwt80u74F_bEidKbYRP-BckG-S8tb0Q
lh3.googleusercontent.com/ 		53 KB
53 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/GdLfYcDqPMsasPWdC7tEUytCqnXi5_YCKbT069c1eMYxXf4D0eD-EEog-u4hf3OGoM5XopnOtQkkwt80u74F_bEidKbYRP-BckG-S8tb0Q
Requested by
Host: www.the-star.co.ke
URL: https://www.the-star.co.ke/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
389b654c92e941c98cde3416bd0d9fde36ce0b3712579a83f7fe8be98d8b46a5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.the-star.co.ke/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 06:12:17 GMT
x-content-type-options
nosniff
age
555
content-disposition
inline;filename="unnamed.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
53802
x-xss-protection
0
server
fife
etag
"v1"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Wed, 14 Dec 2022 21:30:58 GMT
YD7QZGh9ov8exFpIYqgXBjRyt7ccNvMAY8MJpwdZgiAo5LTD7f9RKcdckcEQ1NIEiiJn18jPw4nlwII4uKPT5xa0NHpRrmXcAoYhJDA
lh3.googleusercontent.com/ 		75 KB
75 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/YD7QZGh9ov8exFpIYqgXBjRyt7ccNvMAY8MJpwdZgiAo5LTD7f9RKcdckcEQ1NIEiiJn18jPw4nlwII4uKPT5xa0NHpRrmXcAoYhJDA
Requested by
Host: www.the-star.co.ke
URL: https://www.the-star.co.ke/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
0f4a5ad23cc5b11e3d3a589a24fcc32addcffdd6c8842e1cfbaf870e7ec48c70
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.the-star.co.ke/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 06:12:17 GMT
x-content-type-options
nosniff
age
555
content-disposition
inline;filename="unnamed.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
77080
x-xss-protection
0
server
fife
etag
"v1"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Wed, 14 Dec 2022 21:22:11 GMT
e6X2WkIRTg_G3_eiK5UfBG_Ibpx3DkpxukKMT1rwOFGS589PQNWYYLiIhP12j6IPlLPpUzJLB5HytgCz4ZYNoO6L8wUPilA5JTa3bP2EyQ
lh3.googleusercontent.com/ 		80 KB
80 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/e6X2WkIRTg_G3_eiK5UfBG_Ibpx3DkpxukKMT1rwOFGS589PQNWYYLiIhP12j6IPlLPpUzJLB5HytgCz4ZYNoO6L8wUPilA5JTa3bP2EyQ
Requested by
Host: www.the-star.co.ke
URL: https://www.the-star.co.ke/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
3764679237549375d7fbb391167dab11339c32babcfd59ff40eef531f64339be
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.the-star.co.ke/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 02:23:24 GMT
x-content-type-options
nosniff
age
14288
content-disposition
inline;filename="unnamed.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
81558
x-xss-protection
0
server
fife
etag
"v1"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Wed, 14 Dec 2022 21:04:27 GMT
C8fvFsnrghhnfiN9KrXudAP7Qg-tOU-Pkuk5UNyP0H3JQrmYCkBfgwuuCk45aNs4ronjj7NyxZxg6HmWkOSdWs-xGjzUz0fntoh6_vFDYw
lh3.googleusercontent.com/ 		57 KB
57 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/C8fvFsnrghhnfiN9KrXudAP7Qg-tOU-Pkuk5UNyP0H3JQrmYCkBfgwuuCk45aNs4ronjj7NyxZxg6HmWkOSdWs-xGjzUz0fntoh6_vFDYw
Requested by
Host: www.the-star.co.ke
URL: https://www.the-star.co.ke/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
406d5ab3d026eb797f23ce36845ee34bae9d639d7cabddc367654f12eb9bb1f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.the-star.co.ke/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 04:38:55 GMT
x-content-type-options
nosniff
age
6157
content-disposition
inline;filename="unnamed.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
58114
x-xss-protection
0
server
fife
etag
"v1"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Wed, 14 Dec 2022 18:45:21 GMT
zmxN-sYrlhqGQE6YryVERhX3Cfm5ziRXv-5ia3F-Icgapu7h5lFarmSpoGgKUX9VqAjFgGVZOt2V7bqFVN0zzAUoggRF_jvFFvcgZIamZxw
lh3.googleusercontent.com/ 		42 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/zmxN-sYrlhqGQE6YryVERhX3Cfm5ziRXv-5ia3F-Icgapu7h5lFarmSpoGgKUX9VqAjFgGVZOt2V7bqFVN0zzAUoggRF_jvFFvcgZIamZxw
Requested by
Host: www.the-star.co.ke
URL: https://www.the-star.co.ke/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
63941bc4ee706ee7e8073c6a1a7b969fa382a0ae81c4a1e41022e16c0b9247bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.the-star.co.ke/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 04:38:55 GMT
x-content-type-options
nosniff
age
6157
content-disposition
inline;filename="unnamed.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42535
x-xss-protection
0
server
fife
etag
"v1"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Wed, 14 Dec 2022 18:13:55 GMT
hxCUy-fG5Aj1H5KIQSw-8rkLmLgBqhuzI5DiozFwiSACBjsekNEbnG8HjySLuko0w7Nq2KP9UPh5W4fXJsICakLIgfvULudWoScY2h6-CqU
lh3.googleusercontent.com/ 		70 KB
70 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/hxCUy-fG5Aj1H5KIQSw-8rkLmLgBqhuzI5DiozFwiSACBjsekNEbnG8HjySLuko0w7Nq2KP9UPh5W4fXJsICakLIgfvULudWoScY2h6-CqU
Requested by
Host: www.the-star.co.ke
URL: https://www.the-star.co.ke/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
fec5f6af5919cd467cd2c0f4c13d5d3bd9c40eacc0f2fc2690b9bdb24fe9fe82
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.the-star.co.ke/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 04:38:55 GMT
x-content-type-options
nosniff
age
6157
content-disposition
inline;filename="unnamed.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
71253
x-xss-protection
0
server
fife
etag
"v1"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Wed, 14 Dec 2022 16:47:17 GMT
E9gxVlQKOXbf6rc4y5vcCzI09ugaGATByaeuftRfn-Jq_nxmJxIqzNGnG93MeYeQhVO17scdgfCMmNAva2tR2D0Ewxf8dQjQYWQymBUN
lh3.googleusercontent.com/ 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/E9gxVlQKOXbf6rc4y5vcCzI09ugaGATByaeuftRfn-Jq_nxmJxIqzNGnG93MeYeQhVO17scdgfCMmNAva2tR2D0Ewxf8dQjQYWQymBUN
Requested by
Host: www.the-star.co.ke
URL: https://www.the-star.co.ke/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
287881f0ceb6fdc21943d23658bbfc8acc405283d00e464d823bdf5be2626b7e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.the-star.co.ke/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 03:54:20 GMT
x-content-type-options
nosniff
age
8832
content-disposition
inline;filename="unnamed.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35967
x-xss-protection
0
server
fife
etag
"v1"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Wed, 14 Dec 2022 18:15:50 GMT
VPCnI2_auT-GSf3h4txv4OEQ148-lQFM0ZZ14d_05hKebDLe5qtakrvHsQyEASCADOiWZgT8rnfcwVxBu4tjCfycPRHI8sqETnNg9kqOvQ
lh3.googleusercontent.com/ 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/VPCnI2_auT-GSf3h4txv4OEQ148-lQFM0ZZ14d_05hKebDLe5qtakrvHsQyEASCADOiWZgT8rnfcwVxBu4tjCfycPRHI8sqETnNg9kqOvQ
Requested by
Host: www.the-star.co.ke
URL: https://www.the-star.co.ke/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
fe243a9e09757562376b46d2432998b74e1b28b5f5d67d8f3451639299836371
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.the-star.co.ke/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 04:39:13 GMT
x-content-type-options
nosniff
age
6139
content-disposition
inline;filename="unnamed.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34671
x-xss-protection
0
server
fife
etag
"v1"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Wed, 14 Dec 2022 17:35:17 GMT
MUzbg3zMqWu43H8j0a-8rXpWJx0s0ieFbpgOyvRqklJxHNXeM8aet_Hf6XWdldUY8KZleWjiXEcrWGgKKbCuumTt8o0AIkYU3deWV_Ye
lh3.googleusercontent.com/ 		48 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/MUzbg3zMqWu43H8j0a-8rXpWJx0s0ieFbpgOyvRqklJxHNXeM8aet_Hf6XWdldUY8KZleWjiXEcrWGgKKbCuumTt8o0AIkYU3deWV_Ye
Requested by
Host: www.the-star.co.ke
URL: https://www.the-star.co.ke/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
3944a8598cb1a26aa0c18d6899a19e6e76cba672d6e301dcf00341f07f7747bf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.the-star.co.ke/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 04:39:13 GMT
x-content-type-options
nosniff
age
6139
content-disposition
inline;filename="unnamed.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48968
x-xss-protection
0
server
fife
etag
"v1"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Wed, 14 Dec 2022 15:09:16 GMT
v3KfLOrvPRE2AzOXtIVmqoFl_zpgDnsC4TnBcI7Nm5ik_1WhJ0C_IOIwDq4jioWmSOdOoywj-xBJDK0oZUXXm96Vc1zb7ZCXncAGm_SP4g
lh3.googleusercontent.com/ 		42 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/v3KfLOrvPRE2AzOXtIVmqoFl_zpgDnsC4TnBcI7Nm5ik_1WhJ0C_IOIwDq4jioWmSOdOoywj-xBJDK0oZUXXm96Vc1zb7ZCXncAGm_SP4g
Requested by
Host: www.the-star.co.ke
URL: https://www.the-star.co.ke/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
a0b3e0c83ddfac2fdae4f678c8bce83a9fb64ca27c5cef9c80652c6734c75800
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.the-star.co.ke/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 04:53:49 GMT
x-content-type-options
nosniff
age
5263
content-disposition
inline;filename="unnamed.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43230
x-xss-protection
0
server
fife
etag
"v1"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Wed, 14 Dec 2022 08:49:59 GMT
BsMLAT2EFMjV01dO1S4WlmmFPYtFYdvK-c2eQQZrYQ7rcX03HcIbwC2uLxHxPwG-y3_VjIIYrcYel3252ZqKrlGX-6Rk9ZhPcP8KTQUBbYk
lh3.googleusercontent.com/ 		79 KB
79 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/BsMLAT2EFMjV01dO1S4WlmmFPYtFYdvK-c2eQQZrYQ7rcX03HcIbwC2uLxHxPwG-y3_VjIIYrcYel3252ZqKrlGX-6Rk9ZhPcP8KTQUBbYk
Requested by
Host: www.the-star.co.ke
URL: https://www.the-star.co.ke/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
08875dffc763f5b1fd4735b8aad5674e6b39840b42bd11411a74ca98f774fa26
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.the-star.co.ke/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 04:53:49 GMT
x-content-type-options
nosniff
age
5263
content-disposition
inline;filename="unnamed.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
81112
x-xss-protection
0
server
fife
etag
"v1"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Wed, 14 Dec 2022 08:35:34 GMT
yDNZBlHRB8Df6D6YA6UxAqYcPyU3FwfYTgxEY1B-9qmLYa-M9UgldRF9B1Wkf05lVZNL1tV3B1Tn6j8gNsRdXV57Kh9LdBKLnU2ovhg7ALw
lh3.googleusercontent.com/ 		51 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/yDNZBlHRB8Df6D6YA6UxAqYcPyU3FwfYTgxEY1B-9qmLYa-M9UgldRF9B1Wkf05lVZNL1tV3B1Tn6j8gNsRdXV57Kh9LdBKLnU2ovhg7ALw
Requested by
Host: www.the-star.co.ke
URL: https://www.the-star.co.ke/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
b889cd4be09bec30d99de26961d2e3a4c1fc87c187ab9326caa70d9b97ca9d79
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.the-star.co.ke/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 03:54:21 GMT
x-content-type-options
nosniff
age
8831
content-disposition
inline;filename="unnamed.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
52102
x-xss-protection
0
server
fife
etag
"v1"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Thu, 08 Dec 2022 10:24:34 GMT
DhSo9ScLllM99RvdUJ2ycm4cKO34DC9D74Tngp7DzlovJ0i0ITGtcI0CWzCztzjp9tkPzSGTMtTbUfOiafsgipt94eLEUzgslomXrzXUZA
lh3.googleusercontent.com/ 		59 KB
59 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/DhSo9ScLllM99RvdUJ2ycm4cKO34DC9D74Tngp7DzlovJ0i0ITGtcI0CWzCztzjp9tkPzSGTMtTbUfOiafsgipt94eLEUzgslomXrzXUZA
Requested by
Host: www.the-star.co.ke
URL: https://www.the-star.co.ke/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
f57b087063d1be22653ab9579eae1e5c640bfc7654d182d5b5ef55110f63c266
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.the-star.co.ke/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 03:54:21 GMT
x-content-type-options
nosniff
age
8831
content-disposition
inline;filename="unnamed.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
60150
x-xss-protection
0
server
fife
etag
"v1"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Wed, 07 Dec 2022 13:07:39 GMT
_6doZDm8gZwlqGCv8fcFnyr0SULibPklHyw8ByEGM8xMfRtKaiqMp0i2AWBV4IwUV0GdYc2Z4YPLqUIQWdRYBBq2BbO8UhD_W5s5YA5UJQ
lh3.googleusercontent.com/ 		79 KB
79 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/_6doZDm8gZwlqGCv8fcFnyr0SULibPklHyw8ByEGM8xMfRtKaiqMp0i2AWBV4IwUV0GdYc2Z4YPLqUIQWdRYBBq2BbO8UhD_W5s5YA5UJQ
Requested by
Host: www.the-star.co.ke
URL: https://www.the-star.co.ke/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
4b778d016878e5fcff89cda54ca63724e000c53f2e779c9d78f7ee067215d997
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.the-star.co.ke/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 04:53:50 GMT
x-content-type-options
nosniff
age
5262
content-disposition
inline;filename="unnamed.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
80978
x-xss-protection
0
server
fife
etag
"v1"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Thu, 01 Dec 2022 13:10:25 GMT
OJBRl0pvlHPv9AL4CJhKAF1nX1BdvcbAOH1G8AaK_n1ZlX1YI6Iv7dF_fxMeQI1KorwaC1ly-UL81kctKhE-dsHEXOILpRvvfRkWM40nIw
lh3.googleusercontent.com/ 		63 KB
63 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/OJBRl0pvlHPv9AL4CJhKAF1nX1BdvcbAOH1G8AaK_n1ZlX1YI6Iv7dF_fxMeQI1KorwaC1ly-UL81kctKhE-dsHEXOILpRvvfRkWM40nIw
Requested by
Host: www.the-star.co.ke
URL: https://www.the-star.co.ke/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
087894981002e214813e1b2893a475ed8e5fd4889c817dd6dce2275607deff45
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.the-star.co.ke/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 04:53:50 GMT
x-content-type-options
nosniff
age
5262
content-disposition
inline;filename="unnamed.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
64367
x-xss-protection
0
server
fife
etag
"v1"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Sun, 20 Nov 2022 20:01:39 GMT
T0FitD4ntEaYE4l42dAW51m3A_G5mnN8SyzrixYvaucWvONrHFA7StxCIWlHgrdzG6FoZNndPgU7hi_PBIgfPykoWEYNNRtBcCR73KWzKMY
lh3.googleusercontent.com/ 		66 KB
66 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/T0FitD4ntEaYE4l42dAW51m3A_G5mnN8SyzrixYvaucWvONrHFA7StxCIWlHgrdzG6FoZNndPgU7hi_PBIgfPykoWEYNNRtBcCR73KWzKMY
Requested by
Host: www.the-star.co.ke
URL: https://www.the-star.co.ke/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
94b0d2f07c7c243c3be2fc315000465da4fbaf9607ad8fae8a7d71049c12c73b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.the-star.co.ke/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 04:53:50 GMT
x-content-type-options
nosniff
age
5262
content-disposition
inline;filename="unnamed.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
67766
x-xss-protection
0
server
fife
etag
"v1"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Sun, 20 Nov 2022 13:16:00 GMT
xgreen-logo-ss.png.pagespeed.ic.ZEI47I_OoG.webp
www.myjobsinkenya.com/images/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.myjobsinkenya.com/images/xgreen-logo-ss.png.pagespeed.ic.ZEI47I_OoG.webp
Requested by
Host: www.the-star.co.ke
URL: https://www.the-star.co.ke/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.the-star.co.ke/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers
-NJEAttc2Gb0_iDDorBm
polls.the-star.co.ke/polls/embed/poll/ Frame DC87 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://polls.the-star.co.ke/polls/embed/poll/-NJEAttc2Gb0_iDDorBm
Requested by
Host: www.the-star.co.ke
URL: https://www.the-star.co.ke/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.195 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
a98064cca8a7895059d086c2ef279d92d1e68161bc4e7f0f72fa0c4cd7788ae9
Security Headers
Name Value
Strict-Transport-Security max-age=31556926

Request headers

Referer
https://www.the-star.co.ke/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
cache-control
max-age=3600
content-encoding
gzip
content-length
777
content-type
text/html; charset=utf-8
date
Wed, 14 Dec 2022 06:21:32 GMT
etag
"3bcdb91403e0461fadc21e1da419335c9f1b2a93b7b68a6f0abb4515f6365fa6"
last-modified
Fri, 28 Aug 2020 13:18:13 GMT
strict-transport-security
max-age=31556926
vary
x-fh-requested-host, accept-encoding
x-cache
HIT
x-cache-hits
1
x-served-by
cache-hhn-etou8220064-HHN
x-timer
S1670998893.575599,VS0,VE1
truncated
/ 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2e05ba8596a366d4e8e37a6a16451583bc9cf4857c55115dded6cce8620fe228

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type
image/jpg
truncated
/ 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
00185ef41abf2f454083c4d30ec9767ce52782b6f4ee19e0dda5d6de5881fab5

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type
image/jpg
truncated
/ 		470 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
79e372e119eadc84b7085543be082e981e3150bedee027e7a20459fb08f3d092

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type
image/jpg
truncated
/ 		903 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d4b3ffb2451b816a612010078b48f2ba7ced63d17c63b323457d5ba49fc0fc9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type
image/jpg
truncated
/ 		1012 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a950eb2a113b6519371037b16aaa880230d823caaa9ccb78dc1a81a5af366462

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type
image/jpg
truncated
/ 		480 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e934f02d55d8994d6f471e3aba0ee3c352005af4dabb11aedae018197d769e41

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type
image/jpg
RerpnJ7Y5Jr15mdiYCJjYbjdu_jXKXpZheWBj7f8j0rVTYt3i2mDwe_YSv-SYXEjn3qIl9EfvbES8spF7Q_J5Na_DFETYXEuW4vdqEuPrps
lh3.googleusercontent.com/ 		43 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/RerpnJ7Y5Jr15mdiYCJjYbjdu_jXKXpZheWBj7f8j0rVTYt3i2mDwe_YSv-SYXEjn3qIl9EfvbES8spF7Q_J5Na_DFETYXEuW4vdqEuPrps
Requested by
Host: www.the-star.co.ke
URL: https://www.the-star.co.ke/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
e7a2a5ff7b5052fd5e605aef1cae4fbd16b85d830b2b6353da0feceda5b45608
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.the-star.co.ke/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 03:34:33 GMT
x-content-type-options
nosniff
age
10019
content-disposition
inline;filename="unnamed.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44370
x-xss-protection
0
server
fife
etag
"v1"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Tue, 13 Dec 2022 18:20:22 GMT
j9JlTkn4G9neBJ-rQc5BydZJAZ0uNt36OaUTm06paVMlNcJhLBlZNHI4XEko6G4F9LxDAjTz4s6RYYtI7t4b86dFCUMRWp3SSzQ_cxAK
lh3.googleusercontent.com/ 		41 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/j9JlTkn4G9neBJ-rQc5BydZJAZ0uNt36OaUTm06paVMlNcJhLBlZNHI4XEko6G4F9LxDAjTz4s6RYYtI7t4b86dFCUMRWp3SSzQ_cxAK
Requested by
Host: www.the-star.co.ke
URL: https://www.the-star.co.ke/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
c7b8e523ed85f88aa0d75c9092ae6a4a4d5eae30fe2c6bdd2c2a7295d94d7ec7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.the-star.co.ke/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 03:34:33 GMT
x-content-type-options
nosniff
age
10019
content-disposition
inline;filename="unnamed.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42300
x-xss-protection
0
server
fife
etag
"v1"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Mon, 12 Dec 2022 18:05:07 GMT
truncated
/ 		450 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cbf6767dc875423191ba05f826ac2ecde67adfb307ef2f22ee2d3537a7691779

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type
image/jpg
truncated
/ 		456 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0b9c86af394e4b0b68f4289ee3c470e4fe7bb00512785f3cfd2b7ac6c46c02b7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type
image/jpg
truncated
/ 		413 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
24707433eb19a7c5f523950106af8fd4596c1501a4ad0c899f51a14da1a38bde

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type
image/jpg
truncated
/ 		484 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3e017c8dc8bfec81eb35aded524718a846070d0ffe8118399394fd0e6e851757

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type
image/jpg
pubads_impl_2022120501.js
securepubads.g.doubleclick.net/gpt/ 		380 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1e288c4dc57f72a69a497baef524f41c57e1c6a414b09a5bde22cd5b2f1b7cdf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.the-star.co.ke/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 06:10:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
655
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131905
x-xss-protection
0
last-modified
Mon, 05 Dec 2022 09:36:10 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 14 Dec 2023 06:10:37 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		304 B
164 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.the-star.co.ke
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
03064acdab807ad7d6a936b31b7f77cae92fdd216c2ea9a0ab392b734ca461a2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.the-star.co.ke/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 06:21:32 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
139
x-xss-protection
0
expires
Wed, 14 Dec 2022 06:21:32 GMT
truncated
/ 		410 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
024e3e4388509660aaf0b3d31e213508ac969dd6aed1f3b876f52991e5abe21e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type
image/jpg
truncated
/ 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6c81b292bf9d922440a8e86d8d896f8b3e17bbbe0bfad83e8857dc8916ef0cd9

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type
image/jpg
truncated
/ 		400 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
520c678e5c27cd38f5c8cbed72cd68c52b6bbd9b34fbcca0db577684acaf61c1

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type
image/jpg
truncated
/ 		388 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3351186dc844da3717f530937537f04c546d53acb6ce92799414f941cd76cac2

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type
image/jpg
truncated
/ 		455 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c0479b07a3cb6e825527814e9f1ab3980eb36c10bcdd055b09570a7e62ed233f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type
image/jpg
truncated
/ 		445 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fdf7b97297c6b787d2a4fe8a9309ab9e4b4dd526f0a1a12f65df4fcbdc21ac8b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type
image/jpg
truncated
/ 		867 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
75d479a0bb2de95e36aba92639eefc91e31a644e2b7a96052e3173ec5657130c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type
image/jpg
truncated
/ 		419 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3358c34480e959b05f293c96d34c132d6be2a1130a1887f49e71bbd2ca850676

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type
image/jpg
truncated
/ 		911 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9d654a99347f7f8609875a1cb303ab6499e527049be3bc47f240c285e9d06d16

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type
image/jpg
truncated
/ 		7 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
02b6b3f78db38c36e361be7aea812aced8a46d308d7e17062a0918bd0d1fab21

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type
image/jpg
truncated
/ 		466 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
36c8c49511f02f28b45b94fd621b747c835ff7850534361219632d0290cde85e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type
image/jpg
truncated
/ 		426 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a9b93a5a995ac345e943ba453034bcd7b40ca906b010de612dd2aa1e7ffce055

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type
image/jpg
truncated
/ 		453 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a25b4ea2db2c4dc1844de60c4c250d48cc20a763f4a973b890d7c5b5ad15488d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type
image/jpg
truncated
/ 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dafd5e3dd079e6aa6a45e93b0f41cea154a4db95a09d7a8ef9df4ce248e87015

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type
image/jpg
ynyhCYaWIGqgvkQ7T-7Psa4w-l076g4RyTQcyEKQiqT75eijpf33Z_H_s_gi1wuie7ib-Z6-9Onr4VbtCJhNOBRQum7y7jcggASrFJf4ABA
lh3.googleusercontent.com/ 		42 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/ynyhCYaWIGqgvkQ7T-7Psa4w-l076g4RyTQcyEKQiqT75eijpf33Z_H_s_gi1wuie7ib-Z6-9Onr4VbtCJhNOBRQum7y7jcggASrFJf4ABA
Requested by
Host: www.the-star.co.ke
URL: https://www.the-star.co.ke/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
cfd37c485b1f670c5c0e4f67610f2aed3095a78f7c15e53c941ea284cc271672
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.the-star.co.ke/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 05:43:03 GMT
x-content-type-options
nosniff
age
2309
content-disposition
inline;filename="unnamed.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42911
x-xss-protection
0
server
fife
etag
"v1"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Sat, 10 Dec 2022 18:50:04 GMT
Oj26LYIIC7QEXbZ4AQkKGEGaXWcTEN0blIybJ7x-Epj_xfhrghagWqLnRlx7xy_UzX0n-etmWzdWCcUlZMRO-z5nplXhDwiTEJBcOfXL
lh3.googleusercontent.com/ 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/Oj26LYIIC7QEXbZ4AQkKGEGaXWcTEN0blIybJ7x-Epj_xfhrghagWqLnRlx7xy_UzX0n-etmWzdWCcUlZMRO-z5nplXhDwiTEJBcOfXL
Requested by
Host: www.the-star.co.ke
URL: https://www.the-star.co.ke/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
df968abe67a5829be53c836be60dd68bfc1659cd869f912f306383786d3dc73c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.the-star.co.ke/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 03:36:34 GMT
x-content-type-options
nosniff
age
9898
content-disposition
inline;filename="unnamed.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35990
x-xss-protection
0
server
fife
etag
"v1"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Sat, 10 Dec 2022 11:01:14 GMT
-erh4xkhZyGFqgOV2xZL01PW8c11Drl9YLdV5UuM0GgWaRyImJ-4ZWZDOE-MCFrziE0FE2U4wJ1oYU8AsjT-QNteuxDuUCOizxLyQlHv
lh3.googleusercontent.com/ 		39 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/-erh4xkhZyGFqgOV2xZL01PW8c11Drl9YLdV5UuM0GgWaRyImJ-4ZWZDOE-MCFrziE0FE2U4wJ1oYU8AsjT-QNteuxDuUCOizxLyQlHv
Requested by
Host: www.the-star.co.ke
URL: https://www.the-star.co.ke/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
c85b2145ae65127325a57a49292936ef153ee58707b549fb188c2520f6ca3a6b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.the-star.co.ke/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 05:43:00 GMT
x-content-type-options
nosniff
age
2312
content-disposition
inline;filename="unnamed.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39816
x-xss-protection
0
server
fife
etag
"v1"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Fri, 09 Dec 2022 18:28:30 GMT
59D58EUulBOyy_wLhzPVY0ALXRp0lqJMXPk9hI1Zqf0Td34yfnoDvLPSN3B4KfE9sjcHPXy7u0iTitxKYKZnfGY5tpLkVQWtaFBUF99Wmg
lh3.googleusercontent.com/ 		43 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/59D58EUulBOyy_wLhzPVY0ALXRp0lqJMXPk9hI1Zqf0Td34yfnoDvLPSN3B4KfE9sjcHPXy7u0iTitxKYKZnfGY5tpLkVQWtaFBUF99Wmg
Requested by
Host: www.the-star.co.ke
URL: https://www.the-star.co.ke/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
7d3c220e8b91066f924ecbdd6905a6e98a8a60e1210aae9a0af69b380efe9319
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.the-star.co.ke/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 03:36:34 GMT
x-content-type-options
nosniff
age
9898
content-disposition
inline;filename="unnamed.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43651
x-xss-protection
0
server
fife
etag
"v1"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Tue, 13 Dec 2022 09:05:47 GMT
truncated
/ 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a5d38d4ad8b82e6363e4b700dd0a2ffca99d8e49d62f6225b415d187df789ef4

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type
image/jpg
truncated
/ 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
01a3f6e2a720a4b39d24b88578a0fe693ca7b5907e882be1a62d985a580b0ffa

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type
image/jpg
u-4n0qyriQwlOrhSvowK_l52xwNZWMf6.woff2
fonts.gstatic.com/s/merriweather/v30/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/merriweather/v30/u-4n0qyriQwlOrhSvowK_l52xwNZWMf6.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,300i,400,400i,700,700i,800|Merriweather:300,300i,400,400i,700,700i
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
273c8613cdd2852dd5318f224d804ae6d2fc717c48d3f1dab587b6d396fb4fc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.the-star.co.ke
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 01:03:47 GMT
x-content-type-options
nosniff
age
19065
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19740
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:48:38 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 14 Dec 2023 01:03:47 GMT
u-4n0qyriQwlOrhSvowK_l521wRZWMf6.woff2
fonts.gstatic.com/s/merriweather/v30/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/merriweather/v30/u-4n0qyriQwlOrhSvowK_l521wRZWMf6.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,300i,400,400i,700,700i,800|Merriweather:300,300i,400,400i,700,700i
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c8356c413b566272ba50c98d4ce0546e1fce6177ceb6cf8c2a7efe0a65e085a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.the-star.co.ke
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 17:18:58 GMT
x-content-type-options
nosniff
age
46954
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19752
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:46:46 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 13 Dec 2023 17:18:58 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,300i,400,400i,700,700i,800|Merriweather:300,300i,400,400i,700,700i
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.the-star.co.ke
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 18:50:24 GMT
x-content-type-options
nosniff
age
127868
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44856
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 18:20:18 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 12 Dec 2023 18:50:24 GMT
u-440qyriQwlOrhSvowK_l5-fCZM.woff2
fonts.gstatic.com/s/merriweather/v30/ 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/merriweather/v30/u-440qyriQwlOrhSvowK_l5-fCZM.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,300i,400,400i,700,700i,800|Merriweather:300,300i,400,400i,700,700i
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5c2d662e92bcbf1a5970b97040f901031295e79a96314db8302f549003022087
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.the-star.co.ke
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 08 Dec 2022 03:47:51 GMT
x-content-type-options
nosniff
age
527621
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20028
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 16:41:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 08 Dec 2023 03:47:51 GMT
u-4l0qyriQwlOrhSvowK_l5-eR71Wvf4jvw.woff2
fonts.gstatic.com/s/merriweather/v30/ 		19 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/merriweather/v30/u-4l0qyriQwlOrhSvowK_l5-eR71Wvf4jvw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,300i,400,400i,700,700i,800|Merriweather:300,300i,400,400i,700,700i
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3642df12f0d930d5846a96652080908eb2f383b602a95cf80d1e6227e66e1c46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.the-star.co.ke
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Fri, 09 Dec 2022 17:14:04 GMT
x-content-type-options
nosniff
age
392848
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19900
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:46:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 09 Dec 2023 17:14:04 GMT
truncated
/ 		471 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d257e40483564a2a319051298dde85b893e1b5719eb330334b792f4fc6d4b742

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type
image/jpg
truncated
/ 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
13c1a9cc135edffa92f4f21c434cafe7d9421dd5b09496481e40020f903736d2

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type
image/jpg
truncated
/ 		456 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dfe76a619d9b8b1711652a049ec4a19bd32c4f15c9215dc26c3f23f6ad53926c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type
image/jpg
truncated
/ 		904 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
64da655821289a2d5334052c6980478c0ec94c85f00e756be237a26586505999

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type
image/jpg
js
www.googletagmanager.com/gtag/ 		216 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-YVV0QW5VF1
Requested by
Host: www.the-star.co.ke
URL: https://www.the-star.co.ke/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
eef488fa7d2ab87253eae94fd61fefbdf9c06720588e26f54c55b24ef519811d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.the-star.co.ke/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 06:21:32 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
76979
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 14 Dec 2022 06:21:32 GMT
xyfkqvVtTBnP
cdn.onthe.io/io.js/ 		66 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onthe.io/io.js/xyfkqvVtTBnP
Requested by
Host: www.the-star.co.ke
URL: https://www.the-star.co.ke/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
142.93.104.37 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
a13c674ab5700fe40ea77abbae8a8c8d7ff9aa6ec42c54e40f728306f2ae18e2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.the-star.co.ke/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date
Wed, 14 Dec 2022 06:21:32 GMT
Content-Encoding
gzip
Last-Modified
Wed, 26 Oct 2022 16:39:30 GMT
Server
nginx
ETag
W/"635962c2-10730"
Transfer-Encoding
chunked
Content-Type
text/javascript
Cache-Control
max-age=86400
Connection
keep-alive
Expires
Thu, 15 Dec 2022 06:21:32 GMT
the-star.co.ke_20870.js
ads.vidoomy.com/ 		5 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.vidoomy.com/the-star.co.ke_20870.js
Requested by
Host: www.the-star.co.ke
URL: https://www.the-star.co.ke/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.19.54.139 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-19-54-139.us-east-2.compute.amazonaws.com
Software
Apache/2.4.54 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33 / PHP/7.0.33
Resource Hash
202caa48a1b5be1a7a460e055f1e7c373667747ed47749acb11eaf4d76573b14

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.the-star.co.ke/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 14 Dec 2022 06:21:32 GMT
Server
Apache/2.4.54 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33
X-Powered-By
PHP/7.0.33
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Connection
Keep-Alive
Keep-Alive
timeout=2, max=300
Content-Length
5006
cookiestrip.min.js
radioafricagroup.github.io/thestar-resources/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://radioafricagroup.github.io/thestar-resources/cookiestrip.min.js
Requested by
Host: www.the-star.co.ke
URL: https://www.the-star.co.ke/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:50c0:8002::153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
GitHub.com /
Resource Hash
d3de7488ac6723f0788c9a774701fa787e513a6b03ea875b6ea5c3ae5e2b426b
Security Headers
Name Value
Strict-Transport-Security max-age=31556952

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.the-star.co.ke/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-fastly-request-id
1a89fd607f4ee48a9f2c2b2f5e6aebffd21779f5
strict-transport-security
max-age=31556952
content-encoding
gzip
via
1.1 varnish
date
Wed, 14 Dec 2022 06:21:32 GMT
age
251
x-cache
HIT
x-cache-hits
1
x-proxy-cache
HIT
content-length
3000
x-served-by
cache-hhn-etou8220095-HHN
last-modified
Wed, 06 Nov 2019 05:46:31 GMT
server
GitHub.com
x-github-request-id
A14C:1C5B:5031AC:6B698F:63914DD8
x-timer
S1670998893.534241,VS0,VE1
etag
W/"5dc25e37-1de8"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=600
permissions-policy
interest-cohort=()
accept-ranges
bytes
expires
Thu, 08 Dec 2022 02:41:45 GMT
memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
fonts.gstatic.com/s/opensans/v34/ 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v34/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,300i,400,400i,700,700i,800|Merriweather:300,300i,400,400i,700,700i
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
84161c46238fff2c6920ebc28f02cddd7b710cf3d1107853f540b084320f6afd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.the-star.co.ke
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 17:36:16 GMT
x-content-type-options
nosniff
age
132316
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47952
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 18:22:41 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 12 Dec 2023 17:36:16 GMT
/
polls.the-star.co.ke/polls/ Frame DC87 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://polls.the-star.co.ke/polls/?p=/embed/poll/-NJEAttc2Gb0_iDDorBm
Requested by
Host: polls.the-star.co.ke
URL: https://polls.the-star.co.ke/polls/embed/poll/-NJEAttc2Gb0_iDDorBm
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
151.101.1.195 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4ea7f54f824a6fc2544000de63c3459f6e743ab13039b5abdee715dee7ac9c25
Security Headers
Name Value
Strict-Transport-Security max-age=31556926

Request headers

Referer
https://polls.the-star.co.ke/polls/embed/poll/-NJEAttc2Gb0_iDDorBm
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
cache-control
max-age=3600
content-encoding
br
content-length
1143
content-type
text/html; charset=utf-8
date
Wed, 14 Dec 2022 06:21:32 GMT
etag
"c680b0f4aa9b3a89b609ad5437381f5a230b9d2aec5b9e002725516f86fcd529-br"
last-modified
Fri, 28 Aug 2020 13:18:13 GMT
strict-transport-security
max-age=31556926
vary
x-fh-requested-host, accept-encoding
x-cache
HIT
x-cache-hits
1
x-served-by
cache-hhn-etou8220025-HHN
x-timer
S1670998893.684715,VS0,VE1
bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/4.0.0-alpha.4/css/ Frame DC87 		95 KB
17 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0-alpha.4/css/bootstrap.min.css
Requested by
Host: polls.the-star.co.ke
URL: https://polls.the-star.co.ke/polls/?p=/embed/poll/-NJEAttc2Gb0_iDDorBm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
482f6923b75a2880441f35ead0912d3abf72325e55ef230caa8a30b30f2eccdb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://polls.the-star.co.ke/
Origin
https://polls.the-star.co.ke
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 06:21:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
cdn-edgestorageid
617, 617
age
27560323
cdn-cachedat
2021-06-08 14:35:24
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:04:01 GMT
server
cloudflare
cdn-requestpullcode
200
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
226d752fcffebabf0b6d722c901f4b3c
timing-allow-origin
*
cdn-requestcountrycode
US
cdn-status
200
cf-ray
7794d7079bdb916e-FRA
cdn-requestpullsuccess
True
font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.6.3/css/ Frame DC87 		28 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.6.3/css/font-awesome.min.css
Requested by
Host: polls.the-star.co.ke
URL: https://polls.the-star.co.ke/polls/?p=/embed/poll/-NJEAttc2Gb0_iDDorBm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
008a1d103902f15fdb1c191fcb1ce8954330e7b8de43d09abb08555ba609f420
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://polls.the-star.co.ke/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 06:21:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
cdn-edgestorageid
632, 617, 617
age
26003618
cdn-cachedat
2021-06-08 21:31:13
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:04:55 GMT
server
cloudflare
cdn-requestpullcode
200
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
c8845753cab1a73d54275746c2671fc0
timing-allow-origin
*
cdn-requestcountrycode
DE
cdn-status
200
cf-ray
7794d7079b3091d8-FRA
cdn-requestpullsuccess
True
css
fonts.googleapis.com/ Frame DC87 		2 KB
584 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Monoton|Roboto
Requested by
Host: polls.the-star.co.ke
URL: https://polls.the-star.co.ke/polls/?p=/embed/poll/-NJEAttc2Gb0_iDDorBm
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
61014c361ca697a474f92b408a0b06f8528d0753e695361bd56b21324d591ba8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://polls.the-star.co.ke/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 14 Dec 2022 06:21:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 14 Dec 2022 06:21:32 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 14 Dec 2022 06:21:32 GMT
main.6a3a9404.css
polls.the-star.co.ke/polls/static/css/ Frame DC87 		0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://polls.the-star.co.ke/polls/static/css/main.6a3a9404.css
Requested by
Host: polls.the-star.co.ke
URL: https://polls.the-star.co.ke/polls/?p=/embed/poll/-NJEAttc2Gb0_iDDorBm
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
151.101.1.195 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31556926

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://polls.the-star.co.ke/polls/?p=/embed/poll/-NJEAttc2Gb0_iDDorBm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-served-by
cache-hhn-etou8220025-HHN
strict-transport-security
max-age=31556926
content-encoding
gzip
date
Wed, 14 Dec 2022 06:21:32 GMT
last-modified
Fri, 28 Aug 2020 13:18:13 GMT
x-timer
S1670998893.702927,VS0,VE1
etag
"3bcdb91403e0461fadc21e1da419335c9f1b2a93b7b68a6f0abb4515f6365fa6"
vary
x-fh-requested-host, accept-encoding
x-cache
HIT
content-type
text/html; charset=utf-8
cache-control
max-age=3600
accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
777
x-cache-hits
1
main.5007b4eb.chunk.css
polls.the-star.co.ke/static/css/ Frame DC87 		18 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://polls.the-star.co.ke/static/css/main.5007b4eb.chunk.css
Requested by
Host: polls.the-star.co.ke
URL: https://polls.the-star.co.ke/polls/?p=/embed/poll/-NJEAttc2Gb0_iDDorBm
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
151.101.1.195 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f92cc7ae28eb75c3a92e8b34257912eb932dc22cc7dcabd7b29d15f6abeba4fb
Security Headers
Name Value
Strict-Transport-Security max-age=31556926

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://polls.the-star.co.ke/polls/?p=/embed/poll/-NJEAttc2Gb0_iDDorBm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-served-by
cache-hhn-etou8220025-HHN
strict-transport-security
max-age=31556926
content-encoding
br
date
Wed, 14 Dec 2022 06:21:32 GMT
last-modified
Fri, 28 Aug 2020 13:18:13 GMT
x-timer
S1670998893.702947,VS0,VE1
etag
"1572800ea0c6677ca838e98e397dedbad9cdeaa2400fdfe4eab81fe508685914-br"
vary
x-fh-requested-host, accept-encoding
x-cache
HIT
content-type
text/css; charset=utf-8
cache-control
max-age=3600
accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
1349
x-cache-hits
1
main.af74b8b9.js
polls.the-star.co.ke/polls/static/js/ Frame DC87 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://polls.the-star.co.ke/polls/static/js/main.af74b8b9.js
Requested by
Host: polls.the-star.co.ke
URL: https://polls.the-star.co.ke/polls/?p=/embed/poll/-NJEAttc2Gb0_iDDorBm
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
151.101.1.195 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31556926

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://polls.the-star.co.ke/polls/?p=/embed/poll/-NJEAttc2Gb0_iDDorBm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-served-by
cache-hhn-etou8220025-HHN
strict-transport-security
max-age=31556926
content-encoding
gzip
date
Wed, 14 Dec 2022 06:21:32 GMT
last-modified
Fri, 28 Aug 2020 13:18:13 GMT
x-timer
S1670998893.703279,VS0,VE1
etag
"3bcdb91403e0461fadc21e1da419335c9f1b2a93b7b68a6f0abb4515f6365fa6"
vary
x-fh-requested-host, accept-encoding
x-cache
HIT
content-type
text/html; charset=utf-8
cache-control
max-age=3600
accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
777
x-cache-hits
1
2.901a5780.chunk.js
polls.the-star.co.ke/static/js/ Frame DC87 		745 KB
176 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://polls.the-star.co.ke/static/js/2.901a5780.chunk.js
Requested by
Host: polls.the-star.co.ke
URL: https://polls.the-star.co.ke/polls/?p=/embed/poll/-NJEAttc2Gb0_iDDorBm
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
151.101.1.195 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
47c7188d8a8c546806eda7758802d071aa67f30b16ac565f207b250b9e737a17
Security Headers
Name Value
Strict-Transport-Security max-age=31556926

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://polls.the-star.co.ke/polls/?p=/embed/poll/-NJEAttc2Gb0_iDDorBm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-served-by
cache-hhn-etou8220025-HHN
strict-transport-security
max-age=31556926
content-encoding
br
date
Wed, 14 Dec 2022 06:21:32 GMT
last-modified
Fri, 28 Aug 2020 13:18:13 GMT
x-timer
S1670998893.703263,VS0,VE3
etag
"6668fcadb3500b595bd692c78d7e9038b45f46be943659c3bcc75c23bc0c1567-br"
vary
x-fh-requested-host, accept-encoding
x-cache
HIT
content-type
text/javascript; charset=utf-8
cache-control
max-age=3600
accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
179972
x-cache-hits
1
main.9ce352c6.chunk.js
polls.the-star.co.ke/static/js/ Frame DC87 		29 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://polls.the-star.co.ke/static/js/main.9ce352c6.chunk.js
Requested by
Host: polls.the-star.co.ke
URL: https://polls.the-star.co.ke/polls/?p=/embed/poll/-NJEAttc2Gb0_iDDorBm
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
151.101.1.195 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
811fbe251991b76cc7c03247f23c64fc2eb463880f2108aedfe0d04978e3a778
Security Headers
Name Value
Strict-Transport-Security max-age=31556926

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://polls.the-star.co.ke/polls/?p=/embed/poll/-NJEAttc2Gb0_iDDorBm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-served-by
cache-hhn-etou8220025-HHN
strict-transport-security
max-age=31556926
content-encoding
br
date
Wed, 14 Dec 2022 06:21:32 GMT
last-modified
Fri, 28 Aug 2020 13:18:13 GMT
x-timer
S1670998893.703256,VS0,VE1
etag
"e3d599c3eb762b3205c77e92549ca5082843fd696c25d7b0cab92068e7c21a35-br"
vary
x-fh-requested-host, accept-encoding
x-cache
HIT
content-type
text/javascript; charset=utf-8
cache-control
max-age=3600
accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
5738
x-cache-hits
1
css
fonts.googleapis.com/ Frame DC87 		1 KB
419 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Titillium+Web:400,600
Requested by
Host: polls.the-star.co.ke
URL: https://polls.the-star.co.ke/static/css/main.5007b4eb.chunk.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f933d1ce742005229ee6ac90b11e1c69f27dbfbd55dcc9d9b9bdffb59db24983
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://polls.the-star.co.ke/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 14 Dec 2022 06:21:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 14 Dec 2022 05:32:58 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 14 Dec 2022 06:21:32 GMT
css
fonts.googleapis.com/ Frame DC87 		5 KB
630 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Montserrat:400,400i,700
Requested by
Host: polls.the-star.co.ke
URL: https://polls.the-star.co.ke/static/css/main.5007b4eb.chunk.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
6da58309c2b41920290031163bc4dae426d0e70922edb00a0b2ecda99b4d3932
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://polls.the-star.co.ke/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 14 Dec 2022 06:21:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 14 Dec 2022 06:21:32 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 14 Dec 2022 06:21:32 GMT
favicon.png
www.the-star.co.ke/ Frame DC87 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.the-star.co.ke/favicon.png
Requested by
Host: polls.the-star.co.ke
URL: https://polls.the-star.co.ke/polls/embed/poll/-NJEAttc2Gb0_iDDorBm
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:c18c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ba5283ced9c89d851e0a501e9bd8294ccc98c03138020be052060aea58b9ed1d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://polls.the-star.co.ke/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 06:21:32 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
59410
etag
"Vc_dBA"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JbT1Zw3EpMkxlIuHgqdKcqwn9I278e7aVVNby908kAy9Z1jX9EBg%2Fv3IzWwOILkkF8LwJY3SQ3ngIeB%2BJyvZU5N5ewF0S%2BUJn%2BtUVURfqPdUq3AcHbDiE2f2JcnHogkHdTQB%2BwZOg07UCn36gQzLX7U%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
x-cloud-trace-context
27323e26789fd23248108c06adbd0c6e
cache-control
public, max-age=86400
cf-ray
7794d7084c039b34-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Wed, 14 Dec 2022 11:18:58 GMT
pollbg.jpg
radioafricagroup.github.io/the-star-scripts/ Frame DC87 		175 KB
176 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://radioafricagroup.github.io/the-star-scripts/pollbg.jpg
Requested by
Host: polls.the-star.co.ke
URL: https://polls.the-star.co.ke/static/css/main.5007b4eb.chunk.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:50c0:8002::153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
GitHub.com /
Resource Hash
5eb9168c31d8e279a529edcb5463777d6e58a1d08fe28f070395499b6237d8ba
Security Headers
Name Value
Strict-Transport-Security max-age=31556952

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://polls.the-star.co.ke/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-fastly-request-id
41cf05524a6793078a0d3efcda7dc62ff4a717e5
strict-transport-security
max-age=31556952
date
Wed, 14 Dec 2022 06:21:32 GMT
via
1.1 varnish
x-cache-hits
1
age
554
x-cache
HIT
x-proxy-cache
HIT
content-length
179449
x-served-by
cache-hhn-etou8220095-HHN
last-modified
Thu, 10 Dec 2020 17:48:41 GMT
server
GitHub.com
x-github-request-id
5CD2:282C:6F4A14:94F5C7:63993C83
x-timer
S1670998893.861577,VS0,VE2
etag
"5fd25f79-2bcf9"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=600
permissions-policy
interest-cohort=()
accept-ranges
bytes
expires
Wed, 14 Dec 2022 03:09:21 GMT
NaPDcZTIAOhVxoMyOr9n_E7ffBzCGItzYw.woff2
fonts.gstatic.com/s/titilliumweb/v15/ Frame DC87 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/titilliumweb/v15/NaPDcZTIAOhVxoMyOr9n_E7ffBzCGItzYw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Titillium+Web:400,600
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dd870101ad4e95d687a2eb734707b0dd7c20808f76d7be77a71a5d13cf99401c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://polls.the-star.co.ke
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Fri, 09 Dec 2022 17:13:59 GMT
x-content-type-options
nosniff
age
392853
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12136
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 15:39:24 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 09 Dec 2023 17:13:59 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame DC87 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Monoton|Roboto
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://polls.the-star.co.ke
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 08 Dec 2022 19:42:15 GMT
x-content-type-options
nosniff
age
470357
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 08 Dec 2023 19:42:15 GMT
loader.js
cdn.taboola.com/libtrc/thestarkenya/ 		469 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/thestarkenya/loader.js
Requested by
Host: www.the-star.co.ke
URL: https://www.the-star.co.ke/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
0cbf1651ecf588a2dc002985e10061975e7000cd0d842e1d2f2b1ba56fad7170

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.the-star.co.ke/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-amz-version-id
_Y6b4qIVZG2oGOKSBUAQoM5fD_spLXKD
content-encoding
gzip
via
1.1 varnish
date
Wed, 14 Dec 2022 06:21:32 GMT
x-amz-request-id
NRBVE6NNFRWJMZAP
age
136
x-cache
HIT
x-from-cache
1
x-envoy-upstream-service-time
11
content-length
33475
x-amz-id-2
u1Ac8HamFTvhp3t5U4k6cutw9S3fHeJ8sUrhUYqYDN3GR73mhIQ67736d/AsfBC7ZoMdxlzxCug=
x-served-by
cache-hhn-etou8220041-HHN
last-modified
Wed, 14 Dec 2022 05:26:15 UTC
server
nginx
x-timer
S1670998893.909683,VS0,VE1
etag
"3642c4e6eda977be28f74b8d17619c4f4986d93f"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
abp
29
cache-control
private,max-age=14400
accept-ranges
bytes
x-cache-hits
1
gtm.js
www.googletagmanager.com/ 		116 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-N9TCTMC
Requested by
Host: www.the-star.co.ke
URL: https://www.the-star.co.ke/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c46c4076e9cd02124528cf31777e0c098aa55f3293a0216cc0a156a8c71e1f6c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.the-star.co.ke/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 06:21:32 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44880
x-xss-protection
0
last-modified
Wed, 14 Dec 2022 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 14 Dec 2022 06:21:32 GMT
integrator.js
adservice.google.co.uk/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.uk/adsid/integrator.js?domain=www.the-star.co.ke
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.the-star.co.ke/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 06:21:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.the-star.co.ke
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.the-star.co.ke/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 06:21:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		744 KB
108 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2425573680857061&correlator=2248362278450684&eid=31071299%2C31069126&output=ldjh&gdfp_req=1&vrg=2022120501&ptt=17&impl=fifs&iu_parts=18440288%2Cthe_star%2Chome&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2&prev_iu_szs=970x90%7C728x90%2C1x1%2C970x250%7C970x90%7C728x90%2C300x250%7C300x300%7C336x280%7C300x300%2C320x50%7C970x250%7C970x90%7C728x90%2C300x250%7C300x300%7C336x280%7C300x300%2C320x50%7C970x250%7C970x90%7C728x90%2C300x600%7C300x250%7C300x300%7C336x280%7C160x600%7C120x600%2C300x250%7C300x300%7C336x280%7C300x300%2C300x250%7C300x300%7C336x280%7C300x300%2C300x600%7C300x250%7C300x300%7C336x280%2C320x50%7C970x250%7C970x90%7C728x90%2C320x50%7C970x250%7C970x90%7C728x90%2C1x1&fluid=0%2C0%2C0%2C0%2Cheight%2C0%2Cheight%2C0%2C0%2C0%2C0%2Cheight%2Cheight%2C0&ifi=1&adks=770888038%2C888578440%2C2661969585%2C3408720554%2C3949682522%2C3408720553%2C3949682525%2C4051558172%2C3408720559%2C3408720558%2C3580882737%2C3949682524%2C3949682527%2C3925170996&sfv=1-0-40&ists=1&fas=0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C8&prev_scp=Pos%3DSticky%7CPos%3DSkin%7CPos%3DMain-Leaderboard%7CPos%3DRHSMPU1%7CPos%3DLeaderboard1%7CPos%3DRHSMPU2%7CPos%3DLeaderboard2%7CPos%3DRHSMPU3%7CPos%3DRHSMPU4%7CPos%3DRHSMPU5%7CPos%3DVideoMPU%7CPos%3DLeaderboard3%7CPos%3DLeaderboard4%7C&sc=1&cookie_enabled=1&abxe=1&dt=1670998892935&lmt=1670998892&dlt=1670998892203&idt=326&adxs=315%2C0%2C315%2C1135%2C315%2C1135%2C315%2C1103%2C1135%2C1077%2C1135%2C315%2C315%2C-9&adys=1305%2C8676%2C140%2C228%2C1458%2C1090%2C3336%2C3694%2C6184%2C8262%2C6568%2C5478%2C8094%2C-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1%7C2%7C0%7C0%7C3%7C0%7C4%7C5%7C6%7C7%7C8%7C9%7C10%7C-1&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9%7Ca%7Cb%7Cc%7Cd%7Ce&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.the-star.co.ke%2F&frm=20&vis=1&psz=1600x-1%7C1600x9168%7C970x38%7C320x787%7C970x38%7C320x333%7C970x38%7C373x1035%7C320x323%7C426x38%7C320x650%7C970x38%7C970x38%7C0x-1&msz=1590x-1%7C1600x0%7C970x38%7C290x38%7C970x38%7C290x38%7C970x38%7C343x38%7C290x38%7C396x38%7C290x38%7C970x38%7C970x38%7C0x-1&fws=516%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C2&ohw=1600%2C1600%2C970%2C1600%2C970%2C1280%2C970%2C1600%2C1600%2C1280%2C1600%2C970%2C970%2C0&ga_vid=658005635.1670998893&ga_sid=1670998893&ga_hid=1929342854&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1a12c830ad965e840254e34ba7f920933730e2c2ce291f4f0f24c701871605ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.the-star.co.ke/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 06:21:33 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
110471
x-xss-protection
0
google-lineitem-id
-1,-2,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-1,-2,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.the-star.co.ke
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
b8e0ce453c4825c070d42c0107d46d94.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 7F72 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://b8e0ce453c4825c070d42c0107d46d94.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.the-star.co.ke/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 14 Dec 2022 06:21:33 GMT
expires
Thu, 14 Dec 2023 06:21:33 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pubads_impl_page_level_ads_2022120501.js
securepubads.g.doubleclick.net/gpt/ 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_page_level_ads_2022120501.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5eadb3853810c64a037b947f6355ca7f98036d56bfb46ee9f51a01f881259ed6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.the-star.co.ke/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 16:27:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
136459
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14011
x-xss-protection
0
last-modified
Mon, 05 Dec 2022 09:36:10 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 12 Dec 2023 16:27:13 GMT
ht.json
tt.onthe.io/xyfkqvVtTBnP/ 		0
0
sdk.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: www.the-star.co.ke
URL: https://www.the-star.co.ke/build/chunks/entry.b723c523bed74f30766d.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
84b962439653ddbe2aa48df1291f99c9eaaed3ed226f70f2414a812f8dc455a0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.the-star.co.ke/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 14 Dec 2022 06:21:33 GMT
content-md5
aFpN5DAUGX0OA8QJei/QcQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1687
x-fb-rlafr
0
x-fb-debug
cmok1xxUClq9mcYvTK+nnGteVSw1A7OZ7WxDADIfJVyfiASg76ENRHXYP4kKbOT41BI2Qa2viexiSuIGwENZTQ==
x-fb-trip-id
686109401
x-fb-content-md5
e1863458cef97f64f7427c3d21d5294f
cross-origin-opener-policy
same-origin-allow-popups
etag
"93fb786ddb6fe1f5a4526f663cc0794b"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 14 Dec 2022 06:37:02 GMT
collect
region1.analytics.google.com/g/ 		0
349 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-YVV0QW5VF1&gtm=2oebu0&_p=1929342854&_gaz=1&cid=658005635.1670998893&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1670998893&sct=1&seg=0&dl=https%3A%2F%2Fwww.the-star.co.ke%2F&dt=The%20Star&en=page_view&_fv=2&_ss=1&_c=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-YVV0QW5VF1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.the-star.co.ke/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Dec 2022 06:21:33 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.the-star.co.ke
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
349 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-YVV0QW5VF1&cid=658005635.1670998893&gtm=2oebu0&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-YVV0QW5VF1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c08::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.the-star.co.ke/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Dec 2022 06:21:33 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.the-star.co.ke
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-YVV0QW5VF1&cid=658005635.1670998893&gtm=2oebu0&aip=1&z=1130363735
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.the-star.co.ke/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Dec 2022 06:21:33 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
4.c50610c086f75d05a105.bundle.css
www.the-star.co.ke/build/publication/ 		29 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.the-star.co.ke/build/publication/4.c50610c086f75d05a105.bundle.css
Requested by
Host: www.the-star.co.ke
URL: https://www.the-star.co.ke/build/chunks/entry.b723c523bed74f30766d.bundle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:c18c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b6b6a321a301b05f87c762c6d3309c7077b9aaafb5d7389f86bf42a79d823d2c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.the-star.co.ke/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 06:21:33 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1958718
cf-polished
origSize=29691
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
server
cloudflare
etag
W/"BnZoGA"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lGw3fqDGQip852icB8gFBw5KnqKcN9Y9lIFHBl%2FIqMYmo2XJBByh%2F4XhXCN4GGnP3KQgvhJFMsPWas0RpRS4L8BcZe%2BRtq8eC422QKLvVcPTfc5D0s1qrfuDWX1abjUGBhWM%2FqgZx3IkHMmuqHsm5%2F4%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
x-cloud-trace-context
98b05ec79b640a4c7b970dc9beb2d4fd
cache-control
public, max-age=31536000
cf-ray
7794d709ce9c9b34-FRA
expires
Tue, 21 Nov 2023 14:14:54 GMT
oo~d9aca0d0.c50610c086f75d05a105.bundle.js
www.the-star.co.ke/build/chunks/vendors~base/app/edit/shell/shell.js~base/app/entry/entry.shell.js~publication/base/widget/dialog/ 		194 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.the-star.co.ke/build/chunks/vendors~base/app/edit/shell/shell.js~base/app/entry/entry.shell.js~publication/base/widget/dialog/oo~d9aca0d0.c50610c086f75d05a105.bundle.js
Requested by
Host: www.the-star.co.ke
URL: https://www.the-star.co.ke/build/chunks/entry.b723c523bed74f30766d.bundle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:c18c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2a1331047fb3afa65f98be0248a07e6227b3f89e1f78e7311d93b417c0a7b366

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.the-star.co.ke/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 06:21:33 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3012915
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
server
cloudflare
etag
W/"fDr-ng"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ypQQhRrAi9oVkB40%2FuZ47d%2FihCbwLl9NvkX24Q5OqrW5iw98GRZ8dcFtgAneatdi5YuiwPN7Fw9bclDPz%2B9OB0r7i4Z8A48Zek3v9xuDN79mkiiV4BGK0UPlJAbAkZgSgkMsZM1WPzQRNKxnP2gluBk%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-cloud-trace-context
663b28dfdb65b9c87f90f4b7a232ffa6
cache-control
public, max-age=31536000
cf-ray
7794d709cea09b34-FRA
expires
Thu, 09 Nov 2023 06:59:27 GMT
oovvuu-edit-dialog-index-js.bcd5bd60fc73d07e7502.bundle.js
www.the-star.co.ke/build/chunks/base/app/entry/entry.shell.js~publication/base/widget/dialog/ 		33 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.the-star.co.ke/build/chunks/base/app/entry/entry.shell.js~publication/base/widget/dialog/oovvuu-edit-dialog-index-js.bcd5bd60fc73d07e7502.bundle.js
Requested by
Host: www.the-star.co.ke
URL: https://www.the-star.co.ke/build/chunks/entry.b723c523bed74f30766d.bundle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:c18c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b5ef89e903158b043bfcbaaf1e1a475b816e56e5e3887d5f5d99634eafd8458e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.the-star.co.ke/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 06:21:33 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
10194768
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
server
cloudflare
etag
W/"t7t90Q"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Eb787vbXDaWP1By1RNpLbgY%2FzW2eYIzDqL%2FVC4RYG7910vku9Jg%2FnczYyZsVTtd6WV04e41BDSgEe10Ft2pcyQYJds5Q4T8h7vNPrgZ60dGv9lhSfXyXmCgVzPbkw%2BXhQJzcHzAUGZxGb7%2BqYSd475w%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-cloud-trace-context
30fd4d01f0ca81d72806ddee4c9e6a04
cache-control
public, max-age=31536000
cf-ray
7794d709cea29b34-FRA
expires
Fri, 18 Aug 2023 06:28:44 GMT
entry.shell.js.20f78fca8050147abf77.bundle.js
www.the-star.co.ke/build/chunks/base/app/entry/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.the-star.co.ke/build/chunks/base/app/entry/entry.shell.js.20f78fca8050147abf77.bundle.js
Requested by
Host: www.the-star.co.ke
URL: https://www.the-star.co.ke/build/chunks/entry.b723c523bed74f30766d.bundle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:c18c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c387c2370eed4d6430a3da7d4c0317aac9a3f9367cda0202f6e0928b9e12ae5c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.the-star.co.ke/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 06:21:33 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3566326
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
server
cloudflare
etag
W/"FLnbBg"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mWJGUVDUV1dlFRohgft6AkCHmRyklJWT4beQLUPLL4dbQuL2NkvMIe%2B31wZ0xd7cXlwizmfJbSkDdgeppZc%2FAZFLPKlbyIFu%2BGpc3V83XpNYY023jFJggllGzm4Plof9gqFM0kolZzZmpCf7ny%2BVQv8%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-cloud-trace-context
2709f148c8143453b343b585f1fb409b
cache-control
public, max-age=31536000
cf-ray
7794d709cea39b34-FRA
expires
Thu, 02 Nov 2023 23:42:46 GMT
issue
www.mgazeti.com/api/latest/ 		525 B
979 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.mgazeti.com/api/latest/issue
Requested by
Host: www.the-star.co.ke
URL: https://www.the-star.co.ke/build/chunks/entry.b723c523bed74f30766d.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c8ed4fc0c09d47d779670b90574a3c6a1a61a684e5974b0b99bda6165014574c
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.the-star.co.ke/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 06:21:33 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
server
cloudflare
vary
Accept-Encoding, Origin
x-ratelimit-remaining
59
content-type
application/json
access-control-allow-origin
https://www.the-star.co.ke
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8l7tnLXZk%2BG2%2F0a5fvUpY2zzVVEQSf2tw9PI9pGBJvW8%2BWHa5Up%2BUSCDTVruaKcj3cDwQRX2Ah4VxVHrvrWIMUyXqCxaiiz8Durfr12ByVedUtCH795eB5OTGymR7enfCVaUzI%2FOBdbR%2BTyOb0Y%3D"}],"group":"cf-nel","max_age":604800}
cache-control
no-cache, private
x-ratelimit-limit
60
cf-ray
7794d70a09709268-FRA
x-frame-options
SAMEORIGIN
jobs
myjobsinkenya.com/api/fetch/ 		0
0
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022120501&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ad8b1cb061ce071eaf100af9944c3409cfe16abc891377eb2e74310e92c390d0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.the-star.co.ke/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 06:21:33 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11069
x-xss-protection
0
5rlKJOtmHaUhObhC-ki6jMkKKfYIhkEYrkhyhOk4wWvpiae13Xyye9OB4m3StsGinzXMTJjx4Xfq4yFpX1fu2QJQ-olSRVG_od1EYDBdXQ=w800
lh3.googleusercontent.com/ 		110 KB
110 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/5rlKJOtmHaUhObhC-ki6jMkKKfYIhkEYrkhyhOk4wWvpiae13Xyye9OB4m3StsGinzXMTJjx4Xfq4yFpX1fu2QJQ-olSRVG_od1EYDBdXQ=w800
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
951da460e1a7961083ca5f9af8d2e1dce631eb98117853bacab0622968a39d26
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.the-star.co.ke/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 02:22:21 GMT
x-content-type-options
nosniff
age
14352
content-disposition
inline;filename="unnamed.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
112475
x-xss-protection
0
server
fife
etag
"v1"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Mon, 12 Dec 2022 05:54:59 GMT
aDk1r4UeHtYqUSB4vkiGCzEbojbV76toXaKP-f2SZoDwZX4C8c4tR_RvBarwftbZrZwnEznK9DVtK_bHlpLVNH66YTAwoziKHimmSTww1Q=w400
lh3.googleusercontent.com/ 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/aDk1r4UeHtYqUSB4vkiGCzEbojbV76toXaKP-f2SZoDwZX4C8c4tR_RvBarwftbZrZwnEznK9DVtK_bHlpLVNH66YTAwoziKHimmSTww1Q=w400
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
5c61fad8be7927ed7d37dd145329101f8707a0cf18218edc378d61ac997d2b62
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.the-star.co.ke/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 02:22:25 GMT
x-content-type-options
nosniff
age
14348
content-disposition
inline;filename="unnamed.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31429
x-xss-protection
0
server
fife
etag
"v1"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Thu, 15 Dec 2022 02:22:25 GMT
bvdwQ71Tm8hgtan2ZzpMWYKCPpLChM_l2EHzFUNy8q3U8aD55FROn34zvYFLCMu5Fm_5m2_HRCwC12iFZssUPzoOOvaVi4QMvkh6-4HB=w400
lh3.googleusercontent.com/ 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/bvdwQ71Tm8hgtan2ZzpMWYKCPpLChM_l2EHzFUNy8q3U8aD55FROn34zvYFLCMu5Fm_5m2_HRCwC12iFZssUPzoOOvaVi4QMvkh6-4HB=w400
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
ae0040e0961c9ed9b43b6eee8a92d21c2d1eb2f672ca13860a7fad72681438b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.the-star.co.ke/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 06:12:19 GMT
x-content-type-options
nosniff
age
554
content-disposition
inline;filename="unnamed.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32623
x-xss-protection
0
server
fife
etag
"v1"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Thu, 15 Dec 2022 06:12:19 GMT
eMDpt7LqP2wktTCUKl6eZjA0UFlc9nZ84qOa6hZTjVuLNpDYaB94SWJRxTd3B6eEx7cTbvTRNWWmnK2J1CFYMWLJB_w8qUZ3-l5I5uMqIno=w400
lh3.googleusercontent.com/ 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/eMDpt7LqP2wktTCUKl6eZjA0UFlc9nZ84qOa6hZTjVuLNpDYaB94SWJRxTd3B6eEx7cTbvTRNWWmnK2J1CFYMWLJB_w8qUZ3-l5I5uMqIno=w400
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
fdea46a4ec9abb7b92479fad87a3780bfbebc8100ff2965c46dd51c2596a34a8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.the-star.co.ke/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 02:22:28 GMT
x-content-type-options
nosniff
age
14345
content-disposition
inline;filename="unnamed.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28853
x-xss-protection
0
server
fife
etag
"v1"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Wed, 14 Dec 2022 06:47:28 GMT
truncated
/ 		37 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.the-star.co.ke/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type
image/gif
formats.js
ad.lkqd.net/vpaid/ Frame B464 		118 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/vpaid/formats.js
Requested by
Host: www.the-star.co.ke
URL: https://www.the-star.co.ke/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
/
Resource Hash
7cfe458faed6fe5c3094bd51f1f10174604be983739ade9d828b0aad190043e5

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 06:21:33 GMT
content-encoding
gzip
last-modified
Fri, 11 Dec 2020 00:09:23 GMT
etag
"286704660baa2c113268f28385080796"
x-hw
1670998893.cds210.fr8.hn,1670998893.cds289.fr8.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1209600
accept-ranges
bytes
content-length
35765
formats.js
ad.lkqd.net/vpaid/ Frame 8EA6 		118 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/vpaid/formats.js
Requested by
Host: www.the-star.co.ke
URL: https://www.the-star.co.ke/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
/
Resource Hash
7cfe458faed6fe5c3094bd51f1f10174604be983739ade9d828b0aad190043e5

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 06:21:33 GMT
content-encoding
gzip
last-modified
Fri, 11 Dec 2020 00:09:23 GMT
etag
"286704660baa2c113268f28385080796"
x-hw
1670998893.cds210.fr8.hn,1670998893.cds289.fr8.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1209600
accept-ranges
bytes
content-length
35765
auto-user-sync
ads.stickyadstv.com/ 		43 B
540 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.stickyadstv.com/auto-user-sync
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.55.110.82 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-55-110-82.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.the-star.co.ke/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 14 Dec 2022 06:21:33 GMT
Server
nginx
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
43
x-sticky-vk
1670998893187021-586
Expires
Wed, 14 Dec 2022 06:21:33 GMT
sync
x.bidswitch.net/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=vidoomy&user_id=671637069.83914111239924245.73109683
  • https://x.bidswitch.net/ul_cb/sync?ssp=vidoomy&user_id=671637069.83914111239924245.73109683
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=vidoomy&bsw_custom_parameter=0375164a-3d98-41b8-8a2c-704d8e362c4e
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=vidoomy&bsw_custom_parameter=0375164a-3d98-41b8-8a2c-704d8e362c4e
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=966975cf-d556-4473-9f1a-b66650d36f0b&user_group=1&ssp=vidoomy&bsw_param=0375164a-3d98-41b8-8a2c-704d8e362c4e
0
71 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=966975cf-d556-4473-9f1a-b66650d36f0b&user_group=1&ssp=vidoomy&bsw_param=0375164a-3d98-41b8-8a2c-704d8e362c4e
Protocol
H2
Server
18.194.50.17 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-194-50-17.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.the-star.co.ke/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 06:21:33 GMT
cache-control
no-cache, no-store, must-revalidate

Redirect headers

location
//x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=966975cf-d556-4473-9f1a-b66650d36f0b&user_group=1&ssp=vidoomy&bsw_param=0375164a-3d98-41b8-8a2c-704d8e362c4e
date
Wed, 14 Dec 2022 06:21:33 GMT
cache-control
no-cache, no-store, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
cookie
a.vidoomy.com/api/rtbserver/
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58610/occ
  • https://ups.analytics.yahoo.com/ups/58610/occ?verify=true
  • https://a.vidoomy.com/api/rtbserver/cookie?i=YAH&uid=y-.TeFx_1E2uEtRApvPutq5WIYVHtdr3qZ7SrU9VY-~A
43 B
357 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.vidoomy.com/api/rtbserver/cookie?i=YAH&uid=y-.TeFx_1E2uEtRApvPutq5WIYVHtdr3qZ7SrU9VY-~A
Protocol
H2
Server
3.69.101.30 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-69-101-30.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.the-star.co.ke/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 06:21:33 GMT
content-encoding
none
access-control-allow-methods
HEAD,GET,POST,PUT,DELETE,PATCH,OPTIONS
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
X-VD-C
access-control-allow-credentials
true
access-control-allow-headers
*
content-length
43

Redirect headers

location
https://a.vidoomy.com/api/rtbserver/cookie?i=YAH&uid=y-.TeFx_1E2uEtRApvPutq5WIYVHtdr3qZ7SrU9VY-~A
date
Wed, 14 Dec 2022 06:21:33 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
impl.20221212-4-RELEASE.js
cdn.taboola.com/libtrc/ 		697 KB
145 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/impl.20221212-4-RELEASE.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/thestarkenya/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
4a0c9a9877faa71ad0dcea580dd7a3514f8a13ca6d46820a1c2684536b8a0f69

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.the-star.co.ke/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-amz-version-id
6bTcHmeL.RA2fkKOei4vKMUOcbbu3TFU
content-encoding
br
via
1.1 varnish
date
Wed, 14 Dec 2022 06:21:33 GMT
x-amz-request-id
737DZ4DB9Q4F9NHV
age
17053
x-cache
HIT
content-length
147826
x-amz-id-2
T+aQkvfdRza252L1svjMCrvsl9pySdfd2AnPcymIZqb0uZ0JBQJ21Iy2jazsxbfkVRi4EfNpLdU=
x-served-by
cache-hhn-etou8220041-HHN
last-modified
Mon, 12 Dec 2022 09:36:07 GMT
server
AmazonS3-br
x-timer
S1670998893.135538,VS0,VE0
etag
"c9053c0e99cea6a48142be4077891e7e"
vary
Accept-Encoding
content-type
application/javascript
abp
25
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
670
sdk.js
connect.facebook.net/en_US/ 		301 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=b28558be1fe796149cab27d4a6f98995
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
37656c5725c002db62930e85a89f30be8fb0f6d48e71c6db83dbec71296d2c87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.the-star.co.ke/
Origin
https://www.the-star.co.ke
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 14 Dec 2022 06:21:33 GMT
content-md5
ngg55zwQVCu036Mi+WDeyA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
86982
x-fb-rlafr
0
x-fb-debug
LtYthXQlRE78BAHncH8aTYn0DsKJWgdGHxhXDcdBKg+x19sJA8yfY5YttconxcxyiXTywypMHu/PiIlEjdAJgw==
x-fb-content-md5
f843219472b9744ba3c964d6a0886324
cross-origin-opener-policy
same-origin-allow-popups
etag
"100f2e0cf664f47fe24aeea05f29b4a3"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin
*
priority
u=3,i
expires
Thu, 14 Dec 2023 00:43:48 GMT
tag
a.teads.tv/page/74198/ 		655 B
763 B 		Script
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/page/74198/tag
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N9TCTMC
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.21.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-21-51.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
9123e69ec42adf7e8de45494f948394ccce0565f0b032b0c013776a15c5a6c37

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.the-star.co.ke/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 06:21:33 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, must-revalidate, max-age=3600
access-control-allow-credentials
true
content-length
422
expires
Wed, 14 Dec 2022 07:21:33 GMT
trackpush.min.js
s3.amazonaws.com/cdn.aimtell.com/trackpush/ 		47 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s3.amazonaws.com/cdn.aimtell.com/trackpush/trackpush.min.js
Requested by
Host: www.the-star.co.ke
URL: https://www.the-star.co.ke/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.231.236.32 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
06fd2a61dce61487dc324f208fdf13c255b8b1d2c6969c27609bde27488f0fa3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.the-star.co.ke/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date
Wed, 14 Dec 2022 06:21:34 GMT
Content-Encoding
gzip
Last-Modified
Fri, 04 Nov 2022 16:52:26 GMT
Server
AmazonS3
x-amz-request-id
BT6YP3R5WK7YM9YH
ETag
"863356224a730b55b977b4f902cbcd90"
Content-Type
text/javascript
Cache-Control
max-age=86400
Accept-Ranges
bytes
Content-Length
13250
x-amz-id-2
J2drMGNALTXNbXYPnqx6dz/DIdwQdgOe1blbXMjz4DycEfScwLZP4MlWD/1Sm9kMLpnqW5vCF34=
aDk1r4UeHtYqUSB4vkiGCzEbojbV76toXaKP-f2SZoDwZX4C8c4tR_RvBarwftbZrZwnEznK9DVtK_bHlpLVNH66YTAwoziKHimmSTww1Q=w400
lh3.googleusercontent.com/ 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/aDk1r4UeHtYqUSB4vkiGCzEbojbV76toXaKP-f2SZoDwZX4C8c4tR_RvBarwftbZrZwnEznK9DVtK_bHlpLVNH66YTAwoziKHimmSTww1Q=w400
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
5c61fad8be7927ed7d37dd145329101f8707a0cf18218edc378d61ac997d2b62
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.the-star.co.ke/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 02:22:25 GMT
x-content-type-options
nosniff
age
14348
content-disposition
inline;filename="unnamed.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31429
x-xss-protection
0
server
fife
etag
"v1"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Thu, 15 Dec 2022 02:22:25 GMT
bvdwQ71Tm8hgtan2ZzpMWYKCPpLChM_l2EHzFUNy8q3U8aD55FROn34zvYFLCMu5Fm_5m2_HRCwC12iFZssUPzoOOvaVi4QMvkh6-4HB=w400
lh3.googleusercontent.com/ 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/bvdwQ71Tm8hgtan2ZzpMWYKCPpLChM_l2EHzFUNy8q3U8aD55FROn34zvYFLCMu5Fm_5m2_HRCwC12iFZssUPzoOOvaVi4QMvkh6-4HB=w400
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
ae0040e0961c9ed9b43b6eee8a92d21c2d1eb2f672ca13860a7fad72681438b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.the-star.co.ke/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 06:12:19 GMT
x-content-type-options
nosniff
age
554
content-disposition
inline;filename="unnamed.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32623
x-xss-protection
0
server
fife
etag
"v1"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Thu, 15 Dec 2022 06:12:19 GMT
player_api
www.youtube.com/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/player_api
Requested by
Host: www.the-star.co.ke
URL: https://www.the-star.co.ke/build/chunks/base/app/entry/entry.shell.js~publication/base/widget/dialog/oovvuu-edit-dialog-index-js.bcd5bd60fc73d07e7502.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
63cbb4d3bd7ad1f3eeaa54b37a2e137be0836466218d3bd4ab2b0ef3eb82fc3b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.the-star.co.ke/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 06:21:33 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-encoding
br
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server
ESF
x-frame-options
SAMEORIGIN
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
content-type
text/javascript; charset=utf-8
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control
private, max-age=0
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
expires
Wed, 14 Dec 2022 06:21:33 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.the-star.co.ke/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 06:21:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 14 Dec 2022 06:21:33 GMT
eMDpt7LqP2wktTCUKl6eZjA0UFlc9nZ84qOa6hZTjVuLNpDYaB94SWJRxTd3B6eEx7cTbvTRNWWmnK2J1CFYMWLJB_w8qUZ3-l5I5uMqIno=w400
lh3.googleusercontent.com/ 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/eMDpt7LqP2wktTCUKl6eZjA0UFlc9nZ84qOa6hZTjVuLNpDYaB94SWJRxTd3B6eEx7cTbvTRNWWmnK2J1CFYMWLJB_w8qUZ3-l5I5uMqIno=w400
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
fdea46a4ec9abb7b92479fad87a3780bfbebc8100ff2965c46dd51c2596a34a8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.the-star.co.ke/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 02:22:28 GMT
x-content-type-options
nosniff
age
14345
content-disposition
inline;filename="unnamed.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28853
x-xss-protection
0
server
fife
etag
"v1"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Wed, 14 Dec 2022 06:47:28 GMT
5rlKJOtmHaUhObhC-ki6jMkKKfYIhkEYrkhyhOk4wWvpiae13Xyye9OB4m3StsGinzXMTJjx4Xfq4yFpX1fu2QJQ-olSRVG_od1EYDBdXQ=w800
lh3.googleusercontent.com/ 		110 KB
110 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/5rlKJOtmHaUhObhC-ki6jMkKKfYIhkEYrkhyhOk4wWvpiae13Xyye9OB4m3StsGinzXMTJjx4Xfq4yFpX1fu2QJQ-olSRVG_od1EYDBdXQ=w800
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
951da460e1a7961083ca5f9af8d2e1dce631eb98117853bacab0622968a39d26
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.the-star.co.ke/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 02:22:21 GMT
x-content-type-options
nosniff
age
14352
content-disposition
inline;filename="unnamed.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
112475
x-xss-protection
0
server
fife
etag
"v1"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Mon, 12 Dec 2022 05:54:59 GMT
usync.html
ad.lkqd.net/cookie-sync/ Frame CF43 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/cookie-sync/usync.html
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
/
Resource Hash
a09fb04841151074c73e8daf6edb12da7ffd8b5e7812492a6d9f3ae977fe3d31

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
1882
content-type
text/html
date
Wed, 14 Dec 2022 06:21:33 GMT
etag
"952dcfd8e3703b5a7e78418d51009535"
last-modified
Fri, 18 Feb 2022 17:38:44 GMT
x-hw
1670998893.cds210.fr8.hn,1670998893.cds226.fr8.c
ad
v.lkqd.net/ Frame B464 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=1169236&formats=true&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=https%3A%2F%2Fwww.the-star.co.ke%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C63457%2C1%2C&c4=true&c5=&c6=63457&c10=&c11=true&c12=&c13=true&c14=&c15=true&c16=&c17=true&rnd=7374708&m=
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.137 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
ca1242df9d6cd66f56274472d99ebe85b072ef35264f41f3fa02a9c15230401e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 06:21:33 GMT
content-encoding
gzip
server
nginx
content-type
application/xml; charset=UTF-8
access-control-allow-origin
https://www.the-star.co.ke
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
1401
usync.html
ad.lkqd.net/cookie-sync/ Frame 6967 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/cookie-sync/usync.html
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
/
Resource Hash
a09fb04841151074c73e8daf6edb12da7ffd8b5e7812492a6d9f3ae977fe3d31

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
1882
content-type
text/html
date
Wed, 14 Dec 2022 06:21:33 GMT
etag
"952dcfd8e3703b5a7e78418d51009535"
last-modified
Fri, 18 Feb 2022 17:38:44 GMT
x-hw
1670998893.cds210.fr8.hn,1670998893.cds226.fr8.c
ad
v.lkqd.net/ Frame 8EA6 		180 B
357 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=1169235&formats=true&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=https%3A%2F%2Fwww.the-star.co.ke%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C63457%2C1%2C&c4=true&c5=&c6=63457&c10=&c11=true&c12=&c13=true&c14=&c15=true&c16=&c17=true&rnd=12067135&m=
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.137 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
45fa735c6df15f15a1293a9cb3125033408874bf284280e8bcac23f95ad8feac

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 06:21:33 GMT
content-encoding
gzip
server
nginx
content-type
application/xml; charset=UTF-8
access-control-allow-origin
https://www.the-star.co.ke
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
150
1670948564GYAU96ATeTBPKkFiEycR53zZ5oBj7L1.jpg
cdn.mgazeti.com/image_uploads/ 		430 KB
432 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.mgazeti.com/image_uploads/1670948564GYAU96ATeTBPKkFiEycR53zZ5oBj7L1.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1fe12f038a5e825c53c1a59c81cd2755fdb7a6477a33f64f6ce2b3060673e2c6
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.the-star.co.ke/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 06:21:33 GMT
x-amz-version-id
xfL__GjvJsjwc.9V190xAwt4nVUXydBt
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15552000; includeSubDomains; preload
age
6288
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
440771
cf-bgj
h2pri
last-modified
Tue, 13 Dec 2022 16:22:50 GMT
server
cloudflare
etag
"5afdf3849ac6421db23af0eeda8981d0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m3YWNSRWc2fi4s%2Fff1yGY%2F9VDVKGD1VG4Mhw0LLv0cmAk0rom2zDYgajBcPEAAPd4Sa1edxRd%2BKROHT76PmzWgrsOaAjYIlAWyKNtgFjUvErhcRQAH5fzvX5gJJYC96SVA1jOaVEI364nX0tyZo%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7794d70b299c9b40-FRA
teads-format.min.js
a.teads.tv/media/format/v3/ 		594 KB
130 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/media/format/v3/teads-format.min.js
Requested by
Host: a.teads.tv
URL: https://a.teads.tv/page/74198/tag
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.21.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-21-51.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
98139308023fe5252488c071279384011a3d93812a3c000e8431fce38744759c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.the-star.co.ke/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 06:21:33 GMT
content-encoding
br
last-modified
Tue, 13 Dec 2022 09:22:31 GMT
x-amz-request-id
G9RES2TB8S4SH40T
etag
"079062caae64bb8ac8f701cf0f38d41f"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
private, must-revalidate, max-age=1800, no-transform
x-bucket
4
accept-ranges
bytes
content-length
132746
x-amz-id-2
ZMoypjZjdDHqKkc09mC+TzPgzvA2Lv/DKoerGPHsl4EpIfrgMWsgujqmU9pUTnBvxDLSB9F0X6o=
expires
Wed, 14 Dec 2022 06:51:33 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 157F 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.the-star.co.ke/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
26329
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 13 Dec 2022 23:02:44 GMT
expires
Wed, 13 Dec 2023 23:02:44 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 796C 		783 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
16d3bf055ac41e1d589b4beb685c14eaa03003bbc989bca4c111cad62e485c4f
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-ZHJE0Qx2ucMwICqjEWUm5g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.the-star.co.ke/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
514
content-security-policy
script-src 'report-sample' 'nonce-ZHJE0Qx2ucMwICqjEWUm5g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 14 Dec 2022 06:21:33 GMT
expires
Wed, 14 Dec 2022 06:21:33 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
cs
cs.lkqd.net/ Frame CF43
Redirect Chain
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D54%26partnerUserId%3D%7Bdevice_id%7D
  • https://cs.lkqd.net/cs?partnerId=54&partnerUserId=9d8c06e2-68a7-4c12-a643-d606d019c2ec
43 B
537 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=54&partnerUserId=9d8c06e2-68a7-4c12-a643-d606d019c2ec
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Server
146.20.132.149 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 06:21:33 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

location
https://cs.lkqd.net/cs?partnerId=54&partnerUserId=9d8c06e2-68a7-4c12-a643-d606d019c2ec
date
Wed, 14 Dec 2022 06:21:33 GMT
server
_
content-length
0
lkqd
event.clientgear.com/cookie/ Frame CF43
Redirect Chain
  • https://cs.lkqd.net/cs?partnerId=103&redirect=https%3A%2F%2Fevent.clientgear.com%2Fcookie%2Flkqd%3Fpartner%3Dlkqd%26cookieid%3D%24%24rawlkqduserid%24%24&r=if
  • https://event.clientgear.com/cookie/lkqd?partner=lkqd&cookieid=CdWemTsj8hY
0
105 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://event.clientgear.com/cookie/lkqd?partner=lkqd&cookieid=CdWemTsj8hY
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Server
47.252.78.131 , United States, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 06:21:33 GMT
content-length
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers

Redirect headers

date
Wed, 14 Dec 2022 06:21:33 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
location
https://event.clientgear.com/cookie/lkqd?partner=lkqd&cookieid=CdWemTsj8hY
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
0
cs
cs.lkqd.net/ Frame CF43
Redirect Chain
  • https://cs.lkqd.net/cs?partnerId=102&redirect=https%3A%2F%2Fcs.krushmedia.com%2Fcd607442bfdf172cfcec45014a5f4ece.gif%3Fpuid%3D%24%24rawlkqduserid%24%24%26redir%3Dhttps%253A%252F%252Fcs.lkqd.net%252...
  • https://cs.krushmedia.com/cd607442bfdf172cfcec45014a5f4ece.gif?puid=OSgiodnfxIo&redir=https://cs.lkqd.net/cs?partnerId%3D102%26partnerUserId%3D%5BUID%5D
  • https://cs.lkqd.net/cs?partnerId=102&partnerUserId=55393d48-e1d0-42a4-ac45-8651a5eeb62f
43 B
402 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=102&partnerUserId=55393d48-e1d0-42a4-ac45-8651a5eeb62f
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Server
146.20.132.149 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 06:21:33 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

Pragma
no-cache
Date
Wed, 14 Dec 2022 06:21:33 GMT
Server
nginx
Transfer-Encoding
chunked
Location
https://cs.lkqd.net/cs?partnerId=102&partnerUserId=55393d48-e1d0-42a4-ac45-8651a5eeb62f
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Expires
0
cs
cs.lkqd.net/ Frame CF43
Redirect Chain
  • https://ad.turn.com/r/cs?pid=65
  • https://cs.lkqd.net/cs?partnerId=94&partnerUserId=2811016568733304569
43 B
526 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=2811016568733304569
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Server
146.20.132.149 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 06:21:33 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

location
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=2811016568733304569
pragma
no-cache
date
Wed, 14 Dec 2022 06:21:32 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
cs
cs.lkqd.net/ Frame CF43
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=161
  • https://cs.lkqd.net/cs?partnerId=93&partnerUserId=WUXhsN68Th1Y3T4lBrb9morHJoQ
43 B
398 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=93&partnerUserId=WUXhsN68Th1Y3T4lBrb9morHJoQ
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Server
146.20.132.149 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 06:21:34 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

Location
https://cs.lkqd.net/cs?partnerId=93&partnerUserId=WUXhsN68Th1Y3T4lBrb9morHJoQ
Date
Wed, 14 Dec 2022 06:21:33 GMT
Connection
keep-alive
Content-Length
104
Content-Type
text/html; charset=utf-8
cs
cs.lkqd.net/ Frame 6967
Redirect Chain
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D54%26partnerUserId%3D%7Bdevice_id%7D
  • https://cs.lkqd.net/cs?partnerId=54&partnerUserId=fd449806-8077-43a3-b3be-29effb9385b4
43 B
540 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=54&partnerUserId=fd449806-8077-43a3-b3be-29effb9385b4
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Server
146.20.132.149 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 06:21:33 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

location
https://cs.lkqd.net/cs?partnerId=54&partnerUserId=fd449806-8077-43a3-b3be-29effb9385b4
date
Wed, 14 Dec 2022 06:21:33 GMT
server
_
content-length
0
lkqd
event.clientgear.com/cookie/ Frame 6967
Redirect Chain
  • https://cs.lkqd.net/cs?partnerId=103&redirect=https%3A%2F%2Fevent.clientgear.com%2Fcookie%2Flkqd%3Fpartner%3Dlkqd%26cookieid%3D%24%24rawlkqduserid%24%24&r=if
  • https://event.clientgear.com/cookie/lkqd?partner=lkqd&cookieid=cQKFGM8aiLM
0
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://event.clientgear.com/cookie/lkqd?partner=lkqd&cookieid=cQKFGM8aiLM
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Server
47.252.78.131 , United States, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 06:21:33 GMT
content-length
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers

Redirect headers

date
Wed, 14 Dec 2022 06:21:33 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
location
https://event.clientgear.com/cookie/lkqd?partner=lkqd&cookieid=cQKFGM8aiLM
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
0
cs
cs.lkqd.net/ Frame 6967
Redirect Chain
  • https://cs.lkqd.net/cs?partnerId=102&redirect=https%3A%2F%2Fcs.krushmedia.com%2Fcd607442bfdf172cfcec45014a5f4ece.gif%3Fpuid%3D%24%24rawlkqduserid%24%24%26redir%3Dhttps%253A%252F%252Fcs.lkqd.net%252...
  • https://cs.krushmedia.com/cd607442bfdf172cfcec45014a5f4ece.gif?puid=ol5w2TCE31Q&redir=https://cs.lkqd.net/cs?partnerId%3D102%26partnerUserId%3D%5BUID%5D
  • https://cs.lkqd.net/cs?partnerId=102&partnerUserId=34e47b4b-0439-4ba7-80fc-13dbceeb235a
43 B
402 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=102&partnerUserId=34e47b4b-0439-4ba7-80fc-13dbceeb235a
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Server
146.20.132.149 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 06:21:33 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

Pragma
no-cache
Date
Wed, 14 Dec 2022 06:21:33 GMT
Server
nginx
Transfer-Encoding
chunked
Location
https://cs.lkqd.net/cs?partnerId=102&partnerUserId=34e47b4b-0439-4ba7-80fc-13dbceeb235a
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Expires
0
cs
cs.lkqd.net/ Frame 6967
Redirect Chain
  • https://ad.turn.com/r/cs?pid=65
  • https://cs.lkqd.net/cs?partnerId=94&partnerUserId=2594843786619520761
43 B
527 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=2594843786619520761
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Server
146.20.132.149 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 06:21:33 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

location
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=2594843786619520761
pragma
no-cache
date
Wed, 14 Dec 2022 06:21:32 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
cs
cs.lkqd.net/ Frame 6967
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=161
  • https://cs.lkqd.net/cs?partnerId=93&partnerUserId=zHifoJlHRURIOr-5AzrDporHJoQ
43 B
398 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=93&partnerUserId=zHifoJlHRURIOr-5AzrDporHJoQ
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Server
146.20.132.149 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 06:21:34 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

Location
https://cs.lkqd.net/cs?partnerId=93&partnerUserId=zHifoJlHRURIOr-5AzrDporHJoQ
Date
Wed, 14 Dec 2022 06:21:33 GMT
Connection
keep-alive
Content-Length
104
Content-Type
text/html; charset=utf-8
www-widgetapi.js
www.youtube.com/s/player/e96685ea/www-widgetapi.vflset/ 		162 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/e96685ea/www-widgetapi.vflset/www-widgetapi.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/player_api
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
42b1ed60cbdf88e3c800046c8cccb40d31206a5fe16d86d67cf28184d68c3e07
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.the-star.co.ke/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 22:01:16 GMT
content-encoding
br
x-content-type-options
nosniff
age
30017
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
54126
x-xss-protection
0
last-modified
Mon, 12 Dec 2022 01:16:42 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Wed, 13 Dec 2023 22:01:16 GMT
wigo-no-slot
sync.teads.tv/ Frame 6598 		325 B
486 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.teads.tv/wigo-no-slot
Requested by
Host: a.teads.tv
URL: https://a.teads.tv/media/format/v3/teads-format.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.24.1.49 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-24-1-49.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.9 /
Resource Hash
d85f6474893e823b6eb6ce2ad936235ff13be5d10d1c1dba6517f6dd3a731c59

Request headers

Referer
https://www.the-star.co.ke/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=0, no-cache, no-store
content-length
325
content-type
text/html; charset=UTF-8
date
Wed, 14 Dec 2022 06:21:33 GMT
expires
Wed, 14 Dec 2022 06:21:33 GMT
pragma
no-cache
server
akka-http/10.2.9
track
t.teads.tv/ 		23 B
113 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.teads.tv/track?action=placementCall&env=js-web&auctid=264a5aaa-1053-4229-a2dc-a45123add53f&pageId=74198&pid=80284&debug_metadata=0pOSHuaMyw&fv=1108&ts=1670998893393&f=1&referer=https%3A%2F%2Fwww.the-star.co.ke%2F
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.232.7 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-7.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.the-star.co.ke/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 06:21:33 GMT
cache-control
private, max-age=3666
content-length
23
content-type
image/gif
track
t.teads.tv/ 		23 B
143 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.teads.tv/track?action=noSlot-selector&env=js-web&auctid=264a5aaa-1053-4229-a2dc-a45123add53f&pageId=74198&pid=80284&fv=1108&ts=1670998893410&f=1&referer=https%3A%2F%2Fwww.the-star.co.ke%2F
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.232.7 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-7.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.the-star.co.ke/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

expires
Sat, 26 Jul 1997 05:00:00 GMT
date
Wed, 14 Dec 2022 06:21:33 GMT
cache-control
max-age=0, no-cache, no-store
content-length
23
content-type
image/gif
GC5M5N_VN3lVd7ErmxmldCKoshgV9d2S74rLP9hyoZw.js
pagead2.googlesyndication.com/bg/ Frame 157F 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/GC5M5N_VN3lVd7ErmxmldCKoshgV9d2S74rLP9hyoZw.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
182e4ce4dfd537795577b12b9b19a57422a8b21815f5dd92ef8acb3fd872a19c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 23:02:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
26354
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16025
x-xss-protection
0
last-modified
Mon, 05 Dec 2022 17:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 13 Dec 2023 23:02:19 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 796C 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022120501&jk=2425573680857061&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers
pageview
signals.aimtell.com/ 		43 B
360 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://signals.aimtell.com/pageview?id_site=24111&v=3.975&support=1&state=default&wl=0&ref=aHR0cHM6Ly93d3cudGhlLXN0YXIuY28ua2Uv
Requested by
Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/cdn.aimtell.com/trackpush/trackpush.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1f97 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.the-star.co.ke/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 06:21:33 GMT
aimtell-hash-exists
0
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET,HEAD,OPTIONS
content-type
image/gif
access-control-allow-origin
https://www.the-star.co.ke
aimtell-traverse
0
access-control-expose-headers
Aimtell-Hash-Exists, Aimtell-Traverse
access-control-allow-credentials
true
cf-ray
7794d70e0d4192b1-FRA
access-control-allow-headers
Content-Type, *
content-length
43
24111-eac28fb6894b.json
cdn.aimtell.io/config/optin/ 		436 B
797 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.aimtell.io/config/optin/24111-eac28fb6894b.json
Requested by
Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/cdn.aimtell.com/trackpush/trackpush.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:46e7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5ba76e6f632f82d934eaf4066d2ae0572b4c73310f02971c64090c86c31ce288

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.the-star.co.ke/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 06:21:34 GMT
content-encoding
gzip
via
1.1 53435acfdf55e029e1a3d0175cb1d5c2.cloudfront.net (CloudFront)
cf-cache-status
DYNAMIC
x-amz-cf-pop
BOM78-P3
x-cache
RefreshHit from cloudfront
content-length
322
last-modified
Sun, 27 Feb 2022 18:27:22 GMT
server
cloudflare
etag
"cf21d71d02dc060a9821146cc7a9063e"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
ETag
cache-control
max-age=86400
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges
bytes
cf-ray
7794d70e09505b50-FRA
x-amz-cf-id
ddKcusPRTu3nQfJ7qup4OL6vg6NEjYNFohpc2_huhP5MCI2MEsFLig==
entry.shell.js.d2f625b23227db67dd69.bundle.js
www.the-star.co.ke/build/chunks/vendors~custom/app/entry/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.the-star.co.ke/build/chunks/vendors~custom/app/entry/entry.shell.js.d2f625b23227db67dd69.bundle.js
Requested by
Host: www.the-star.co.ke
URL: https://www.the-star.co.ke/build/chunks/entry.b723c523bed74f30766d.bundle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:c18c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
18e21aa71f9cb4159176eb80c1c9677d75fbd1da3a028931a63fdb483d089cf3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.the-star.co.ke/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 06:21:33 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
10194768
cf-polished
origSize=8666
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
server
cloudflare
etag
W/"t7t90Q"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5l%2BVTsxfgPEY%2BbGMGjU1%2F%2BshkQOJx4MAaeoEDrMNfkl%2Bdj0YhMRTrl31QklJ9rKa%2BP3IcvPyVtOEHxyZWW3M4nCNmx3nwmo3hppFFtxMDzEwxHdEnuUA8alKjRuUNxw2k3hgFfNrh4dOSdDzugfefbo%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
7794d70c7b919b34-FRA
expires
Fri, 18 Aug 2023 06:28:41 GMT
entry.shell.js.4f1efb808dc634734bc5.bundle.js
www.the-star.co.ke/build/chunks/custom/app/entry/ 		23 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.the-star.co.ke/build/chunks/custom/app/entry/entry.shell.js.4f1efb808dc634734bc5.bundle.js
Requested by
Host: www.the-star.co.ke
URL: https://www.the-star.co.ke/build/chunks/entry.b723c523bed74f30766d.bundle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:c18c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82c2846e1cfc97ab99893211dd3c20de6c1dd0f6d1099cf362b1aad84faa0f2d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.the-star.co.ke/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 06:21:33 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2587220
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
server
cloudflare
etag
W/"y0kcbw"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GzsBab3Pv9bgfj5b53Sfa82OnsZ1X9Mp2GwARqFdiEnohbL9kWgKuGtxMT5%2BedulxEiRi1zzN6TIKWFNcj2QgN9%2FiVKuLG98Ovn9WtGhTXXnTUfrcgAl111FHBu5Zp3wyzuFj0l%2BW3Rggc0fy44CtBE%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-cloud-trace-context
97bfe7c32e2a4e34ca3ef2b9b7bc4ec0
cache-control
public, max-age=31536000
cf-ray
7794d70c7b959b34-FRA
expires
Tue, 14 Nov 2023 07:41:13 GMT
t
t.lkqd.net/ Frame 6DAE 		0
166 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.149 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.the-star.co.ke
date
Wed, 14 Dec 2022 06:21:33 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
EgTiqgN79WQ
www.youtube.com/embed/ Frame 1F1B 		69 KB
29 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/EgTiqgN79WQ?playsinline=1&enablejsapi=1&origin=https%3A%2F%2Fwww.the-star.co.ke&widgetid=1
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/e96685ea/www-widgetapi.vflset/www-widgetapi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4db57355a20b52e1c5cfea2fef736bd9203ecea7321b54005439dca6037926c1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.the-star.co.ke/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-type
text/html; charset=utf-8
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
cross-origin-resource-policy
cross-origin
date
Wed, 14 Dec 2022 06:21:33 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options
nosniff
x-xss-protection
0
generate_204
tpc.googlesyndication.com/ Frame 157F 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?reCaDg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 06:21:33 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
t
t.lkqd.net/ Frame 3608 		0
166 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.149 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.the-star.co.ke
date
Wed, 14 Dec 2022 06:21:33 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
vpaid.js
ad.lkqd.net/vpaid/ Frame 76C5 		230 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
/
Resource Hash
c0d59afc312f7f1d1346cc4dfdb1463c05b2d334cfa64e7b9240456a48bfcc11

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 06:21:33 GMT
content-encoding
gzip
last-modified
Thu, 13 Oct 2022 21:01:07 GMT
etag
"88ca76abee51b1544e17b021f04aaaed"
x-hw
1670998893.cds210.fr8.hn,1670998893.cds268.fr8.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1209600
accept-ranges
bytes
content-length
62021
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.146 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.the-star.co.ke
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
access-control-allow-origin
https://www.the-star.co.ke
access-control-expose-headers
Content-Type, Content-Disposition
access-control-max-age
300
cache-control
max-age=300
content-length
0
content-type
text/plain; charset=UTF-8
date
Wed, 14 Dec 2022 06:21:33 GMT
server
nginx
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.146 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.the-star.co.ke
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
access-control-allow-origin
https://www.the-star.co.ke
access-control-expose-headers
Content-Type, Content-Disposition
access-control-max-age
300
cache-control
max-age=300
content-length
0
content-type
text/plain; charset=UTF-8
date
Wed, 14 Dec 2022 06:21:33 GMT
server
nginx
usync.html
ad.lkqd.net/cookie-sync/ Frame E20E 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/cookie-sync/usync.html
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
/
Resource Hash
a09fb04841151074c73e8daf6edb12da7ffd8b5e7812492a6d9f3ae977fe3d31

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
1882
content-type
text/html
date
Wed, 14 Dec 2022 06:21:33 GMT
etag
"952dcfd8e3703b5a7e78418d51009535"
last-modified
Fri, 18 Feb 2022 17:38:44 GMT
x-hw
1670998893.cds210.fr8.hn,1670998893.cds226.fr8.c
ad
v.lkqd.net/ Frame 76C5 		46 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=1169236&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=https%3A%2F%2Fwww.the-star.co.ke%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C63457%2C1%2C&c4=true&c5=&c6=63457&c10=&c11=true&c12=&c13=true&c14=&c15=true&c16=&c17=true&rnd=7374708&m=&rtv=1&thost=www.the-star.co.ke
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.137 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
d1313bec86fb7ec78256af4326680f6437ec7a02de758ad92cf4bf7822da0126

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 14 Dec 2022 06:21:34 GMT
content-encoding
gzip
server
nginx
content-type
application/json
access-control-allow-origin
https://www.the-star.co.ke
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
3558
ad
v.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=1169236&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=https%3A%2F%2Fwww.the-star.co.ke%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C63457%2C1%2C&c4=true&c5=&c6=63457&c10=&c11=true&c12=&c13=true&c14=&c15=true&c16=&c17=true&rnd=7374708&m=&rtv=1&thost=www.the-star.co.ke
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.137 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.the-star.co.ke
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://www.the-star.co.ke
access-control-expose-headers
Content-Type, Content-Disposition
access-control-max-age
300
cache-control
max-age=300
content-length
0
date
Wed, 14 Dec 2022 06:21:34 GMT
server
nginx
truncated
/ 		5 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
65cb5cd5882c666a22bf188d80f04fe01f56fbb3428e29d74aa24e3d9b1c783b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type
image/png
www-player.css
www.youtube.com/s/player/e96685ea/ Frame 1F1B 		360 KB
49 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/e96685ea/www-player.css
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/EgTiqgN79WQ?playsinline=1&enablejsapi=1&origin=https%3A%2F%2Fwww.the-star.co.ke&widgetid=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b12df28928ae6402d9d672b356057877a9829fb5701e913e162c03774ab4cec7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/EgTiqgN79WQ?playsinline=1&enablejsapi=1&origin=https%3A%2F%2Fwww.the-star.co.ke&widgetid=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 01:02:03 GMT
content-encoding
br
x-content-type-options
nosniff
age
19170
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49901
x-xss-protection
0
last-modified
Mon, 12 Dec 2022 01:16:42 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 14 Dec 2023 01:02:03 GMT
www-embed-player.js
www.youtube.com/s/player/e96685ea/www-embed-player.vflset/ Frame 1F1B 		315 KB
97 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/e96685ea/www-embed-player.vflset/www-embed-player.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/EgTiqgN79WQ?playsinline=1&enablejsapi=1&origin=https%3A%2F%2Fwww.the-star.co.ke&widgetid=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a491c56726826ca847ad1bf4e52b42c9b45fc1892491b954f3d14eed4da49580
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/EgTiqgN79WQ?playsinline=1&enablejsapi=1&origin=https%3A%2F%2Fwww.the-star.co.ke&widgetid=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 18:41:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
128425
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
99486
x-xss-protection
0
last-modified
Mon, 12 Dec 2022 01:16:42 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 12 Dec 2023 18:41:08 GMT
base.js
www.youtube.com/s/player/e96685ea/player_ias.vflset/de_DE/ Frame 1F1B 		2 MB
586 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/e96685ea/player_ias.vflset/de_DE/base.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/EgTiqgN79WQ?playsinline=1&enablejsapi=1&origin=https%3A%2F%2Fwww.the-star.co.ke&widgetid=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ba7eef81c1b81bfba6ae3137cd7c58c3f65dcce009fe916f24d7dfec23e77c9d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/EgTiqgN79WQ?playsinline=1&enablejsapi=1&origin=https%3A%2F%2Fwww.the-star.co.ke&widgetid=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 18:41:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
128425
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
599544
x-xss-protection
0
last-modified
Mon, 12 Dec 2022 01:16:42 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 12 Dec 2023 18:41:08 GMT
fetch-polyfill.js
www.youtube.com/s/player/e96685ea/fetch-polyfill.vflset/ Frame 1F1B 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/e96685ea/fetch-polyfill.vflset/fetch-polyfill.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/EgTiqgN79WQ?playsinline=1&enablejsapi=1&origin=https%3A%2F%2Fwww.the-star.co.ke&widgetid=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/EgTiqgN79WQ?playsinline=1&enablejsapi=1&origin=https%3A%2F%2Fwww.the-star.co.ke&widgetid=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 18:41:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
128425
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2786
x-xss-protection
0
last-modified
Mon, 12 Dec 2022 01:16:42 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 12 Dec 2023 18:41:08 GMT
container.html
b8e0ce453c4825c070d42c0107d46d94.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame A132 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://b8e0ce453c4825c070d42c0107d46d94.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.the-star.co.ke/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 14 Dec 2022 06:21:33 GMT
expires
Thu, 14 Dec 2023 06:21:33 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 1F1B 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/EgTiqgN79WQ?playsinline=1&enablejsapi=1&origin=https%3A%2F%2Fwww.the-star.co.ke&widgetid=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Fri, 09 Dec 2022 11:55:05 GMT
x-content-type-options
nosniff
age
411988
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 09 Dec 2023 11:55:05 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 1F1B 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/EgTiqgN79WQ?playsinline=1&enablejsapi=1&origin=https%3A%2F%2Fwww.the-star.co.ke&widgetid=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 22:21:19 GMT
x-content-type-options
nosniff
age
115214
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 12 Dec 2023 22:21:19 GMT
cs
cs.lkqd.net/ Frame E20E
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=161
  • https://cs.lkqd.net/cs?partnerId=93&partnerUserId=DcqToBH7TgRbsiPmgBAhRYrHJoQ
43 B
398 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=93&partnerUserId=DcqToBH7TgRbsiPmgBAhRYrHJoQ
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Server
146.20.132.149 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 06:21:34 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

Location
https://cs.lkqd.net/cs?partnerId=93&partnerUserId=DcqToBH7TgRbsiPmgBAhRYrHJoQ
Date
Wed, 14 Dec 2022 06:21:34 GMT
Connection
keep-alive
Content-Length
104
Content-Type
text/html; charset=utf-8
cs
cs.lkqd.net/ Frame E20E
Redirect Chain
  • https://nxd.adhaven.com/bid-engine/cs/2e288610711ad6050acd86a3fc72a6c3/v1?rd=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D90%26partnerUserId%3D%24UID
  • https://cs.lkqd.net/cs?partnerId=90&partnerUserId=4c_033ac60a-6973-41be-9af3-34cb467e4999
43 B
404 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=90&partnerUserId=4c_033ac60a-6973-41be-9af3-34cb467e4999
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Server
146.20.132.149 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 06:21:34 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

location
https://cs.lkqd.net/cs?partnerId=90&partnerUserId=4c_033ac60a-6973-41be-9af3-34cb467e4999
date
Wed, 14 Dec 2022 06:21:34 GMT
via
1.1 google
server
WildFly/10
x-powered-by
Undertow/1
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cm
p.rfihub.com/ Frame E20E 		42 B
593 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.rfihub.com/cm?pub=35678&in=1
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
193.0.160.129 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software
Jetty(9.3.29.v20201019) /
Resource Hash
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type
image/gif
Date
Wed, 14 Dec 2022 06:21:34 GMT
Cache-Control
no-cache
Server
Jetty(9.3.29.v20201019)
Content-Length
42
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cs
cs.lkqd.net/ Frame E20E
Redirect Chain
  • https://cs.lkqd.net/cs?partnerId=85&redirect=https%3A%2F%2Fa.tribalfusion.com%2Fi.match%3Fp%3Db30%26u%3D%24%24rawlkqduserid%24%24%26redirect%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%2...
  • https://a.tribalfusion.com/i.match?p=b30&u=_xt7vX3zMtk&redirect=https://cs.lkqd.net/cs?partnerId%3D85%26partnerUserId%3D$TF_USER_ID_ENC$
  • https://s.tribalfusion.com/z/i.match?p=b30&u=_xt7vX3zMtk&redirect=https://cs.lkqd.net/cs?partnerId%3D85%26partnerUserId%3D$TF_USER_ID_ENC$
  • https://cs.lkqd.net/cs?partnerId%3D85%26partnerUserId%3D18072662277490772174
0
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId%3D85%26partnerUserId%3D18072662277490772174
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Server
146.20.132.149 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 06:21:34 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
0

Redirect headers

pragma
no-cache
date
Wed, 14 Dec 2022 06:21:34 GMT
cf-cache-status
DYNAMIC
x-function
209
server
cloudflare
x-reuse-index
109
content-type
text/html
location
https://cs.lkqd.net/cs?partnerId%3D85%26partnerUserId%3D18072662277490772174
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
7794d7115bd89070-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
cs
cs.lkqd.net/ Frame E20E
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/lkq
  • https://match.prod.bidr.io/cookie-sync/lkq?_bee_ppp=1
  • https://cs.lkqd.net/cs?partnerId=80&partnerUserId=AAGCck7HMtcAACAJ4unM0Q
43 B
393 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=80&partnerUserId=AAGCck7HMtcAACAJ4unM0Q
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Server
146.20.132.149 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 06:21:34 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

location
https://cs.lkqd.net/cs?partnerId=80&partnerUserId=AAGCck7HMtcAACAJ4unM0Q
Date
Wed, 14 Dec 2022 06:21:34 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
container.html
b8e0ce453c4825c070d42c0107d46d94.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 9124 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://b8e0ce453c4825c070d42c0107d46d94.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.the-star.co.ke/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 14 Dec 2022 06:21:33 GMT
expires
Thu, 14 Dec 2023 06:21:33 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012211060024000/ Frame 1BFD 		221 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012211060024000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a01f9f2f5ba1812441a49f7f1dc0b04fb56a18b486005289b8df4212381f10ce
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.the-star.co.ke/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 13 Dec 2022 09:27:20 GMT
age
75254
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
61592
x-xss-protection
0
server
sffe
etag
"a2fca7132416d151"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 13 Dec 2023 09:27:20 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012211060024000/v0/ Frame 1BFD 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012211060024000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d89cb9800cc62dcc44a0ba866b4a080ad06f735f60a6afecbd6d691d2e8939dd
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.the-star.co.ke/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 13 Dec 2022 09:27:20 GMT
age
75254
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5218
x-xss-protection
0
server
sffe
etag
"abd4378f71571d78"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 13 Dec 2023 09:27:20 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012211060024000/v0/ Frame 1BFD 		94 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012211060024000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8ee5f53d3752309af021002b2199a06523b1fd03f3ea1cdaf5d59e911d4d8178
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.the-star.co.ke/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 13 Dec 2022 09:27:20 GMT
age
75254
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28809
x-xss-protection
0
server
sffe
etag
"dd6615029de85e23"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 13 Dec 2023 09:27:20 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012211060024000/v0/ Frame 1BFD 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012211060024000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c3f73b989e0620a4d2e12ed57a0d538e4580b8fefaa1fefbad73e0abad6d227f
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.the-star.co.ke/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 13 Dec 2022 09:27:20 GMT
age
75254
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1913
x-xss-protection
0
server
sffe
etag
"403438c4d550ee88"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 13 Dec 2023 09:27:20 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012211060024000/v0/ Frame 1BFD 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012211060024000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b1c3ea8b3d9fec1913ac70c81c83f2172acc41988e747bd24d22bf779fd19a0
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.the-star.co.ke/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 13 Dec 2022 09:27:20 GMT
age
75254
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12946
x-xss-protection
0
server
sffe
etag
"0bacd3f1ce38a7db"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 13 Dec 2023 09:27:20 GMT
truncated
/ Frame 1BFD 		219 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7d24edd264151f326a963822300fe909351ac85f1dee3ce29541cc92cbfef29a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type
image/png
13821398758563727314
tpc.googlesyndication.com/simgad/ Frame 1BFD 		47 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/13821398758563727314?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qnOB3fQLJGz7JdlhCxvFAHreLjoPg
Requested by
Host: www.the-star.co.ke
URL: https://www.the-star.co.ke/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c19cca3effa7e674cdd64ff08f6b6a07b2b612ce81848514f7d60c08827e31c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.the-star.co.ke/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 07:03:45 GMT
x-content-type-options
nosniff
age
602268
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48543
x-xss-protection
0
last-modified
Tue, 06 Dec 2022 08:55:26 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 07 Dec 2023 07:03:45 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 1BFD 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: www.the-star.co.ke
URL: https://www.the-star.co.ke/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.the-star.co.ke/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 10:16:18 GMT
x-content-type-options
nosniff
server
cafe
age
72315
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Wed, 14 Dec 2022 10:16:18 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 1BFD 		295 B
319 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: www.the-star.co.ke
URL: https://www.the-star.co.ke/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.the-star.co.ke/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 09:52:43 GMT
x-content-type-options
nosniff
server
cafe
age
73730
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Wed, 14 Dec 2022 09:52:43 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 1BFD 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=Cd4srbWuZY9f8BN_h7_UPj52K2A3jgtfobejI_aaYEdvZHhABIID6vy1glYKAgLQHoAGcr_uoAsgBAuACAKgDAcgDCKoElAJP0NC8sxq6qIQEgSFVtrEA9WKz3uDcBzLnV-BWrcqQ7XLI9ogpIe3TaFRD5oHGxGZfpufX7WcL637DozHJPZCT_2KRa7RjXBOJonofvRXxpNGhQG360QHqqqn8VQJQNKux5JLfX_gmcJJK1xalnDqY56O8EvPBIASJYsKMSuIa31SIZzU56Ppvn9hmrFG-hno0gILjTK7Pl3gb2bY0pP5eAZT8pPYcfiT02gRS2Mk2RdcCfReQy5zgMTt4ZU5qEkUcAoz-h2T2ASVdDPkwLi1z_0Yd_Zc5c1OK-8Y5y4g9HCT6EimgUAdnxanzZRcKo9aG57pyH1Ay2KyB2SyCvjquOkSZcy7N9u5uw1XOuRz0CYS1AtjABNPMyYucBOAEAZIFBAgEGAGSBQQIBRgEoAYCgAfM0ITXAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEELjXKtIIEQiA4YBwEAEYHTIC6wI6AoBAgAoDyAsB2BMN0BUBmBYBgBcBshceChwIABIUcHViLTY5MjY5OTI3MzY1OTg2MDQYsNUU&sigh=bxo9TioBDxc&uach_m=[UACH]&cid=CAQSTADq26N9PZpqBZZZiNQRcPsDoNBn9JQcIiqzvSkUnP-yXxYY1F8vuE3XzV0lZGI_IUlLoIxL9rc9gPVKWAnieFzPvvUJVZJr-xHjA_YYASAT
Requested by
Host: www.the-star.co.ke
URL: https://www.the-star.co.ke/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.the-star.co.ke/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers
container.html
b8e0ce453c4825c070d42c0107d46d94.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 2610 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://b8e0ce453c4825c070d42c0107d46d94.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.the-star.co.ke/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 14 Dec 2022 06:21:33 GMT
expires
Thu, 14 Dec 2023 06:21:33 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
b8e0ce453c4825c070d42c0107d46d94.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 362B 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://b8e0ce453c4825c070d42c0107d46d94.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.the-star.co.ke/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 14 Dec 2022 06:21:33 GMT
expires
Thu, 14 Dec 2023 06:21:33 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012211060024000/ Frame 6AD1 		221 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012211060024000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a01f9f2f5ba1812441a49f7f1dc0b04fb56a18b486005289b8df4212381f10ce
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.the-star.co.ke/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 13 Dec 2022 09:27:20 GMT
age
75254
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
61592
x-xss-protection
0
server
sffe
etag
"a2fca7132416d151"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 13 Dec 2023 09:27:20 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012211060024000/v0/ Frame 6AD1 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012211060024000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d89cb9800cc62dcc44a0ba866b4a080ad06f735f60a6afecbd6d691d2e8939dd
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.the-star.co.ke/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 13 Dec 2022 09:27:20 GMT
age
75254
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5218
x-xss-protection
0
server
sffe
etag
"abd4378f71571d78"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 13 Dec 2023 09:27:20 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012211060024000/v0/ Frame 6AD1 		94 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012211060024000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8ee5f53d3752309af021002b2199a06523b1fd03f3ea1cdaf5d59e911d4d8178
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.the-star.co.ke/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 13 Dec 2022 09:27:20 GMT
age
75254
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28809
x-xss-protection
0
server
sffe
etag
"dd6615029de85e23"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 13 Dec 2023 09:27:20 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012211060024000/v0/ Frame 6AD1 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012211060024000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c3f73b989e0620a4d2e12ed57a0d538e4580b8fefaa1fefbad73e0abad6d227f
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.the-star.co.ke/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 13 Dec 2022 09:27:20 GMT
age
75254
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1913
x-xss-protection
0
server
sffe
etag
"403438c4d550ee88"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 13 Dec 2023 09:27:20 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012211060024000/v0/ Frame 6AD1 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012211060024000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b1c3ea8b3d9fec1913ac70c81c83f2172acc41988e747bd24d22bf779fd19a0
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.the-star.co.ke/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 13 Dec 2022 09:27:20 GMT
age
75254
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12946
x-xss-protection
0
server
sffe
etag
"0bacd3f1ce38a7db"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 13 Dec 2023 09:27:20 GMT
css
fonts.googleapis.com/ Frame 6AD1 		6 KB
672 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:300|Roboto:400,500&lang=en
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
48abbbb87d8a3a1f97940449fd42b27a75079b449e844fad811e1231cdc57836
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.the-star.co.ke/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 14 Dec 2022 06:21:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 14 Dec 2022 06:21:33 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 14 Dec 2022 06:21:33 GMT
css
fonts.googleapis.com/ Frame 6AD1 		4 KB
621 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,500&text=
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
46d1791d45e9e6840842ef90f192c2c6f1f4247baa7c1f32f2da75d3a05c0de2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.the-star.co.ke/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 14 Dec 2022 06:21:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 14 Dec 2022 05:30:40 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 14 Dec 2022 06:21:33 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 6AD1 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.the-star.co.ke/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 10:16:18 GMT
x-content-type-options
nosniff
server
cafe
age
72315
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Wed, 14 Dec 2022 10:16:18 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 6AD1 		295 B
319 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.the-star.co.ke/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 09:52:43 GMT
x-content-type-options
nosniff
server
cafe
age
73730
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Wed, 14 Dec 2022 09:52:43 GMT
14333828860556662335
s0.2mdn.net/simgad/ Frame 6AD1 		347 KB
347 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/14333828860556662335
Requested by
Host: www.the-star.co.ke
URL: https://www.the-star.co.ke/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
24b28b35859e2321ee6ae443bc3b3bc9a17cd00790f84b124b0aacf3c6a9293a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.the-star.co.ke/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Fri, 09 Dec 2022 17:31:54 GMT
x-content-type-options
nosniff
age
391780
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
354939
x-xss-protection
0
last-modified
Wed, 02 Nov 2022 14:53:44 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 09 Dec 2023 17:31:54 GMT
6910137331195735109
s0.2mdn.net/simgad/ Frame 6AD1 		705 KB
706 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/6910137331195735109
Requested by
Host: www.the-star.co.ke
URL: https://www.the-star.co.ke/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
85d02d0a75eb2247a55f3dc4714f3db54f126ef57d4adbdf2ffffed589d4b629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.the-star.co.ke/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Fri, 09 Dec 2022 08:50:06 GMT
x-content-type-options
nosniff
age
423088
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
721475
x-xss-protection
0
last-modified
Wed, 02 Nov 2022 14:53:27 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 09 Dec 2023 08:50:06 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 6AD1 		42 B
761 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DjEM6dBVDaFtQi92fx7OriFbP4jiEgUGyhTT3SvbsSYl0ZPaxVp1PyDJZvQZj8Q0fzwqbEVsq9QuxxvV0M6h_QhnFwoxttciEA4z92xXlj-srj1-v6Loa06f3lLraCryOM2wVBMRY-gkOyK4PnsFdO7cxYHg&dbm_d=AKAmf-CGqrwwT7QI3RNorgnZ_JWomxr_RCKetteMaxWyy6EG73_uQFiid-pLSbfQg0IxUBeEL1JTGkC76mG2ZsvrdyD0w1Zn9LXpDW1gqPGrpDN4y-se3CbV8-2V4mwr5HWnGP_NVe2xuDPy3qxX-QjasrSEfsrGNasix3Q32nPpCPRNuXYdx3Owtx_ZDtKOoY0fUcAiJLQAAmMBstBrikP9K3jhZz1lKuygYFUGfkG91w-1re3zY-Dq3gTQeGISKBzLef1yZOGsCaaXbD1oyfzkwyL7DkIhyZlz1jdNoC0DcfGKwn3LWwM5MK3x7R1yIFQv9jt59b7CR8P-SWvhn3vEoe0-ICh8nR9N8_fza6qhIyfII_x9Eii2hiGkF9Aw7xx8i3gbbu1GR6lElGpE5L1OY8doq5epWUakiG3OG9mIiIEvanU5fPK0E3Pq54xf2rpD97LetmAORZZ3XWRDssXivBJSrtWkaFCEuqw6h5VJemU9-dAM-e_fK5vV-5EjF8yjP1zxWuAfkqkLneiDrpwgAa2BRaUdenHbPy9jjCM7MhNMi0rtvg06-Ww5yo40z0Yseux4ANSDqJ0FAiuEfIsJ0MUQsa72W4b6jHWj_4zYTowZfGlFh2UvXgBMG5NbjOB_RN30Y3tqsy9NcXDJz3UJQbA2rv9L7xWLIY2zQK6fiF03SXz_FZAYQhM26SWBvapsJVbj9H6tDyFOc8wDEZeRzHq1mrFjM-f64BUW2Om24bHkT3HIFdhjTGzx8sqp_ZWa__cjUb8MYl2oVtJoyYKMFrS7FDYT3qlXZ3adZMOUAxDke6vmhYaDBEUvXEWyPCPn9hIuBS7-Xr3eeXI6J2fphYxBqCWgCbc2-vYFhVHIVFIcJK4R-e1fm2e0YSmYPVxvP1mbvqjMJ2-VE_H6sa3GzYukznh4A_LCiTIPr2XtGeAMTUT8lWZFjAkRzQ8a9bBZIl-KRYeCQmn9OGNijU_kLFf4dU_R9ll5OlKGx4Eom7mGiyva17YKpi_JwEXgGaltnJwqX5xWhhS_ipUQRw_qdNSklicbpbucKwwFwsr5mpwi92n2dh1OWG9rLmJXQpNLPIB3SZfdFI1rX6gmLHIk7_7KrtO5DMVjBWG12DYTspTNWP4fPs1IyCl7l72RxFZX7ghQ5TP45jVp3YeTOUqPqMVPlljzLFQynhBqPV9V262gwC8L06YaYo5PVfLIDHaNaCk_aTA7OUbJXlb4-Vb9t4TsYqDMfxyHEvUoxaQqnZBVkj78WJWADz1foqu4ITDqI56MKtQF70RNxwIUPvsxNMaULDQAHJOmft2fxaugDQeIlh_hmBmVSK6dy2WH5X26yFsziHR7uuFE0UfbJh_aB_yTeF9Qh3p-ItPXUtH5sE0DGkw_JqaZWFCT8HAUpAvH61XWYlC0Y8KRXeLHykfRaUQW65Su3M6WxGWeRC9yYw9UXgN5Q_eL241C9o5UzqUlmE8cBbn0PBeD4s8ABNibk4p6GEZ9icNWEP6f9qW7Nh9W1Im3oafb5oCQ5mWZnX3cNha1VcErVhP5jTA2Z82zCUjfCmBCXf0vTtX6di8WGR3komYw5AnbrJYkECaB9OLtuK5YtCckS3_Y57AfGIN9im9PDDMb7PrmA9GhXtuSKPArnT8upP2mp2x1eyxyUpcOpu8FZbgJVY_wUT8DgyzINXrZAcnRMlR5fUG4iKib9dKAXBwT7KIY0H3Ilk16aytXxV3ZiYmgmH7iKmsqm0ms7Wc3gkTgUIz5jPQcy-yrIVO8eV5VLtYQhiF_UliKudi_iNVFU-WML3JC3KXNkkH1IjkCiCeaYhck_1UPH5A0J8W44IW_AkaBbmzo2BgfDDTirL4QlvL7snFJmcDtYvWRRGclIUMPsCCAD7fNMEGfzZPmeAmrirPYlZAqpimGDZ8MomUpEAuPYyFlMAnT8bmwi__2vHsjO2nvu2eX3ZRA8f6GD4KAKTZ8sMhc5jdVtI24qEF9hoPlIGEv20ScpDsk1rKw4HaChwfIeydvAOezUUVpWp3zg0ITNFmrFnjC7Vt1iGIN3KFagfi0sDldvtaWNeFIEYO-J8dtsYPTZoadoyLbm7oZDaBSoTZVBik8WRwGfYgcg3px0wV8cFFW9CldpTkmmiOT_lD4K_eh8cDniq_mvYnpvYVapb3h8P-pgbhNKeXVxL7Ef5jD0VTFbI7gUyC4HTLOA46D9hIpODDkAS917zQBfSr-ripmc484dOMCTWiWakhaNKv4AfAOPcK0Dg-PgU5U7jwKEHwI7RIyoJ_3p7wbBxKV9a-bACSznM5b79Y7NrXJLYwFM7Ffh8dI5CYbpvWczEWxtkcmb8dB0_YzhnaATSonoOMQfXO6M5r3lmyrj1x-pHl_-IPrBxwwwGEBaZ6EZy-bHSCmsi4JUU2ELQKzWaMumWV86yo5kMMP8XLq9OtbRXmzO_LNloZEyqbeIaupiNqfjw98uQoprigWR7lrgZryurKls2Vj-FPcQP_rBeJUi7nuRnDZZy3L4tltKjffV51qIyA7d3CH-IUXGk3g6I51XseRXha0MGEgJgLQXlY1N2I9TOZsgbxgB7oBrDgXPVwcvxblY8pueJBpo9VA_OiMOz7VN0Zciw4oksGWEOTkopRo9LqHrFU4kmTZRbuZ4uU88AbppyOLvhlhog1hc-IeO1E8OQ1EdbkxMhUJRn-hv2W4PNaUgAUAXQ43ECiU-AcQDPptc0A1nn2b5n2oSMgIgRUNvPjDocRrzsbqAFdBVBWt5iBPSYQOUhs2klwvi0a4ry3tCNvdcbm7Jd9ZR0rITK3io12IPnIFeIEnxvPkkMkurxUQwj7C6g4gPH8HBA_QqB1JGOF8Dv9XgJ4sHeIaCSl-QWe4WwK-nKdM_1dEdp0WbDlZ_bZZCHM9oUu3pQ49YbymxSS4pQknMDBqBmU027Kb__ICAoKD9_baI46p3f1RF6YpPACK1SaFYsYiEkq_U3zRuw12KCLeDRRX9qjJkDhCkipwoA-TtkIQCQpTQFsraC_ZLZZ5T91pZ89RkANp5-geagP3HKIGkf4806t4sXiZ6Pm2f6PKgp88iadXxax322nFxdlsaG6Fkb9pc14sVY74I5zMWLt2AI2K87mvzDEXCBrfROIAHgRHWzGgqEYSl-KXDBZt1dN2OQZOS4c3QfVCKyguFWOM9BwJrEdx51u3fZx8TfJdvk8dx36qVQClfjelud_frMuKc-aDW3ON7pppXt9EAxBObkdg_pkxtNcV0t5JPfuwIoAqt8e6DjMjNsuY0JNqM8yyi5C94ygZdW_JTAuaTWPXXNSB89JtrcW1SGcHJTSC3SWK01pNdNP20I_936Up9nkX1Q4Ahvm94Ossqxa0pvRceEbzkMhsuGsil1_xCDq9S2P6r-akm6strs6IP4BZ_DJ9UClWvyhCiE_457lTJiUT7ZeCkFWO5XkHEa0J-r01Zj3xmBws0oUxfIkcSkWBL90zvfGi8GFpoUmCHjYRoo4Bm91rZRnJL5aHSkNnc-0Koqi5-hE0t3iUyMTJFHeHyo34BR8--ZBuD6-m2tnoPeSQbakEWU5d_g09_P6dk2HiyjpUvxAK4jufD7pUT6kdj_f4V8d8zr7zNe2Cc9wiCh2Ie4xTwjhCnzfUIW7of7A0Lbbzw9BwasZX9lE1O-5D_SELnV33boBWKAkRYB7mZvI0TL99TSbnzFbBXtkGBJ7w08_Ket4TD5N6y32EMUpbby3fSEwVYO7vFTOJVQ9rQw4Ua8dHHt240Rl8LsJJ0Al-Z2ce-0wriBAfmdr5f3RpcAUX9tLCh335GESB610uNq-JQoN5kFscFBSD76a4Hqw4XfV85AehpADXDwyj1oO3eaX6PX0P4JqGjUXsM-WsoLcUwxPXl0eyoYkH2aHIc0ITliwnbro7Pm1R8sL6qlTIpQssLLkBim-gafPOPsbv758Xe3gxTf4OC3rLOG92lqg9nRNjxpLB7h_yUotmqhzXiLI6xrjm2xhM4UKbrNvymgHt6xGblmo0bKGrejLcVfGO10sTwNjYSwoiKrNSIJsDcTYL3XidR_kT5W_C56UMNMXNL2O2IqmOhxMyVPcRuAiRoM0zlvNe&cid=CAQSTADq26N9PZpqBZZZiNQRcPsDoNBn9JQcIiqzvSkUnP-yXxYY1F8vuE3XzV0lZGI_IUlLoIxL9rc9gPVKWAnieFzPvvUJVZJr-xHjA_YYASAT&dc_exteid=109197389393604135&dc_pubid=4
Requested by
Host: www.the-star.co.ke
URL: https://www.the-star.co.ke/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.the-star.co.ke/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Dec 2022 06:21:34 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 6AD1 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CDUuCbWuZY9b8BN_h7_UPj52K2A3Zx5OfbbDb78r1EKKU4OrPNhABIID6vy1glYKAgLQHyAEGqQJjTU4bBNSxPqgDAaoEmAJP0JiIGtfAGieBNf_anXTG84Akk45cncpDRZwB6Jb8tgJXMJ5PruAEJE0jOqbsXAcSFyd1eBWYwTxuuk4RxLIxME_P2_hFfHmxL_3SYiJe4OwhkXtlytXskOlPyGG2gc9L_IvslNk_V4aLunPsVHYdFLOBN4PpYjF6DPNv99g3l_X6Nxt85l_5eZ5QOyv-vhwgyLeZKydYUbWPgBo8n2Bhi686Xbw5TqDgZWCVcN3c6_SY8WW-qk-NV8hBNLA-vHqb923yPDkbgg_5LcLMH-AHW-mhN5nLC0GycfJy8vYDnQgjXvtGf8pZAr1N0zWPgglVHFdZjRUHKqCsdTDIQ2QzkjRqbUEn3M1dCWjx7tEJCba67XPcWJKjwATG_7LsjwTgBAOIBbWT0oBGkgULCCIQAhgBSKiN2AGSBQYIHRAEGAGSBQYIHRABGAGSBQYIHhABGAGQBgGgBjeAB8z1788CqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwoQprQxGNf-gNgB0ggRCIDhgHAQARgdMgLrAjoCgECACgPICwGwE6O9wRHIE--prOED0BMA2BMKiBQB2BQB0BUBgBcBshceChwIABIUcHViLTY5MjY5OTI3MzY1OTg2MDQYsNUU&sigh=LJM-pE-aRL0&uach_m=[UACH]&cid=CAQSTADq26N9PZpqBZZZiNQRcPsDoNBn9JQcIiqzvSkUnP-yXxYY1F8vuE3XzV0lZGI_IUlLoIxL9rc9gPVKWAnieFzPvvUJVZJr-xHjA_YYASAT&template_id=509&vt=10
Requested by
Host: www.the-star.co.ke
URL: https://www.the-star.co.ke/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.the-star.co.ke/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers
truncated
/ Frame 6AD1 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
32a9404c5662ae6cf8c59f12375a4c9bee0b3fad9dc81733b9b7e45d9aa505ad

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type
image/png
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 6AD1 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300|Roboto:400,500&lang=en
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.the-star.co.ke
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 08 Dec 2022 19:42:15 GMT
x-content-type-options
nosniff
age
470358
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 08 Dec 2023 19:42:15 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 6AD1 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300|Roboto:400,500&lang=en
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.the-star.co.ke
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 08 Dec 2022 11:59:40 GMT
x-content-type-options
nosniff
age
498113
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15920
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 08 Dec 2023 11:59:40 GMT
t
t.lkqd.net/ Frame F567 		0
166 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.149 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.the-star.co.ke
date
Wed, 14 Dec 2022 06:21:34 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.146 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.the-star.co.ke
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
access-control-allow-origin
https://www.the-star.co.ke
access-control-expose-headers
Content-Type, Content-Disposition
access-control-max-age
300
cache-control
max-age=300
content-length
0
content-type
text/plain; charset=UTF-8
date
Wed, 14 Dec 2022 06:21:34 GMT
server
nginx
id
googleads.g.doubleclick.net/pagead/ Frame 1F1B 		113 B
327 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/id
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/e96685ea/www-embed-player.vflset/www-embed-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5806fc91e8380c3cab9ff4ab77390a9ad5787ce71b55030ad6552f683069ffb2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 06:21:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
133
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad_status.js
static.doubleclick.net/instream/ Frame 1F1B 		29 B
588 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.doubleclick.net/instream/ad_status.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/e96685ea/www-embed-player.vflset/www-embed-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 06:18:31 GMT
x-content-type-options
nosniff
age
183
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29
x-xss-protection
0
last-modified
Thu, 12 Dec 2013 23:40:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 14 Dec 2022 06:33:31 GMT
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 1F1B 		66 KB
30 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/e96685ea/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
116ad0e55e56b7180e078d1d05b5084ddc64b12290ef489f12b83d6d893e3c9b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-User-Agent
grpc-web-javascript/0.1
Referer
https://www.youtube.com/
X-Goog-Api-Key
AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
application/json+protobuf

Response headers

date
Wed, 14 Dec 2022 06:21:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json+protobuf; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30913
x-xss-protection
0
remote.js
www.youtube.com/s/player/e96685ea/player_ias.vflset/de_DE/ Frame 1F1B 		119 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/e96685ea/player_ias.vflset/de_DE/remote.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/e96685ea/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2715d7400fc9d49eca775ec3a8814267b28be978f14edc9f4458ae9789605a38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/EgTiqgN79WQ?playsinline=1&enablejsapi=1&origin=https%3A%2F%2Fwww.the-star.co.ke&widgetid=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 18:41:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
128414
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37377
x-xss-protection
0
last-modified
Mon, 12 Dec 2022 01:16:42 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 12 Dec 2023 18:41:20 GMT
YkfklCtf3s5-_1quWHAnTHHVaBZ-i7ToAeXFpu3i2Ro.js
www.google.com/js/th/ Frame 1F1B 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/js/th/YkfklCtf3s5-_1quWHAnTHHVaBZ-i7ToAeXFpu3i2Ro.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/e96685ea/player_ias.vflset/de_DE/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6247e4942b5fdece7eff5aae5870274c71d568167e8bb4e801e5c5a6ede2d91a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 00:49:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
19922
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14349
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 10:00:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 14 Dec 2023 00:49:32 GMT
embed.js
www.youtube.com/s/player/e96685ea/player_ias.vflset/de_DE/ Frame 1F1B 		26 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/e96685ea/player_ias.vflset/de_DE/embed.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/e96685ea/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f19f656dbb9200aa6cae2b6ae01fcb162c03c0738be116c35d9549c93b7398b6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/EgTiqgN79WQ?playsinline=1&enablejsapi=1&origin=https%3A%2F%2Fwww.the-star.co.ke&widgetid=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 18:41:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
128425
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8307
x-xss-protection
0
last-modified
Mon, 12 Dec 2022 01:16:42 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 12 Dec 2023 18:41:09 GMT
truncated
/ Frame 1F1B 		175 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type
image/png
AMLnZu_BhXxtvZyTVcLzaPgyUIQCBVE6JiGe76EH9oKw=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame 1F1B 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yt3.ggpht.com/ytc/AMLnZu_BhXxtvZyTVcLzaPgyUIQCBVE6JiGe76EH9oKw=s68-c-k-c0x00ffffff-no-rj
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/EgTiqgN79WQ?playsinline=1&enablejsapi=1&origin=https%3A%2F%2Fwww.the-star.co.ke&widgetid=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
0be58fb0639cde895aefea4feddde840395c6ce1bf28345678042f3b031a104d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 02:34:24 GMT
x-content-type-options
nosniff
age
13630
content-disposition
inline;filename="unnamed.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3248
x-xss-protection
0
server
fife
etag
"v8"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Sun, 13 Nov 2022 16:10:20 GMT
sddefault.jpg
i.ytimg.com/vi/EgTiqgN79WQ/ Frame 1F1B 		63 KB
63 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi/EgTiqgN79WQ/sddefault.jpg
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/EgTiqgN79WQ?playsinline=1&enablejsapi=1&origin=https%3A%2F%2Fwww.the-star.co.ke&widgetid=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dc844ee88095c655fec2c9ac44bc0d8d0f4ffb3f062f3722aed89695b08718da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 06:20:47 GMT
x-content-type-options
nosniff
age
47
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
64474
x-xss-protection
0
server
sffe
etag
"1670954903"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/jpeg
cache-control
public, max-age=300
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Wed, 14 Dec 2022 06:25:47 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame A132 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C4J58bWuZY9X8BN_h7_UPj52K2A3JntKxXNWdkfdwwI23ARABIABglYKAgLQHggEXY2EtcHViLTY5MjY5OTI3MzY1OTg2MDTIAQmpAmNNThsE1LE-4AIAqAMBqgSRAk_QOYMcFrjDtyWqMLVT7Cl-I-b_N-mBoEyXtwdXlvTdU1fIMMxr2wro4SJXLGh7J8feDVTIzD1p9hmZxEMsdepXSNQ1gxmb_yKOG4iwTQF_cAjsIyH19xm3pXmZTypHXgq9inARZc8iENVXt4HaW2auudoYBX2S4ZsnkxCT5-FI801P1dOpUUvrQvQBrvPe77lmS12R7r2Rd4odrq3XXlYmEKGfoCnffX0SpPQ_tUuumuZ9dFp0LSR_i_u9tkfymwclLIjcMcRvPxrnQMeaTAR8DSrxKqg4bCm6lSsuD0a6Y0nUAoIUkzkznWGej3D-83LYAbdR9FWdhm-P5MPPz1sqaLGl8FHwpgxArnquQa0Q0-AEAYAGrfmcm8mIzNaFAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAcBABMgLrAjoCgECACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItNjkyNjk5MjczNjU5ODYwNBiw1RQ&sigh=C5mEBoN6rI8&uach_m=[UACH]&cid=CAQSTADq26N9PZpqBZZZiNQRcPsDoNBn9JQcIiqzvSkUnP-yXxYY1F8vuE3XzV0lZGI_IUlLoIxL9rc9gPVKWAnieFzPvvUJVZJr-xHjA_YYASAT
Requested by
Host: www.the-star.co.ke
URL: https://www.the-star.co.ke/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b8e0ce453c4825c070d42c0107d46d94.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers
notify
rtb.nl.eu.criteo.com/google/auction/ Frame A132 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=kpCTFOjMCcoHWp2DYgICAAAAVdFLombfeEqqFPm-EGxrmWN3St0uPvwzLVgRegASAAA&wp=Y5lrbQABPlUIu_DfAAKOjyd4EUmv-z6SKLz16Q
Requested by
Host: www.the-star.co.ke
URL: https://www.the-star.co.ke/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b8e0ce453c4825c070d42c0107d46d94.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 06:21:33 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
server-processing-duration-in-ticks
335604
content-length
0
afr.php
ads.eu.criteo.com/delivery/r/ Frame 2CF3 		170 KB
53 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=Y5lrbQABPlUIu_DfAAKOjyd4EUmv-z6SKLz16Q&u=%7CuM%2FixoU45EWOo8Z%2BcKMCB3l%2B0z4XRLRf4XbFyXPcEAE%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0UEJ8w8gW49kLu82w_1JkF0eXUkR_DJS_xwsB1NFJwZQ_zWE2GS2SUxmkpSNJF6gLcsICd0Z_oFKmrVu8vwq48vl1A42x-pPwtJXkfplzkAZCc6wY_MF9ny75_bWryQUyLpV4fh14hyKUbzPl_KmVH0k1kcKKUWhUxOxn0IhexrkETfGahJFWgYHTFRXcajPaO_BQyPE7erMH5lOZ7yds7GC3qwvEPvPJ6rvIei0AAI-ulO-aNxjqr530zTWWVQWBIwTQs_PUho-M4UtAX9VnUbcvIZPwWgAAdXxZh0_dZBIOvtBhlvXLoJU9adRCpgIJrSqhkIQTzATf59GPZR7MOGJAjE3ReCXRtFORidzGC3pOj9YsvyJx6_hOScSbXg16d97eGwnkZQZo6Cq0UF1Dy9g0Pluo0RdcBRb6U5nWbvcNlS_PYNMUTWu-uvsY6pbNZ1UKPprYyo6FUTxyxGMMCXxlOMYZ13u6rWFMkJwSude0smxAKESew7N8Fi0fmS28Aj8MI87cRS7sBJlvkxxmVgqulj9IojYewXdJm_GWuGd8r2BRt88ulYKcvULr8KYdsAPnJRmHFCx&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCvvyVbWuZY9X8BN_h7_UPj52K2A3JntKxXNWdkfdwwI23ARABIABglYKAgLQHggEXY2EtcHViLTY5MjY5OTI3MzY1OTg2MDTIAQmpAmNNThsE1LE-4AIAqAMBqgSUAk_QOYMcFrjDtyWqMLVT7Cl-I-b_N-mBoEyXtwdXlvTdU1fIMMxr2wro4SJXLGh7J8feDVTIzD1p9hmZxEMsdepXSNQ1gxmb_yKOG4iwTQF_cAjsIyH19xm3pXmZTypHXgq9inARZc8iENVXt4HaW2auudoYBX2S4ZsnkxCT5-FI801P1dOpUUvrQvQBrvPe77lmS12R7r2Rd4odrq3XXlYmEKGfoCnffX0SpPQ_tUuumuZ9dFp0LSR_i_u9tkfymwclLIjcMcRvPxrnQMeaTAR8DSrxKqg4bCm6lSsuD0a6Y0nUAoIUkzkznWHcjVFsdP1EEgjN4PZNu8l37dfFeVEEcDMROGxWVLNegmIr6ykDbKxBa-AEAYAGrfmcm8mIzNaFAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAcBABMgLrAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3QL2-3Vck5yM6BFUmuke7_FT__zA%26client%3Dca-pub-6926992736598604%26adurl%3D
Requested by
Host: b8e0ce453c4825c070d42c0107d46d94.safeframe.googlesyndication.com
URL: https://b8e0ce453c4825c070d42c0107d46d94.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::4 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
06cf74ed3353facd504802a5773d2c1edf9c6168019802e4ca08f7cbd8478a8c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://b8e0ce453c4825c070d42c0107d46d94.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Wed, 14 Dec 2022 06:21:34 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=RxHizlp1F0qITor-sHLxL9XVkiI0WKD1Fmf_R13bS-b9vQJFn3q_gl6XVouFBJLJNpDoh00L0Uc4AMljaCoanxC161VJIyrtvkV1e03iWLJVCVYC_zrW0BoHU30TyByi0refqlqj_Y1MdiLaOODlLPe-_KFs3L1SpmPRlzG-58ZH_wf92PqIcWH8e6CGM99LEzFYBZFdz2Rtye7F5OpYGyFddL0wmkm_agSQSet8_5nnKGQsSXgtGV-P0o8cHd_u-VtqFg"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
113880836
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame A132 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js
Requested by
Host: b8e0ce453c4825c070d42c0107d46d94.safeframe.googlesyndication.com
URL: https://b8e0ce453c4825c070d42c0107d46d94.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b8e0ce453c4825c070d42c0107d46d94.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 22:55:49 GMT
content-encoding
br
x-content-type-options
nosniff
age
26745
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 27 Dec 2022 22:55:49 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame A132 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: b8e0ce453c4825c070d42c0107d46d94.safeframe.googlesyndication.com
URL: https://b8e0ce453c4825c070d42c0107d46d94.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b8e0ce453c4825c070d42c0107d46d94.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 17:06:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
47725
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7480
x-xss-protection
0
server
cafe
etag
15631949847000551034
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 27 Dec 2022 17:06:09 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame A132 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: b8e0ce453c4825c070d42c0107d46d94.safeframe.googlesyndication.com
URL: https://b8e0ce453c4825c070d42c0107d46d94.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b8e0ce453c4825c070d42c0107d46d94.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 12:47:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
63216
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 13 Dec 2023 12:47:58 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame A132 		153 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: b8e0ce453c4825c070d42c0107d46d94.safeframe.googlesyndication.com
URL: https://b8e0ce453c4825c070d42c0107d46d94.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b8e0ce453c4825c070d42c0107d46d94.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 06:21:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47725
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1670417373259609"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 14 Dec 2022 06:21:34 GMT
1eaa1e49c6d827e7897bafa951c60a71.js
www.gstatic.com/mysidia/ Frame 9124 		9 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/1eaa1e49c6d827e7897bafa951c60a71.js?tag=client_fast_engine_2019
Requested by
Host: b8e0ce453c4825c070d42c0107d46d94.safeframe.googlesyndication.com
URL: https://b8e0ce453c4825c070d42c0107d46d94.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a983ec1308781984ea4503dd1c4e1317b2b48dcb17dd1a6e68df68560951784b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b8e0ce453c4825c070d42c0107d46d94.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 22:26:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
114892
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4197
x-xss-protection
0
last-modified
Thu, 08 Dec 2022 23:34:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Sun, 12 Mar 2023 22:26:42 GMT
79aeba90bdab9652fc23d8f820dd43f0.js
www.gstatic.com/mysidia/ Frame 9124 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/79aeba90bdab9652fc23d8f820dd43f0.js?tag=core/multiplex_design_v1
Requested by
Host: b8e0ce453c4825c070d42c0107d46d94.safeframe.googlesyndication.com
URL: https://b8e0ce453c4825c070d42c0107d46d94.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
864e9e2769e144006f181df17c7c12111939bb09e038200904bbaa384f0c80db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b8e0ce453c4825c070d42c0107d46d94.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 22:27:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
114872
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4975
x-xss-protection
0
last-modified
Thu, 08 Dec 2022 23:34:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Sun, 12 Mar 2023 22:27:02 GMT
css
fonts.googleapis.com/ Frame 9124 		4 KB
621 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
Requested by
Host: b8e0ce453c4825c070d42c0107d46d94.safeframe.googlesyndication.com
URL: https://b8e0ce453c4825c070d42c0107d46d94.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
46d1791d45e9e6840842ef90f192c2c6f1f4247baa7c1f32f2da75d3a05c0de2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b8e0ce453c4825c070d42c0107d46d94.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 14 Dec 2022 06:21:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 14 Dec 2022 05:52:58 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 14 Dec 2022 06:21:34 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 9124 		2 KB
765 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: b8e0ce453c4825c070d42c0107d46d94.safeframe.googlesyndication.com
URL: https://b8e0ce453c4825c070d42c0107d46d94.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b8e0ce453c4825c070d42c0107d46d94.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 17:06:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
47725
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
738
x-xss-protection
0
server
cafe
etag
1394486882873449110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 27 Dec 2022 17:06:09 GMT
a32ec6d66afc3186d932d2fa3de45437.js
www.gstatic.com/mysidia/ Frame 9124 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/a32ec6d66afc3186d932d2fa3de45437.js?tag=exit_2019
Requested by
Host: b8e0ce453c4825c070d42c0107d46d94.safeframe.googlesyndication.com
URL: https://b8e0ce453c4825c070d42c0107d46d94.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b0f005ee73493fb10f179e1200181c2f867ec5cf5df6e8f45c696e7c9d751221
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b8e0ce453c4825c070d42c0107d46d94.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 22:27:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
114873
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9518
x-xss-protection
0
last-modified
Thu, 08 Dec 2022 23:34:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Sun, 12 Mar 2023 22:27:01 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/ Frame 9124 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/abg_lite_fy2021.js
Requested by
Host: b8e0ce453c4825c070d42c0107d46d94.safeframe.googlesyndication.com
URL: https://b8e0ce453c4825c070d42c0107d46d94.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
86a2a3999c65a6ee0bbee35ac7515f04856e0fcbcebdffd56001c0dc924d887a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b8e0ce453c4825c070d42c0107d46d94.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 17:06:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
47725
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9443
x-xss-protection
0
server
cafe
etag
9828741834572772835
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 27 Dec 2022 17:06:09 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 9124 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js
Requested by
Host: b8e0ce453c4825c070d42c0107d46d94.safeframe.googlesyndication.com
URL: https://b8e0ce453c4825c070d42c0107d46d94.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b8e0ce453c4825c070d42c0107d46d94.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 22:55:49 GMT
content-encoding
br
x-content-type-options
nosniff
age
26745
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 27 Dec 2022 22:55:49 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 9124 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: b8e0ce453c4825c070d42c0107d46d94.safeframe.googlesyndication.com
URL: https://b8e0ce453c4825c070d42c0107d46d94.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b8e0ce453c4825c070d42c0107d46d94.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 17:06:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
47725
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7480
x-xss-protection
0
server
cafe
etag
15631949847000551034
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 27 Dec 2022 17:06:09 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 9124 		153 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: b8e0ce453c4825c070d42c0107d46d94.safeframe.googlesyndication.com
URL: https://b8e0ce453c4825c070d42c0107d46d94.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b8e0ce453c4825c070d42c0107d46d94.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 06:21:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47725
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1670417373259609"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 14 Dec 2022 06:21:34 GMT
1eaa1e49c6d827e7897bafa951c60a71.js
www.gstatic.com/mysidia/ Frame 2610 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/1eaa1e49c6d827e7897bafa951c60a71.js?tag=client_fast_engine_2019
Requested by
Host: b8e0ce453c4825c070d42c0107d46d94.safeframe.googlesyndication.com
URL: https://b8e0ce453c4825c070d42c0107d46d94.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a983ec1308781984ea4503dd1c4e1317b2b48dcb17dd1a6e68df68560951784b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b8e0ce453c4825c070d42c0107d46d94.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 22:26:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
114892
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4197
x-xss-protection
0
last-modified
Thu, 08 Dec 2022 23:34:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Sun, 12 Mar 2023 22:26:42 GMT
79aeba90bdab9652fc23d8f820dd43f0.js
www.gstatic.com/mysidia/ Frame 2610 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/79aeba90bdab9652fc23d8f820dd43f0.js?tag=core/multiplex_design_v1
Requested by
Host: b8e0ce453c4825c070d42c0107d46d94.safeframe.googlesyndication.com
URL: https://b8e0ce453c4825c070d42c0107d46d94.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
864e9e2769e144006f181df17c7c12111939bb09e038200904bbaa384f0c80db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b8e0ce453c4825c070d42c0107d46d94.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 22:27:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
114872
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4975
x-xss-protection
0
last-modified
Thu, 08 Dec 2022 23:34:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Sun, 12 Mar 2023 22:27:02 GMT
css
fonts.googleapis.com/ Frame 2610 		4 KB
621 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
Requested by
Host: b8e0ce453c4825c070d42c0107d46d94.safeframe.googlesyndication.com
URL: https://b8e0ce453c4825c070d42c0107d46d94.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
46d1791d45e9e6840842ef90f192c2c6f1f4247baa7c1f32f2da75d3a05c0de2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b8e0ce453c4825c070d42c0107d46d94.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 14 Dec 2022 06:21:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 14 Dec 2022 04:46:19 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 14 Dec 2022 06:21:34 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 2610 		2 KB
765 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: b8e0ce453c4825c070d42c0107d46d94.safeframe.googlesyndication.com
URL: https://b8e0ce453c4825c070d42c0107d46d94.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b8e0ce453c4825c070d42c0107d46d94.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 17:06:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
47725
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
738
x-xss-protection
0
server
cafe
etag
1394486882873449110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 27 Dec 2022 17:06:09 GMT
a32ec6d66afc3186d932d2fa3de45437.js
www.gstatic.com/mysidia/ Frame 2610 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/a32ec6d66afc3186d932d2fa3de45437.js?tag=exit_2019
Requested by
Host: b8e0ce453c4825c070d42c0107d46d94.safeframe.googlesyndication.com
URL: https://b8e0ce453c4825c070d42c0107d46d94.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b0f005ee73493fb10f179e1200181c2f867ec5cf5df6e8f45c696e7c9d751221
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b8e0ce453c4825c070d42c0107d46d94.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 22:27:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
114873
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9518
x-xss-protection
0
last-modified
Thu, 08 Dec 2022 23:34:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Sun, 12 Mar 2023 22:27:01 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/ Frame 2610 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/abg_lite_fy2021.js
Requested by
Host: b8e0ce453c4825c070d42c0107d46d94.safeframe.googlesyndication.com
URL: https://b8e0ce453c4825c070d42c0107d46d94.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
86a2a3999c65a6ee0bbee35ac7515f04856e0fcbcebdffd56001c0dc924d887a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b8e0ce453c4825c070d42c0107d46d94.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 17:06:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
47725
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9443
x-xss-protection
0
server
cafe
etag
9828741834572772835
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 27 Dec 2022 17:06:09 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 2610 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js
Requested by
Host: b8e0ce453c4825c070d42c0107d46d94.safeframe.googlesyndication.com
URL: https://b8e0ce453c4825c070d42c0107d46d94.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b8e0ce453c4825c070d42c0107d46d94.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 22:55:49 GMT
content-encoding
br
x-content-type-options
nosniff
age
26745
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 27 Dec 2022 22:55:49 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 2610 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: b8e0ce453c4825c070d42c0107d46d94.safeframe.googlesyndication.com
URL: https://b8e0ce453c4825c070d42c0107d46d94.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b8e0ce453c4825c070d42c0107d46d94.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 17:06:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
47725
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7480
x-xss-protection
0
server
cafe
etag
15631949847000551034
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 27 Dec 2022 17:06:09 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 2610 		153 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: b8e0ce453c4825c070d42c0107d46d94.safeframe.googlesyndication.com
URL: https://b8e0ce453c4825c070d42c0107d46d94.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b8e0ce453c4825c070d42c0107d46d94.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 06:21:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47725
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1670417373259609"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 14 Dec 2022 06:21:34 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 362B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C0loMbWuZY9n8BN_h7_UPj52K2A3JntKxXNWdkfdwwI23ARABIABglYKAgLQHggEXY2EtcHViLTY5MjY5OTI3MzY1OTg2MDTIAQmpAmNNThsE1LE-4AIAqAMBqgSSAk_QzEe1HXW76UlfbkYrtU_ATJ4Z3M-1V7mT6MMEs2cjlIRY_xvdp4qApEvBs210y1FeNKzghWMSOfGKIdpEOFLDEPd7YvQE-yZyFO3MOy6BnUxvc4Crk_97ZkUqL3T1quHGYuY7-zXM00Pym_0gSgixbZRnz3AbmWlgArGPVt_B9oiJZY0SqImQrYSGaEjpuEHm9F8A652BmMydxkBo7HxQ4uld76RC0Po3s6xsdgHR_lJZWDSKH64fvykDqU2chdQl73MZy-6PhpATl0RoJjB34fe9hqIZOSH5XnwwBvQ-HpjJfxnrkGfQNb6buAD3ra1a-FPgFj7SePuk9gEIu3D6eNNg_ek2w92s6veok4nbXK3gBAGABq35nJvJiMzWhQGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgHAQATIC6wI6AoBAgAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTY5MjY5OTI3MzY1OTg2MDQYsNUU&sigh=LOUBGIyR-XI&uach_m=[UACH]&cid=CAQSTADq26N9PZpqBZZZiNQRcPsDoNBn9JQcIiqzvSkUnP-yXxYY1F8vuE3XzV0lZGI_IUlLoIxL9rc9gPVKWAnieFzPvvUJVZJr-xHjA_YYASAT
Requested by
Host: www.the-star.co.ke
URL: https://www.the-star.co.ke/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b8e0ce453c4825c070d42c0107d46d94.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers
notify
rtb.nl.eu.criteo.com/google/auction/ Frame 362B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=kpCTFLikCdACmAKdg2ICAgAAAFXRS6Jm33hKqhT5vhBsa5lj2FkCl7z_gsYZsFcAEgAA&wp=Y5lrbQABPlkIu_DfAAKOj0AL24kZp1HPQOnCiA
Requested by
Host: www.the-star.co.ke
URL: https://www.the-star.co.ke/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b8e0ce453c4825c070d42c0107d46d94.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 06:21:33 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
server-processing-duration-in-ticks
249676
content-length
0
afr.php
ads.eu.criteo.com/delivery/r/ Frame C33D 		209 KB
58 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=Y5lrbQABPlkIu_DfAAKOj0AL24kZp1HPQOnCiA&u=%7CuM%2FixoU45EWLmTovdEX1WdbR2CRNns7nlr50wPdyMZI%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0UEJ8w8gW49kLu82w_1JkF0eXUkR_DJS_xwsB1NFJwZQtYbq4157A19pZsVWGgarYKvoI_1_v7YmNPxqbNo_oztDVFaBl1X1RWZeB76VrMjmQirk4BxZhx4JOH1fsmAp6Fn17F5cQlU5JmJtUIGH-RXRmKMxpWTdIyG0OelipQe7MV-G95PKfSdvPLDlaoDfLRuJSFhe1xJb9cgBc7KpN65YSSZFzRutxcKHwYgoP-yTkPEPG6rivXksUcarhB52DNzqqhX_JJv5vByWNRLwWx9dLjC8_zjINmR5mKE0Unw5FhdiOWVqecBtgm9MHejRcl1UDTGIonHHCXG-t82YVQqcXlOMNznjri8gggJ0j7E4HsxR7Yo3GyJQXd90q5xvXWzCQDfPyxhLImT-R5ElkmrR7HptetsTK6CLIGPQH1fPPN8lCoG_gx3o9q8k8WZnNTxJ4pEfjKjUON3-Sgpzdd8OsUgOabE00no9VZgWdvrNx5TZ-rGFXDP82Mtt2YYYHERdVLVL1bGedKeKvh8oGQncTRV-H1hXvw3oJPgb15IsvdGBVZR1vP9z7DzTee1Oj_EqwoxZ0Oon&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCDFuWbWuZY9n8BN_h7_UPj52K2A3JntKxXNWdkfdwwI23ARABIABglYKAgLQHggEXY2EtcHViLTY5MjY5OTI3MzY1OTg2MDTIAQmpAmNNThsE1LE-4AIAqAMBqgSVAk_QzEe1HXW76UlfbkYrtU_ATJ4Z3M-1V7mT6MMEs2cjlIRY_xvdp4qApEvBs210y1FeNKzghWMSOfGKIdpEOFLDEPd7YvQE-yZyFO3MOy6BnUxvc4Crk_97ZkUqL3T1quHGYuY7-zXM00Pym_0gSgixbZRnz3AbmWlgArGPVt_B9oiJZY0SqImQrYSGaEjpuEHm9F8A652BmMydxkBo7HxQ4uld76RC0Po3s6xsdgHR_lJZWDSKH64fvykDqU2chdQl73MZy-6PhpATl0RoJjB34fe9hqIZOSH5XnwwBvQ-HpjJfxnrkGfQNb6b-gLWPyrVZEBfiipxqMYCDggcscbwVsviSSELZS8T9NuwFiNfTxLCY_jgBAGABq35nJvJiMzWhQGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgHAQATIC6wI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1GCghKHKJnenMGqEudnpMBOnFbbA%26client%3Dca-pub-6926992736598604%26adurl%3D
Requested by
Host: b8e0ce453c4825c070d42c0107d46d94.safeframe.googlesyndication.com
URL: https://b8e0ce453c4825c070d42c0107d46d94.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::4 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
7a570a18c3e8be58a090e3295d3ff7d5bf12a14295868345ef24857ecf65e6c1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://b8e0ce453c4825c070d42c0107d46d94.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Wed, 14 Dec 2022 06:21:33 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=BwrPoVp1F0qITor-qWOVUxjnxyQwecuQ_M6nxlQ11dPjwoRZFVR5UzCdYuQzjR6y7Zb916ntCsP1fZzbOYhdIycSbWLsKgsQ5ynWuTfGh7GT5_Z_A-5CQVPD1gb4pCcNoHHBfuZGYlkKuJE_JXraPUj3nWwmzrLKhbEny0Nc7IRIhHBIZOLL0oBFPcZzoFEdlefxZvuYGAFjAs3SVhXfKKeMIgOifmuCksIY4aQttkZuwTS1kg9lVUoDpvK99X-uzeSm1w"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
103692343
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 362B 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js
Requested by
Host: b8e0ce453c4825c070d42c0107d46d94.safeframe.googlesyndication.com
URL: https://b8e0ce453c4825c070d42c0107d46d94.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b8e0ce453c4825c070d42c0107d46d94.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 22:55:49 GMT
content-encoding
br
x-content-type-options
nosniff
age
26745
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 27 Dec 2022 22:55:49 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 362B 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: b8e0ce453c4825c070d42c0107d46d94.safeframe.googlesyndication.com
URL: https://b8e0ce453c4825c070d42c0107d46d94.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b8e0ce453c4825c070d42c0107d46d94.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 17:06:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
47725
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7480
x-xss-protection
0
server
cafe
etag
15631949847000551034
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 27 Dec 2022 17:06:09 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 362B 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: b8e0ce453c4825c070d42c0107d46d94.safeframe.googlesyndication.com
URL: https://b8e0ce453c4825c070d42c0107d46d94.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b8e0ce453c4825c070d42c0107d46d94.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 12:47:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
63216
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 13 Dec 2023 12:47:58 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 362B 		153 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: b8e0ce453c4825c070d42c0107d46d94.safeframe.googlesyndication.com
URL: https://b8e0ce453c4825c070d42c0107d46d94.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b8e0ce453c4825c070d42c0107d46d94.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 06:21:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47725
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1670417373259609"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 14 Dec 2022 06:21:34 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022120501&jk=2425573680857061&bg=!ExClEFTNAAYgquz3AKo7ACkAdvg8WoPzmFJ6SnWQQWapDJHzicjFjoaaBerW_A-3SDqUc3Hw76GQogIAAABbUgAAAANoAQeZAuFS8FjETahrcsYaibkdC2fgLU__dlzR4JERoYdcysoTA_JqHIdvHnyPJsYmAE29lAY0nH2uafZkq89BahehBs2tqZBFcHsogFdnaQjrx508V8AyFc-_yoJ-_oTbXcDKWBwrL8QyhV6swSaTZZMBmc2cpv2kEIlOyhe_pbAIhprsVIyZrVm41L3L_QRF5ZbHW5mgWZTUx5xotU9SZMawo957bY_meOJ8g0lr6tmIOYT105q-CTWQuPMxfmq5835-c1OfaLDUjcs0JOHNUUJLXQzIMPl01GjQ-fNDCx2K9YW3f_e6v7I6OEEkonKuExSVgEIJ72G1gICbTmxnxjOW4r1jj7rzbbq24Q0d9KI-9lmKJdgEbMVgkFBp-jwhQDjUih_0vb_vULQDTBzTtekqOGTnVnL3lz3ABqSTseSY5RTOKhcJuUuwpvQ-QOupRn1J-5kzW72lCejRhI39dobWIcD85JigCPWCFJi_Xr5Ya9Pqp2vuC8yHrCz-tHqZwug3lftFzgMO4_H2tUsS4VlgLI6WQmm4TJCg1vbSu-XxaHhg4udtw36-j0_ZEwq_WXmIgOLFjvtVy9oijKGM9aXzs3Pnqv3sWl-ntF_A7aQ3o0pstutmYiyVlbBzZmPjqDo3vPo4r53lPZ8m_qd9uQ8dQF8CqrXRu8j7cHdsbi4jS-TRp0UPTE__c1HOXOsVYOh7PmfNGz7sIWNsiHiESbfsR8zP5iVmQyOcl0hgtwqy7CR43g2wLeMN-BEmAZEuaai5npPN0s5JtbqWnAcQa-zJ7b7izNt4XRrFoe8Oy_0w-smEpoIQrmc9BUhei5GUaPbGIiEXDfOoviARxh9RMDblxnDUAakyeTZBxec9EweFN9I3UFkAnIzC8ahs2BNWjLooET1tZniwRh_dn4nLydeBxnHNIqwG3JUHM0tDwQhk2MA0RcV6eyoKRfWM79WY1CrIpANvCn_dUnXTy1gxY0XpDMqEHg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.the-star.co.ke/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers
si
googleads.g.doubleclick.net/pagead/drt/ Frame 1BFD
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: www.the-star.co.ke
URL: https://www.the-star.co.ke/
Protocol
H3
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Redirect headers

date
Wed, 14 Dec 2022 06:21:34 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
swfIndex.php
ads.stickyadstv.com/www/delivery/ 		67 B
691 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=2.0&_fw_us_privacy=&zoneId=7439281&_fw_gdpr=0&_fw_gdpr_consent=&schain=1.0%2C1%21vidoomy.com%2C63457%2C1%2C4196874188632698155716238919%2C%2C
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.55.110.82 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-55-110-82.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.the-star.co.ke/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 14 Dec 2022 06:21:34 GMT
Server
nginx
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://www.the-star.co.ke
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
67
x-sticky-vk
1670998894294029-515
Expires
Wed, 14 Dec 2022 06:21:34 GMT
vadtag.html
vpaid.pubmatic.com/ads/video/ 		1013 B
876 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.the-star.co.ke%2F&schain=1.0%2C1%21vidoomy.com%2C63457%2C1%2C86326981557162389192083008712%2C%2C
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
a1501167cd9b39c9dde05a08b6d438a8565e56ba7bbbacec2518ff3122213969

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.the-star.co.ke/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Dec 2022 06:21:34 GMT
content-encoding
gzip
server
Apache
etag
"23df-5decc5efc263b-gzip"
vary
Origin, Accept-Encoding
content-type
application/xml
access-control-allow-origin
https://www.the-star.co.ke
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
629
expires
Wed, 14 Dec 2022 06:21:34 GMT
vadtag.html
vpaid.pubmatic.com/ads/video/ 		1013 B
875 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.the-star.co.ke%2F&schain=1.0%2C1%21vidoomy.com%2C63457%2C1%2C86326981557162389191544555326%2C%2C
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
73b19e275299e4c438c2529b5e0d74822b774a0c183e56db9f01709ed4370550

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.the-star.co.ke/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Dec 2022 06:21:34 GMT
content-encoding
gzip
server
Apache
etag
"23df-5decc5efc263b-gzip"
vary
Origin, Accept-Encoding
content-type
application/xml
access-control-allow-origin
https://www.the-star.co.ke
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
628
expires
Wed, 14 Dec 2022 06:21:34 GMT
vadtag.html
vpaid.pubmatic.com/ads/video/ 		1011 B
874 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.the-star.co.ke%2F&schain=1.0%2C1%21vidoomy.com%2C63457%2C1%2C819128178632698155716238919%2C%2C
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
73fc4621fd5d3c63d23aee9f301449e307f0f98e790024f6590a562f0ffcacd4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.the-star.co.ke/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Dec 2022 06:21:34 GMT
content-encoding
gzip
server
Apache
etag
"23df-5decc5efc263b-gzip"
vary
Origin, Accept-Encoding
content-type
application/xml
access-control-allow-origin
https://www.the-star.co.ke
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
627
expires
Wed, 14 Dec 2022 06:21:34 GMT
vadtag.html
vpaid.pubmatic.com/ads/video/ 		1012 B
875 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.the-star.co.ke%2F&schain=1.0%2C1%21vidoomy.com%2C63457%2C1%2C8632698155716238919431346056%2C%2C
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
3eed7b517bf0301b429f8777b0685f7bab48925c1ca9935c9e8d591be1a190ee

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.the-star.co.ke/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Dec 2022 06:21:34 GMT
content-encoding
gzip
server
Apache
etag
"23df-5decc5efc263b-gzip"
vary
Origin, Accept-Encoding
content-type
application/xml
access-control-allow-origin
https://www.the-star.co.ke
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
628
expires
Wed, 14 Dec 2022 06:21:34 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame 6AD1
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Protocol
H3
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Redirect headers

date
Wed, 14 Dec 2022 06:21:34 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 6AD1 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012211060024000/amp4ads-v0.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.the-star.co.ke/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 10:16:18 GMT
x-content-type-options
nosniff
server
cafe
age
72316
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Wed, 14 Dec 2022 10:16:18 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 6AD1 		295 B
319 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012211060024000/amp4ads-v0.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.the-star.co.ke/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 09:52:43 GMT
x-content-type-options
nosniff
server
cafe
age
73731
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Wed, 14 Dec 2022 09:52:43 GMT
14333828860556662335
s0.2mdn.net/simgad/ Frame 6AD1 		347 KB
347 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/14333828860556662335
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012211060024000/amp4ads-v0.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
24b28b35859e2321ee6ae443bc3b3bc9a17cd00790f84b124b0aacf3c6a9293a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.the-star.co.ke/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Fri, 09 Dec 2022 17:31:54 GMT
x-content-type-options
nosniff
age
391780
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
354939
x-xss-protection
0
last-modified
Wed, 02 Nov 2022 14:53:44 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 09 Dec 2023 17:31:54 GMT
6910137331195735109
s0.2mdn.net/simgad/ Frame 6AD1 		705 KB
705 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/6910137331195735109
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012211060024000/amp4ads-v0.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
85d02d0a75eb2247a55f3dc4714f3db54f126ef57d4adbdf2ffffed589d4b629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.the-star.co.ke/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Fri, 09 Dec 2022 08:50:06 GMT
x-content-type-options
nosniff
age
423088
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
721475
x-xss-protection
0
last-modified
Wed, 02 Nov 2022 14:53:27 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 09 Dec 2023 08:50:06 GMT
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method
POST
Origin
https://www.youtube.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-goog-api-key,x-user-agent
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://www.youtube.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
content-type
text/html
date
Wed, 14 Dec 2022 06:21:34 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.146 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.the-star.co.ke
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
access-control-allow-origin
https://www.the-star.co.ke
access-control-expose-headers
Content-Type, Content-Disposition
access-control-max-age
300
cache-control
max-age=300
content-length
0
content-type
text/plain; charset=UTF-8
date
Wed, 14 Dec 2022 06:21:34 GMT
server
nginx
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.146 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.the-star.co.ke
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
access-control-allow-origin
https://www.the-star.co.ke
access-control-expose-headers
Content-Type, Content-Disposition
access-control-max-age
300
cache-control
max-age=300
content-length
0
content-type
text/plain; charset=UTF-8
date
Wed, 14 Dec 2022 06:21:34 GMT
server
nginx
t
t.lkqd.net/ Frame F567 		0
166 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.149 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.the-star.co.ke
date
Wed, 14 Dec 2022 06:21:34 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame F567 		0
166 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.149 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.the-star.co.ke
date
Wed, 14 Dec 2022 06:21:34 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
truncated
/ Frame A132 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2601ead8fa5287b471a02cd1e1df0b9057f56f457fa968d536cfae0d3b0d57c5

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 362B 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f7de7f0c860667d6316ddfc6e9480f39c336aeac610fca636d9a92417c3d1a4c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type
image/png
13771483207019671693
s0.2mdn.net/simgad/ Frame 9124 		407 KB
407 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/13771483207019671693?w=400&h=209
Requested by
Host: b8e0ce453c4825c070d42c0107d46d94.safeframe.googlesyndication.com
URL: https://b8e0ce453c4825c070d42c0107d46d94.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5cb78dbc15468524400c8a5ecf6ca08a92921c394c25324736ae870cf9ca56e4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b8e0ce453c4825c070d42c0107d46d94.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Fri, 09 Dec 2022 14:17:30 GMT
x-content-type-options
nosniff
age
403444
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
416421
x-xss-protection
0
last-modified
Wed, 30 Nov 2022 09:15:23 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 09 Dec 2023 14:17:30 GMT
truncated
/ Frame 9124 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
38354e6a0119fe113356e1506a115ca148a6b9ea22cf88136baa9167d6fde794

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type
image/svg+xml
img
pix.eu.criteo.net/img/ Frame 9124 		56 KB
56 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=6320&q=80&r=0&u=https%3A%2F%2Fct-res.cloudinary.com%2Fimages%2Ff_auto%252Cq_auto%3Agood%252Cw_700%2Fimages%2Ff0e22b40ea095160cde97ecfed6882e1%2Frockgewitter-hose-0001801853.jpg&ups=1&v=3&w=800&s=esVEsFQ2sqetxaPmxzNmtm30
Requested by
Host: b8e0ce453c4825c070d42c0107d46d94.safeframe.googlesyndication.com
URL: https://b8e0ce453c4825c070d42c0107d46d94.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
685fff79efccad8fa7ea8efde2501a85df0282114d9582b29c1934c312f13f47
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b8e0ce453c4825c070d42c0107d46d94.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 06:21:34 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=29110026
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
57254
expires
Thu, 16 Nov 2023 04:28:41 GMT
img
pix.eu.criteo.net/img/ Frame 9124 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?h=1200&m=0&partner=6320&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F6320%2F220104%2F63094230214749958d8ca19c0cd45bb9_logo_n_square.png&v=3&w=1200&s=wwU5KykjmxTja3fbO48fLOau
Requested by
Host: b8e0ce453c4825c070d42c0107d46d94.safeframe.googlesyndication.com
URL: https://b8e0ce453c4825c070d42c0107d46d94.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e063e1c51f4aa6edc41f31d1caafdc45ac2884e6343eaa2a9d4fc1de23157cbd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b8e0ce453c4825c070d42c0107d46d94.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 06:21:33 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=28168186
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
20687
expires
Sun, 05 Nov 2023 06:51:21 GMT
13771483207019671693
s0.2mdn.net/simgad/ Frame 2610 		407 KB
407 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/13771483207019671693?w=400&h=209
Requested by
Host: b8e0ce453c4825c070d42c0107d46d94.safeframe.googlesyndication.com
URL: https://b8e0ce453c4825c070d42c0107d46d94.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5cb78dbc15468524400c8a5ecf6ca08a92921c394c25324736ae870cf9ca56e4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b8e0ce453c4825c070d42c0107d46d94.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Fri, 09 Dec 2022 14:17:30 GMT
x-content-type-options
nosniff
age
403444
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
416421
x-xss-protection
0
last-modified
Wed, 30 Nov 2022 09:15:23 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 09 Dec 2023 14:17:30 GMT
truncated
/ Frame 2610 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
38354e6a0119fe113356e1506a115ca148a6b9ea22cf88136baa9167d6fde794

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type
image/svg+xml
GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 1F1B 		90 B
134 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/e96685ea/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ad5bed8cc0da4c7a05e39a40365cbe993dae1683da8e46b51df734d9e60c0386
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-User-Agent
grpc-web-javascript/0.1
Referer
https://www.youtube.com/
X-Goog-Api-Key
AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
application/json+protobuf

Response headers

date
Wed, 14 Dec 2022 06:21:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json+protobuf; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
110
x-xss-protection
0
GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method
POST
Origin
https://www.youtube.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-goog-api-key,x-user-agent
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://www.youtube.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
content-type
text/html
date
Wed, 14 Dec 2022 06:21:34 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
adview
securepubads.g.doubleclick.net/pagead/ Frame 9124 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CCmXDbWuZY9r8BN_h7_UPj52K2A3elNbVbcvsmMroENPltIzSIxABIID6vy1glYKAgLQHoAHR0NDJAsgBBqkCY01OGwTUsT6oAwGqBJECT9BPNbrUMpiknYUdPbuQEJe-V18pZ-Xfanx-Ro3G4cYMsIfzMObyYwOJ7_UNIOqzwZjQ7F98LQGX58SdfyXXP_PYNZFf51AKV0I6p4U3pcNMGLc8VJ7zjhso_Ex7xH2VL9D_NDG6vkbTow1tlAGEgUqsqJHRRCpPNopV50Jx8GLweDF7il46_FNyLutbGJRjSOOXtAkIioj4rnOclrfmlrwqNStdslBEh3WHmUElCxbJWLj0MF2sq4fZJ1XrSMbiSDgnzIObaBoOTnfDQKU8UoIIh-S9V5SCpMPitioxGPXUVklDgsAL9SWjtiCVQO-IENf2ZoJ6pRkQP3OE_VN4sPYymoe02g1hrC69A0s_lItkwASgp_KZpgPgBAOIBZSo15ErkgUGCAMQBRgBkgUGCBsQARgBkgUGCB0QBBgBkgUGCB0QARgBkgUGCB4QARgBkAYBoAY3gAeXr6-2AagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcKEMGqDBjqn5fbAdIIEQiA4YBwEAEYHTIC6wI6AoBAgAoDyAsBsBOx6b4RyBOn7roI0BMA2BMN2BQB0BUBgBcBshceChwIABIUcHViLTY5MjY5OTI3MzY1OTg2MDQYsNUU&sigh=jElxUNaGlJg&uach_m=[UACH]&cid=CAQSTADq26N9PZpqBZZZiNQRcPsDoNBn9JQcIiqzvSkUnP-yXxYY1F8vuE3XzV0lZGI_IUlLoIxL9rc9gPVKWAnieFzPvvUJVZJr-xHjA_YYASAT&template_id=509&vt=10
Requested by
Host: b8e0ce453c4825c070d42c0107d46d94.safeframe.googlesyndication.com
URL: https://b8e0ce453c4825c070d42c0107d46d94.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b8e0ce453c4825c070d42c0107d46d94.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers
lgn.php
cat.nl.eu.criteo.com/delivery/ Frame 9124 		43 B
348 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cat.nl.eu.criteo.com/delivery/lgn.php?cppv=3&cpp=SibZgdNajsPmLc0vxckV_fhJg3p5X_Mt3amPWtRzKzZxqbgnNWUr21Zzj-PVuTYb9YfOOelrF3juYkUhL3ku01_MGnBftF0R2lqbfFlyFP6U3HPqPvQhFfilM6_wAkQWBXMbVOAtcRDn5u2Y-2Cc4sGBIkMki_ebBYA0t35zBdcvTDo5nfVONMOZBU5sMsHWRkgPALCQQsy8bO9aRgHtVQhzO1nUEuVGoLBCKErgPnQWYCRze4ZpeQCUPFF91kK3d7gcZ9XVs3svIPGRav8gGRk-6n7nVcOpYoP4xmBqkMt_pbeGGIl84_AhTv8t_dpGsJfaLcX9MY1bPfEXrHfZ22Ip1Jf8ETFJzLXrJbLu3rQUR9okklJp0PDJThEFkRTv4EdUxLW028eFXDKy0w_CGPmfxM6Dct9jeUukfu-y9mx-G6bX&z=Y5lrbQABPmcIu_DfAAKOj_hirr7ONCBz7Vui2w
Requested by
Host: b8e0ce453c4825c070d42c0107d46d94.safeframe.googlesyndication.com
URL: https://b8e0ce453c4825c070d42c0107d46d94.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.148 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b8e0ce453c4825c070d42c0107d46d94.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Dec 2022 06:21:34 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
3204351
expires
Mon, 26 Jul 1997 05:00:00 GMT
notify
rtb.nl.eu.criteo.com/google/auction/ Frame 9124 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=kq3ECJT0FwAAnYNiAgIAAABV0UuiZt94SsTxKKkQbGuZY4RnF0-kb-UaAj_MABIDAQ&wp=Y5lrbQABPmcIu_DfAAKOj_hirr7ONCBz7Vui2w
Requested by
Host: b8e0ce453c4825c070d42c0107d46d94.safeframe.googlesyndication.com
URL: https://b8e0ce453c4825c070d42c0107d46d94.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b8e0ce453c4825c070d42c0107d46d94.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 06:21:34 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
server-processing-duration-in-ticks
294269
content-length
0
adview
securepubads.g.doubleclick.net/pagead/ Frame 9124 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C4QXCbWuZY-f8BN_h7_UPj52K2A3JntKxXPWdmPdwwI23ARABIABglYKAgLQHggEXY2EtcHViLTY5MjY5OTI3MzY1OTg2MDTIAQmpAmNNThsE1LE-4AIAqAMBqgSRAk_QeHd2XQlUQYYTovVQhqTmsrnlaWNrZ0EkXaR-ReHkx64I1_vGKkWyv9nFOQXRSixMppNba588C5eRsldDIBmnvBmndmricqGsyRacVRER4xbuN3HYyxc_gdxl4v4DNpQtIctlxBAuYnV_X_RZym-b_vGvJCVxNO9cP-6ITi5mFKwF5CZqCK0By-kPDrGgP0Yfl9iJzIG5QRXvJ9FHapfjQHhrZEQ-uV5YhK4IMBD7LcoX5-3npvlLkgEZFwdr2WS4PwzNv_0n9af98dgx-MPjVzejd7Frt4qSMmwjil7glmssgKnbAGXlXP7FXNqIfMKE-vk90VZqrkaz-VyF81fNqquPsjetGTPUEC9wANuZWuAEAYAGtr7D7dnwlP0RoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YBwEAEyAusCOgKAQIAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi02OTI2OTkyNzM2NTk4NjA0GLDVFA&sigh=m_F2pwuTY-M&uach_m=[UACH]&cid=CAQSTADq26N9PZpqBZZZiNQRcPsDoNBn9JQcIiqzvSkUnP-yXxYY1F8vuE3XzV0lZGI_IUlLoIxL9rc9gPVKWAnieFzPvvUJVZJr-xHjA_YYASAT&vt=10
Requested by
Host: b8e0ce453c4825c070d42c0107d46d94.safeframe.googlesyndication.com
URL: https://b8e0ce453c4825c070d42c0107d46d94.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b8e0ce453c4825c070d42c0107d46d94.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers
ad
googleads.g.doubleclick.net/dbm/ Frame 9124 		42 B
63 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AQXH34KZMA3a53OdBsnZPxevoRbHygFeZRDM0HnGkmdFsZBfGMp_bYbncUnZAEtx0npv1maB_XMZsEXxelbRZ8OCrWFavl_Dpl1pLYXdadcMT0ioNkr9fHBAtY_p0AgIS3KiOn8KbCOivIlTRtoXbnBf63lA&dbm_d=AKAmf-ABNCGKnVnoVCpKCsYGxBt-XlzdWkDQIV1WcQJxpDHgGdITsT7w9EHilva28o-NVLrVER5dpKbe79b3vUdDIbqK8GkDHUT0YZo1oNtLyAHRlUH-p17EmYKXtY96HVP6nM27YsaPiVncJ8aiofrEQOJpBFjhPoU93diTm9rqKHXdsmQRMkZK_1zLFxaoNbBQYXj6_HyOlSiTUMflwmXhILa-LPlANPx5kMKMdzLxUYkG37Qq1bsJWvvMdpHhiqdr-dgFOMtVVwg3qBPTAcTzs29skI1M5HL65MTHBK0-ncwu7zxpGoQ2M03KT7qDrMRzb0tRy-fpz5DCh_uErHSFfX7250kO8g5uex7z0M5VtbYIZrSN4v8eTpOyrZxfDOs7i8AMUBa7W1yh5otxQrLaazJjlp-3zuyE3m8YNVb3zNuWISht4Dk0tbkKNQwcwMs8jDkI2YL1Z4f_XGuePdgCD1RlrUEXFAgH3-YUp-_geBBLOCMqAg1ee0p-xxRNLZHXSeHywdI4Zmq4CERUJtEoSylTpP77oADT9L59WkgNFsCsHbV1AaJYIFjA_QNl_6-6NYfdrou69O4asZKyrMLsY3f2bEK_CZN5QBGazGjbV_IaN2uU0HwaU_8MgnGqDDby0_MFxuACFlUOzLghtMt2ruWAaZnoJmwUx9jfpHPCBWv7lgx_gomeQnlFMor2NXd64qdey33X0NJ0ujbWWB0P8kOAAFJD5MKf10zMqGkQkEIs6_09ETjlzyBXW8ihyNK2E0HoQbb48U_g1GYAwZ0s6YpgeGtavYV69aATRxRd6ly58n07oC2huEOriWx1TUrd0fbEAke52bEuxAKlfZ9Kmj3pCMqIL8Y6eT-3te5rq-yLQeluZOeKeNHSbAIXFbdBY6e96unhjRPoC0hbPT_GYCxzYYK0VvfZvE4kcCK0THCJYMErad7uY_IvbaMrHVfdQW30yywMQtXyfey_cov8L8sWatZR7_2wQMhX04B5Jk9HAremoRwp8PnZ-HgGVAJUPC5CglNq2PD5HgnHfNtlIF10EYh2bXvsSAQZb0g8FxfehsEdI7OXyavjvJVF5b4gCP96iepc7ifzNfNrFbJGXS3eV8Vd7rPxhbNM0SQS9DcHxS8pso4g6g-RRQVY4qEDlpPnU9vA4oQmrK2KVsD3X3Bg3SmjeoxPp_goQxdJtOROAoQ9rIEd5lLgRLVW3HOrnr3IjsN7eDOciX8BG088m5bOs53MISrha_OxrpkMmP8ASUyRfkz7-JGB0fm1nJgdT-hYLd1mJl8j9QBSPDQbUsaDi0UFGDNIIMxbwe-4ih2_pLeliQq5ja29fLcXHPXR5c-2gblXSRH56FDLsi5iC4ZlPOFi2G547cSY1ayal3ZdTQeFSfykDobQX8U579WSubXVJVwunLctXH2HqvD36633DgUE0P0UhQLi7U_wxOZSapSjYaGMvWNZPJiCo5oZqlwRCbem_0osGeV41l54oeSXKdlsYondlIadswnwwegf8HLvydrIZzK-VYTciYCeqmeZd1oGO0Shdb_NU_YPjmyvN5ADHWTmtp_9g5j6VDVRvbljQCiS7vnS6qj6Y7a60haemp9Wrjgm8j-JJQyrzzviiGRswfdHb4VY_CWxyZt_xd_XJRCqgmfJifaR_xTp0pCzX1Tc3xnrGxMJwAUmcs8e1OktNTdyTI2rjkDY56WRaduSv0AijyUrcgSSLqmcpwVuqYj8oPv4k2dT0owkglVchMvEv4GLJGF6vpeeeKcF6r-hfrP2VD0MYbcdYFQvsiHDE4wjUZM-eqVY7XbQlcugq5ouL0SVvywy0dDzSNVUeIAbD9smlR-jU1HhNkPaLBpGg0qXwvs3WPBGqS7OE2DFqT7fzg2mXmSiyOUtvroe9_MWv1L-o_gHWUBkAASOnuXk18NdeR8zfThQ4PK8E0UwXiaAfhQohYARcf41vfgIDKgfl8m8_ACJOaz6Ys_wyih70JDivRA_p9V4tA-CKG67QK8CBPTmKYHA-ODJY-RoqOCLOkeXWaRHB5-JfAXLqsl0JtelL3o64VSSTeYf3GA3EkV6aP2i1cLhDrpgtMy6DWn0ZMjKHSHY6rpdUW-TTTDnZMnXxXkhncjBTkH4F35c0zFkMCkCCXsSaeN-3NoAZnQe1xlXC7c3kToqBlNAoU1fBpTHZ2GU2PhWRkF2NvikNhyi1OndT6G6HyzFWXb-a-vPXaRjuV3ZbPjAcDRwZOV1f7x_zZU8dGKOzKcIKhIg6-UhQ9b0Y88xjVaElgUcoogY-MW2roicqdrPXm9vLtdhFw-bMFBdYPSuEk7SvKQA9dsA2VqTNCiw4R65nlCm9QpaHoGGwnymlwivDWJLaQQlWuH-UnzXmONaHJOp3Im_GEqxlIbIe_hARpFvGN2CkftP2wHE1559z0CDMKW1ZiJp_bivytnfLG77vVJHxUml5yQo0n-n5_EMhiZ2B8onWj4AjR3iY3pWUuy18eDv27jmaIrQV0Q34kC96ZUPWLLFY1u2GAkUzLNbIGtR4lJSHCVbOFznkd_8qNNXMd5pyiFwY6NcFzoNPdwr-fvnns-UFH9sxc8IYTpenl2apGD2XbQfbxhnmgPC7h4k5NYReiUexnvCm34CgVWbhWT4k36iuiuyCkSEsNw0kprVBDtkWGkjPfDuVDHiEDzRXkWmEdtNNhKJK1l5SsNAajw-B4GqHXWYsrlAxAfI255olnx2XqcNHb9K7UlDRwuKvW2xNzQ0QTAIDdZMSR7dfwf9FMB-KC1vc9KdzDr-xNzuWkNcSin990JM_mNEMFKMSn5JgBN5_uFt_RrYOxnAzAJfIZZFuplm2Pod69F5INBaMEIGws7Bvxb3bSXyRrdc-kvik4Pdmn4gVTzxWMGtTWbqmBOvjhMTUrdJ-pJm0CgGBQsymRSEhlP0FfFrP2sjxvpOkAs6VoJgpqthQ01cTp-hAiZieYaenIu5koiT-yACfRcaA9uwJMK7BzPHCF8FObhjj4mqpz5k0AS-S1yb79diSFrkZytH4uWA6Ww858GAPlhR-F1RUealGHNDpY3me7EVSFkL3-U9aKk2csQpfvaqcO8pff0rTs6fw9dtTWFzEAknwa6ZZIurlOD-HRia6MBGYRCIZPoyp1xac3XrGAYHe3dLR7Qb5nd_mhvozuzux4uddULIcYbh2zlsC7mVoOjEkcCohzJMaNS-7yY3vWMx-aaelZlvVh-2VXS11oQz483MJamGxqNYc8yilP8zQpg2cYOCXt0cReN2ubksOE5BEuxb5PX5Y5mvQ1nkWXVN973Xxb6DJZIjGToWEKX5jzgmFr-kaD2MRWOJX-00mAa9DzOWhNtyIJ_TPUejqxGFmIngmbBcdYqVH-s4XGF0yDbsC-__dsa2cxmpDOfspj_3Izu6aEGKdCbDbKxeJbClZh7qdFEpvDuDdLMqWcTt_opdvQnR65QK5rmuNH_miJ0EiAf9EXit0cnmZv5TQKLN0Q2EU89IvRL6pdkRy-F1pZNy-K1o_Hm7&cid=CAQSTADq26N9PZpqBZZZiNQRcPsDoNBn9JQcIiqzvSkUnP-yXxYY1F8vuE3XzV0lZGI_IUlLoIxL9rc9gPVKWAnieFzPvvUJVZJr-xHjA_YYASAT&dc_exteid=2993418677956307471&dc_pubid=4
Requested by
Host: b8e0ce453c4825c070d42c0107d46d94.safeframe.googlesyndication.com
URL: https://b8e0ce453c4825c070d42c0107d46d94.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b8e0ce453c4825c070d42c0107d46d94.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Dec 2022 06:21:34 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 9124 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=Cg4TWbWuZY-f8BN_h7_UPj52K2A3JntKxXPWdmPdwwI23ARABIABglYKAgLQHggEXY2EtcHViLTY5MjY5OTI3MzY1OTg2MDTIAQmpAmNNThsE1LE-4AIAqAMByAMCqgSRAk_QeHd2XQlUQYYTovVQhqTmsrnlaWNrZ0EkXaR-ReHkx64I1_vGKkWyv9nFOQXRSixMppNba588C5eRsldDIBmnvBmndmricqGsyRacVRER4xbuN3HYyxc_gdxl4v4DNpQtIctlxBAuYnV_X_RZym-b_vGvJCVxNO9cP-6ITi5mFKwF5CZqCK0By-kPDrGgP0Yfl9iJzIG5QRXvJ9FHapfjQHhrZEQ-uV5YhK4IMBD7LcoX5-3npvlLkgEZFwdr2WS4PwzNv_0n9af98dgx-MPjVzejd7Frt4qSMmwjil7glmssgKnbAGXlXP7FXNqIfMKE-vk90VZqrkaz-VyF81fNqquPsjetGTPUEC9wANuZWuAEAYAGtr7D7dnwlP0RoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YBwEAEyAusCOgKAQIAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi02OTI2OTkyNzM2NTk4NjA0GLDVFA&sigh=zhrftVfz614&uach_m=[UACH]&cid=CAQSTADq26N9PZpqBZZZiNQRcPsDoNBn9JQcIiqzvSkUnP-yXxYY1F8vuE3XzV0lZGI_IUlLoIxL9rc9gPVKWAnieFzPvvUJVZJr-xHjA_YYASAT
Requested by
Host: b8e0ce453c4825c070d42c0107d46d94.safeframe.googlesyndication.com
URL: https://b8e0ce453c4825c070d42c0107d46d94.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b8e0ce453c4825c070d42c0107d46d94.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers
truncated
/ Frame 9124 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6586e02fc41048097838a33b144abab0545beb575e1ed8708e111a53ca0b3e7b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type
image/png
adview
securepubads.g.doubleclick.net/pagead/ Frame 2610 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CFbOpbWuZY9j8BN_h7_UPj52K2A3elNbVbcvsmMroENPltIzSIxABIID6vy1glYKAgLQHoAHR0NDJAsgBBqkCY01OGwTUsT6oAwGqBJECT9DmUqFLTFAoI3gyG6c4l-gVqv_aKEKrvtuX-nlGQS18xpfjsltyq7Ratw3fVvb9XxsXjtBrzaVS2Y-X3La9A99PVUJsYhPaw-ymXYQ-n74AEK8t1kQb8oRvbYEQOuYRvtEotZ64KD9YPm5eylfCNa9FsVVozIr_aoafqwwquo9ZxwUY9OGyRK4dewykBWicZEwC5zOhxMrYKQK6af0op3zqH4frH1iN2buCy772OTfSjafKRij-hLDnUSpy_m6HfrnPPGUTfl1EggehtYgat9p26wg3RhlRMInC8XeLXT7iGKV4LheGfn8iICZmxt5yuRJizaCvVr3v5nw7Prg_LhTaajZA8iE5DZjJQXRQbQv_wASgp_KZpgPgBAOIBZSo15ErkgUGCAMQBRgBkgUGCBsQARgBkgUGCB0QBBgBkgUGCB0QARgBkgUGCB4QARgBkAYBoAY3gAeXr6-2AagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcKELfiChjqn5fbAdIIEQiA4YBwEAEYHTIC6wI6AoBAgAoDyAsBsBOx6b4RyBOn7roI0BMA2BMN2BQB0BUBgBcBshceChwIABIUcHViLTY5MjY5OTI3MzY1OTg2MDQYsNUU&sigh=-zS7H_veGh8&uach_m=[UACH]&cid=CAQSTADq26N9PZpqBZZZiNQRcPsDoNBn9JQcIiqzvSkUnP-yXxYY1F8vuE3XzV0lZGI_IUlLoIxL9rc9gPVKWAnieFzPvvUJVZJr-xHjA_YYASAT&template_id=509&vt=10
Requested by
Host: b8e0ce453c4825c070d42c0107d46d94.safeframe.googlesyndication.com
URL: https://b8e0ce453c4825c070d42c0107d46d94.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b8e0ce453c4825c070d42c0107d46d94.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers
ad
googleads.g.doubleclick.net/dbm/ Frame 2610 		42 B
63 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D_dv-ut1jGCBZNCvadu5k4pqUAmcaA71dACeiosdfPe5wNxtXLMm0lWKGynLxAmFsxcns06YrlR2n6lD71AR9vp86JNJatttyWfis6h-aaIOHieS-nSXl2l5-HXu5m8XyDP2GoCypD9YAkS6MMzX5GG3kwtw&dbm_d=AKAmf-Ba5qe8UlnHNDwr3aofOuGBTVezlebUg1cushvycnyR3l6KhAgeipoGNj_X4OdrzjjgfYqC_T4dJ80g6IRE1m7nWxZZGScAjJ5A3j77Aj-Yc0REZaRyg6Z0tKDRv7ch_9iozydXV3E4oVmja_771KKofHbCR2hD6jyir2Z6gi63RNUZCWks9Tk_ktPL6Bd3GCJQfSV4sb00Zf3gy4wwBvWjAUQv6A6vWiyDJ9pHV2mZPvCyzipRrQMQA6eQK7KgH8bcxPqtjkbUOGKWdSVWxAc82kWdDauRpjWmCSvzA8AzGALIiJtDvBlp-UmklyNZt33tabo1UeFp1YmXON0umHqZCY6nqUY_qZzcrp5tkVLdJeVz11JX5QN0b-ax_raDoXPP84I00xknB0K1_GFp27vL0BI9SkDR9HBY-rUrxxhL6PVwis76dS2bTb7PsSixgNPx1pMHTJYWjQw8h2VmHQw7SAFa9_oI8U5NfdtndMH5bF3SjFJSfvfuzAsdspGPUz8oyw_RdefvslSzL--9hY67KzvzzZhYwfj1DCuIcKSUJmfoRK9jQSDVV8SqjYQUDsMUd8M-hrFOXTdecwtoDSIGiv8pcgci8HnbFhQCVny5GpokEEA8X2rv0gmKZ7sULAODisJ57LgOC2LuX-kvuvH6HTYyxo3ASZSD8hYlwfJ_rFcl9gIgQ1yF2-GNQ2HVdhv23kucwrnt72_Xix5cHDv0kldzttEFegfmXsz2eAcMtLdq5J3_fGlrKCrNezBppNTnJX91w-j_TXFhgLhE_3dQSAmB6n5L6Bn5B0wGYg6NCp-h5fAy-RzXLV_3n1y3sVWiQBAsZEjadtwDBlM8O69ug3KI3Y9jata1Ny60ua6Huheoz7EmgmPKdFNJG3iBCmAhrVJjXmSzU4P5pW35epzGGS9-wTSYSoxkGQlVBW1QB1CQ0FtLi4gMUPRHXWP0GVb3i6nUlAfOs5gRCafhsFyCAgwGk38CfcHvck8BHfS5RhMifXrf0RxlEH2-xVN-n4Yw0pqrRL4M1prUL8ArGRFTB998V4oUjmk6dxVnIJCUYp9g3OfdyiM_hsm_QxAs2BGgd2dQt8aSeWsyyPHc5qBlglj5XKlMBUI4Jfr5ExZbiLg82ZNITaCQTc2Oh9qo6M6bys6t_29Sg3UugZfyHNHdL2C3vi1RF0G1LwNoWvD-t59wvu_b3TVC0mlmaQnBC-JaCWTpUnv-216AMdtmzVQ8s4A-mI3YJNLvuUoPTOX9wjtMjDd2Sj5nkPEct_8TKfF-x0djH58SaPeXzHF8Rim4FRvtIlz4Vob769-1nVa2G5S0VHbyI4KV10qZ_WtOlbxHQkQVPJWRRdYfLZqsNcrkvaDTnqKaM-sfVVYI1hszmys6zfKSO2SLIiExtJRtjPYlP1HhRx-pYDhHeOQRUy_MYJubq8wIq7Cojs6kisULU8tV8S7rkAKFM_-7zGzy5OwM3MUXC0GCvQykr0Qkl_V6sFDzzi45Tf04s6mPPdLbob9m36hC62YK5h5xWTOXli-zLKDlLFjY2XRG4hFbTU_JXk-duQ_2cM4JIHpvoBdtwT4crDR7QPsArGBTahhJO3mr2X3qUb5nitQQOoocIWPaxQMIH2QOBdCAe7yXkbgyLQEFaPbSUBd-KwZWg3KCSD8EH8IHKlRjGzrTBdKZS0wClwcxlN1A1Ncyc9DNaynDHX4dmcFnynOz-BP7cEqrj8x1yk_xQTpP8xmIJ7-SgBn3xVMdtyf6W7-pTk6ThmI5Wa0J_wXxTLIPEzyS1-gsbU_zQmnGBIeiIdunEDdY-IEHz5PAhfeYjpQZxkllIUK_1NQK9Rs4CFGvVEhg3pqRNgpcAEbTA1_gIhqXE7IapoIsaRtrpg4q0-t2ZiaZ93Twz8K_YLLvB0ZAFMwoEC2LdR2py3Rr_fXNy0HjXWxsWZrFlA__1oE72tabtdDW-PLPcmv2ekeeqR90f2BB3D5F-YvcAGUXp_MBl5UIWWrhAEEhoz91sMT_Gj9Hx3_3bW9fmWN-_yXhTQZMyWUybco2n-uR4lLP_7QWmtLAEtYDvrLQLnDncgbo1wjH8wJaijC0U-l11SJjRH7gIXcGZ7ssxLfn_qWgqxECbjlHxOcF-cW_7caWwU3bFZquDf-AauWE8dbPwFxkmIX58FoHpYNPyU1OH7ZOWX5xZ-dTOxj_RMdU-hDYqQtOO9JPHncFmk-8TGBRXl9zab7uQgiVgHGzkvF33lLm3_qxYsNcAcvhNeZ_08A9IvEr3C09VHORKVgm_U3MM2rXBNKBT0q9qSI6tzim0uTC1KbZ7rSq930d42WRUAlJRUHH2j5yB_jNhMF7Rvh5JDdRs0Y79wfnq2lC-8QvWynvHAF18L8uJ6N-RjMxibjL5QomXuVxIiKBgVKN-q-uvU6etE4THd6YXZKSIg8NtxO1_NEaBNeKKpB1Ja0Qhrcr7aJJcDUZr6RmKncpzqKjvFD60cCGmjU2I-fKyVq6FRbmXnM4AUtXfYxaBdupabkUPinSGiuIcTCTqoam3fsTD9uta9avsdKWHA1pUh-1fXOsgQ7tYoAEv1wctfP6oizmq6JNN71VqrLFWkID-9W6k1RyuKKmLDuNraHeXjYpP3zsccX_2lMEhpK0w7vhmnX2UL7cj4g1_2SH3yGra5WFqx11PAHC3BivorsFm3LUO_P8RX9T-Ja10SE00QtZct35RCeuJD16NN-UYlcvnPoW4xRFmDeOT22_KBorpO0UrVhSzjyPtkh1E4CQoo-Y49t1_a__ToDAnyBsH_lw2wabq4tQXgz1BKkXT5l4081X1rdxVaULcmjn3F1JNyeXJWVnNj4gwQ-x_IVnCdqS1HAt5P3cA1Et1ykwk5nNbxkyfI3-YB2qpPSg1YFXfWfajU5a5QP-LIo06N-RnwVsMYzMs8Dj9M2nhpF1853x-1qwmCvdRh2gFpIk_tDFIgc5WyRMj-QVPLor7qnmxV3DzxmUQYc_2_yItOrH7LIS6gai6nqos6OWhPKOR7Fw7nRjnwgWT9tshTs_5a2ys50n7TWZ1z2TCNKk04MkhaBoVw7FfN6FQB-PNPbkwpugHScz5wtfjeS2Qrd_fFsdSf123KBAZuucULlHcS2jGDvDqUMgw0bHMkdxg5-5vtGLOfQpG14xXGm8bkZAUSN8jd0vuiVP1GZw5fpVVGNxCPlPZ6WHw0IyrHqrGqYqo7m8PDe2mFS0aCln2uarhGUJeqdoCljuYEWBZbcCQ9BKWshySBa2uo2kHkqdiV2TnNU6nVj1ULWDdukYD1SIhftnFhK1wWGpdhU&cid=CAQSTADq26N9PZpqBZZZiNQRcPsDoNBn9JQcIiqzvSkUnP-yXxYY1F8vuE3XzV0lZGI_IUlLoIxL9rc9gPVKWAnieFzPvvUJVZJr-xHjA_YYASAT&dc_exteid=840364838045483208&dc_pubid=4
Requested by
Host: b8e0ce453c4825c070d42c0107d46d94.safeframe.googlesyndication.com
URL: https://b8e0ce453c4825c070d42c0107d46d94.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b8e0ce453c4825c070d42c0107d46d94.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Dec 2022 06:21:34 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ Frame 2610 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b23088f603559282fd1e3267a4726944b4dfd24570f8f4573b94f2f47dfd14a8

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type
image/png
generate_204
www.youtube.com/ Frame 1F1B 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.youtube.com/generate_204?TmnUNQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/EgTiqgN79WQ?playsinline=1&enablejsapi=1&origin=https%3A%2F%2Fwww.the-star.co.ke&widgetid=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 06:21:34 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
cast_sender.js
www.gstatic.com/cv/js/sender/v1/ Frame 1F1B 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/e96685ea/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 06:21:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2007
x-xss-protection
0
last-modified
Tue, 16 Feb 2021 23:57:06 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview"
vary
Accept-Encoding
report-to
{"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 14 Dec 2022 06:21:34 GMT
privacy_small.svg
static.criteo.net/flash/icon/ Frame C33D 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y5lrbQABPlkIu_DfAAKOj0AL24kZp1HPQOnCiA&u=%7CuM%2FixoU45EWLmTovdEX1WdbR2CRNns7nlr50wPdyMZI%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0UEJ8w8gW49kLu82w_1JkF0eXUkR_DJS_xwsB1NFJwZQtYbq4157A19pZsVWGgarYKvoI_1_v7YmNPxqbNo_oztDVFaBl1X1RWZeB76VrMjmQirk4BxZhx4JOH1fsmAp6Fn17F5cQlU5JmJtUIGH-RXRmKMxpWTdIyG0OelipQe7MV-G95PKfSdvPLDlaoDfLRuJSFhe1xJb9cgBc7KpN65YSSZFzRutxcKHwYgoP-yTkPEPG6rivXksUcarhB52DNzqqhX_JJv5vByWNRLwWx9dLjC8_zjINmR5mKE0Unw5FhdiOWVqecBtgm9MHejRcl1UDTGIonHHCXG-t82YVQqcXlOMNznjri8gggJ0j7E4HsxR7Yo3GyJQXd90q5xvXWzCQDfPyxhLImT-R5ElkmrR7HptetsTK6CLIGPQH1fPPN8lCoG_gx3o9q8k8WZnNTxJ4pEfjKjUON3-Sgpzdd8OsUgOabE00no9VZgWdvrNx5TZ-rGFXDP82Mtt2YYYHERdVLVL1bGedKeKvh8oGQncTRV-H1hXvw3oJPgb15IsvdGBVZR1vP9z7DzTee1Oj_EqwoxZ0Oon&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCDFuWbWuZY9n8BN_h7_UPj52K2A3JntKxXNWdkfdwwI23ARABIABglYKAgLQHggEXY2EtcHViLTY5MjY5OTI3MzY1OTg2MDTIAQmpAmNNThsE1LE-4AIAqAMBqgSVAk_QzEe1HXW76UlfbkYrtU_ATJ4Z3M-1V7mT6MMEs2cjlIRY_xvdp4qApEvBs210y1FeNKzghWMSOfGKIdpEOFLDEPd7YvQE-yZyFO3MOy6BnUxvc4Crk_97ZkUqL3T1quHGYuY7-zXM00Pym_0gSgixbZRnz3AbmWlgArGPVt_B9oiJZY0SqImQrYSGaEjpuEHm9F8A652BmMydxkBo7HxQ4uld76RC0Po3s6xsdgHR_lJZWDSKH64fvykDqU2chdQl73MZy-6PhpATl0RoJjB34fe9hqIZOSH5XnwwBvQ-HpjJfxnrkGfQNb6b-gLWPyrVZEBfiipxqMYCDggcscbwVsviSSELZS8T9NuwFiNfTxLCY_jgBAGABq35nJvJiMzWhQGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgHAQATIC6wI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1GCghKHKJnenMGqEudnpMBOnFbbA%26client%3Dca-pub-6926992736598604%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 06:21:35 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 09 Dec 2023 06:21:35 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame C33D 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y5lrbQABPlkIu_DfAAKOj0AL24kZp1HPQOnCiA&u=%7CuM%2FixoU45EWLmTovdEX1WdbR2CRNns7nlr50wPdyMZI%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0UEJ8w8gW49kLu82w_1JkF0eXUkR_DJS_xwsB1NFJwZQtYbq4157A19pZsVWGgarYKvoI_1_v7YmNPxqbNo_oztDVFaBl1X1RWZeB76VrMjmQirk4BxZhx4JOH1fsmAp6Fn17F5cQlU5JmJtUIGH-RXRmKMxpWTdIyG0OelipQe7MV-G95PKfSdvPLDlaoDfLRuJSFhe1xJb9cgBc7KpN65YSSZFzRutxcKHwYgoP-yTkPEPG6rivXksUcarhB52DNzqqhX_JJv5vByWNRLwWx9dLjC8_zjINmR5mKE0Unw5FhdiOWVqecBtgm9MHejRcl1UDTGIonHHCXG-t82YVQqcXlOMNznjri8gggJ0j7E4HsxR7Yo3GyJQXd90q5xvXWzCQDfPyxhLImT-R5ElkmrR7HptetsTK6CLIGPQH1fPPN8lCoG_gx3o9q8k8WZnNTxJ4pEfjKjUON3-Sgpzdd8OsUgOabE00no9VZgWdvrNx5TZ-rGFXDP82Mtt2YYYHERdVLVL1bGedKeKvh8oGQncTRV-H1hXvw3oJPgb15IsvdGBVZR1vP9z7DzTee1Oj_EqwoxZ0Oon&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCDFuWbWuZY9n8BN_h7_UPj52K2A3JntKxXNWdkfdwwI23ARABIABglYKAgLQHggEXY2EtcHViLTY5MjY5OTI3MzY1OTg2MDTIAQmpAmNNThsE1LE-4AIAqAMBqgSVAk_QzEe1HXW76UlfbkYrtU_ATJ4Z3M-1V7mT6MMEs2cjlIRY_xvdp4qApEvBs210y1FeNKzghWMSOfGKIdpEOFLDEPd7YvQE-yZyFO3MOy6BnUxvc4Crk_97ZkUqL3T1quHGYuY7-zXM00Pym_0gSgixbZRnz3AbmWlgArGPVt_B9oiJZY0SqImQrYSGaEjpuEHm9F8A652BmMydxkBo7HxQ4uld76RC0Po3s6xsdgHR_lJZWDSKH64fvykDqU2chdQl73MZy-6PhpATl0RoJjB34fe9hqIZOSH5XnwwBvQ-HpjJfxnrkGfQNb6b-gLWPyrVZEBfiipxqMYCDggcscbwVsviSSELZS8T9NuwFiNfTxLCY_jgBAGABq35nJvJiMzWhQGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgHAQATIC6wI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1GCghKHKJnenMGqEudnpMBOnFbbA%26client%3Dca-pub-6926992736598604%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 06:21:35 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 09 Dec 2023 06:21:35 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame C33D 		308 B
637 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y5lrbQABPlkIu_DfAAKOj0AL24kZp1HPQOnCiA&u=%7CuM%2FixoU45EWLmTovdEX1WdbR2CRNns7nlr50wPdyMZI%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0UEJ8w8gW49kLu82w_1JkF0eXUkR_DJS_xwsB1NFJwZQtYbq4157A19pZsVWGgarYKvoI_1_v7YmNPxqbNo_oztDVFaBl1X1RWZeB76VrMjmQirk4BxZhx4JOH1fsmAp6Fn17F5cQlU5JmJtUIGH-RXRmKMxpWTdIyG0OelipQe7MV-G95PKfSdvPLDlaoDfLRuJSFhe1xJb9cgBc7KpN65YSSZFzRutxcKHwYgoP-yTkPEPG6rivXksUcarhB52DNzqqhX_JJv5vByWNRLwWx9dLjC8_zjINmR5mKE0Unw5FhdiOWVqecBtgm9MHejRcl1UDTGIonHHCXG-t82YVQqcXlOMNznjri8gggJ0j7E4HsxR7Yo3GyJQXd90q5xvXWzCQDfPyxhLImT-R5ElkmrR7HptetsTK6CLIGPQH1fPPN8lCoG_gx3o9q8k8WZnNTxJ4pEfjKjUON3-Sgpzdd8OsUgOabE00no9VZgWdvrNx5TZ-rGFXDP82Mtt2YYYHERdVLVL1bGedKeKvh8oGQncTRV-H1hXvw3oJPgb15IsvdGBVZR1vP9z7DzTee1Oj_EqwoxZ0Oon&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCDFuWbWuZY9n8BN_h7_UPj52K2A3JntKxXNWdkfdwwI23ARABIABglYKAgLQHggEXY2EtcHViLTY5MjY5OTI3MzY1OTg2MDTIAQmpAmNNThsE1LE-4AIAqAMBqgSVAk_QzEe1HXW76UlfbkYrtU_ATJ4Z3M-1V7mT6MMEs2cjlIRY_xvdp4qApEvBs210y1FeNKzghWMSOfGKIdpEOFLDEPd7YvQE-yZyFO3MOy6BnUxvc4Crk_97ZkUqL3T1quHGYuY7-zXM00Pym_0gSgixbZRnz3AbmWlgArGPVt_B9oiJZY0SqImQrYSGaEjpuEHm9F8A652BmMydxkBo7HxQ4uld76RC0Po3s6xsdgHR_lJZWDSKH64fvykDqU2chdQl73MZy-6PhpATl0RoJjB34fe9hqIZOSH5XnwwBvQ-HpjJfxnrkGfQNb6b-gLWPyrVZEBfiipxqMYCDggcscbwVsviSSELZS8T9NuwFiNfTxLCY_jgBAGABq35nJvJiMzWhQGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgHAQATIC6wI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1GCghKHKJnenMGqEudnpMBOnFbbA%26client%3Dca-pub-6926992736598604%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 06:21:35 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Sat, 09 Dec 2023 06:21:35 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame C33D 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y5lrbQABPlkIu_DfAAKOj0AL24kZp1HPQOnCiA&u=%7CuM%2FixoU45EWLmTovdEX1WdbR2CRNns7nlr50wPdyMZI%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0UEJ8w8gW49kLu82w_1JkF0eXUkR_DJS_xwsB1NFJwZQtYbq4157A19pZsVWGgarYKvoI_1_v7YmNPxqbNo_oztDVFaBl1X1RWZeB76VrMjmQirk4BxZhx4JOH1fsmAp6Fn17F5cQlU5JmJtUIGH-RXRmKMxpWTdIyG0OelipQe7MV-G95PKfSdvPLDlaoDfLRuJSFhe1xJb9cgBc7KpN65YSSZFzRutxcKHwYgoP-yTkPEPG6rivXksUcarhB52DNzqqhX_JJv5vByWNRLwWx9dLjC8_zjINmR5mKE0Unw5FhdiOWVqecBtgm9MHejRcl1UDTGIonHHCXG-t82YVQqcXlOMNznjri8gggJ0j7E4HsxR7Yo3GyJQXd90q5xvXWzCQDfPyxhLImT-R5ElkmrR7HptetsTK6CLIGPQH1fPPN8lCoG_gx3o9q8k8WZnNTxJ4pEfjKjUON3-Sgpzdd8OsUgOabE00no9VZgWdvrNx5TZ-rGFXDP82Mtt2YYYHERdVLVL1bGedKeKvh8oGQncTRV-H1hXvw3oJPgb15IsvdGBVZR1vP9z7DzTee1Oj_EqwoxZ0Oon&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCDFuWbWuZY9n8BN_h7_UPj52K2A3JntKxXNWdkfdwwI23ARABIABglYKAgLQHggEXY2EtcHViLTY5MjY5OTI3MzY1OTg2MDTIAQmpAmNNThsE1LE-4AIAqAMBqgSVAk_QzEe1HXW76UlfbkYrtU_ATJ4Z3M-1V7mT6MMEs2cjlIRY_xvdp4qApEvBs210y1FeNKzghWMSOfGKIdpEOFLDEPd7YvQE-yZyFO3MOy6BnUxvc4Crk_97ZkUqL3T1quHGYuY7-zXM00Pym_0gSgixbZRnz3AbmWlgArGPVt_B9oiJZY0SqImQrYSGaEjpuEHm9F8A652BmMydxkBo7HxQ4uld76RC0Po3s6xsdgHR_lJZWDSKH64fvykDqU2chdQl73MZy-6PhpATl0RoJjB34fe9hqIZOSH5XnwwBvQ-HpjJfxnrkGfQNb6b-gLWPyrVZEBfiipxqMYCDggcscbwVsviSSELZS8T9NuwFiNfTxLCY_jgBAGABq35nJvJiMzWhQGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgHAQATIC6wI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1GCghKHKJnenMGqEudnpMBOnFbbA%26client%3Dca-pub-6926992736598604%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 06:21:35 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Sat, 09 Dec 2023 06:21:35 GMT
lg.php
cat.nl.eu.criteo.com/delivery/ Frame C33D 		43 B
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.nl.eu.criteo.com/delivery/lg.php?cppv=3&cpp=t4p68HyB9hrfaY7YMBZvZt17b_FzMv5HCAEN0hK7hgsiT0YZRz9FDd5OF0Dkuq6exrZdUpa-jtzlS9Z6IUj3XzBgdtPTHdiVpNgVhtChEJrBtWexLA0fz8oLUr7d0Yv6uWeK5jZSY_IPr5XBQoTLHafUvR97yMFY6OfTPmlNOvwVFVbrEFTg2NgAo9ka1bVtWUUitVlDoUnjIM6DRauxsLQUSlEmxIGAsVjTX_aHqf7yOd9mN8SQNHzGJAMMmXDY-pSTKaADJkYS9Y73T8W6QSz_XmoeAebiG6zn-yVtqF4QtFoanAtqd5at7dnNPnkbDDq3UhK5WO8ZxjZRJ5NGIPqhAz8Un6ZaMQ0gPitErw3_IKhL5odSI2FEy894-kYHv1oIVKNErrykj5MBfJNOgwlGdqNa6jyv-N6k4wvl_pTH3443uUFshrXZttbhA78U-4JJKA
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y5lrbQABPlkIu_DfAAKOj0AL24kZp1HPQOnCiA&u=%7CuM%2FixoU45EWLmTovdEX1WdbR2CRNns7nlr50wPdyMZI%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0UEJ8w8gW49kLu82w_1JkF0eXUkR_DJS_xwsB1NFJwZQtYbq4157A19pZsVWGgarYKvoI_1_v7YmNPxqbNo_oztDVFaBl1X1RWZeB76VrMjmQirk4BxZhx4JOH1fsmAp6Fn17F5cQlU5JmJtUIGH-RXRmKMxpWTdIyG0OelipQe7MV-G95PKfSdvPLDlaoDfLRuJSFhe1xJb9cgBc7KpN65YSSZFzRutxcKHwYgoP-yTkPEPG6rivXksUcarhB52DNzqqhX_JJv5vByWNRLwWx9dLjC8_zjINmR5mKE0Unw5FhdiOWVqecBtgm9MHejRcl1UDTGIonHHCXG-t82YVQqcXlOMNznjri8gggJ0j7E4HsxR7Yo3GyJQXd90q5xvXWzCQDfPyxhLImT-R5ElkmrR7HptetsTK6CLIGPQH1fPPN8lCoG_gx3o9q8k8WZnNTxJ4pEfjKjUON3-Sgpzdd8OsUgOabE00no9VZgWdvrNx5TZ-rGFXDP82Mtt2YYYHERdVLVL1bGedKeKvh8oGQncTRV-H1hXvw3oJPgb15IsvdGBVZR1vP9z7DzTee1Oj_EqwoxZ0Oon&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCDFuWbWuZY9n8BN_h7_UPj52K2A3JntKxXNWdkfdwwI23ARABIABglYKAgLQHggEXY2EtcHViLTY5MjY5OTI3MzY1OTg2MDTIAQmpAmNNThsE1LE-4AIAqAMBqgSVAk_QzEe1HXW76UlfbkYrtU_ATJ4Z3M-1V7mT6MMEs2cjlIRY_xvdp4qApEvBs210y1FeNKzghWMSOfGKIdpEOFLDEPd7YvQE-yZyFO3MOy6BnUxvc4Crk_97ZkUqL3T1quHGYuY7-zXM00Pym_0gSgixbZRnz3AbmWlgArGPVt_B9oiJZY0SqImQrYSGaEjpuEHm9F8A652BmMydxkBo7HxQ4uld76RC0Po3s6xsdgHR_lJZWDSKH64fvykDqU2chdQl73MZy-6PhpATl0RoJjB34fe9hqIZOSH5XnwwBvQ-HpjJfxnrkGfQNb6b-gLWPyrVZEBfiipxqMYCDggcscbwVsviSSELZS8T9NuwFiNfTxLCY_jgBAGABq35nJvJiMzWhQGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgHAQATIC6wI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1GCghKHKJnenMGqEudnpMBOnFbbA%26client%3Dca-pub-6926992736598604%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.148 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Dec 2022 06:21:34 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
2834988
expires
Mon, 26 Jul 1997 05:00:00 GMT
m
secure-gl.imrworldwide.com/cgi-bin/ Frame C33D 		44 B
753 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure-gl.imrworldwide.com/cgi-bin/m?ca=nlsn184820&cr=crtve&ce=criteo&pc=criteo_plc0001&ci=nlsnci162&am=3&at=view&rt=banner&st=image&r=1670998894
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y5lrbQABPlkIu_DfAAKOj0AL24kZp1HPQOnCiA&u=%7CuM%2FixoU45EWLmTovdEX1WdbR2CRNns7nlr50wPdyMZI%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0UEJ8w8gW49kLu82w_1JkF0eXUkR_DJS_xwsB1NFJwZQtYbq4157A19pZsVWGgarYKvoI_1_v7YmNPxqbNo_oztDVFaBl1X1RWZeB76VrMjmQirk4BxZhx4JOH1fsmAp6Fn17F5cQlU5JmJtUIGH-RXRmKMxpWTdIyG0OelipQe7MV-G95PKfSdvPLDlaoDfLRuJSFhe1xJb9cgBc7KpN65YSSZFzRutxcKHwYgoP-yTkPEPG6rivXksUcarhB52DNzqqhX_JJv5vByWNRLwWx9dLjC8_zjINmR5mKE0Unw5FhdiOWVqecBtgm9MHejRcl1UDTGIonHHCXG-t82YVQqcXlOMNznjri8gggJ0j7E4HsxR7Yo3GyJQXd90q5xvXWzCQDfPyxhLImT-R5ElkmrR7HptetsTK6CLIGPQH1fPPN8lCoG_gx3o9q8k8WZnNTxJ4pEfjKjUON3-Sgpzdd8OsUgOabE00no9VZgWdvrNx5TZ-rGFXDP82Mtt2YYYHERdVLVL1bGedKeKvh8oGQncTRV-H1hXvw3oJPgb15IsvdGBVZR1vP9z7DzTee1Oj_EqwoxZ0Oon&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCDFuWbWuZY9n8BN_h7_UPj52K2A3JntKxXNWdkfdwwI23ARABIABglYKAgLQHggEXY2EtcHViLTY5MjY5OTI3MzY1OTg2MDTIAQmpAmNNThsE1LE-4AIAqAMBqgSVAk_QzEe1HXW76UlfbkYrtU_ATJ4Z3M-1V7mT6MMEs2cjlIRY_xvdp4qApEvBs210y1FeNKzghWMSOfGKIdpEOFLDEPd7YvQE-yZyFO3MOy6BnUxvc4Crk_97ZkUqL3T1quHGYuY7-zXM00Pym_0gSgixbZRnz3AbmWlgArGPVt_B9oiJZY0SqImQrYSGaEjpuEHm9F8A652BmMydxkBo7HxQ4uld76RC0Po3s6xsdgHR_lJZWDSKH64fvykDqU2chdQl73MZy-6PhpATl0RoJjB34fe9hqIZOSH5XnwwBvQ-HpjJfxnrkGfQNb6b-gLWPyrVZEBfiipxqMYCDggcscbwVsviSSELZS8T9NuwFiNfTxLCY_jgBAGABq35nJvJiMzWhQGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgHAQATIC6wI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1GCghKHKJnenMGqEudnpMBOnFbbA%26client%3Dca-pub-6926992736598604%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:8000:1e:a43d:b640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 06:21:35 GMT
via
1.1 03ffca0f67e3596b9a0c92342fe91598.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
x-cache
Miss from cloudfront
p3p
P3P policyref="http://secure-gl.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
cross-origin-resource-policy
cross-origin
content-length
44
pragma
no-cache
server
nginx
accept-ch
Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-methods
POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
x-amz-cf-id
gr6VMUCXaUu1EjNqVCAhuGnoGfQNXn7AJSxJoaQSfwIk7eVQYcm_4Q==
expires
Thu, 01 Dec 1994 16:00:00 GMT
privacy_small.svg
static.criteo.net/flash/icon/ Frame 2CF3 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y5lrbQABPlUIu_DfAAKOjyd4EUmv-z6SKLz16Q&u=%7CuM%2FixoU45EWOo8Z%2BcKMCB3l%2B0z4XRLRf4XbFyXPcEAE%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0UEJ8w8gW49kLu82w_1JkF0eXUkR_DJS_xwsB1NFJwZQ_zWE2GS2SUxmkpSNJF6gLcsICd0Z_oFKmrVu8vwq48vl1A42x-pPwtJXkfplzkAZCc6wY_MF9ny75_bWryQUyLpV4fh14hyKUbzPl_KmVH0k1kcKKUWhUxOxn0IhexrkETfGahJFWgYHTFRXcajPaO_BQyPE7erMH5lOZ7yds7GC3qwvEPvPJ6rvIei0AAI-ulO-aNxjqr530zTWWVQWBIwTQs_PUho-M4UtAX9VnUbcvIZPwWgAAdXxZh0_dZBIOvtBhlvXLoJU9adRCpgIJrSqhkIQTzATf59GPZR7MOGJAjE3ReCXRtFORidzGC3pOj9YsvyJx6_hOScSbXg16d97eGwnkZQZo6Cq0UF1Dy9g0Pluo0RdcBRb6U5nWbvcNlS_PYNMUTWu-uvsY6pbNZ1UKPprYyo6FUTxyxGMMCXxlOMYZ13u6rWFMkJwSude0smxAKESew7N8Fi0fmS28Aj8MI87cRS7sBJlvkxxmVgqulj9IojYewXdJm_GWuGd8r2BRt88ulYKcvULr8KYdsAPnJRmHFCx&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCvvyVbWuZY9X8BN_h7_UPj52K2A3JntKxXNWdkfdwwI23ARABIABglYKAgLQHggEXY2EtcHViLTY5MjY5OTI3MzY1OTg2MDTIAQmpAmNNThsE1LE-4AIAqAMBqgSUAk_QOYMcFrjDtyWqMLVT7Cl-I-b_N-mBoEyXtwdXlvTdU1fIMMxr2wro4SJXLGh7J8feDVTIzD1p9hmZxEMsdepXSNQ1gxmb_yKOG4iwTQF_cAjsIyH19xm3pXmZTypHXgq9inARZc8iENVXt4HaW2auudoYBX2S4ZsnkxCT5-FI801P1dOpUUvrQvQBrvPe77lmS12R7r2Rd4odrq3XXlYmEKGfoCnffX0SpPQ_tUuumuZ9dFp0LSR_i_u9tkfymwclLIjcMcRvPxrnQMeaTAR8DSrxKqg4bCm6lSsuD0a6Y0nUAoIUkzkznWHcjVFsdP1EEgjN4PZNu8l37dfFeVEEcDMROGxWVLNegmIr6ykDbKxBa-AEAYAGrfmcm8mIzNaFAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAcBABMgLrAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3QL2-3Vck5yM6BFUmuke7_FT__zA%26client%3Dca-pub-6926992736598604%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 06:21:35 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 09 Dec 2023 06:21:35 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame 2CF3 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y5lrbQABPlUIu_DfAAKOjyd4EUmv-z6SKLz16Q&u=%7CuM%2FixoU45EWOo8Z%2BcKMCB3l%2B0z4XRLRf4XbFyXPcEAE%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0UEJ8w8gW49kLu82w_1JkF0eXUkR_DJS_xwsB1NFJwZQ_zWE2GS2SUxmkpSNJF6gLcsICd0Z_oFKmrVu8vwq48vl1A42x-pPwtJXkfplzkAZCc6wY_MF9ny75_bWryQUyLpV4fh14hyKUbzPl_KmVH0k1kcKKUWhUxOxn0IhexrkETfGahJFWgYHTFRXcajPaO_BQyPE7erMH5lOZ7yds7GC3qwvEPvPJ6rvIei0AAI-ulO-aNxjqr530zTWWVQWBIwTQs_PUho-M4UtAX9VnUbcvIZPwWgAAdXxZh0_dZBIOvtBhlvXLoJU9adRCpgIJrSqhkIQTzATf59GPZR7MOGJAjE3ReCXRtFORidzGC3pOj9YsvyJx6_hOScSbXg16d97eGwnkZQZo6Cq0UF1Dy9g0Pluo0RdcBRb6U5nWbvcNlS_PYNMUTWu-uvsY6pbNZ1UKPprYyo6FUTxyxGMMCXxlOMYZ13u6rWFMkJwSude0smxAKESew7N8Fi0fmS28Aj8MI87cRS7sBJlvkxxmVgqulj9IojYewXdJm_GWuGd8r2BRt88ulYKcvULr8KYdsAPnJRmHFCx&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCvvyVbWuZY9X8BN_h7_UPj52K2A3JntKxXNWdkfdwwI23ARABIABglYKAgLQHggEXY2EtcHViLTY5MjY5OTI3MzY1OTg2MDTIAQmpAmNNThsE1LE-4AIAqAMBqgSUAk_QOYMcFrjDtyWqMLVT7Cl-I-b_N-mBoEyXtwdXlvTdU1fIMMxr2wro4SJXLGh7J8feDVTIzD1p9hmZxEMsdepXSNQ1gxmb_yKOG4iwTQF_cAjsIyH19xm3pXmZTypHXgq9inARZc8iENVXt4HaW2auudoYBX2S4ZsnkxCT5-FI801P1dOpUUvrQvQBrvPe77lmS12R7r2Rd4odrq3XXlYmEKGfoCnffX0SpPQ_tUuumuZ9dFp0LSR_i_u9tkfymwclLIjcMcRvPxrnQMeaTAR8DSrxKqg4bCm6lSsuD0a6Y0nUAoIUkzkznWHcjVFsdP1EEgjN4PZNu8l37dfFeVEEcDMROGxWVLNegmIr6ykDbKxBa-AEAYAGrfmcm8mIzNaFAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAcBABMgLrAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3QL2-3Vck5yM6BFUmuke7_FT__zA%26client%3Dca-pub-6926992736598604%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 06:21:35 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 09 Dec 2023 06:21:35 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 2CF3 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y5lrbQABPlUIu_DfAAKOjyd4EUmv-z6SKLz16Q&u=%7CuM%2FixoU45EWOo8Z%2BcKMCB3l%2B0z4XRLRf4XbFyXPcEAE%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0UEJ8w8gW49kLu82w_1JkF0eXUkR_DJS_xwsB1NFJwZQ_zWE2GS2SUxmkpSNJF6gLcsICd0Z_oFKmrVu8vwq48vl1A42x-pPwtJXkfplzkAZCc6wY_MF9ny75_bWryQUyLpV4fh14hyKUbzPl_KmVH0k1kcKKUWhUxOxn0IhexrkETfGahJFWgYHTFRXcajPaO_BQyPE7erMH5lOZ7yds7GC3qwvEPvPJ6rvIei0AAI-ulO-aNxjqr530zTWWVQWBIwTQs_PUho-M4UtAX9VnUbcvIZPwWgAAdXxZh0_dZBIOvtBhlvXLoJU9adRCpgIJrSqhkIQTzATf59GPZR7MOGJAjE3ReCXRtFORidzGC3pOj9YsvyJx6_hOScSbXg16d97eGwnkZQZo6Cq0UF1Dy9g0Pluo0RdcBRb6U5nWbvcNlS_PYNMUTWu-uvsY6pbNZ1UKPprYyo6FUTxyxGMMCXxlOMYZ13u6rWFMkJwSude0smxAKESew7N8Fi0fmS28Aj8MI87cRS7sBJlvkxxmVgqulj9IojYewXdJm_GWuGd8r2BRt88ulYKcvULr8KYdsAPnJRmHFCx&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCvvyVbWuZY9X8BN_h7_UPj52K2A3JntKxXNWdkfdwwI23ARABIABglYKAgLQHggEXY2EtcHViLTY5MjY5OTI3MzY1OTg2MDTIAQmpAmNNThsE1LE-4AIAqAMBqgSUAk_QOYMcFrjDtyWqMLVT7Cl-I-b_N-mBoEyXtwdXlvTdU1fIMMxr2wro4SJXLGh7J8feDVTIzD1p9hmZxEMsdepXSNQ1gxmb_yKOG4iwTQF_cAjsIyH19xm3pXmZTypHXgq9inARZc8iENVXt4HaW2auudoYBX2S4ZsnkxCT5-FI801P1dOpUUvrQvQBrvPe77lmS12R7r2Rd4odrq3XXlYmEKGfoCnffX0SpPQ_tUuumuZ9dFp0LSR_i_u9tkfymwclLIjcMcRvPxrnQMeaTAR8DSrxKqg4bCm6lSsuD0a6Y0nUAoIUkzkznWHcjVFsdP1EEgjN4PZNu8l37dfFeVEEcDMROGxWVLNegmIr6ykDbKxBa-AEAYAGrfmcm8mIzNaFAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAcBABMgLrAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3QL2-3Vck5yM6BFUmuke7_FT__zA%26client%3Dca-pub-6926992736598604%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 06:21:35 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Sat, 09 Dec 2023 06:21:35 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame 2CF3 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y5lrbQABPlUIu_DfAAKOjyd4EUmv-z6SKLz16Q&u=%7CuM%2FixoU45EWOo8Z%2BcKMCB3l%2B0z4XRLRf4XbFyXPcEAE%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0UEJ8w8gW49kLu82w_1JkF0eXUkR_DJS_xwsB1NFJwZQ_zWE2GS2SUxmkpSNJF6gLcsICd0Z_oFKmrVu8vwq48vl1A42x-pPwtJXkfplzkAZCc6wY_MF9ny75_bWryQUyLpV4fh14hyKUbzPl_KmVH0k1kcKKUWhUxOxn0IhexrkETfGahJFWgYHTFRXcajPaO_BQyPE7erMH5lOZ7yds7GC3qwvEPvPJ6rvIei0AAI-ulO-aNxjqr530zTWWVQWBIwTQs_PUho-M4UtAX9VnUbcvIZPwWgAAdXxZh0_dZBIOvtBhlvXLoJU9adRCpgIJrSqhkIQTzATf59GPZR7MOGJAjE3ReCXRtFORidzGC3pOj9YsvyJx6_hOScSbXg16d97eGwnkZQZo6Cq0UF1Dy9g0Pluo0RdcBRb6U5nWbvcNlS_PYNMUTWu-uvsY6pbNZ1UKPprYyo6FUTxyxGMMCXxlOMYZ13u6rWFMkJwSude0smxAKESew7N8Fi0fmS28Aj8MI87cRS7sBJlvkxxmVgqulj9IojYewXdJm_GWuGd8r2BRt88ulYKcvULr8KYdsAPnJRmHFCx&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCvvyVbWuZY9X8BN_h7_UPj52K2A3JntKxXNWdkfdwwI23ARABIABglYKAgLQHggEXY2EtcHViLTY5MjY5OTI3MzY1OTg2MDTIAQmpAmNNThsE1LE-4AIAqAMBqgSUAk_QOYMcFrjDtyWqMLVT7Cl-I-b_N-mBoEyXtwdXlvTdU1fIMMxr2wro4SJXLGh7J8feDVTIzD1p9hmZxEMsdepXSNQ1gxmb_yKOG4iwTQF_cAjsIyH19xm3pXmZTypHXgq9inARZc8iENVXt4HaW2auudoYBX2S4ZsnkxCT5-FI801P1dOpUUvrQvQBrvPe77lmS12R7r2Rd4odrq3XXlYmEKGfoCnffX0SpPQ_tUuumuZ9dFp0LSR_i_u9tkfymwclLIjcMcRvPxrnQMeaTAR8DSrxKqg4bCm6lSsuD0a6Y0nUAoIUkzkznWHcjVFsdP1EEgjN4PZNu8l37dfFeVEEcDMROGxWVLNegmIr6ykDbKxBa-AEAYAGrfmcm8mIzNaFAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAcBABMgLrAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3QL2-3Vck5yM6BFUmuke7_FT__zA%26client%3Dca-pub-6926992736598604%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 06:21:35 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Sat, 09 Dec 2023 06:21:35 GMT
lg.php
cat.nl.eu.criteo.com/delivery/ Frame 2CF3 		43 B
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.nl.eu.criteo.com/delivery/lg.php?cppv=3&cpp=KQbYdAnl1l06ZMRVp1bpsxsaz00SJkE-uwERdIF-6aX1TSc5pNV5nmuEN2JhF91DvBpajf8WwXPrEUOhMNk_wT2ebt86I0x7ZECRTSBp9SoMP9Tg8mKYob3bcLqaQc9_oSOfOnwJhFbwqbQgOnpRneUu6914Jv6BO7fD0msdkpKKL2YtyVsTLk8nG6ejx2pQweiGx1OTG0m1HYXQwBN_95_1ovOsvedE2FXTjZpW_7iVPDS7eLuC02lQz94UOgZoZQqxjufFzY-iEdZO9byODVgDHW-6vi2VRcsGv-m_s4eT1yx27EC7EzeV5ewHpDZSMPUov1UO8nkexptRp3QQrmNAatdLXAVuM30OIIT7sIJQjRiPfykrlknjHx3ZXfkFLS5D-xPejBvSVpn2gqTypyQAxXhN11KgRx-KgsPKSKlnBJzRJt0jPkv5PX5U5xzuCaSPgw
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y5lrbQABPlUIu_DfAAKOjyd4EUmv-z6SKLz16Q&u=%7CuM%2FixoU45EWOo8Z%2BcKMCB3l%2B0z4XRLRf4XbFyXPcEAE%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0UEJ8w8gW49kLu82w_1JkF0eXUkR_DJS_xwsB1NFJwZQ_zWE2GS2SUxmkpSNJF6gLcsICd0Z_oFKmrVu8vwq48vl1A42x-pPwtJXkfplzkAZCc6wY_MF9ny75_bWryQUyLpV4fh14hyKUbzPl_KmVH0k1kcKKUWhUxOxn0IhexrkETfGahJFWgYHTFRXcajPaO_BQyPE7erMH5lOZ7yds7GC3qwvEPvPJ6rvIei0AAI-ulO-aNxjqr530zTWWVQWBIwTQs_PUho-M4UtAX9VnUbcvIZPwWgAAdXxZh0_dZBIOvtBhlvXLoJU9adRCpgIJrSqhkIQTzATf59GPZR7MOGJAjE3ReCXRtFORidzGC3pOj9YsvyJx6_hOScSbXg16d97eGwnkZQZo6Cq0UF1Dy9g0Pluo0RdcBRb6U5nWbvcNlS_PYNMUTWu-uvsY6pbNZ1UKPprYyo6FUTxyxGMMCXxlOMYZ13u6rWFMkJwSude0smxAKESew7N8Fi0fmS28Aj8MI87cRS7sBJlvkxxmVgqulj9IojYewXdJm_GWuGd8r2BRt88ulYKcvULr8KYdsAPnJRmHFCx&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCvvyVbWuZY9X8BN_h7_UPj52K2A3JntKxXNWdkfdwwI23ARABIABglYKAgLQHggEXY2EtcHViLTY5MjY5OTI3MzY1OTg2MDTIAQmpAmNNThsE1LE-4AIAqAMBqgSUAk_QOYMcFrjDtyWqMLVT7Cl-I-b_N-mBoEyXtwdXlvTdU1fIMMxr2wro4SJXLGh7J8feDVTIzD1p9hmZxEMsdepXSNQ1gxmb_yKOG4iwTQF_cAjsIyH19xm3pXmZTypHXgq9inARZc8iENVXt4HaW2auudoYBX2S4ZsnkxCT5-FI801P1dOpUUvrQvQBrvPe77lmS12R7r2Rd4odrq3XXlYmEKGfoCnffX0SpPQ_tUuumuZ9dFp0LSR_i_u9tkfymwclLIjcMcRvPxrnQMeaTAR8DSrxKqg4bCm6lSsuD0a6Y0nUAoIUkzkznWHcjVFsdP1EEgjN4PZNu8l37dfFeVEEcDMROGxWVLNegmIr6ykDbKxBa-AEAYAGrfmcm8mIzNaFAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAcBABMgLrAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3QL2-3Vck5yM6BFUmuke7_FT__zA%26client%3Dca-pub-6926992736598604%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.148 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Dec 2022 06:21:34 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
2799417
expires
Mon, 26 Jul 1997 05:00:00 GMT
m
secure-gl.imrworldwide.com/cgi-bin/ Frame 2CF3 		44 B
752 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure-gl.imrworldwide.com/cgi-bin/m?ca=nlsn184820&cr=crtve&ce=criteo&pc=criteo_plc0001&ci=nlsnci162&am=3&at=view&rt=banner&st=image&r=1670998894
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y5lrbQABPlUIu_DfAAKOjyd4EUmv-z6SKLz16Q&u=%7CuM%2FixoU45EWOo8Z%2BcKMCB3l%2B0z4XRLRf4XbFyXPcEAE%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0UEJ8w8gW49kLu82w_1JkF0eXUkR_DJS_xwsB1NFJwZQ_zWE2GS2SUxmkpSNJF6gLcsICd0Z_oFKmrVu8vwq48vl1A42x-pPwtJXkfplzkAZCc6wY_MF9ny75_bWryQUyLpV4fh14hyKUbzPl_KmVH0k1kcKKUWhUxOxn0IhexrkETfGahJFWgYHTFRXcajPaO_BQyPE7erMH5lOZ7yds7GC3qwvEPvPJ6rvIei0AAI-ulO-aNxjqr530zTWWVQWBIwTQs_PUho-M4UtAX9VnUbcvIZPwWgAAdXxZh0_dZBIOvtBhlvXLoJU9adRCpgIJrSqhkIQTzATf59GPZR7MOGJAjE3ReCXRtFORidzGC3pOj9YsvyJx6_hOScSbXg16d97eGwnkZQZo6Cq0UF1Dy9g0Pluo0RdcBRb6U5nWbvcNlS_PYNMUTWu-uvsY6pbNZ1UKPprYyo6FUTxyxGMMCXxlOMYZ13u6rWFMkJwSude0smxAKESew7N8Fi0fmS28Aj8MI87cRS7sBJlvkxxmVgqulj9IojYewXdJm_GWuGd8r2BRt88ulYKcvULr8KYdsAPnJRmHFCx&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCvvyVbWuZY9X8BN_h7_UPj52K2A3JntKxXNWdkfdwwI23ARABIABglYKAgLQHggEXY2EtcHViLTY5MjY5OTI3MzY1OTg2MDTIAQmpAmNNThsE1LE-4AIAqAMBqgSUAk_QOYMcFrjDtyWqMLVT7Cl-I-b_N-mBoEyXtwdXlvTdU1fIMMxr2wro4SJXLGh7J8feDVTIzD1p9hmZxEMsdepXSNQ1gxmb_yKOG4iwTQF_cAjsIyH19xm3pXmZTypHXgq9inARZc8iENVXt4HaW2auudoYBX2S4ZsnkxCT5-FI801P1dOpUUvrQvQBrvPe77lmS12R7r2Rd4odrq3XXlYmEKGfoCnffX0SpPQ_tUuumuZ9dFp0LSR_i_u9tkfymwclLIjcMcRvPxrnQMeaTAR8DSrxKqg4bCm6lSsuD0a6Y0nUAoIUkzkznWHcjVFsdP1EEgjN4PZNu8l37dfFeVEEcDMROGxWVLNegmIr6ykDbKxBa-AEAYAGrfmcm8mIzNaFAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAcBABMgLrAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3QL2-3Vck5yM6BFUmuke7_FT__zA%26client%3Dca-pub-6926992736598604%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:8000:1e:a43d:b640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 06:21:35 GMT
via
1.1 03ffca0f67e3596b9a0c92342fe91598.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
x-cache
Miss from cloudfront
p3p
P3P policyref="http://secure-gl.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
cross-origin-resource-policy
cross-origin
content-length
44
pragma
no-cache
server
nginx
accept-ch
Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-methods
POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
x-amz-cf-id
jlohj1s0Of8QbFj3fAuv0GLf7gJb0XU6xu2qgevuSRf5SrYEeBKzMA==
expires
Thu, 01 Dec 1994 16:00:00 GMT
cast_sender.js
www.gstatic.com/eureka/clank/108/ Frame 1F1B 		52 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/eureka/clank/108/cast_sender.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a174ce3d0e66cfea95ba4288c928291b37bd679f3044ac1a7f4dc3958036be11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 11:41:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
67234
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15164
x-xss-protection
0
last-modified
Tue, 08 Nov 2022 00:45:53 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview-release"
vary
Accept-Encoding
report-to
{"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type
text/javascript
cache-control
public, max-age=86400
accept-ranges
bytes
expires
Wed, 14 Dec 2022 11:41:00 GMT
animejs.js
static.criteo.net/animejs/ Frame C33D 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y5lrbQABPlkIu_DfAAKOj0AL24kZp1HPQOnCiA&u=%7CuM%2FixoU45EWLmTovdEX1WdbR2CRNns7nlr50wPdyMZI%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0UEJ8w8gW49kLu82w_1JkF0eXUkR_DJS_xwsB1NFJwZQtYbq4157A19pZsVWGgarYKvoI_1_v7YmNPxqbNo_oztDVFaBl1X1RWZeB76VrMjmQirk4BxZhx4JOH1fsmAp6Fn17F5cQlU5JmJtUIGH-RXRmKMxpWTdIyG0OelipQe7MV-G95PKfSdvPLDlaoDfLRuJSFhe1xJb9cgBc7KpN65YSSZFzRutxcKHwYgoP-yTkPEPG6rivXksUcarhB52DNzqqhX_JJv5vByWNRLwWx9dLjC8_zjINmR5mKE0Unw5FhdiOWVqecBtgm9MHejRcl1UDTGIonHHCXG-t82YVQqcXlOMNznjri8gggJ0j7E4HsxR7Yo3GyJQXd90q5xvXWzCQDfPyxhLImT-R5ElkmrR7HptetsTK6CLIGPQH1fPPN8lCoG_gx3o9q8k8WZnNTxJ4pEfjKjUON3-Sgpzdd8OsUgOabE00no9VZgWdvrNx5TZ-rGFXDP82Mtt2YYYHERdVLVL1bGedKeKvh8oGQncTRV-H1hXvw3oJPgb15IsvdGBVZR1vP9z7DzTee1Oj_EqwoxZ0Oon&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCDFuWbWuZY9n8BN_h7_UPj52K2A3JntKxXNWdkfdwwI23ARABIABglYKAgLQHggEXY2EtcHViLTY5MjY5OTI3MzY1OTg2MDTIAQmpAmNNThsE1LE-4AIAqAMBqgSVAk_QzEe1HXW76UlfbkYrtU_ATJ4Z3M-1V7mT6MMEs2cjlIRY_xvdp4qApEvBs210y1FeNKzghWMSOfGKIdpEOFLDEPd7YvQE-yZyFO3MOy6BnUxvc4Crk_97ZkUqL3T1quHGYuY7-zXM00Pym_0gSgixbZRnz3AbmWlgArGPVt_B9oiJZY0SqImQrYSGaEjpuEHm9F8A652BmMydxkBo7HxQ4uld76RC0Po3s6xsdgHR_lJZWDSKH64fvykDqU2chdQl73MZy-6PhpATl0RoJjB34fe9hqIZOSH5XnwwBvQ-HpjJfxnrkGfQNb6b-gLWPyrVZEBfiipxqMYCDggcscbwVsviSSELZS8T9NuwFiNfTxLCY_jgBAGABq35nJvJiMzWhQGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgHAQATIC6wI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1GCghKHKJnenMGqEudnpMBOnFbbA%26client%3Dca-pub-6926992736598604%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 06:21:35 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 09 Dec 2023 06:21:35 GMT
img
pix.eu.criteo.net/img/ Frame C33D 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?h=92&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F2861%2F190124%2F8d6bc06124f044d4973e0db21c495799_logo.png&v=3&w=668&s=RzlXPgLWe7UusCNVxlt4lCp9
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y5lrbQABPlkIu_DfAAKOj0AL24kZp1HPQOnCiA&u=%7CuM%2FixoU45EWLmTovdEX1WdbR2CRNns7nlr50wPdyMZI%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0UEJ8w8gW49kLu82w_1JkF0eXUkR_DJS_xwsB1NFJwZQtYbq4157A19pZsVWGgarYKvoI_1_v7YmNPxqbNo_oztDVFaBl1X1RWZeB76VrMjmQirk4BxZhx4JOH1fsmAp6Fn17F5cQlU5JmJtUIGH-RXRmKMxpWTdIyG0OelipQe7MV-G95PKfSdvPLDlaoDfLRuJSFhe1xJb9cgBc7KpN65YSSZFzRutxcKHwYgoP-yTkPEPG6rivXksUcarhB52DNzqqhX_JJv5vByWNRLwWx9dLjC8_zjINmR5mKE0Unw5FhdiOWVqecBtgm9MHejRcl1UDTGIonHHCXG-t82YVQqcXlOMNznjri8gggJ0j7E4HsxR7Yo3GyJQXd90q5xvXWzCQDfPyxhLImT-R5ElkmrR7HptetsTK6CLIGPQH1fPPN8lCoG_gx3o9q8k8WZnNTxJ4pEfjKjUON3-Sgpzdd8OsUgOabE00no9VZgWdvrNx5TZ-rGFXDP82Mtt2YYYHERdVLVL1bGedKeKvh8oGQncTRV-H1hXvw3oJPgb15IsvdGBVZR1vP9z7DzTee1Oj_EqwoxZ0Oon&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCDFuWbWuZY9n8BN_h7_UPj52K2A3JntKxXNWdkfdwwI23ARABIABglYKAgLQHggEXY2EtcHViLTY5MjY5OTI3MzY1OTg2MDTIAQmpAmNNThsE1LE-4AIAqAMBqgSVAk_QzEe1HXW76UlfbkYrtU_ATJ4Z3M-1V7mT6MMEs2cjlIRY_xvdp4qApEvBs210y1FeNKzghWMSOfGKIdpEOFLDEPd7YvQE-yZyFO3MOy6BnUxvc4Crk_97ZkUqL3T1quHGYuY7-zXM00Pym_0gSgixbZRnz3AbmWlgArGPVt_B9oiJZY0SqImQrYSGaEjpuEHm9F8A652BmMydxkBo7HxQ4uld76RC0Po3s6xsdgHR_lJZWDSKH64fvykDqU2chdQl73MZy-6PhpATl0RoJjB34fe9hqIZOSH5XnwwBvQ-HpjJfxnrkGfQNb6b-gLWPyrVZEBfiipxqMYCDggcscbwVsviSSELZS8T9NuwFiNfTxLCY_jgBAGABq35nJvJiMzWhQGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgHAQATIC6wI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1GCghKHKJnenMGqEudnpMBOnFbbA%26client%3Dca-pub-6926992736598604%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
b94a89259ef175b881195823edba0134e626911f4dc3baaac1bece619eff6bb9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 06:21:34 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=29716998
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
13859
expires
Thu, 23 Nov 2023 05:04:53 GMT
img
pix.eu.criteo.net/img/ Frame C33D 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F5%2FlogoGoogle-Germany-GmbH-284878DE-2112100939.gif%3Feb%3D1&v=3&w=400&s=aApKQiIxs5vamvb0T4w9k65l&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y5lrbQABPlkIu_DfAAKOj0AL24kZp1HPQOnCiA&u=%7CuM%2FixoU45EWLmTovdEX1WdbR2CRNns7nlr50wPdyMZI%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0UEJ8w8gW49kLu82w_1JkF0eXUkR_DJS_xwsB1NFJwZQtYbq4157A19pZsVWGgarYKvoI_1_v7YmNPxqbNo_oztDVFaBl1X1RWZeB76VrMjmQirk4BxZhx4JOH1fsmAp6Fn17F5cQlU5JmJtUIGH-RXRmKMxpWTdIyG0OelipQe7MV-G95PKfSdvPLDlaoDfLRuJSFhe1xJb9cgBc7KpN65YSSZFzRutxcKHwYgoP-yTkPEPG6rivXksUcarhB52DNzqqhX_JJv5vByWNRLwWx9dLjC8_zjINmR5mKE0Unw5FhdiOWVqecBtgm9MHejRcl1UDTGIonHHCXG-t82YVQqcXlOMNznjri8gggJ0j7E4HsxR7Yo3GyJQXd90q5xvXWzCQDfPyxhLImT-R5ElkmrR7HptetsTK6CLIGPQH1fPPN8lCoG_gx3o9q8k8WZnNTxJ4pEfjKjUON3-Sgpzdd8OsUgOabE00no9VZgWdvrNx5TZ-rGFXDP82Mtt2YYYHERdVLVL1bGedKeKvh8oGQncTRV-H1hXvw3oJPgb15IsvdGBVZR1vP9z7DzTee1Oj_EqwoxZ0Oon&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCDFuWbWuZY9n8BN_h7_UPj52K2A3JntKxXNWdkfdwwI23ARABIABglYKAgLQHggEXY2EtcHViLTY5MjY5OTI3MzY1OTg2MDTIAQmpAmNNThsE1LE-4AIAqAMBqgSVAk_QzEe1HXW76UlfbkYrtU_ATJ4Z3M-1V7mT6MMEs2cjlIRY_xvdp4qApEvBs210y1FeNKzghWMSOfGKIdpEOFLDEPd7YvQE-yZyFO3MOy6BnUxvc4Crk_97ZkUqL3T1quHGYuY7-zXM00Pym_0gSgixbZRnz3AbmWlgArGPVt_B9oiJZY0SqImQrYSGaEjpuEHm9F8A652BmMydxkBo7HxQ4uld76RC0Po3s6xsdgHR_lJZWDSKH64fvykDqU2chdQl73MZy-6PhpATl0RoJjB34fe9hqIZOSH5XnwwBvQ-HpjJfxnrkGfQNb6b-gLWPyrVZEBfiipxqMYCDggcscbwVsviSSELZS8T9NuwFiNfTxLCY_jgBAGABq35nJvJiMzWhQGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgHAQATIC6wI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1GCghKHKJnenMGqEudnpMBOnFbbA%26client%3Dca-pub-6926992736598604%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
a1164d38f35c8d9599848239639641326905ba695401405af5e5ed66dcd5c811
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 06:21:34 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=2446722
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
2640
expires
Wed, 11 Jan 2023 14:00:17 GMT
img
pix.eu.criteo.net/img/ Frame C33D 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FB%2FlogoBundesamt-fur-Bevolkerungsschutz-und-Katastrophenhilfe-BBK-204336DE.gif%3Feb%3D1&v=3&w=400&s=-wSShqFQONmuEMruq6JdMLd1&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y5lrbQABPlkIu_DfAAKOj0AL24kZp1HPQOnCiA&u=%7CuM%2FixoU45EWLmTovdEX1WdbR2CRNns7nlr50wPdyMZI%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0UEJ8w8gW49kLu82w_1JkF0eXUkR_DJS_xwsB1NFJwZQtYbq4157A19pZsVWGgarYKvoI_1_v7YmNPxqbNo_oztDVFaBl1X1RWZeB76VrMjmQirk4BxZhx4JOH1fsmAp6Fn17F5cQlU5JmJtUIGH-RXRmKMxpWTdIyG0OelipQe7MV-G95PKfSdvPLDlaoDfLRuJSFhe1xJb9cgBc7KpN65YSSZFzRutxcKHwYgoP-yTkPEPG6rivXksUcarhB52DNzqqhX_JJv5vByWNRLwWx9dLjC8_zjINmR5mKE0Unw5FhdiOWVqecBtgm9MHejRcl1UDTGIonHHCXG-t82YVQqcXlOMNznjri8gggJ0j7E4HsxR7Yo3GyJQXd90q5xvXWzCQDfPyxhLImT-R5ElkmrR7HptetsTK6CLIGPQH1fPPN8lCoG_gx3o9q8k8WZnNTxJ4pEfjKjUON3-Sgpzdd8OsUgOabE00no9VZgWdvrNx5TZ-rGFXDP82Mtt2YYYHERdVLVL1bGedKeKvh8oGQncTRV-H1hXvw3oJPgb15IsvdGBVZR1vP9z7DzTee1Oj_EqwoxZ0Oon&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCDFuWbWuZY9n8BN_h7_UPj52K2A3JntKxXNWdkfdwwI23ARABIABglYKAgLQHggEXY2EtcHViLTY5MjY5OTI3MzY1OTg2MDTIAQmpAmNNThsE1LE-4AIAqAMBqgSVAk_QzEe1HXW76UlfbkYrtU_ATJ4Z3M-1V7mT6MMEs2cjlIRY_xvdp4qApEvBs210y1FeNKzghWMSOfGKIdpEOFLDEPd7YvQE-yZyFO3MOy6BnUxvc4Crk_97ZkUqL3T1quHGYuY7-zXM00Pym_0gSgixbZRnz3AbmWlgArGPVt_B9oiJZY0SqImQrYSGaEjpuEHm9F8A652BmMydxkBo7HxQ4uld76RC0Po3s6xsdgHR_lJZWDSKH64fvykDqU2chdQl73MZy-6PhpATl0RoJjB34fe9hqIZOSH5XnwwBvQ-HpjJfxnrkGfQNb6b-gLWPyrVZEBfiipxqMYCDggcscbwVsviSSELZS8T9NuwFiNfTxLCY_jgBAGABq35nJvJiMzWhQGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgHAQATIC6wI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1GCghKHKJnenMGqEudnpMBOnFbbA%26client%3Dca-pub-6926992736598604%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
15d3c3958b58b92c485db6e5265536e0a7f364948edb90a62ca5e5ab20e0403f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 06:21:34 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=1149427
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
2302
expires
Tue, 27 Dec 2022 13:38:42 GMT
img
pix.eu.criteo.net/img/ Frame C33D 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F5%2FlogoNetflix-Services-Germany-GmbH-293357DE-2203091401.gif%3Feb%3D1&v=3&w=400&s=IwhbrHLQ0MZnAp1QnJAuyQiu&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y5lrbQABPlkIu_DfAAKOj0AL24kZp1HPQOnCiA&u=%7CuM%2FixoU45EWLmTovdEX1WdbR2CRNns7nlr50wPdyMZI%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0UEJ8w8gW49kLu82w_1JkF0eXUkR_DJS_xwsB1NFJwZQtYbq4157A19pZsVWGgarYKvoI_1_v7YmNPxqbNo_oztDVFaBl1X1RWZeB76VrMjmQirk4BxZhx4JOH1fsmAp6Fn17F5cQlU5JmJtUIGH-RXRmKMxpWTdIyG0OelipQe7MV-G95PKfSdvPLDlaoDfLRuJSFhe1xJb9cgBc7KpN65YSSZFzRutxcKHwYgoP-yTkPEPG6rivXksUcarhB52DNzqqhX_JJv5vByWNRLwWx9dLjC8_zjINmR5mKE0Unw5FhdiOWVqecBtgm9MHejRcl1UDTGIonHHCXG-t82YVQqcXlOMNznjri8gggJ0j7E4HsxR7Yo3GyJQXd90q5xvXWzCQDfPyxhLImT-R5ElkmrR7HptetsTK6CLIGPQH1fPPN8lCoG_gx3o9q8k8WZnNTxJ4pEfjKjUON3-Sgpzdd8OsUgOabE00no9VZgWdvrNx5TZ-rGFXDP82Mtt2YYYHERdVLVL1bGedKeKvh8oGQncTRV-H1hXvw3oJPgb15IsvdGBVZR1vP9z7DzTee1Oj_EqwoxZ0Oon&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCDFuWbWuZY9n8BN_h7_UPj52K2A3JntKxXNWdkfdwwI23ARABIABglYKAgLQHggEXY2EtcHViLTY5MjY5OTI3MzY1OTg2MDTIAQmpAmNNThsE1LE-4AIAqAMBqgSVAk_QzEe1HXW76UlfbkYrtU_ATJ4Z3M-1V7mT6MMEs2cjlIRY_xvdp4qApEvBs210y1FeNKzghWMSOfGKIdpEOFLDEPd7YvQE-yZyFO3MOy6BnUxvc4Crk_97ZkUqL3T1quHGYuY7-zXM00Pym_0gSgixbZRnz3AbmWlgArGPVt_B9oiJZY0SqImQrYSGaEjpuEHm9F8A652BmMydxkBo7HxQ4uld76RC0Po3s6xsdgHR_lJZWDSKH64fvykDqU2chdQl73MZy-6PhpATl0RoJjB34fe9hqIZOSH5XnwwBvQ-HpjJfxnrkGfQNb6b-gLWPyrVZEBfiipxqMYCDggcscbwVsviSSELZS8T9NuwFiNfTxLCY_jgBAGABq35nJvJiMzWhQGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgHAQATIC6wI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1GCghKHKJnenMGqEudnpMBOnFbbA%26client%3Dca-pub-6926992736598604%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
81809aa166a76dd99939edd3df52a70720e5ee9b65fefe1de4b32500e324e763
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 06:21:34 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=2516476
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
2538
expires
Thu, 12 Jan 2023 09:22:51 GMT
img
pix.eu.criteo.net/img/ Frame C33D 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FG%2FlogoGoldman-Sachs-AG-MesseTurm-92271DE.gif%3Feb%3D1&v=3&w=400&s=cWZg6oc2CXdpTFAus_F8Swiq&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y5lrbQABPlkIu_DfAAKOj0AL24kZp1HPQOnCiA&u=%7CuM%2FixoU45EWLmTovdEX1WdbR2CRNns7nlr50wPdyMZI%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0UEJ8w8gW49kLu82w_1JkF0eXUkR_DJS_xwsB1NFJwZQtYbq4157A19pZsVWGgarYKvoI_1_v7YmNPxqbNo_oztDVFaBl1X1RWZeB76VrMjmQirk4BxZhx4JOH1fsmAp6Fn17F5cQlU5JmJtUIGH-RXRmKMxpWTdIyG0OelipQe7MV-G95PKfSdvPLDlaoDfLRuJSFhe1xJb9cgBc7KpN65YSSZFzRutxcKHwYgoP-yTkPEPG6rivXksUcarhB52DNzqqhX_JJv5vByWNRLwWx9dLjC8_zjINmR5mKE0Unw5FhdiOWVqecBtgm9MHejRcl1UDTGIonHHCXG-t82YVQqcXlOMNznjri8gggJ0j7E4HsxR7Yo3GyJQXd90q5xvXWzCQDfPyxhLImT-R5ElkmrR7HptetsTK6CLIGPQH1fPPN8lCoG_gx3o9q8k8WZnNTxJ4pEfjKjUON3-Sgpzdd8OsUgOabE00no9VZgWdvrNx5TZ-rGFXDP82Mtt2YYYHERdVLVL1bGedKeKvh8oGQncTRV-H1hXvw3oJPgb15IsvdGBVZR1vP9z7DzTee1Oj_EqwoxZ0Oon&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCDFuWbWuZY9n8BN_h7_UPj52K2A3JntKxXNWdkfdwwI23ARABIABglYKAgLQHggEXY2EtcHViLTY5MjY5OTI3MzY1OTg2MDTIAQmpAmNNThsE1LE-4AIAqAMBqgSVAk_QzEe1HXW76UlfbkYrtU_ATJ4Z3M-1V7mT6MMEs2cjlIRY_xvdp4qApEvBs210y1FeNKzghWMSOfGKIdpEOFLDEPd7YvQE-yZyFO3MOy6BnUxvc4Crk_97ZkUqL3T1quHGYuY7-zXM00Pym_0gSgixbZRnz3AbmWlgArGPVt_B9oiJZY0SqImQrYSGaEjpuEHm9F8A652BmMydxkBo7HxQ4uld76RC0Po3s6xsdgHR_lJZWDSKH64fvykDqU2chdQl73MZy-6PhpATl0RoJjB34fe9hqIZOSH5XnwwBvQ-HpjJfxnrkGfQNb6b-gLWPyrVZEBfiipxqMYCDggcscbwVsviSSELZS8T9NuwFiNfTxLCY_jgBAGABq35nJvJiMzWhQGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgHAQATIC6wI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1GCghKHKJnenMGqEudnpMBOnFbbA%26client%3Dca-pub-6926992736598604%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
90e728f69e2b018245a4726c0f499e56e5a5f71330c07b0978596fb1bf45a831
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 06:21:34 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=2011573
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
2328
expires
Fri, 06 Jan 2023 13:07:48 GMT
img
pix.eu.criteo.net/img/ Frame C33D 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FC%2FlogoNIMAK-GmbH-124638DE-2209151556.gif%3Feb%3D1&v=3&w=400&s=fJpgeGnfin4hIMVTMbFyQkEn&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y5lrbQABPlkIu_DfAAKOj0AL24kZp1HPQOnCiA&u=%7CuM%2FixoU45EWLmTovdEX1WdbR2CRNns7nlr50wPdyMZI%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0UEJ8w8gW49kLu82w_1JkF0eXUkR_DJS_xwsB1NFJwZQtYbq4157A19pZsVWGgarYKvoI_1_v7YmNPxqbNo_oztDVFaBl1X1RWZeB76VrMjmQirk4BxZhx4JOH1fsmAp6Fn17F5cQlU5JmJtUIGH-RXRmKMxpWTdIyG0OelipQe7MV-G95PKfSdvPLDlaoDfLRuJSFhe1xJb9cgBc7KpN65YSSZFzRutxcKHwYgoP-yTkPEPG6rivXksUcarhB52DNzqqhX_JJv5vByWNRLwWx9dLjC8_zjINmR5mKE0Unw5FhdiOWVqecBtgm9MHejRcl1UDTGIonHHCXG-t82YVQqcXlOMNznjri8gggJ0j7E4HsxR7Yo3GyJQXd90q5xvXWzCQDfPyxhLImT-R5ElkmrR7HptetsTK6CLIGPQH1fPPN8lCoG_gx3o9q8k8WZnNTxJ4pEfjKjUON3-Sgpzdd8OsUgOabE00no9VZgWdvrNx5TZ-rGFXDP82Mtt2YYYHERdVLVL1bGedKeKvh8oGQncTRV-H1hXvw3oJPgb15IsvdGBVZR1vP9z7DzTee1Oj_EqwoxZ0Oon&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCDFuWbWuZY9n8BN_h7_UPj52K2A3JntKxXNWdkfdwwI23ARABIABglYKAgLQHggEXY2EtcHViLTY5MjY5OTI3MzY1OTg2MDTIAQmpAmNNThsE1LE-4AIAqAMBqgSVAk_QzEe1HXW76UlfbkYrtU_ATJ4Z3M-1V7mT6MMEs2cjlIRY_xvdp4qApEvBs210y1FeNKzghWMSOfGKIdpEOFLDEPd7YvQE-yZyFO3MOy6BnUxvc4Crk_97ZkUqL3T1quHGYuY7-zXM00Pym_0gSgixbZRnz3AbmWlgArGPVt_B9oiJZY0SqImQrYSGaEjpuEHm9F8A652BmMydxkBo7HxQ4uld76RC0Po3s6xsdgHR_lJZWDSKH64fvykDqU2chdQl73MZy-6PhpATl0RoJjB34fe9hqIZOSH5XnwwBvQ-HpjJfxnrkGfQNb6b-gLWPyrVZEBfiipxqMYCDggcscbwVsviSSELZS8T9NuwFiNfTxLCY_jgBAGABq35nJvJiMzWhQGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgHAQATIC6wI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1GCghKHKJnenMGqEudnpMBOnFbbA%26client%3Dca-pub-6926992736598604%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
7e9b1418237b95ba1e4a8cd22dd6966da3384265585c15cc27983b26bc59be8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 06:21:34 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=538427
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3484
expires
Tue, 20 Dec 2022 11:55:22 GMT
img
pix.eu.criteo.net/img/ Frame C33D 		841 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FM%2FlogoMiele-Cie-KG-19622DE.gif%3Feb%3D1&v=3&w=400&s=pc8o5gpHjSAwHPLpz9MJ3EWV&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y5lrbQABPlkIu_DfAAKOj0AL24kZp1HPQOnCiA&u=%7CuM%2FixoU45EWLmTovdEX1WdbR2CRNns7nlr50wPdyMZI%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0UEJ8w8gW49kLu82w_1JkF0eXUkR_DJS_xwsB1NFJwZQtYbq4157A19pZsVWGgarYKvoI_1_v7YmNPxqbNo_oztDVFaBl1X1RWZeB76VrMjmQirk4BxZhx4JOH1fsmAp6Fn17F5cQlU5JmJtUIGH-RXRmKMxpWTdIyG0OelipQe7MV-G95PKfSdvPLDlaoDfLRuJSFhe1xJb9cgBc7KpN65YSSZFzRutxcKHwYgoP-yTkPEPG6rivXksUcarhB52DNzqqhX_JJv5vByWNRLwWx9dLjC8_zjINmR5mKE0Unw5FhdiOWVqecBtgm9MHejRcl1UDTGIonHHCXG-t82YVQqcXlOMNznjri8gggJ0j7E4HsxR7Yo3GyJQXd90q5xvXWzCQDfPyxhLImT-R5ElkmrR7HptetsTK6CLIGPQH1fPPN8lCoG_gx3o9q8k8WZnNTxJ4pEfjKjUON3-Sgpzdd8OsUgOabE00no9VZgWdvrNx5TZ-rGFXDP82Mtt2YYYHERdVLVL1bGedKeKvh8oGQncTRV-H1hXvw3oJPgb15IsvdGBVZR1vP9z7DzTee1Oj_EqwoxZ0Oon&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCDFuWbWuZY9n8BN_h7_UPj52K2A3JntKxXNWdkfdwwI23ARABIABglYKAgLQHggEXY2EtcHViLTY5MjY5OTI3MzY1OTg2MDTIAQmpAmNNThsE1LE-4AIAqAMBqgSVAk_QzEe1HXW76UlfbkYrtU_ATJ4Z3M-1V7mT6MMEs2cjlIRY_xvdp4qApEvBs210y1FeNKzghWMSOfGKIdpEOFLDEPd7YvQE-yZyFO3MOy6BnUxvc4Crk_97ZkUqL3T1quHGYuY7-zXM00Pym_0gSgixbZRnz3AbmWlgArGPVt_B9oiJZY0SqImQrYSGaEjpuEHm9F8A652BmMydxkBo7HxQ4uld76RC0Po3s6xsdgHR_lJZWDSKH64fvykDqU2chdQl73MZy-6PhpATl0RoJjB34fe9hqIZOSH5XnwwBvQ-HpjJfxnrkGfQNb6b-gLWPyrVZEBfiipxqMYCDggcscbwVsviSSELZS8T9NuwFiNfTxLCY_jgBAGABq35nJvJiMzWhQGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgHAQATIC6wI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1GCghKHKJnenMGqEudnpMBOnFbbA%26client%3Dca-pub-6926992736598604%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
942b061441de9ae6bd3a854f0ffc64c7c40dc6ac52e1408da58978bc60aecc4e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 06:21:34 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=2488942
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
841
expires
Thu, 12 Jan 2023 01:43:57 GMT
img
pix.eu.criteo.net/img/ Frame C33D 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FE%2FlogoStudyflix-GmbH-213191DE.gif%3Feb%3D1&v=3&w=400&s=f40TybbK4i6EEwshP95T4TWs&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y5lrbQABPlkIu_DfAAKOj0AL24kZp1HPQOnCiA&u=%7CuM%2FixoU45EWLmTovdEX1WdbR2CRNns7nlr50wPdyMZI%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0UEJ8w8gW49kLu82w_1JkF0eXUkR_DJS_xwsB1NFJwZQtYbq4157A19pZsVWGgarYKvoI_1_v7YmNPxqbNo_oztDVFaBl1X1RWZeB76VrMjmQirk4BxZhx4JOH1fsmAp6Fn17F5cQlU5JmJtUIGH-RXRmKMxpWTdIyG0OelipQe7MV-G95PKfSdvPLDlaoDfLRuJSFhe1xJb9cgBc7KpN65YSSZFzRutxcKHwYgoP-yTkPEPG6rivXksUcarhB52DNzqqhX_JJv5vByWNRLwWx9dLjC8_zjINmR5mKE0Unw5FhdiOWVqecBtgm9MHejRcl1UDTGIonHHCXG-t82YVQqcXlOMNznjri8gggJ0j7E4HsxR7Yo3GyJQXd90q5xvXWzCQDfPyxhLImT-R5ElkmrR7HptetsTK6CLIGPQH1fPPN8lCoG_gx3o9q8k8WZnNTxJ4pEfjKjUON3-Sgpzdd8OsUgOabE00no9VZgWdvrNx5TZ-rGFXDP82Mtt2YYYHERdVLVL1bGedKeKvh8oGQncTRV-H1hXvw3oJPgb15IsvdGBVZR1vP9z7DzTee1Oj_EqwoxZ0Oon&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCDFuWbWuZY9n8BN_h7_UPj52K2A3JntKxXNWdkfdwwI23ARABIABglYKAgLQHggEXY2EtcHViLTY5MjY5OTI3MzY1OTg2MDTIAQmpAmNNThsE1LE-4AIAqAMBqgSVAk_QzEe1HXW76UlfbkYrtU_ATJ4Z3M-1V7mT6MMEs2cjlIRY_xvdp4qApEvBs210y1FeNKzghWMSOfGKIdpEOFLDEPd7YvQE-yZyFO3MOy6BnUxvc4Crk_97ZkUqL3T1quHGYuY7-zXM00Pym_0gSgixbZRnz3AbmWlgArGPVt_B9oiJZY0SqImQrYSGaEjpuEHm9F8A652BmMydxkBo7HxQ4uld76RC0Po3s6xsdgHR_lJZWDSKH64fvykDqU2chdQl73MZy-6PhpATl0RoJjB34fe9hqIZOSH5XnwwBvQ-HpjJfxnrkGfQNb6b-gLWPyrVZEBfiipxqMYCDggcscbwVsviSSELZS8T9NuwFiNfTxLCY_jgBAGABq35nJvJiMzWhQGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgHAQATIC6wI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1GCghKHKJnenMGqEudnpMBOnFbbA%26client%3Dca-pub-6926992736598604%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
2bf6fa34d89d072392d9608976ebcf09580bcdecd034ffe0c1467db6bf7f58b3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 06:21:34 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=2116617
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
1534
expires
Sat, 07 Jan 2023 18:18:32 GMT
img
pix.eu.criteo.net/img/ Frame C33D 		533 B
797 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FE%2FlogoLiebherr-Hydraulikbagger-GmbH-78140DE-2209301636.gif%3Feb%3D1&v=3&w=400&s=CHOzCZZNEaQ-lrqj5Ip-ErgR&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y5lrbQABPlkIu_DfAAKOj0AL24kZp1HPQOnCiA&u=%7CuM%2FixoU45EWLmTovdEX1WdbR2CRNns7nlr50wPdyMZI%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0UEJ8w8gW49kLu82w_1JkF0eXUkR_DJS_xwsB1NFJwZQtYbq4157A19pZsVWGgarYKvoI_1_v7YmNPxqbNo_oztDVFaBl1X1RWZeB76VrMjmQirk4BxZhx4JOH1fsmAp6Fn17F5cQlU5JmJtUIGH-RXRmKMxpWTdIyG0OelipQe7MV-G95PKfSdvPLDlaoDfLRuJSFhe1xJb9cgBc7KpN65YSSZFzRutxcKHwYgoP-yTkPEPG6rivXksUcarhB52DNzqqhX_JJv5vByWNRLwWx9dLjC8_zjINmR5mKE0Unw5FhdiOWVqecBtgm9MHejRcl1UDTGIonHHCXG-t82YVQqcXlOMNznjri8gggJ0j7E4HsxR7Yo3GyJQXd90q5xvXWzCQDfPyxhLImT-R5ElkmrR7HptetsTK6CLIGPQH1fPPN8lCoG_gx3o9q8k8WZnNTxJ4pEfjKjUON3-Sgpzdd8OsUgOabE00no9VZgWdvrNx5TZ-rGFXDP82Mtt2YYYHERdVLVL1bGedKeKvh8oGQncTRV-H1hXvw3oJPgb15IsvdGBVZR1vP9z7DzTee1Oj_EqwoxZ0Oon&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCDFuWbWuZY9n8BN_h7_UPj52K2A3JntKxXNWdkfdwwI23ARABIABglYKAgLQHggEXY2EtcHViLTY5MjY5OTI3MzY1OTg2MDTIAQmpAmNNThsE1LE-4AIAqAMBqgSVAk_QzEe1HXW76UlfbkYrtU_ATJ4Z3M-1V7mT6MMEs2cjlIRY_xvdp4qApEvBs210y1FeNKzghWMSOfGKIdpEOFLDEPd7YvQE-yZyFO3MOy6BnUxvc4Crk_97ZkUqL3T1quHGYuY7-zXM00Pym_0gSgixbZRnz3AbmWlgArGPVt_B9oiJZY0SqImQrYSGaEjpuEHm9F8A652BmMydxkBo7HxQ4uld76RC0Po3s6xsdgHR_lJZWDSKH64fvykDqU2chdQl73MZy-6PhpATl0RoJjB34fe9hqIZOSH5XnwwBvQ-HpjJfxnrkGfQNb6b-gLWPyrVZEBfiipxqMYCDggcscbwVsviSSELZS8T9NuwFiNfTxLCY_jgBAGABq35nJvJiMzWhQGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgHAQATIC6wI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1GCghKHKJnenMGqEudnpMBOnFbbA%26client%3Dca-pub-6926992736598604%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
9a0eefcef60e76fb405898ec6f44620d6978ac16edda818183e207abc544a8d3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 06:21:34 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=31104000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
533
expires
Sat, 09 Dec 2023 06:21:34 GMT
all
csm.eu.criteo.net/ Frame C33D 		0
128 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=BwrPoVp1F0qITor-qWOVUxjnxyQwecuQ_M6nxlQ11dPjwoRZFVR5UzCdYuQzjR6y7Zb916ntCsP1fZzbOYhdIycSbWLsKgsQ5ynWuTfGh7GT5_Z_A-5CQVPD1gb4pCcNoHHBfuZGYlkKuJE_JXraPUj3nWwmzrLKhbEny0Nc7IRIhHBIZOLL0oBFPcZzoFEdlefxZvuYGAFjAs3SVhXfKKeMIgOifmuCksIY4aQttkZuwTS1kg9lVUoDpvK99X-uzeSm1w&sds=2&rev=83933&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y5lrbQABPlkIu_DfAAKOj0AL24kZp1HPQOnCiA&u=%7CuM%2FixoU45EWLmTovdEX1WdbR2CRNns7nlr50wPdyMZI%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0UEJ8w8gW49kLu82w_1JkF0eXUkR_DJS_xwsB1NFJwZQtYbq4157A19pZsVWGgarYKvoI_1_v7YmNPxqbNo_oztDVFaBl1X1RWZeB76VrMjmQirk4BxZhx4JOH1fsmAp6Fn17F5cQlU5JmJtUIGH-RXRmKMxpWTdIyG0OelipQe7MV-G95PKfSdvPLDlaoDfLRuJSFhe1xJb9cgBc7KpN65YSSZFzRutxcKHwYgoP-yTkPEPG6rivXksUcarhB52DNzqqhX_JJv5vByWNRLwWx9dLjC8_zjINmR5mKE0Unw5FhdiOWVqecBtgm9MHejRcl1UDTGIonHHCXG-t82YVQqcXlOMNznjri8gggJ0j7E4HsxR7Yo3GyJQXd90q5xvXWzCQDfPyxhLImT-R5ElkmrR7HptetsTK6CLIGPQH1fPPN8lCoG_gx3o9q8k8WZnNTxJ4pEfjKjUON3-Sgpzdd8OsUgOabE00no9VZgWdvrNx5TZ-rGFXDP82Mtt2YYYHERdVLVL1bGedKeKvh8oGQncTRV-H1hXvw3oJPgb15IsvdGBVZR1vP9z7DzTee1Oj_EqwoxZ0Oon&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCDFuWbWuZY9n8BN_h7_UPj52K2A3JntKxXNWdkfdwwI23ARABIABglYKAgLQHggEXY2EtcHViLTY5MjY5OTI3MzY1OTg2MDTIAQmpAmNNThsE1LE-4AIAqAMBqgSVAk_QzEe1HXW76UlfbkYrtU_ATJ4Z3M-1V7mT6MMEs2cjlIRY_xvdp4qApEvBs210y1FeNKzghWMSOfGKIdpEOFLDEPd7YvQE-yZyFO3MOy6BnUxvc4Crk_97ZkUqL3T1quHGYuY7-zXM00Pym_0gSgixbZRnz3AbmWlgArGPVt_B9oiJZY0SqImQrYSGaEjpuEHm9F8A652BmMydxkBo7HxQ4uld76RC0Po3s6xsdgHR_lJZWDSKH64fvykDqU2chdQl73MZy-6PhpATl0RoJjB34fe9hqIZOSH5XnwwBvQ-HpjJfxnrkGfQNb6b-gLWPyrVZEBfiipxqMYCDggcscbwVsviSSELZS8T9NuwFiNfTxLCY_jgBAGABq35nJvJiMzWhQGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgHAQATIC6wI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1GCghKHKJnenMGqEudnpMBOnFbbA%26client%3Dca-pub-6926992736598604%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::21 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Wed, 14 Dec 2022 06:21:34 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame C33D 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y5lrbQABPlkIu_DfAAKOj0AL24kZp1HPQOnCiA&u=%7CuM%2FixoU45EWLmTovdEX1WdbR2CRNns7nlr50wPdyMZI%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0UEJ8w8gW49kLu82w_1JkF0eXUkR_DJS_xwsB1NFJwZQtYbq4157A19pZsVWGgarYKvoI_1_v7YmNPxqbNo_oztDVFaBl1X1RWZeB76VrMjmQirk4BxZhx4JOH1fsmAp6Fn17F5cQlU5JmJtUIGH-RXRmKMxpWTdIyG0OelipQe7MV-G95PKfSdvPLDlaoDfLRuJSFhe1xJb9cgBc7KpN65YSSZFzRutxcKHwYgoP-yTkPEPG6rivXksUcarhB52DNzqqhX_JJv5vByWNRLwWx9dLjC8_zjINmR5mKE0Unw5FhdiOWVqecBtgm9MHejRcl1UDTGIonHHCXG-t82YVQqcXlOMNznjri8gggJ0j7E4HsxR7Yo3GyJQXd90q5xvXWzCQDfPyxhLImT-R5ElkmrR7HptetsTK6CLIGPQH1fPPN8lCoG_gx3o9q8k8WZnNTxJ4pEfjKjUON3-Sgpzdd8OsUgOabE00no9VZgWdvrNx5TZ-rGFXDP82Mtt2YYYHERdVLVL1bGedKeKvh8oGQncTRV-H1hXvw3oJPgb15IsvdGBVZR1vP9z7DzTee1Oj_EqwoxZ0Oon&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCDFuWbWuZY9n8BN_h7_UPj52K2A3JntKxXNWdkfdwwI23ARABIABglYKAgLQHggEXY2EtcHViLTY5MjY5OTI3MzY1OTg2MDTIAQmpAmNNThsE1LE-4AIAqAMBqgSVAk_QzEe1HXW76UlfbkYrtU_ATJ4Z3M-1V7mT6MMEs2cjlIRY_xvdp4qApEvBs210y1FeNKzghWMSOfGKIdpEOFLDEPd7YvQE-yZyFO3MOy6BnUxvc4Crk_97ZkUqL3T1quHGYuY7-zXM00Pym_0gSgixbZRnz3AbmWlgArGPVt_B9oiJZY0SqImQrYSGaEjpuEHm9F8A652BmMydxkBo7HxQ4uld76RC0Po3s6xsdgHR_lJZWDSKH64fvykDqU2chdQl73MZy-6PhpATl0RoJjB34fe9hqIZOSH5XnwwBvQ-HpjJfxnrkGfQNb6b-gLWPyrVZEBfiipxqMYCDggcscbwVsviSSELZS8T9NuwFiNfTxLCY_jgBAGABq35nJvJiMzWhQGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgHAQATIC6wI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1GCghKHKJnenMGqEudnpMBOnFbbA%26client%3Dca-pub-6926992736598604%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 06:21:35 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 09 Dec 2023 06:21:35 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame C33D 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y5lrbQABPlkIu_DfAAKOj0AL24kZp1HPQOnCiA&u=%7CuM%2FixoU45EWLmTovdEX1WdbR2CRNns7nlr50wPdyMZI%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0UEJ8w8gW49kLu82w_1JkF0eXUkR_DJS_xwsB1NFJwZQtYbq4157A19pZsVWGgarYKvoI_1_v7YmNPxqbNo_oztDVFaBl1X1RWZeB76VrMjmQirk4BxZhx4JOH1fsmAp6Fn17F5cQlU5JmJtUIGH-RXRmKMxpWTdIyG0OelipQe7MV-G95PKfSdvPLDlaoDfLRuJSFhe1xJb9cgBc7KpN65YSSZFzRutxcKHwYgoP-yTkPEPG6rivXksUcarhB52DNzqqhX_JJv5vByWNRLwWx9dLjC8_zjINmR5mKE0Unw5FhdiOWVqecBtgm9MHejRcl1UDTGIonHHCXG-t82YVQqcXlOMNznjri8gggJ0j7E4HsxR7Yo3GyJQXd90q5xvXWzCQDfPyxhLImT-R5ElkmrR7HptetsTK6CLIGPQH1fPPN8lCoG_gx3o9q8k8WZnNTxJ4pEfjKjUON3-Sgpzdd8OsUgOabE00no9VZgWdvrNx5TZ-rGFXDP82Mtt2YYYHERdVLVL1bGedKeKvh8oGQncTRV-H1hXvw3oJPgb15IsvdGBVZR1vP9z7DzTee1Oj_EqwoxZ0Oon&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCDFuWbWuZY9n8BN_h7_UPj52K2A3JntKxXNWdkfdwwI23ARABIABglYKAgLQHggEXY2EtcHViLTY5MjY5OTI3MzY1OTg2MDTIAQmpAmNNThsE1LE-4AIAqAMBqgSVAk_QzEe1HXW76UlfbkYrtU_ATJ4Z3M-1V7mT6MMEs2cjlIRY_xvdp4qApEvBs210y1FeNKzghWMSOfGKIdpEOFLDEPd7YvQE-yZyFO3MOy6BnUxvc4Crk_97ZkUqL3T1quHGYuY7-zXM00Pym_0gSgixbZRnz3AbmWlgArGPVt_B9oiJZY0SqImQrYSGaEjpuEHm9F8A652BmMydxkBo7HxQ4uld76RC0Po3s6xsdgHR_lJZWDSKH64fvykDqU2chdQl73MZy-6PhpATl0RoJjB34fe9hqIZOSH5XnwwBvQ-HpjJfxnrkGfQNb6b-gLWPyrVZEBfiipxqMYCDggcscbwVsviSSELZS8T9NuwFiNfTxLCY_jgBAGABq35nJvJiMzWhQGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgHAQATIC6wI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1GCghKHKJnenMGqEudnpMBOnFbbA%26client%3Dca-pub-6926992736598604%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 06:21:35 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 09 Dec 2023 06:21:35 GMT
animejs.js
static.criteo.net/animejs/ Frame 2CF3 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y5lrbQABPlUIu_DfAAKOjyd4EUmv-z6SKLz16Q&u=%7CuM%2FixoU45EWOo8Z%2BcKMCB3l%2B0z4XRLRf4XbFyXPcEAE%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0UEJ8w8gW49kLu82w_1JkF0eXUkR_DJS_xwsB1NFJwZQ_zWE2GS2SUxmkpSNJF6gLcsICd0Z_oFKmrVu8vwq48vl1A42x-pPwtJXkfplzkAZCc6wY_MF9ny75_bWryQUyLpV4fh14hyKUbzPl_KmVH0k1kcKKUWhUxOxn0IhexrkETfGahJFWgYHTFRXcajPaO_BQyPE7erMH5lOZ7yds7GC3qwvEPvPJ6rvIei0AAI-ulO-aNxjqr530zTWWVQWBIwTQs_PUho-M4UtAX9VnUbcvIZPwWgAAdXxZh0_dZBIOvtBhlvXLoJU9adRCpgIJrSqhkIQTzATf59GPZR7MOGJAjE3ReCXRtFORidzGC3pOj9YsvyJx6_hOScSbXg16d97eGwnkZQZo6Cq0UF1Dy9g0Pluo0RdcBRb6U5nWbvcNlS_PYNMUTWu-uvsY6pbNZ1UKPprYyo6FUTxyxGMMCXxlOMYZ13u6rWFMkJwSude0smxAKESew7N8Fi0fmS28Aj8MI87cRS7sBJlvkxxmVgqulj9IojYewXdJm_GWuGd8r2BRt88ulYKcvULr8KYdsAPnJRmHFCx&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCvvyVbWuZY9X8BN_h7_UPj52K2A3JntKxXNWdkfdwwI23ARABIABglYKAgLQHggEXY2EtcHViLTY5MjY5OTI3MzY1OTg2MDTIAQmpAmNNThsE1LE-4AIAqAMBqgSUAk_QOYMcFrjDtyWqMLVT7Cl-I-b_N-mBoEyXtwdXlvTdU1fIMMxr2wro4SJXLGh7J8feDVTIzD1p9hmZxEMsdepXSNQ1gxmb_yKOG4iwTQF_cAjsIyH19xm3pXmZTypHXgq9inARZc8iENVXt4HaW2auudoYBX2S4ZsnkxCT5-FI801P1dOpUUvrQvQBrvPe77lmS12R7r2Rd4odrq3XXlYmEKGfoCnffX0SpPQ_tUuumuZ9dFp0LSR_i_u9tkfymwclLIjcMcRvPxrnQMeaTAR8DSrxKqg4bCm6lSsuD0a6Y0nUAoIUkzkznWHcjVFsdP1EEgjN4PZNu8l37dfFeVEEcDMROGxWVLNegmIr6ykDbKxBa-AEAYAGrfmcm8mIzNaFAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAcBABMgLrAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3QL2-3Vck5yM6BFUmuke7_FT__zA%26client%3Dca-pub-6926992736598604%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 06:21:35 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 09 Dec 2023 06:21:35 GMT
img
pix.eu.criteo.net/img/ Frame 2CF3 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F5%2FlogoGoogle-Germany-GmbH-284878DE-2112100939.gif%3Feb%3D1&v=3&w=400&s=aApKQiIxs5vamvb0T4w9k65l&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y5lrbQABPlUIu_DfAAKOjyd4EUmv-z6SKLz16Q&u=%7CuM%2FixoU45EWOo8Z%2BcKMCB3l%2B0z4XRLRf4XbFyXPcEAE%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0UEJ8w8gW49kLu82w_1JkF0eXUkR_DJS_xwsB1NFJwZQ_zWE2GS2SUxmkpSNJF6gLcsICd0Z_oFKmrVu8vwq48vl1A42x-pPwtJXkfplzkAZCc6wY_MF9ny75_bWryQUyLpV4fh14hyKUbzPl_KmVH0k1kcKKUWhUxOxn0IhexrkETfGahJFWgYHTFRXcajPaO_BQyPE7erMH5lOZ7yds7GC3qwvEPvPJ6rvIei0AAI-ulO-aNxjqr530zTWWVQWBIwTQs_PUho-M4UtAX9VnUbcvIZPwWgAAdXxZh0_dZBIOvtBhlvXLoJU9adRCpgIJrSqhkIQTzATf59GPZR7MOGJAjE3ReCXRtFORidzGC3pOj9YsvyJx6_hOScSbXg16d97eGwnkZQZo6Cq0UF1Dy9g0Pluo0RdcBRb6U5nWbvcNlS_PYNMUTWu-uvsY6pbNZ1UKPprYyo6FUTxyxGMMCXxlOMYZ13u6rWFMkJwSude0smxAKESew7N8Fi0fmS28Aj8MI87cRS7sBJlvkxxmVgqulj9IojYewXdJm_GWuGd8r2BRt88ulYKcvULr8KYdsAPnJRmHFCx&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCvvyVbWuZY9X8BN_h7_UPj52K2A3JntKxXNWdkfdwwI23ARABIABglYKAgLQHggEXY2EtcHViLTY5MjY5OTI3MzY1OTg2MDTIAQmpAmNNThsE1LE-4AIAqAMBqgSUAk_QOYMcFrjDtyWqMLVT7Cl-I-b_N-mBoEyXtwdXlvTdU1fIMMxr2wro4SJXLGh7J8feDVTIzD1p9hmZxEMsdepXSNQ1gxmb_yKOG4iwTQF_cAjsIyH19xm3pXmZTypHXgq9inARZc8iENVXt4HaW2auudoYBX2S4ZsnkxCT5-FI801P1dOpUUvrQvQBrvPe77lmS12R7r2Rd4odrq3XXlYmEKGfoCnffX0SpPQ_tUuumuZ9dFp0LSR_i_u9tkfymwclLIjcMcRvPxrnQMeaTAR8DSrxKqg4bCm6lSsuD0a6Y0nUAoIUkzkznWHcjVFsdP1EEgjN4PZNu8l37dfFeVEEcDMROGxWVLNegmIr6ykDbKxBa-AEAYAGrfmcm8mIzNaFAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAcBABMgLrAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3QL2-3Vck5yM6BFUmuke7_FT__zA%26client%3Dca-pub-6926992736598604%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
a1164d38f35c8d9599848239639641326905ba695401405af5e5ed66dcd5c811
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 06:21:34 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=2446722
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
2640
expires
Wed, 11 Jan 2023 14:00:17 GMT
img
pix.eu.criteo.net/img/ Frame 2CF3 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FC%2FlogoNIMAK-GmbH-124638DE-2209151556.gif%3Feb%3D1&v=3&w=400&s=fJpgeGnfin4hIMVTMbFyQkEn&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y5lrbQABPlUIu_DfAAKOjyd4EUmv-z6SKLz16Q&u=%7CuM%2FixoU45EWOo8Z%2BcKMCB3l%2B0z4XRLRf4XbFyXPcEAE%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0UEJ8w8gW49kLu82w_1JkF0eXUkR_DJS_xwsB1NFJwZQ_zWE2GS2SUxmkpSNJF6gLcsICd0Z_oFKmrVu8vwq48vl1A42x-pPwtJXkfplzkAZCc6wY_MF9ny75_bWryQUyLpV4fh14hyKUbzPl_KmVH0k1kcKKUWhUxOxn0IhexrkETfGahJFWgYHTFRXcajPaO_BQyPE7erMH5lOZ7yds7GC3qwvEPvPJ6rvIei0AAI-ulO-aNxjqr530zTWWVQWBIwTQs_PUho-M4UtAX9VnUbcvIZPwWgAAdXxZh0_dZBIOvtBhlvXLoJU9adRCpgIJrSqhkIQTzATf59GPZR7MOGJAjE3ReCXRtFORidzGC3pOj9YsvyJx6_hOScSbXg16d97eGwnkZQZo6Cq0UF1Dy9g0Pluo0RdcBRb6U5nWbvcNlS_PYNMUTWu-uvsY6pbNZ1UKPprYyo6FUTxyxGMMCXxlOMYZ13u6rWFMkJwSude0smxAKESew7N8Fi0fmS28Aj8MI87cRS7sBJlvkxxmVgqulj9IojYewXdJm_GWuGd8r2BRt88ulYKcvULr8KYdsAPnJRmHFCx&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCvvyVbWuZY9X8BN_h7_UPj52K2A3JntKxXNWdkfdwwI23ARABIABglYKAgLQHggEXY2EtcHViLTY5MjY5OTI3MzY1OTg2MDTIAQmpAmNNThsE1LE-4AIAqAMBqgSUAk_QOYMcFrjDtyWqMLVT7Cl-I-b_N-mBoEyXtwdXlvTdU1fIMMxr2wro4SJXLGh7J8feDVTIzD1p9hmZxEMsdepXSNQ1gxmb_yKOG4iwTQF_cAjsIyH19xm3pXmZTypHXgq9inARZc8iENVXt4HaW2auudoYBX2S4ZsnkxCT5-FI801P1dOpUUvrQvQBrvPe77lmS12R7r2Rd4odrq3XXlYmEKGfoCnffX0SpPQ_tUuumuZ9dFp0LSR_i_u9tkfymwclLIjcMcRvPxrnQMeaTAR8DSrxKqg4bCm6lSsuD0a6Y0nUAoIUkzkznWHcjVFsdP1EEgjN4PZNu8l37dfFeVEEcDMROGxWVLNegmIr6ykDbKxBa-AEAYAGrfmcm8mIzNaFAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAcBABMgLrAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3QL2-3Vck5yM6BFUmuke7_FT__zA%26client%3Dca-pub-6926992736598604%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
7e9b1418237b95ba1e4a8cd22dd6966da3384265585c15cc27983b26bc59be8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 06:21:34 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=538426
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3484
expires
Tue, 20 Dec 2022 11:55:22 GMT
img
pix.eu.criteo.net/img/ Frame 2CF3 		533 B
797 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FE%2FlogoLiebherr-Hydraulikbagger-GmbH-78140DE-2209301636.gif%3Feb%3D1&v=3&w=400&s=CHOzCZZNEaQ-lrqj5Ip-ErgR&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y5lrbQABPlUIu_DfAAKOjyd4EUmv-z6SKLz16Q&u=%7CuM%2FixoU45EWOo8Z%2BcKMCB3l%2B0z4XRLRf4XbFyXPcEAE%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0UEJ8w8gW49kLu82w_1JkF0eXUkR_DJS_xwsB1NFJwZQ_zWE2GS2SUxmkpSNJF6gLcsICd0Z_oFKmrVu8vwq48vl1A42x-pPwtJXkfplzkAZCc6wY_MF9ny75_bWryQUyLpV4fh14hyKUbzPl_KmVH0k1kcKKUWhUxOxn0IhexrkETfGahJFWgYHTFRXcajPaO_BQyPE7erMH5lOZ7yds7GC3qwvEPvPJ6rvIei0AAI-ulO-aNxjqr530zTWWVQWBIwTQs_PUho-M4UtAX9VnUbcvIZPwWgAAdXxZh0_dZBIOvtBhlvXLoJU9adRCpgIJrSqhkIQTzATf59GPZR7MOGJAjE3ReCXRtFORidzGC3pOj9YsvyJx6_hOScSbXg16d97eGwnkZQZo6Cq0UF1Dy9g0Pluo0RdcBRb6U5nWbvcNlS_PYNMUTWu-uvsY6pbNZ1UKPprYyo6FUTxyxGMMCXxlOMYZ13u6rWFMkJwSude0smxAKESew7N8Fi0fmS28Aj8MI87cRS7sBJlvkxxmVgqulj9IojYewXdJm_GWuGd8r2BRt88ulYKcvULr8KYdsAPnJRmHFCx&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCvvyVbWuZY9X8BN_h7_UPj52K2A3JntKxXNWdkfdwwI23ARABIABglYKAgLQHggEXY2EtcHViLTY5MjY5OTI3MzY1OTg2MDTIAQmpAmNNThsE1LE-4AIAqAMBqgSUAk_QOYMcFrjDtyWqMLVT7Cl-I-b_N-mBoEyXtwdXlvTdU1fIMMxr2wro4SJXLGh7J8feDVTIzD1p9hmZxEMsdepXSNQ1gxmb_yKOG4iwTQF_cAjsIyH19xm3pXmZTypHXgq9inARZc8iENVXt4HaW2auudoYBX2S4ZsnkxCT5-FI801P1dOpUUvrQvQBrvPe77lmS12R7r2Rd4odrq3XXlYmEKGfoCnffX0SpPQ_tUuumuZ9dFp0LSR_i_u9tkfymwclLIjcMcRvPxrnQMeaTAR8DSrxKqg4bCm6lSsuD0a6Y0nUAoIUkzkznWHcjVFsdP1EEgjN4PZNu8l37dfFeVEEcDMROGxWVLNegmIr6ykDbKxBa-AEAYAGrfmcm8mIzNaFAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAcBABMgLrAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3QL2-3Vck5yM6BFUmuke7_FT__zA%26client%3Dca-pub-6926992736598604%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
9a0eefcef60e76fb405898ec6f44620d6978ac16edda818183e207abc544a8d3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 06:21:34 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=31104000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
533
expires
Sat, 09 Dec 2023 06:21:35 GMT
img
pix.eu.criteo.net/img/ Frame 2CF3 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FG%2FlogoGoldman-Sachs-AG-MesseTurm-92271DE.gif%3Feb%3D1&v=3&w=400&s=cWZg6oc2CXdpTFAus_F8Swiq&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y5lrbQABPlUIu_DfAAKOjyd4EUmv-z6SKLz16Q&u=%7CuM%2FixoU45EWOo8Z%2BcKMCB3l%2B0z4XRLRf4XbFyXPcEAE%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0UEJ8w8gW49kLu82w_1JkF0eXUkR_DJS_xwsB1NFJwZQ_zWE2GS2SUxmkpSNJF6gLcsICd0Z_oFKmrVu8vwq48vl1A42x-pPwtJXkfplzkAZCc6wY_MF9ny75_bWryQUyLpV4fh14hyKUbzPl_KmVH0k1kcKKUWhUxOxn0IhexrkETfGahJFWgYHTFRXcajPaO_BQyPE7erMH5lOZ7yds7GC3qwvEPvPJ6rvIei0AAI-ulO-aNxjqr530zTWWVQWBIwTQs_PUho-M4UtAX9VnUbcvIZPwWgAAdXxZh0_dZBIOvtBhlvXLoJU9adRCpgIJrSqhkIQTzATf59GPZR7MOGJAjE3ReCXRtFORidzGC3pOj9YsvyJx6_hOScSbXg16d97eGwnkZQZo6Cq0UF1Dy9g0Pluo0RdcBRb6U5nWbvcNlS_PYNMUTWu-uvsY6pbNZ1UKPprYyo6FUTxyxGMMCXxlOMYZ13u6rWFMkJwSude0smxAKESew7N8Fi0fmS28Aj8MI87cRS7sBJlvkxxmVgqulj9IojYewXdJm_GWuGd8r2BRt88ulYKcvULr8KYdsAPnJRmHFCx&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCvvyVbWuZY9X8BN_h7_UPj52K2A3JntKxXNWdkfdwwI23ARABIABglYKAgLQHggEXY2EtcHViLTY5MjY5OTI3MzY1OTg2MDTIAQmpAmNNThsE1LE-4AIAqAMBqgSUAk_QOYMcFrjDtyWqMLVT7Cl-I-b_N-mBoEyXtwdXlvTdU1fIMMxr2wro4SJXLGh7J8feDVTIzD1p9hmZxEMsdepXSNQ1gxmb_yKOG4iwTQF_cAjsIyH19xm3pXmZTypHXgq9inARZc8iENVXt4HaW2auudoYBX2S4ZsnkxCT5-FI801P1dOpUUvrQvQBrvPe77lmS12R7r2Rd4odrq3XXlYmEKGfoCnffX0SpPQ_tUuumuZ9dFp0LSR_i_u9tkfymwclLIjcMcRvPxrnQMeaTAR8DSrxKqg4bCm6lSsuD0a6Y0nUAoIUkzkznWHcjVFsdP1EEgjN4PZNu8l37dfFeVEEcDMROGxWVLNegmIr6ykDbKxBa-AEAYAGrfmcm8mIzNaFAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAcBABMgLrAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3QL2-3Vck5yM6BFUmuke7_FT__zA%26client%3Dca-pub-6926992736598604%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
90e728f69e2b018245a4726c0f499e56e5a5f71330c07b0978596fb1bf45a831
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 06:21:34 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=2011572
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
2328
expires
Fri, 06 Jan 2023 13:07:48 GMT
img
pix.eu.criteo.net/img/ Frame 2CF3 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FB%2FlogoBundesamt-fur-Bevolkerungsschutz-und-Katastrophenhilfe-BBK-204336DE.gif%3Feb%3D1&v=3&w=400&s=-wSShqFQONmuEMruq6JdMLd1&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y5lrbQABPlUIu_DfAAKOjyd4EUmv-z6SKLz16Q&u=%7CuM%2FixoU45EWOo8Z%2BcKMCB3l%2B0z4XRLRf4XbFyXPcEAE%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0UEJ8w8gW49kLu82w_1JkF0eXUkR_DJS_xwsB1NFJwZQ_zWE2GS2SUxmkpSNJF6gLcsICd0Z_oFKmrVu8vwq48vl1A42x-pPwtJXkfplzkAZCc6wY_MF9ny75_bWryQUyLpV4fh14hyKUbzPl_KmVH0k1kcKKUWhUxOxn0IhexrkETfGahJFWgYHTFRXcajPaO_BQyPE7erMH5lOZ7yds7GC3qwvEPvPJ6rvIei0AAI-ulO-aNxjqr530zTWWVQWBIwTQs_PUho-M4UtAX9VnUbcvIZPwWgAAdXxZh0_dZBIOvtBhlvXLoJU9adRCpgIJrSqhkIQTzATf59GPZR7MOGJAjE3ReCXRtFORidzGC3pOj9YsvyJx6_hOScSbXg16d97eGwnkZQZo6Cq0UF1Dy9g0Pluo0RdcBRb6U5nWbvcNlS_PYNMUTWu-uvsY6pbNZ1UKPprYyo6FUTxyxGMMCXxlOMYZ13u6rWFMkJwSude0smxAKESew7N8Fi0fmS28Aj8MI87cRS7sBJlvkxxmVgqulj9IojYewXdJm_GWuGd8r2BRt88ulYKcvULr8KYdsAPnJRmHFCx&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCvvyVbWuZY9X8BN_h7_UPj52K2A3JntKxXNWdkfdwwI23ARABIABglYKAgLQHggEXY2EtcHViLTY5MjY5OTI3MzY1OTg2MDTIAQmpAmNNThsE1LE-4AIAqAMBqgSUAk_QOYMcFrjDtyWqMLVT7Cl-I-b_N-mBoEyXtwdXlvTdU1fIMMxr2wro4SJXLGh7J8feDVTIzD1p9hmZxEMsdepXSNQ1gxmb_yKOG4iwTQF_cAjsIyH19xm3pXmZTypHXgq9inARZc8iENVXt4HaW2auudoYBX2S4ZsnkxCT5-FI801P1dOpUUvrQvQBrvPe77lmS12R7r2Rd4odrq3XXlYmEKGfoCnffX0SpPQ_tUuumuZ9dFp0LSR_i_u9tkfymwclLIjcMcRvPxrnQMeaTAR8DSrxKqg4bCm6lSsuD0a6Y0nUAoIUkzkznWHcjVFsdP1EEgjN4PZNu8l37dfFeVEEcDMROGxWVLNegmIr6ykDbKxBa-AEAYAGrfmcm8mIzNaFAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAcBABMgLrAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3QL2-3Vck5yM6BFUmuke7_FT__zA%26client%3Dca-pub-6926992736598604%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
15d3c3958b58b92c485db6e5265536e0a7f364948edb90a62ca5e5ab20e0403f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 06:21:34 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=1149427
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
2302
expires
Tue, 27 Dec 2022 13:38:42 GMT
img
pix.eu.criteo.net/img/ Frame 2CF3 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F5%2FlogoNetflix-Services-Germany-GmbH-293357DE-2203091401.gif%3Feb%3D1&v=3&w=400&s=IwhbrHLQ0MZnAp1QnJAuyQiu&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y5lrbQABPlUIu_DfAAKOjyd4EUmv-z6SKLz16Q&u=%7CuM%2FixoU45EWOo8Z%2BcKMCB3l%2B0z4XRLRf4XbFyXPcEAE%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0UEJ8w8gW49kLu82w_1JkF0eXUkR_DJS_xwsB1NFJwZQ_zWE2GS2SUxmkpSNJF6gLcsICd0Z_oFKmrVu8vwq48vl1A42x-pPwtJXkfplzkAZCc6wY_MF9ny75_bWryQUyLpV4fh14hyKUbzPl_KmVH0k1kcKKUWhUxOxn0IhexrkETfGahJFWgYHTFRXcajPaO_BQyPE7erMH5lOZ7yds7GC3qwvEPvPJ6rvIei0AAI-ulO-aNxjqr530zTWWVQWBIwTQs_PUho-M4UtAX9VnUbcvIZPwWgAAdXxZh0_dZBIOvtBhlvXLoJU9adRCpgIJrSqhkIQTzATf59GPZR7MOGJAjE3ReCXRtFORidzGC3pOj9YsvyJx6_hOScSbXg16d97eGwnkZQZo6Cq0UF1Dy9g0Pluo0RdcBRb6U5nWbvcNlS_PYNMUTWu-uvsY6pbNZ1UKPprYyo6FUTxyxGMMCXxlOMYZ13u6rWFMkJwSude0smxAKESew7N8Fi0fmS28Aj8MI87cRS7sBJlvkxxmVgqulj9IojYewXdJm_GWuGd8r2BRt88ulYKcvULr8KYdsAPnJRmHFCx&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCvvyVbWuZY9X8BN_h7_UPj52K2A3JntKxXNWdkfdwwI23ARABIABglYKAgLQHggEXY2EtcHViLTY5MjY5OTI3MzY1OTg2MDTIAQmpAmNNThsE1LE-4AIAqAMBqgSUAk_QOYMcFrjDtyWqMLVT7Cl-I-b_N-mBoEyXtwdXlvTdU1fIMMxr2wro4SJXLGh7J8feDVTIzD1p9hmZxEMsdepXSNQ1gxmb_yKOG4iwTQF_cAjsIyH19xm3pXmZTypHXgq9inARZc8iENVXt4HaW2auudoYBX2S4ZsnkxCT5-FI801P1dOpUUvrQvQBrvPe77lmS12R7r2Rd4odrq3XXlYmEKGfoCnffX0SpPQ_tUuumuZ9dFp0LSR_i_u9tkfymwclLIjcMcRvPxrnQMeaTAR8DSrxKqg4bCm6lSsuD0a6Y0nUAoIUkzkznWHcjVFsdP1EEgjN4PZNu8l37dfFeVEEcDMROGxWVLNegmIr6ykDbKxBa-AEAYAGrfmcm8mIzNaFAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAcBABMgLrAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3QL2-3Vck5yM6BFUmuke7_FT__zA%26client%3Dca-pub-6926992736598604%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
81809aa166a76dd99939edd3df52a70720e5ee9b65fefe1de4b32500e324e763
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 06:21:34 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=2516475
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
2538
expires
Thu, 12 Jan 2023 09:22:51 GMT
img
pix.eu.criteo.net/img/ Frame 2CF3 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?h=176&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F2861%2F190124%2F8d6bc06124f044d4973e0db21c495799_logo.png&v=3&w=256&s=Ztz4HcK_1CUe8izFWU-TMUXT
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y5lrbQABPlUIu_DfAAKOjyd4EUmv-z6SKLz16Q&u=%7CuM%2FixoU45EWOo8Z%2BcKMCB3l%2B0z4XRLRf4XbFyXPcEAE%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0UEJ8w8gW49kLu82w_1JkF0eXUkR_DJS_xwsB1NFJwZQ_zWE2GS2SUxmkpSNJF6gLcsICd0Z_oFKmrVu8vwq48vl1A42x-pPwtJXkfplzkAZCc6wY_MF9ny75_bWryQUyLpV4fh14hyKUbzPl_KmVH0k1kcKKUWhUxOxn0IhexrkETfGahJFWgYHTFRXcajPaO_BQyPE7erMH5lOZ7yds7GC3qwvEPvPJ6rvIei0AAI-ulO-aNxjqr530zTWWVQWBIwTQs_PUho-M4UtAX9VnUbcvIZPwWgAAdXxZh0_dZBIOvtBhlvXLoJU9adRCpgIJrSqhkIQTzATf59GPZR7MOGJAjE3ReCXRtFORidzGC3pOj9YsvyJx6_hOScSbXg16d97eGwnkZQZo6Cq0UF1Dy9g0Pluo0RdcBRb6U5nWbvcNlS_PYNMUTWu-uvsY6pbNZ1UKPprYyo6FUTxyxGMMCXxlOMYZ13u6rWFMkJwSude0smxAKESew7N8Fi0fmS28Aj8MI87cRS7sBJlvkxxmVgqulj9IojYewXdJm_GWuGd8r2BRt88ulYKcvULr8KYdsAPnJRmHFCx&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCvvyVbWuZY9X8BN_h7_UPj52K2A3JntKxXNWdkfdwwI23ARABIABglYKAgLQHggEXY2EtcHViLTY5MjY5OTI3MzY1OTg2MDTIAQmpAmNNThsE1LE-4AIAqAMBqgSUAk_QOYMcFrjDtyWqMLVT7Cl-I-b_N-mBoEyXtwdXlvTdU1fIMMxr2wro4SJXLGh7J8feDVTIzD1p9hmZxEMsdepXSNQ1gxmb_yKOG4iwTQF_cAjsIyH19xm3pXmZTypHXgq9inARZc8iENVXt4HaW2auudoYBX2S4ZsnkxCT5-FI801P1dOpUUvrQvQBrvPe77lmS12R7r2Rd4odrq3XXlYmEKGfoCnffX0SpPQ_tUuumuZ9dFp0LSR_i_u9tkfymwclLIjcMcRvPxrnQMeaTAR8DSrxKqg4bCm6lSsuD0a6Y0nUAoIUkzkznWHcjVFsdP1EEgjN4PZNu8l37dfFeVEEcDMROGxWVLNegmIr6ykDbKxBa-AEAYAGrfmcm8mIzNaFAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAcBABMgLrAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3QL2-3Vck5yM6BFUmuke7_FT__zA%26client%3Dca-pub-6926992736598604%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
2a29e79bd75cc83eade181c4acc1c198786539997766b648bc21ed5aa7698408
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 06:21:34 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=29716998
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
7142
expires
Thu, 23 Nov 2023 05:04:53 GMT
img
pix.eu.criteo.net/img/ Frame 2CF3 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F7%2FlogoPwC-2965DE.gif%3Feb%3D1&v=3&w=400&s=ZjkQ5I-56oZpupDblCrnY27-&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y5lrbQABPlUIu_DfAAKOjyd4EUmv-z6SKLz16Q&u=%7CuM%2FixoU45EWOo8Z%2BcKMCB3l%2B0z4XRLRf4XbFyXPcEAE%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0UEJ8w8gW49kLu82w_1JkF0eXUkR_DJS_xwsB1NFJwZQ_zWE2GS2SUxmkpSNJF6gLcsICd0Z_oFKmrVu8vwq48vl1A42x-pPwtJXkfplzkAZCc6wY_MF9ny75_bWryQUyLpV4fh14hyKUbzPl_KmVH0k1kcKKUWhUxOxn0IhexrkETfGahJFWgYHTFRXcajPaO_BQyPE7erMH5lOZ7yds7GC3qwvEPvPJ6rvIei0AAI-ulO-aNxjqr530zTWWVQWBIwTQs_PUho-M4UtAX9VnUbcvIZPwWgAAdXxZh0_dZBIOvtBhlvXLoJU9adRCpgIJrSqhkIQTzATf59GPZR7MOGJAjE3ReCXRtFORidzGC3pOj9YsvyJx6_hOScSbXg16d97eGwnkZQZo6Cq0UF1Dy9g0Pluo0RdcBRb6U5nWbvcNlS_PYNMUTWu-uvsY6pbNZ1UKPprYyo6FUTxyxGMMCXxlOMYZ13u6rWFMkJwSude0smxAKESew7N8Fi0fmS28Aj8MI87cRS7sBJlvkxxmVgqulj9IojYewXdJm_GWuGd8r2BRt88ulYKcvULr8KYdsAPnJRmHFCx&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCvvyVbWuZY9X8BN_h7_UPj52K2A3JntKxXNWdkfdwwI23ARABIABglYKAgLQHggEXY2EtcHViLTY5MjY5OTI3MzY1OTg2MDTIAQmpAmNNThsE1LE-4AIAqAMBqgSUAk_QOYMcFrjDtyWqMLVT7Cl-I-b_N-mBoEyXtwdXlvTdU1fIMMxr2wro4SJXLGh7J8feDVTIzD1p9hmZxEMsdepXSNQ1gxmb_yKOG4iwTQF_cAjsIyH19xm3pXmZTypHXgq9inARZc8iENVXt4HaW2auudoYBX2S4ZsnkxCT5-FI801P1dOpUUvrQvQBrvPe77lmS12R7r2Rd4odrq3XXlYmEKGfoCnffX0SpPQ_tUuumuZ9dFp0LSR_i_u9tkfymwclLIjcMcRvPxrnQMeaTAR8DSrxKqg4bCm6lSsuD0a6Y0nUAoIUkzkznWHcjVFsdP1EEgjN4PZNu8l37dfFeVEEcDMROGxWVLNegmIr6ykDbKxBa-AEAYAGrfmcm8mIzNaFAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAcBABMgLrAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3QL2-3Vck5yM6BFUmuke7_FT__zA%26client%3Dca-pub-6926992736598604%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
a9c3152b1f921defaf879a7f6514623aa21e0656a12f143b20cde6648ff5036c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 06:21:34 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=31104000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
1226
expires
Sat, 09 Dec 2023 06:21:35 GMT
img
pix.eu.criteo.net/img/ Frame 2CF3 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F6%2FlogoBosch-Gruppe-2804DE-1909091413.gif%3Feb%3D1&v=3&w=400&s=mpSaavc37cTAcDERDSmhZdBJ&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y5lrbQABPlUIu_DfAAKOjyd4EUmv-z6SKLz16Q&u=%7CuM%2FixoU45EWOo8Z%2BcKMCB3l%2B0z4XRLRf4XbFyXPcEAE%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0UEJ8w8gW49kLu82w_1JkF0eXUkR_DJS_xwsB1NFJwZQ_zWE2GS2SUxmkpSNJF6gLcsICd0Z_oFKmrVu8vwq48vl1A42x-pPwtJXkfplzkAZCc6wY_MF9ny75_bWryQUyLpV4fh14hyKUbzPl_KmVH0k1kcKKUWhUxOxn0IhexrkETfGahJFWgYHTFRXcajPaO_BQyPE7erMH5lOZ7yds7GC3qwvEPvPJ6rvIei0AAI-ulO-aNxjqr530zTWWVQWBIwTQs_PUho-M4UtAX9VnUbcvIZPwWgAAdXxZh0_dZBIOvtBhlvXLoJU9adRCpgIJrSqhkIQTzATf59GPZR7MOGJAjE3ReCXRtFORidzGC3pOj9YsvyJx6_hOScSbXg16d97eGwnkZQZo6Cq0UF1Dy9g0Pluo0RdcBRb6U5nWbvcNlS_PYNMUTWu-uvsY6pbNZ1UKPprYyo6FUTxyxGMMCXxlOMYZ13u6rWFMkJwSude0smxAKESew7N8Fi0fmS28Aj8MI87cRS7sBJlvkxxmVgqulj9IojYewXdJm_GWuGd8r2BRt88ulYKcvULr8KYdsAPnJRmHFCx&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCvvyVbWuZY9X8BN_h7_UPj52K2A3JntKxXNWdkfdwwI23ARABIABglYKAgLQHggEXY2EtcHViLTY5MjY5OTI3MzY1OTg2MDTIAQmpAmNNThsE1LE-4AIAqAMBqgSUAk_QOYMcFrjDtyWqMLVT7Cl-I-b_N-mBoEyXtwdXlvTdU1fIMMxr2wro4SJXLGh7J8feDVTIzD1p9hmZxEMsdepXSNQ1gxmb_yKOG4iwTQF_cAjsIyH19xm3pXmZTypHXgq9inARZc8iENVXt4HaW2auudoYBX2S4ZsnkxCT5-FI801P1dOpUUvrQvQBrvPe77lmS12R7r2Rd4odrq3XXlYmEKGfoCnffX0SpPQ_tUuumuZ9dFp0LSR_i_u9tkfymwclLIjcMcRvPxrnQMeaTAR8DSrxKqg4bCm6lSsuD0a6Y0nUAoIUkzkznWHcjVFsdP1EEgjN4PZNu8l37dfFeVEEcDMROGxWVLNegmIr6ykDbKxBa-AEAYAGrfmcm8mIzNaFAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAcBABMgLrAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3QL2-3Vck5yM6BFUmuke7_FT__zA%26client%3Dca-pub-6926992736598604%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
490319aff00a55cfc00d9e24f71f39fc0801858055c62c07bec8fabf2f6e24ff
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 06:21:34 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=1741535
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
1584
expires
Tue, 03 Jan 2023 10:07:10 GMT
img
pix.eu.criteo.net/img/ Frame 2CF3 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FT%2Flogotesa-SE-73709DE.gif%3Feb%3D1&v=3&w=400&s=x_XrGTJUeLDq-9DOX_IUad__&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y5lrbQABPlUIu_DfAAKOjyd4EUmv-z6SKLz16Q&u=%7CuM%2FixoU45EWOo8Z%2BcKMCB3l%2B0z4XRLRf4XbFyXPcEAE%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0UEJ8w8gW49kLu82w_1JkF0eXUkR_DJS_xwsB1NFJwZQ_zWE2GS2SUxmkpSNJF6gLcsICd0Z_oFKmrVu8vwq48vl1A42x-pPwtJXkfplzkAZCc6wY_MF9ny75_bWryQUyLpV4fh14hyKUbzPl_KmVH0k1kcKKUWhUxOxn0IhexrkETfGahJFWgYHTFRXcajPaO_BQyPE7erMH5lOZ7yds7GC3qwvEPvPJ6rvIei0AAI-ulO-aNxjqr530zTWWVQWBIwTQs_PUho-M4UtAX9VnUbcvIZPwWgAAdXxZh0_dZBIOvtBhlvXLoJU9adRCpgIJrSqhkIQTzATf59GPZR7MOGJAjE3ReCXRtFORidzGC3pOj9YsvyJx6_hOScSbXg16d97eGwnkZQZo6Cq0UF1Dy9g0Pluo0RdcBRb6U5nWbvcNlS_PYNMUTWu-uvsY6pbNZ1UKPprYyo6FUTxyxGMMCXxlOMYZ13u6rWFMkJwSude0smxAKESew7N8Fi0fmS28Aj8MI87cRS7sBJlvkxxmVgqulj9IojYewXdJm_GWuGd8r2BRt88ulYKcvULr8KYdsAPnJRmHFCx&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCvvyVbWuZY9X8BN_h7_UPj52K2A3JntKxXNWdkfdwwI23ARABIABglYKAgLQHggEXY2EtcHViLTY5MjY5OTI3MzY1OTg2MDTIAQmpAmNNThsE1LE-4AIAqAMBqgSUAk_QOYMcFrjDtyWqMLVT7Cl-I-b_N-mBoEyXtwdXlvTdU1fIMMxr2wro4SJXLGh7J8feDVTIzD1p9hmZxEMsdepXSNQ1gxmb_yKOG4iwTQF_cAjsIyH19xm3pXmZTypHXgq9inARZc8iENVXt4HaW2auudoYBX2S4ZsnkxCT5-FI801P1dOpUUvrQvQBrvPe77lmS12R7r2Rd4odrq3XXlYmEKGfoCnffX0SpPQ_tUuumuZ9dFp0LSR_i_u9tkfymwclLIjcMcRvPxrnQMeaTAR8DSrxKqg4bCm6lSsuD0a6Y0nUAoIUkzkznWHcjVFsdP1EEgjN4PZNu8l37dfFeVEEcDMROGxWVLNegmIr6ykDbKxBa-AEAYAGrfmcm8mIzNaFAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAcBABMgLrAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3QL2-3Vck5yM6BFUmuke7_FT__zA%26client%3Dca-pub-6926992736598604%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
1c4fe0cc424c39e9c4797b25e8a4fda45cf96ca81c0c5d799144e21fba76a477
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 06:21:34 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=1910
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
1982
expires
Wed, 14 Dec 2022 06:53:25 GMT
img
pix.eu.criteo.net/img/ Frame 2CF3 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FC%2FlogoContinental-AG-3975DE.gif%3Feb%3D1&v=3&w=400&s=_XVntmA_FFaUyXQJ0Q25h1YS&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y5lrbQABPlUIu_DfAAKOjyd4EUmv-z6SKLz16Q&u=%7CuM%2FixoU45EWOo8Z%2BcKMCB3l%2B0z4XRLRf4XbFyXPcEAE%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0UEJ8w8gW49kLu82w_1JkF0eXUkR_DJS_xwsB1NFJwZQ_zWE2GS2SUxmkpSNJF6gLcsICd0Z_oFKmrVu8vwq48vl1A42x-pPwtJXkfplzkAZCc6wY_MF9ny75_bWryQUyLpV4fh14hyKUbzPl_KmVH0k1kcKKUWhUxOxn0IhexrkETfGahJFWgYHTFRXcajPaO_BQyPE7erMH5lOZ7yds7GC3qwvEPvPJ6rvIei0AAI-ulO-aNxjqr530zTWWVQWBIwTQs_PUho-M4UtAX9VnUbcvIZPwWgAAdXxZh0_dZBIOvtBhlvXLoJU9adRCpgIJrSqhkIQTzATf59GPZR7MOGJAjE3ReCXRtFORidzGC3pOj9YsvyJx6_hOScSbXg16d97eGwnkZQZo6Cq0UF1Dy9g0Pluo0RdcBRb6U5nWbvcNlS_PYNMUTWu-uvsY6pbNZ1UKPprYyo6FUTxyxGMMCXxlOMYZ13u6rWFMkJwSude0smxAKESew7N8Fi0fmS28Aj8MI87cRS7sBJlvkxxmVgqulj9IojYewXdJm_GWuGd8r2BRt88ulYKcvULr8KYdsAPnJRmHFCx&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCvvyVbWuZY9X8BN_h7_UPj52K2A3JntKxXNWdkfdwwI23ARABIABglYKAgLQHggEXY2EtcHViLTY5MjY5OTI3MzY1OTg2MDTIAQmpAmNNThsE1LE-4AIAqAMBqgSUAk_QOYMcFrjDtyWqMLVT7Cl-I-b_N-mBoEyXtwdXlvTdU1fIMMxr2wro4SJXLGh7J8feDVTIzD1p9hmZxEMsdepXSNQ1gxmb_yKOG4iwTQF_cAjsIyH19xm3pXmZTypHXgq9inARZc8iENVXt4HaW2auudoYBX2S4ZsnkxCT5-FI801P1dOpUUvrQvQBrvPe77lmS12R7r2Rd4odrq3XXlYmEKGfoCnffX0SpPQ_tUuumuZ9dFp0LSR_i_u9tkfymwclLIjcMcRvPxrnQMeaTAR8DSrxKqg4bCm6lSsuD0a6Y0nUAoIUkzkznWHcjVFsdP1EEgjN4PZNu8l37dfFeVEEcDMROGxWVLNegmIr6ykDbKxBa-AEAYAGrfmcm8mIzNaFAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAcBABMgLrAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3QL2-3Vck5yM6BFUmuke7_FT__zA%26client%3Dca-pub-6926992736598604%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e070c65fa6115515c6dd68f600a8bbc9ff1271d9d8b235c48723942efc67c3e0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 06:21:34 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=2141827
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
1274
expires
Sun, 08 Jan 2023 01:18:42 GMT
all
csm.eu.criteo.net/ Frame 2CF3 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=RxHizlp1F0qITor-sHLxL9XVkiI0WKD1Fmf_R13bS-b9vQJFn3q_gl6XVouFBJLJNpDoh00L0Uc4AMljaCoanxC161VJIyrtvkV1e03iWLJVCVYC_zrW0BoHU30TyByi0refqlqj_Y1MdiLaOODlLPe-_KFs3L1SpmPRlzG-58ZH_wf92PqIcWH8e6CGM99LEzFYBZFdz2Rtye7F5OpYGyFddL0wmkm_agSQSet8_5nnKGQsSXgtGV-P0o8cHd_u-VtqFg&sds=2&rev=83933&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y5lrbQABPlUIu_DfAAKOjyd4EUmv-z6SKLz16Q&u=%7CuM%2FixoU45EWOo8Z%2BcKMCB3l%2B0z4XRLRf4XbFyXPcEAE%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0UEJ8w8gW49kLu82w_1JkF0eXUkR_DJS_xwsB1NFJwZQ_zWE2GS2SUxmkpSNJF6gLcsICd0Z_oFKmrVu8vwq48vl1A42x-pPwtJXkfplzkAZCc6wY_MF9ny75_bWryQUyLpV4fh14hyKUbzPl_KmVH0k1kcKKUWhUxOxn0IhexrkETfGahJFWgYHTFRXcajPaO_BQyPE7erMH5lOZ7yds7GC3qwvEPvPJ6rvIei0AAI-ulO-aNxjqr530zTWWVQWBIwTQs_PUho-M4UtAX9VnUbcvIZPwWgAAdXxZh0_dZBIOvtBhlvXLoJU9adRCpgIJrSqhkIQTzATf59GPZR7MOGJAjE3ReCXRtFORidzGC3pOj9YsvyJx6_hOScSbXg16d97eGwnkZQZo6Cq0UF1Dy9g0Pluo0RdcBRb6U5nWbvcNlS_PYNMUTWu-uvsY6pbNZ1UKPprYyo6FUTxyxGMMCXxlOMYZ13u6rWFMkJwSude0smxAKESew7N8Fi0fmS28Aj8MI87cRS7sBJlvkxxmVgqulj9IojYewXdJm_GWuGd8r2BRt88ulYKcvULr8KYdsAPnJRmHFCx&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCvvyVbWuZY9X8BN_h7_UPj52K2A3JntKxXNWdkfdwwI23ARABIABglYKAgLQHggEXY2EtcHViLTY5MjY5OTI3MzY1OTg2MDTIAQmpAmNNThsE1LE-4AIAqAMBqgSUAk_QOYMcFrjDtyWqMLVT7Cl-I-b_N-mBoEyXtwdXlvTdU1fIMMxr2wro4SJXLGh7J8feDVTIzD1p9hmZxEMsdepXSNQ1gxmb_yKOG4iwTQF_cAjsIyH19xm3pXmZTypHXgq9inARZc8iENVXt4HaW2auudoYBX2S4ZsnkxCT5-FI801P1dOpUUvrQvQBrvPe77lmS12R7r2Rd4odrq3XXlYmEKGfoCnffX0SpPQ_tUuumuZ9dFp0LSR_i_u9tkfymwclLIjcMcRvPxrnQMeaTAR8DSrxKqg4bCm6lSsuD0a6Y0nUAoIUkzkznWHcjVFsdP1EEgjN4PZNu8l37dfFeVEEcDMROGxWVLNegmIr6ykDbKxBa-AEAYAGrfmcm8mIzNaFAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAcBABMgLrAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3QL2-3Vck5yM6BFUmuke7_FT__zA%26client%3Dca-pub-6926992736598604%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::21 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Wed, 14 Dec 2022 06:21:34 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 2CF3 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y5lrbQABPlUIu_DfAAKOjyd4EUmv-z6SKLz16Q&u=%7CuM%2FixoU45EWOo8Z%2BcKMCB3l%2B0z4XRLRf4XbFyXPcEAE%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0UEJ8w8gW49kLu82w_1JkF0eXUkR_DJS_xwsB1NFJwZQ_zWE2GS2SUxmkpSNJF6gLcsICd0Z_oFKmrVu8vwq48vl1A42x-pPwtJXkfplzkAZCc6wY_MF9ny75_bWryQUyLpV4fh14hyKUbzPl_KmVH0k1kcKKUWhUxOxn0IhexrkETfGahJFWgYHTFRXcajPaO_BQyPE7erMH5lOZ7yds7GC3qwvEPvPJ6rvIei0AAI-ulO-aNxjqr530zTWWVQWBIwTQs_PUho-M4UtAX9VnUbcvIZPwWgAAdXxZh0_dZBIOvtBhlvXLoJU9adRCpgIJrSqhkIQTzATf59GPZR7MOGJAjE3ReCXRtFORidzGC3pOj9YsvyJx6_hOScSbXg16d97eGwnkZQZo6Cq0UF1Dy9g0Pluo0RdcBRb6U5nWbvcNlS_PYNMUTWu-uvsY6pbNZ1UKPprYyo6FUTxyxGMMCXxlOMYZ13u6rWFMkJwSude0smxAKESew7N8Fi0fmS28Aj8MI87cRS7sBJlvkxxmVgqulj9IojYewXdJm_GWuGd8r2BRt88ulYKcvULr8KYdsAPnJRmHFCx&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCvvyVbWuZY9X8BN_h7_UPj52K2A3JntKxXNWdkfdwwI23ARABIABglYKAgLQHggEXY2EtcHViLTY5MjY5OTI3MzY1OTg2MDTIAQmpAmNNThsE1LE-4AIAqAMBqgSUAk_QOYMcFrjDtyWqMLVT7Cl-I-b_N-mBoEyXtwdXlvTdU1fIMMxr2wro4SJXLGh7J8feDVTIzD1p9hmZxEMsdepXSNQ1gxmb_yKOG4iwTQF_cAjsIyH19xm3pXmZTypHXgq9inARZc8iENVXt4HaW2auudoYBX2S4ZsnkxCT5-FI801P1dOpUUvrQvQBrvPe77lmS12R7r2Rd4odrq3XXlYmEKGfoCnffX0SpPQ_tUuumuZ9dFp0LSR_i_u9tkfymwclLIjcMcRvPxrnQMeaTAR8DSrxKqg4bCm6lSsuD0a6Y0nUAoIUkzkznWHcjVFsdP1EEgjN4PZNu8l37dfFeVEEcDMROGxWVLNegmIr6ykDbKxBa-AEAYAGrfmcm8mIzNaFAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAcBABMgLrAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3QL2-3Vck5yM6BFUmuke7_FT__zA%26client%3Dca-pub-6926992736598604%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 06:21:35 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 09 Dec 2023 06:21:35 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame 2CF3 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y5lrbQABPlUIu_DfAAKOjyd4EUmv-z6SKLz16Q&u=%7CuM%2FixoU45EWOo8Z%2BcKMCB3l%2B0z4XRLRf4XbFyXPcEAE%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0UEJ8w8gW49kLu82w_1JkF0eXUkR_DJS_xwsB1NFJwZQ_zWE2GS2SUxmkpSNJF6gLcsICd0Z_oFKmrVu8vwq48vl1A42x-pPwtJXkfplzkAZCc6wY_MF9ny75_bWryQUyLpV4fh14hyKUbzPl_KmVH0k1kcKKUWhUxOxn0IhexrkETfGahJFWgYHTFRXcajPaO_BQyPE7erMH5lOZ7yds7GC3qwvEPvPJ6rvIei0AAI-ulO-aNxjqr530zTWWVQWBIwTQs_PUho-M4UtAX9VnUbcvIZPwWgAAdXxZh0_dZBIOvtBhlvXLoJU9adRCpgIJrSqhkIQTzATf59GPZR7MOGJAjE3ReCXRtFORidzGC3pOj9YsvyJx6_hOScSbXg16d97eGwnkZQZo6Cq0UF1Dy9g0Pluo0RdcBRb6U5nWbvcNlS_PYNMUTWu-uvsY6pbNZ1UKPprYyo6FUTxyxGMMCXxlOMYZ13u6rWFMkJwSude0smxAKESew7N8Fi0fmS28Aj8MI87cRS7sBJlvkxxmVgqulj9IojYewXdJm_GWuGd8r2BRt88ulYKcvULr8KYdsAPnJRmHFCx&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCvvyVbWuZY9X8BN_h7_UPj52K2A3JntKxXNWdkfdwwI23ARABIABglYKAgLQHggEXY2EtcHViLTY5MjY5OTI3MzY1OTg2MDTIAQmpAmNNThsE1LE-4AIAqAMBqgSUAk_QOYMcFrjDtyWqMLVT7Cl-I-b_N-mBoEyXtwdXlvTdU1fIMMxr2wro4SJXLGh7J8feDVTIzD1p9hmZxEMsdepXSNQ1gxmb_yKOG4iwTQF_cAjsIyH19xm3pXmZTypHXgq9inARZc8iENVXt4HaW2auudoYBX2S4ZsnkxCT5-FI801P1dOpUUvrQvQBrvPe77lmS12R7r2Rd4odrq3XXlYmEKGfoCnffX0SpPQ_tUuumuZ9dFp0LSR_i_u9tkfymwclLIjcMcRvPxrnQMeaTAR8DSrxKqg4bCm6lSsuD0a6Y0nUAoIUkzkznWHcjVFsdP1EEgjN4PZNu8l37dfFeVEEcDMROGxWVLNegmIr6ykDbKxBa-AEAYAGrfmcm8mIzNaFAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAcBABMgLrAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3QL2-3Vck5yM6BFUmuke7_FT__zA%26client%3Dca-pub-6926992736598604%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 06:21:35 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 09 Dec 2023 06:21:35 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 9124 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://b8e0ce453c4825c070d42c0107d46d94.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 08 Dec 2022 11:59:40 GMT
x-content-type-options
nosniff
age
498115
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15920
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 08 Dec 2023 11:59:40 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 2610 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://b8e0ce453c4825c070d42c0107d46d94.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 08 Dec 2022 11:59:40 GMT
x-content-type-options
nosniff
age
498115
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15920
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 08 Dec 2023 11:59:40 GMT
img
pix.eu.criteo.net/img/ Frame C33D 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F5%2FlogoNetflix-Services-Germany-GmbH-293357DE-2203091401.gif%3Feb%3D1&v=3&w=400&s=IwhbrHLQ0MZnAp1QnJAuyQiu&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y5lrbQABPlkIu_DfAAKOj0AL24kZp1HPQOnCiA&u=%7CuM%2FixoU45EWLmTovdEX1WdbR2CRNns7nlr50wPdyMZI%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0UEJ8w8gW49kLu82w_1JkF0eXUkR_DJS_xwsB1NFJwZQtYbq4157A19pZsVWGgarYKvoI_1_v7YmNPxqbNo_oztDVFaBl1X1RWZeB76VrMjmQirk4BxZhx4JOH1fsmAp6Fn17F5cQlU5JmJtUIGH-RXRmKMxpWTdIyG0OelipQe7MV-G95PKfSdvPLDlaoDfLRuJSFhe1xJb9cgBc7KpN65YSSZFzRutxcKHwYgoP-yTkPEPG6rivXksUcarhB52DNzqqhX_JJv5vByWNRLwWx9dLjC8_zjINmR5mKE0Unw5FhdiOWVqecBtgm9MHejRcl1UDTGIonHHCXG-t82YVQqcXlOMNznjri8gggJ0j7E4HsxR7Yo3GyJQXd90q5xvXWzCQDfPyxhLImT-R5ElkmrR7HptetsTK6CLIGPQH1fPPN8lCoG_gx3o9q8k8WZnNTxJ4pEfjKjUON3-Sgpzdd8OsUgOabE00no9VZgWdvrNx5TZ-rGFXDP82Mtt2YYYHERdVLVL1bGedKeKvh8oGQncTRV-H1hXvw3oJPgb15IsvdGBVZR1vP9z7DzTee1Oj_EqwoxZ0Oon&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCDFuWbWuZY9n8BN_h7_UPj52K2A3JntKxXNWdkfdwwI23ARABIABglYKAgLQHggEXY2EtcHViLTY5MjY5OTI3MzY1OTg2MDTIAQmpAmNNThsE1LE-4AIAqAMBqgSVAk_QzEe1HXW76UlfbkYrtU_ATJ4Z3M-1V7mT6MMEs2cjlIRY_xvdp4qApEvBs210y1FeNKzghWMSOfGKIdpEOFLDEPd7YvQE-yZyFO3MOy6BnUxvc4Crk_97ZkUqL3T1quHGYuY7-zXM00Pym_0gSgixbZRnz3AbmWlgArGPVt_B9oiJZY0SqImQrYSGaEjpuEHm9F8A652BmMydxkBo7HxQ4uld76RC0Po3s6xsdgHR_lJZWDSKH64fvykDqU2chdQl73MZy-6PhpATl0RoJjB34fe9hqIZOSH5XnwwBvQ-HpjJfxnrkGfQNb6b-gLWPyrVZEBfiipxqMYCDggcscbwVsviSSELZS8T9NuwFiNfTxLCY_jgBAGABq35nJvJiMzWhQGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgHAQATIC6wI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1GCghKHKJnenMGqEudnpMBOnFbbA%26client%3Dca-pub-6926992736598604%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
81809aa166a76dd99939edd3df52a70720e5ee9b65fefe1de4b32500e324e763
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 06:21:34 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=2516475
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
2538
expires
Thu, 12 Jan 2023 09:22:51 GMT
ad
v.lkqd.net/ Frame B464 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=1169236&formats=true&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=https%3A%2F%2Fwww.the-star.co.ke%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C63457%2C1%2C&c4=true&c5=&c6=63457&c10=&c11=true&c12=&c13=true&c14=&c15=true&c16=&c17=true&rnd=7177638&m=
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.137 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
f081381a3487cb253565ad7e1a12d23a5f8f5a952d21c389356b5af25a00ce8e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 06:21:35 GMT
content-encoding
gzip
server
nginx
content-type
application/xml; charset=UTF-8
access-control-allow-origin
https://www.the-star.co.ke
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
1403
img
pix.eu.criteo.net/img/ Frame 2CF3 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F5%2FlogoNetflix-Services-Germany-GmbH-293357DE-2203091401.gif%3Feb%3D1&v=3&w=400&s=IwhbrHLQ0MZnAp1QnJAuyQiu&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y5lrbQABPlUIu_DfAAKOjyd4EUmv-z6SKLz16Q&u=%7CuM%2FixoU45EWOo8Z%2BcKMCB3l%2B0z4XRLRf4XbFyXPcEAE%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0UEJ8w8gW49kLu82w_1JkF0eXUkR_DJS_xwsB1NFJwZQ_zWE2GS2SUxmkpSNJF6gLcsICd0Z_oFKmrVu8vwq48vl1A42x-pPwtJXkfplzkAZCc6wY_MF9ny75_bWryQUyLpV4fh14hyKUbzPl_KmVH0k1kcKKUWhUxOxn0IhexrkETfGahJFWgYHTFRXcajPaO_BQyPE7erMH5lOZ7yds7GC3qwvEPvPJ6rvIei0AAI-ulO-aNxjqr530zTWWVQWBIwTQs_PUho-M4UtAX9VnUbcvIZPwWgAAdXxZh0_dZBIOvtBhlvXLoJU9adRCpgIJrSqhkIQTzATf59GPZR7MOGJAjE3ReCXRtFORidzGC3pOj9YsvyJx6_hOScSbXg16d97eGwnkZQZo6Cq0UF1Dy9g0Pluo0RdcBRb6U5nWbvcNlS_PYNMUTWu-uvsY6pbNZ1UKPprYyo6FUTxyxGMMCXxlOMYZ13u6rWFMkJwSude0smxAKESew7N8Fi0fmS28Aj8MI87cRS7sBJlvkxxmVgqulj9IojYewXdJm_GWuGd8r2BRt88ulYKcvULr8KYdsAPnJRmHFCx&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCvvyVbWuZY9X8BN_h7_UPj52K2A3JntKxXNWdkfdwwI23ARABIABglYKAgLQHggEXY2EtcHViLTY5MjY5OTI3MzY1OTg2MDTIAQmpAmNNThsE1LE-4AIAqAMBqgSUAk_QOYMcFrjDtyWqMLVT7Cl-I-b_N-mBoEyXtwdXlvTdU1fIMMxr2wro4SJXLGh7J8feDVTIzD1p9hmZxEMsdepXSNQ1gxmb_yKOG4iwTQF_cAjsIyH19xm3pXmZTypHXgq9inARZc8iENVXt4HaW2auudoYBX2S4ZsnkxCT5-FI801P1dOpUUvrQvQBrvPe77lmS12R7r2Rd4odrq3XXlYmEKGfoCnffX0SpPQ_tUuumuZ9dFp0LSR_i_u9tkfymwclLIjcMcRvPxrnQMeaTAR8DSrxKqg4bCm6lSsuD0a6Y0nUAoIUkzkznWHcjVFsdP1EEgjN4PZNu8l37dfFeVEEcDMROGxWVLNegmIr6ykDbKxBa-AEAYAGrfmcm8mIzNaFAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAcBABMgLrAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3QL2-3Vck5yM6BFUmuke7_FT__zA%26client%3Dca-pub-6926992736598604%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
81809aa166a76dd99939edd3df52a70720e5ee9b65fefe1de4b32500e324e763
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 06:21:34 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=2516475
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
2538
expires
Thu, 12 Jan 2023 09:22:51 GMT
suppression
beacon.aimtell.com/ 		1 B
77 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://beacon.aimtell.com/suppression?id_sites=0
Requested by
Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/cdn.aimtell.com/trackpush/trackpush.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1f97 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer
https://www.the-star.co.ke/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

date
Wed, 14 Dec 2022 06:21:35 GMT
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET,HEAD,OPTIONS
content-type
text/plain;charset=UTF-8
access-control-allow-origin
https://www.the-star.co.ke
access-control-allow-credentials
true
cf-ray
7794d717495292b1-FRA
access-control-allow-headers
Content-Type, *
content-length
1
suppression
beacon.aimtell.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://beacon.aimtell.com/suppression?id_sites=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1f97 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.the-star.co.ke
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, *
access-control-allow-methods
GET,HEAD,OPTIONS
access-control-allow-origin
https://www.the-star.co.ke
cf-ray
7794d7172ab69094-FRA
content-length
1
content-type
text/plain;charset=UTF-8
date
Wed, 14 Dec 2022 06:21:35 GMT
server
cloudflare
vary
Accept-Encoding
vpaid.js
ad.lkqd.net/vpaid/ Frame ECFB 		230 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
/
Resource Hash
c0d59afc312f7f1d1346cc4dfdb1463c05b2d334cfa64e7b9240456a48bfcc11

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 06:21:35 GMT
content-encoding
gzip
last-modified
Thu, 13 Oct 2022 21:01:07 GMT
etag
"88ca76abee51b1544e17b021f04aaaed"
x-hw
1670998895.cds210.fr8.hn,1670998895.cds268.fr8.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1209600
accept-ranges
bytes
content-length
62021
usync.html
ad.lkqd.net/cookie-sync/ Frame A59A 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/cookie-sync/usync.html
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
/
Resource Hash
a09fb04841151074c73e8daf6edb12da7ffd8b5e7812492a6d9f3ae977fe3d31

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
1882
content-type
text/html
date
Wed, 14 Dec 2022 06:21:35 GMT
etag
"952dcfd8e3703b5a7e78418d51009535"
last-modified
Fri, 18 Feb 2022 17:38:44 GMT
x-hw
1670998895.cds210.fr8.hn,1670998895.cds226.fr8.c
ad
v.lkqd.net/ Frame ECFB 		46 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=1169236&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=https%3A%2F%2Fwww.the-star.co.ke%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C63457%2C1%2C&c4=true&c5=&c6=63457&c10=&c11=true&c12=&c13=true&c14=&c15=true&c16=&c17=true&rnd=7177638&m=&rtv=1&thost=www.the-star.co.ke
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.137 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
99ccc8ca357e3013dafd3a054f4b8719e4c3b0fa0819b6777808afa421fcb8a9

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 14 Dec 2022 06:21:35 GMT
content-encoding
gzip
server
nginx
content-type
application/json
access-control-allow-origin
https://www.the-star.co.ke
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
3561
ad
v.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=1169236&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=https%3A%2F%2Fwww.the-star.co.ke%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C63457%2C1%2C&c4=true&c5=&c6=63457&c10=&c11=true&c12=&c13=true&c14=&c15=true&c16=&c17=true&rnd=7177638&m=&rtv=1&thost=www.the-star.co.ke
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.137 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.the-star.co.ke
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://www.the-star.co.ke
access-control-expose-headers
Content-Type, Content-Disposition
access-control-max-age
300
cache-control
max-age=300
content-length
0
date
Wed, 14 Dec 2022 06:21:35 GMT
server
nginx
24111-eac28fb6894b.json
cdn.aimtell.io/config/ 		191 B
336 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.aimtell.io/config/24111-eac28fb6894b.json
Requested by
Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/cdn.aimtell.com/trackpush/trackpush.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:46e7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c82984d6351e635cc9422937680205eccf44b662dd84d0a966f3dc98f2253618

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.the-star.co.ke/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 06:21:36 GMT
content-encoding
gzip
via
1.1 53435acfdf55e029e1a3d0175cb1d5c2.cloudfront.net (CloudFront)
cf-cache-status
DYNAMIC
x-amz-cf-pop
BOM78-P3
x-cache
RefreshHit from cloudfront
content-length
148
last-modified
Thu, 15 Jul 2021 08:40:08 GMT
server
cloudflare
etag
"ef41079d3457a8c0bcc85d4e81fa2cef"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
ETag
cache-control
max-age=86400
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges
bytes
cf-ray
7794d7178e485b50-FRA
x-amz-cf-id
iUjz91yQVO6_e2_DOnunBwqIZ2p6XgGAbMC1Jn6BmzYVi-2_gYypzg==
cm
p.rfihub.com/ Frame A59A 		42 B
593 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.rfihub.com/cm?pub=35678&in=1
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
193.0.160.129 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software
Jetty(9.3.29.v20201019) /
Resource Hash
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type
image/gif
Date
Wed, 14 Dec 2022 06:21:35 GMT
Cache-Control
no-cache
Server
Jetty(9.3.29.v20201019)
Content-Length
42
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cs
cs.lkqd.net/ Frame A59A
Redirect Chain
  • https://cms.quantserve.com/pixel/p-E357uSpKxfQzx.gif?idmatch=0
  • https://cs.lkqd.net/cs?partnerId=76&&partnerUserId=7PEz2OygPIf39mmEuPYng-mha9D39jmC7_Dihr6h
43 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=76&&partnerUserId=7PEz2OygPIf39mmEuPYng-mha9D39jmC7_Dihr6h
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Server
146.20.132.149 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 06:21:35 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

pragma
no-cache
date
Wed, 14 Dec 2022 06:21:35 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://cs.lkqd.net/cs?partnerId=76&&partnerUserId=7PEz2OygPIf39mmEuPYng-mha9D39jmC7_Dihr6h
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
cs
cs.lkqd.net/ Frame A59A
Redirect Chain
  • https://cs.lkqd.net/cs?partnerId=59&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dlkqd_dbm%26google_cm%26google_hm%3D%24%24rawlkqduserid%7Cbase64%24%24&r=if
  • https://cm.g.doubleclick.net/pixel?google_nid=lkqd_dbm&google_cm&google_hm=X3h0N3ZYM3pNdGs
  • https://cs.lkqd.net/cs?partnerId=59&partnerUserId=CAESEJ48Muo5w10xR45ip7I1KoA&google_cver=1
43 B
397 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=59&partnerUserId=CAESEJ48Muo5w10xR45ip7I1KoA&google_cver=1
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Server
146.20.132.149 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 06:21:35 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

pragma
no-cache
date
Wed, 14 Dec 2022 06:21:35 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://cs.lkqd.net/cs?partnerId=59&partnerUserId=CAESEJ48Muo5w10xR45ip7I1KoA&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
296
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
464986.gif
idsync.rlcdn.com/ Frame A59A
Redirect Chain
  • https://cs.lkqd.net/cs?partnerId=55&redirect=https%3A%2F%2Fidsync.rlcdn.com%2F464986.gif%3Fpartner_uid%3D%24%24rawlkqduserid%24%24&r=if
  • https://idsync.rlcdn.com/464986.gif?partner_uid=_xt7vX3zMtk
0
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/464986.gif?partner_uid=_xt7vX3zMtk
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 06:21:35 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0

Redirect headers

date
Wed, 14 Dec 2022 06:21:35 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
location
https://idsync.rlcdn.com/464986.gif?partner_uid=_xt7vX3zMtk
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
0
CookieSyncLKQD
rtb.adentifi.com/ Frame A59A 		0
35 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adentifi.com/CookieSyncLKQD
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.147.255.25 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-147-255-25.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 06:21:35 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 1BFD 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvYfvhDuWbDUJv9R03Syj2Q_BbFFhjLSGzOhrpHiC7PrIXWKJiC8vm9EKtJTP82N8l_lJ_94VK7WAC7IiJP2u6fn7Sx97C_NWeZs0XdHjsX7YvtBhpteVNcEc-hQWr86UTn9Tv28g&sai=AMfl-YT2ollSTBy5Uy41d6iBxb-iQOc3w4te3DR7uMiD_9pKBMQK9Of33jUkoNokdF7F0jNi1qBUDUxp82mbhtvInYXrp6cHOMzkjiFSZmqDPrUJ3UHnCc8TfBbu8xbx1b-FFMbuu_Lu9UaxsTzrG0UG&sig=Cg0ArKJSzOviJpA4g9wsEAE&cid=CAQSTADq26N9PZpqBZZZiNQRcPsDoNBn9JQcIiqzvSkUnP-yXxYY1F8vuE3XzV0lZGI_IUlLoIxL9rc9gPVKWAnieFzPvvUJVZJr-xHjA_YYASAT&id=ampim&o=1135,478&d=336,280&ss=1600,1200&bs=1600,1200&mcvt=1003&mtos=0,0,1003,1003,1003&tos=0,0,1003,0,0&tfs=486&tls=1489&g=100&h=100&tt=1489&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.the-star.co.ke/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Dec 2022 06:21:35 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 6AD1 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvxxONgIIRDukOOUp_gV_bzZ7xygy4gGrKl3YvSrnKXIN1ueyaKXPTJnb5f-eSEVDQei3XdGgNcj4HfTPq-78IbyMp-RfXYSys3CU6enEmTjDyIbz9Rm-5UQ2hC&sai=AMfl-YRloutR2EMyZIf_mGubrq3-ZcgChkj2SuUTJgiiuKD1w-nObE8qxGp2XcI62kG4-gSQYLZg2mHC-vRSU5TZrHYO8VS9KBGZGnQ3vZQ1Ng7hM3OohRurFP9r7ALXtZJ2yFQ-LaGyRf2yzamlvN6-&sig=Cg0ArKJSzHU2DpiRvxLyEAE&cid=CAQSTADq26N9PZpqBZZZiNQRcPsDoNBn9JQcIiqzvSkUnP-yXxYY1F8vuE3XzV0lZGI_IUlLoIxL9rc9gPVKWAnieFzPvvUJVZJr-xHjA_YYASAT&id=ampim&o=315,140&d=970,250&ss=1600,1200&bs=1600,1200&mcvt=1002&mtos=0,0,0,1002,1002&tos=0,0,0,1002,0&tfs=497&tls=1499&g=100&h=100&tt=1499&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.the-star.co.ke/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Dec 2022 06:21:35 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
t
t.lkqd.net/ Frame 59A0 		0
166 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.149 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.the-star.co.ke
date
Wed, 14 Dec 2022 06:21:35 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.146 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.the-star.co.ke
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
access-control-allow-origin
https://www.the-star.co.ke
access-control-expose-headers
Content-Type, Content-Disposition
access-control-max-age
300
cache-control
max-age=300
content-length
0
content-type
text/plain; charset=UTF-8
date
Wed, 14 Dec 2022 06:21:35 GMT
server
nginx
swfIndex.php
ads.stickyadstv.com/www/delivery/ 		67 B
691 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=2.0&_fw_us_privacy=&zoneId=7439281&_fw_gdpr=0&_fw_gdpr_consent=&schain=1.0%2C1%21vidoomy.com%2C63457%2C1%2C4417635162346825870091323821%2C%2C
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.55.110.82 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-55-110-82.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.the-star.co.ke/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 14 Dec 2022 06:21:35 GMT
Server
nginx
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://www.the-star.co.ke
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
67
x-sticky-vk
1670998895703004-543
Expires
Wed, 14 Dec 2022 06:21:35 GMT
vadtag.html
vpaid.pubmatic.com/ads/video/ 		1013 B
876 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.the-star.co.ke%2F&schain=1.0%2C1%21vidoomy.com%2C63457%2C1%2C23468258700913238211906806452%2C%2C
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
69e6272a596cae3d98422c59a27238c9a6466958534ecef86ef227ef9e5892ef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.the-star.co.ke/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Dec 2022 06:21:35 GMT
content-encoding
gzip
server
Apache
etag
"23df-5decc5efc263b-gzip"
vary
Origin, Accept-Encoding
content-type
application/xml
access-control-allow-origin
https://www.the-star.co.ke
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
629
expires
Wed, 14 Dec 2022 06:21:35 GMT
vadtag.html
vpaid.pubmatic.com/ads/video/ 		1012 B
875 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.the-star.co.ke%2F&schain=1.0%2C1%21vidoomy.com%2C63457%2C1%2C2346825870091323821597486629%2C%2C
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
4ed769852ff93f5fd1225c4248e02ff3798ecca0f7b2328ea1e986ed90c71bb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.the-star.co.ke/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Dec 2022 06:21:35 GMT
content-encoding
gzip
server
Apache
etag
"23df-5decc5efc263b-gzip"
vary
Origin, Accept-Encoding
content-type
application/xml
access-control-allow-origin
https://www.the-star.co.ke
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
628
expires
Wed, 14 Dec 2022 06:21:35 GMT
vadtag.html
vpaid.pubmatic.com/ads/video/ 		1013 B
875 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.the-star.co.ke%2F&schain=1.0%2C1%21vidoomy.com%2C63457%2C1%2C17153355912346825870091323821%2C%2C
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
32f1b13b68c11ae38845e45c4fbdc1068005152f4f8019c97f2cb3b3b4be6905

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.the-star.co.ke/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Dec 2022 06:21:35 GMT
content-encoding
gzip
server
Apache
etag
"23df-5decc5efc263b-gzip"
vary
Origin, Accept-Encoding
content-type
application/xml
access-control-allow-origin
https://www.the-star.co.ke
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
628
expires
Wed, 14 Dec 2022 06:21:35 GMT
vadtag.html
vpaid.pubmatic.com/ads/video/ 		1010 B
873 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.the-star.co.ke%2F&schain=1.0%2C1%21vidoomy.com%2C63457%2C1%2C23468258700913238217591237%2C%2C
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7239602728eda88e4dd4307a6aab7129bfe1966461357b3ee36f504724fb57f5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.the-star.co.ke/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Dec 2022 06:21:35 GMT
content-encoding
gzip
server
Apache
etag
"23df-5decc5efc263b-gzip"
vary
Origin, Accept-Encoding
content-type
application/xml
access-control-allow-origin
https://www.the-star.co.ke
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
626
expires
Wed, 14 Dec 2022 06:21:35 GMT
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.146 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.the-star.co.ke
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
access-control-allow-origin
https://www.the-star.co.ke
access-control-expose-headers
Content-Type, Content-Disposition
access-control-max-age
300
cache-control
max-age=300
content-length
0
content-type
text/plain; charset=UTF-8
date
Wed, 14 Dec 2022 06:21:35 GMT
server
nginx
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.146 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.the-star.co.ke
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
access-control-allow-origin
https://www.the-star.co.ke
access-control-expose-headers
Content-Type, Content-Disposition
access-control-max-age
300
cache-control
max-age=300
content-length
0
content-type
text/plain; charset=UTF-8
date
Wed, 14 Dec 2022 06:21:35 GMT
server
nginx
t
t.lkqd.net/ Frame 59A0 		0
166 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.149 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.the-star.co.ke
date
Wed, 14 Dec 2022 06:21:35 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame 59A0 		0
166 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.149 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.the-star.co.ke
date
Wed, 14 Dec 2022 06:21:35 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
ad
v.lkqd.net/ Frame B464 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=1169236&formats=true&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=https%3A%2F%2Fwww.the-star.co.ke%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C63457%2C1%2C&c4=true&c5=&c6=63457&c10=&c11=true&c12=&c13=true&c14=&c15=true&c16=&c17=true&rnd=80781565&m=
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.137 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a7adba2a4ae2281b7d8cdbf0f3dc1e83fcc5c2602be46ba339ec3cabf218a786

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 06:21:36 GMT
content-encoding
gzip
server
nginx
content-type
application/xml; charset=UTF-8
access-control-allow-origin
https://www.the-star.co.ke
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
1408
vpaid.js
ad.lkqd.net/vpaid/ Frame 5E9C 		230 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
/
Resource Hash
c0d59afc312f7f1d1346cc4dfdb1463c05b2d334cfa64e7b9240456a48bfcc11

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 06:21:36 GMT
content-encoding
gzip
last-modified
Thu, 13 Oct 2022 21:01:07 GMT
etag
"88ca76abee51b1544e17b021f04aaaed"
x-hw
1670998896.cds210.fr8.hn,1670998896.cds268.fr8.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1209600
accept-ranges
bytes
content-length
62021
usync.html
ad.lkqd.net/cookie-sync/ Frame 2F1A 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/cookie-sync/usync.html
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
/
Resource Hash
a09fb04841151074c73e8daf6edb12da7ffd8b5e7812492a6d9f3ae977fe3d31

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
1882
content-type
text/html
date
Wed, 14 Dec 2022 06:21:36 GMT
etag
"952dcfd8e3703b5a7e78418d51009535"
last-modified
Fri, 18 Feb 2022 17:38:44 GMT
x-hw
1670998896.cds210.fr8.hn,1670998896.cds226.fr8.c
ad
v.lkqd.net/ Frame 5E9C 		46 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=1169236&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=https%3A%2F%2Fwww.the-star.co.ke%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C63457%2C1%2C&c4=true&c5=&c6=63457&c10=&c11=true&c12=&c13=true&c14=&c15=true&c16=&c17=true&rnd=80781565&m=&rtv=1&thost=www.the-star.co.ke
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.137 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e4766ca461eaea3d386a1a17d8d1056d8b9e84efd3d9eaa4f216c0cf690300c5

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 14 Dec 2022 06:21:37 GMT
content-encoding
gzip
server
nginx
content-type
application/json
access-control-allow-origin
https://www.the-star.co.ke
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
3575
ad
v.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=1169236&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=https%3A%2F%2Fwww.the-star.co.ke%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C63457%2C1%2C&c4=true&c5=&c6=63457&c10=&c11=true&c12=&c13=true&c14=&c15=true&c16=&c17=true&rnd=80781565&m=&rtv=1&thost=www.the-star.co.ke
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.137 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.the-star.co.ke
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://www.the-star.co.ke
access-control-expose-headers
Content-Type, Content-Disposition
access-control-max-age
300
cache-control
max-age=300
content-length
0
date
Wed, 14 Dec 2022 06:21:36 GMT
server
nginx
log_event
www.youtube.com/youtubei/v1/ Frame 1F1B 		28 B
54 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/e96685ea/www-embed-player.vflset/www-embed-player.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
X-Goog-Request-Time
1670998896683
Content-Type
application/json
X-YouTube-Utc-Offset
0
X-YouTube-Client-Name
56
Referer
https://www.youtube.com/embed/EgTiqgN79WQ?playsinline=1&enablejsapi=1&origin=https%3A%2F%2Fwww.the-star.co.ke&widgetid=1
X-YouTube-Client-Version
1.20221211.00.00
X-YouTube-Time-Zone
Etc/Unknown
X-Goog-Visitor-Id
CgtNUzdXcVNGdGtMayjt1uWcBg%3D%3D
X-YouTube-Ad-Signals
dt=1670998893968&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C610%2C343&vis=1&wgl=true&ca_type=image&bid=ANyPxKrQpU22zHtvboQS-iwSiDQuMPNOHY7z6TvVZz24XmzBsSYiK7zewtJhgUstxU92jDY0y1xwzoODIKzJWBEgGx6une1NRw

Response headers

date
Wed, 14 Dec 2022 06:21:36 GMT
content-encoding
br
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
x-frame-options
SAMEORIGIN
vary
Origin, X-Origin, Referer
content-type
application/json; charset=UTF-8
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31
x-xss-protection
0
expires
Wed, 14 Dec 2022 06:21:36 GMT
cm
p.rfihub.com/ Frame 2F1A 		42 B
593 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.rfihub.com/cm?pub=35678&in=1
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
193.0.160.129 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software
Jetty(9.3.29.v20201019) /
Resource Hash
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type
image/gif
Date
Wed, 14 Dec 2022 06:21:36 GMT
Cache-Control
no-cache
Server
Jetty(9.3.29.v20201019)
Content-Length
42
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
CookieSyncLKQD
rtb.adentifi.com/ Frame 2F1A 		0
34 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adentifi.com/CookieSyncLKQD
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.147.255.25 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-147-255-25.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 06:21:36 GMT
cs
cs.lkqd.net/ Frame 2F1A
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=561322&ev=1&rurl=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D53%26partnerUserId%3D%25%25VGUID%25%25
  • https://cs.lkqd.net/cs?partnerId=53&partnerUserId=F9WkjGDl8fJ0&ev=1&pid=561322
43 B
386 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=53&partnerUserId=F9WkjGDl8fJ0&ev=1&pid=561322
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Server
146.20.132.149 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 06:21:37 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
location
https://cs.lkqd.net/cs?partnerId=53&partnerUserId=F9WkjGDl8fJ0&ev=1&pid=561322
content-language
de-DE
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-fbcf948bf-j5bpg
expires
-1
cs
cs.lkqd.net/ Frame 2F1A
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/aUTuBPNf?redir=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D52%26partnerUserId%3D%24%7BUSER_ID%7D
  • https://sync-tm.everesttech.net/ct/upi/pid/aUTuBPNf?redir=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D52%26partnerUserId%3D%24%7BUSER_ID%7D&_test=Y5lrcAAAAkGtpAAo
  • https://cs.lkqd.net/cs?partnerId=52&partnerUserId=Y5lrcAAAAkGtpAAo&_test=Y5lrcAAAAkGtpAAo
43 B
388 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=52&partnerUserId=Y5lrcAAAAkGtpAAo&_test=Y5lrcAAAAkGtpAAo
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Server
146.20.132.149 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 06:21:36 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

x-served-by
cache-hhn-etou8220095-HHN
pragma
no-cache
date
Wed, 14 Dec 2022 06:21:36 GMT
via
1.1 varnish
server
Varnish
x-timer
S1670998897.838554,VS0,VE0
x-cache
HIT
location
https://cs.lkqd.net/cs?partnerId=52&partnerUserId=Y5lrcAAAAkGtpAAo&_test=Y5lrcAAAAkGtpAAo
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
ibs:dpid=445&dpuuid=31d4987b-b3d0-437f-9f40-c9a38950c7b7
dpm.demdex.net/ Frame 2F1A
Redirect Chain
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=lkqd
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=lkqd&s_h=1
  • https://sb.scorecardresearch.com/p?c1=9&c2=5989497&cs_xi=31d4987b-b3d0-437f-9f40-c9a38950c7b7&rn=TIMESTAMP&cs_xs=3315&r=https%3A%2F%2Fsync.tidaltv.com%2Fgenericusersync.ashx%3Fdpid%3D1266&gdpr=1&gd...
  • https://sb.scorecardresearch.com/p2?c1=9&c2=5989497&cs_xi=31d4987b-b3d0-437f-9f40-c9a38950c7b7&rn=TIMESTAMP&cs_xs=3315&r=https%3A%2F%2Fsync.tidaltv.com%2Fgenericusersync.ashx%3Fdpid%3D1266&gdpr=1&g...
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=1266
  • https://d.turn.com/r/du/id/L2NzaWQvMS9tcGlkLzMxODMxNDE0/mpuid/31d4987b-b3d0-437f-9f40-c9a38950c7b7/rnd/0/url/https://sync.tidaltv.com/GenericUserSync.ashx?dpid=1261%2F&gdpr=1&gdpr_consent=
  • https://sync.tidaltv.com/GenericUserSync.ashx?dpid=1261%2F&gdpr=1&gdpr_consent=
  • https://dpm.demdex.net/ibs:dpid=445&dpuuid=31d4987b-b3d0-437f-9f40-c9a38950c7b7?redir=https%3A%2F%2Fsync.tidaltv.com%2Fgenericusersync.ashx%3Fdpid%3D1262&gdpr=1&gdpr_consent=
0
0
t
t.lkqd.net/ Frame 473E 		0
166 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.149 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.the-star.co.ke
date
Wed, 14 Dec 2022 06:21:37 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.146 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.the-star.co.ke
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
access-control-allow-origin
https://www.the-star.co.ke
access-control-expose-headers
Content-Type, Content-Disposition
access-control-max-age
300
cache-control
max-age=300
content-length
0
content-type
text/plain; charset=UTF-8
date
Wed, 14 Dec 2022 06:21:36 GMT
server
nginx
swfIndex.php
ads.stickyadstv.com/www/delivery/ 		67 B
691 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=2.0&_fw_us_privacy=&zoneId=7439281&_fw_gdpr=0&_fw_gdpr_consent=&schain=1.0%2C1%21vidoomy.com%2C63457%2C1%2C10434334818537117333280574557%2C%2C
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.55.110.82 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-55-110-82.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.the-star.co.ke/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 14 Dec 2022 06:21:37 GMT
Server
nginx
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://www.the-star.co.ke
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
67
x-sticky-vk
1670998897112053-578
Expires
Wed, 14 Dec 2022 06:21:37 GMT
vadtag.html
vpaid.pubmatic.com/ads/video/ 		1012 B
875 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.the-star.co.ke%2F&schain=1.0%2C1%21vidoomy.com%2C63457%2C1%2C8537117333280574557563317977%2C%2C
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
3b6932e7eeb074c5fe60282c584ed4bab4cd98d6eab611f3ad64871e57f7d110

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.the-star.co.ke/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Dec 2022 06:21:37 GMT
content-encoding
gzip
server
Apache
etag
"23df-5decc5efc263b-gzip"
vary
Origin, Accept-Encoding
content-type
application/xml
access-control-allow-origin
https://www.the-star.co.ke
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
628
expires
Wed, 14 Dec 2022 06:21:37 GMT
vadtag.html
vpaid.pubmatic.com/ads/video/ 		1012 B
875 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.the-star.co.ke%2F&schain=1.0%2C1%21vidoomy.com%2C63457%2C1%2C8537117333280574557190494561%2C%2C
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
52f59979c61ec03c4c7a1be02e827322ab7dd656dccbc8e3a70cc9b7ebae0b60

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.the-star.co.ke/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Dec 2022 06:21:37 GMT
content-encoding
gzip
server
Apache
etag
"23df-5decc5efc263b-gzip"
vary
Origin, Accept-Encoding
content-type
application/xml
access-control-allow-origin
https://www.the-star.co.ke
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
628
expires
Wed, 14 Dec 2022 06:21:37 GMT
vadtag.html
vpaid.pubmatic.com/ads/video/ 		1012 B
874 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.the-star.co.ke%2F&schain=1.0%2C1%21vidoomy.com%2C63457%2C1%2C8537117333280574557225030887%2C%2C
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
9406874f46f62e5ddf8aaef06eddb9dac85cda9930d87e3605b123986323e4eb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.the-star.co.ke/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Dec 2022 06:21:37 GMT
content-encoding
gzip
server
Apache
etag
"23df-5decc5efc263b-gzip"
vary
Origin, Accept-Encoding
content-type
application/xml
access-control-allow-origin
https://www.the-star.co.ke
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
627
expires
Wed, 14 Dec 2022 06:21:37 GMT
vadtag.html
vpaid.pubmatic.com/ads/video/ 		1013 B
874 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.the-star.co.ke%2F&schain=1.0%2C1%21vidoomy.com%2C63457%2C1%2C20733567608537117333280574557%2C%2C
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
5b8704514ddb13142fe7a2b083cbf2394afcc35318434cb592d19c48039df1af

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.the-star.co.ke/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Dec 2022 06:21:37 GMT
content-encoding
gzip
server
Apache
etag
"23df-5decc5efc263b-gzip"
vary
Origin, Accept-Encoding
content-type
application/xml
access-control-allow-origin
https://www.the-star.co.ke
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
627
expires
Wed, 14 Dec 2022 06:21:37 GMT
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.146 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.the-star.co.ke
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
access-control-allow-origin
https://www.the-star.co.ke
access-control-expose-headers
Content-Type, Content-Disposition
access-control-max-age
300
cache-control
max-age=300
content-length
0
content-type
text/plain; charset=UTF-8
date
Wed, 14 Dec 2022 06:21:37 GMT
server
nginx
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.146 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.the-star.co.ke
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
access-control-allow-origin
https://www.the-star.co.ke
access-control-expose-headers
Content-Type, Content-Disposition
access-control-max-age
300
cache-control
max-age=300
content-length
0
content-type
text/plain; charset=UTF-8
date
Wed, 14 Dec 2022 06:21:37 GMT
server
nginx
t
t.lkqd.net/ Frame 473E 		0
166 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.149 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.the-star.co.ke
date
Wed, 14 Dec 2022 06:21:37 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame 473E 		0
166 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.149 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.the-star.co.ke
date
Wed, 14 Dec 2022 06:21:37 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
ad
v.lkqd.net/ Frame B464 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=1169236&formats=true&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=https%3A%2F%2Fwww.the-star.co.ke%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C63457%2C1%2C&c4=true&c5=&c6=63457&c10=&c11=true&c12=&c13=true&c14=&c15=true&c16=&c17=true&rnd=5599284&m=
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.137 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
85f681c608f719dc76edeafbeec74e8fb9c79fbc77cf01308d5deda9fb00a62b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 06:21:37 GMT
content-encoding
gzip
server
nginx
content-type
application/xml; charset=UTF-8
access-control-allow-origin
https://www.the-star.co.ke
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
1404
vpaid.js
ad.lkqd.net/vpaid/ Frame B1AE 		230 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
/
Resource Hash
c0d59afc312f7f1d1346cc4dfdb1463c05b2d334cfa64e7b9240456a48bfcc11

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 06:21:37 GMT
content-encoding
gzip
last-modified
Thu, 13 Oct 2022 21:01:07 GMT
etag
"88ca76abee51b1544e17b021f04aaaed"
x-hw
1670998897.cds210.fr8.hn,1670998897.cds268.fr8.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1209600
accept-ranges
bytes
content-length
62021
usync.html
ad.lkqd.net/cookie-sync/ Frame B93E 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/cookie-sync/usync.html
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
/
Resource Hash
a09fb04841151074c73e8daf6edb12da7ffd8b5e7812492a6d9f3ae977fe3d31

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
1882
content-type
text/html
date
Wed, 14 Dec 2022 06:21:38 GMT
etag
"952dcfd8e3703b5a7e78418d51009535"
last-modified
Fri, 18 Feb 2022 17:38:44 GMT
x-hw
1670998898.cds210.fr8.hn,1670998898.cds226.fr8.c
ad
v.lkqd.net/ Frame B1AE 		62 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=1169236&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=https%3A%2F%2Fwww.the-star.co.ke%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C63457%2C1%2C&c4=true&c5=&c6=63457&c10=&c11=true&c12=&c13=true&c14=&c15=true&c16=&c17=true&rnd=5599284&m=&rtv=1&thost=www.the-star.co.ke
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.137 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
1d986e5aa82de1798ce40ba2fdcdb8a811b0b1773d7f01909d2735d5a48fb6b9

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 14 Dec 2022 06:21:38 GMT
content-encoding
gzip
server
nginx
content-type
application/json
access-control-allow-origin
https://www.the-star.co.ke
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
4088
ad
v.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=1169236&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=https%3A%2F%2Fwww.the-star.co.ke%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C63457%2C1%2C&c4=true&c5=&c6=63457&c10=&c11=true&c12=&c13=true&c14=&c15=true&c16=&c17=true&rnd=5599284&m=&rtv=1&thost=www.the-star.co.ke
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.137 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.the-star.co.ke
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://www.the-star.co.ke
access-control-expose-headers
Content-Type, Content-Disposition
access-control-max-age
300
cache-control
max-age=300
content-length
0
date
Wed, 14 Dec 2022 06:21:38 GMT
server
nginx
cm
p.rfihub.com/ Frame B93E 		42 B
593 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.rfihub.com/cm?pub=35678&in=1
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
193.0.160.129 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software
Jetty(9.3.29.v20201019) /
Resource Hash
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type
image/gif
Date
Wed, 14 Dec 2022 06:21:38 GMT
Cache-Control
no-cache
Server
Jetty(9.3.29.v20201019)
Content-Length
42
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
CookieSyncLKQD
rtb.adentifi.com/ Frame B93E 		0
34 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adentifi.com/CookieSyncLKQD
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.147.255.25 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-147-255-25.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 06:21:38 GMT
5379
tags.bluekai.com/site/ Frame B93E
Redirect Chain
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=lkqd
  • https://sb.scorecardresearch.com/p?c1=9&c2=5989497&cs_xi=31d4987b-b3d0-437f-9f40-c9a38950c7b7&rn=TIMESTAMP&cs_xs=3315&r=https%3A%2F%2Fsync.tidaltv.com%2Fgenericusersync.ashx%3Fdpid%3D1266&gdpr=1&gd...
  • https://sb.scorecardresearch.com/p2?c1=9&c2=5989497&cs_xi=31d4987b-b3d0-437f-9f40-c9a38950c7b7&rn=TIMESTAMP&cs_xs=3315&r=https%3A%2F%2Fsync.tidaltv.com%2Fgenericusersync.ashx%3Fdpid%3D1266&gdpr=1&g...
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=1266
  • https://d.turn.com/r/du/id/L2NzaWQvMS9tcGlkLzMxODMxNDE0/mpuid/31d4987b-b3d0-437f-9f40-c9a38950c7b7/rnd/0/url/https://sync.tidaltv.com/GenericUserSync.ashx?dpid=1261%2F&gdpr=1&gdpr_consent=
  • https://sync.tidaltv.com/GenericUserSync.ashx?dpid=1261%2F&gdpr=1&gdpr_consent=
  • https://dpm.demdex.net/ibs:dpid=445&dpuuid=31d4987b-b3d0-437f-9f40-c9a38950c7b7?redir=https%3A%2F%2Fsync.tidaltv.com%2Fgenericusersync.ashx%3Fdpid%3D1262&gdpr=1&gdpr_consent=
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=1262
  • https://tags.bluekai.com/site/5379?id=31d4987b-b3d0-437f-9f40-c9a38950c7b7&redir=https%3A%2F%2Fsync.tidaltv.com%2Fgenericusersync.ashx%3Fdpid%3D1263&gdpr=1&gdpr_consent=
0
0
cs
cs.lkqd.net/ Frame B93E
Redirect Chain
  • https://media.sabio.us/imp_pixel?invsrc=11&secure=1
  • https://cs.lkqd.net/cs?partnerId=39&partnerUserId=514795109016775980
43 B
389 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=39&partnerUserId=514795109016775980
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Server
146.20.132.149 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 06:21:38 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

location
https://cs.lkqd.net/cs?partnerId=39&partnerUserId=514795109016775980
date
Wed, 14 Dec 2022 06:21:38 GMT
server
Apache/2.4.23 (Unix)
content-length
256
content-type
text/html; charset=iso-8859-1
us.php
gu.dyntrk.com/adx/lkqd/ Frame B93E
Redirect Chain
  • https://cs.lkqd.net/cs?partnerId=25&redirect=https%3A%2F%2Fgu.dyntrk.com%2Fadx%2Flkqd%2Fus.php%3Fdynk%3Dl1k4q1d4%26gdpr%3D%24%24gdpr%24%24%26gdpr_consent%3D%24%24gdprcs%24%24&r=if
  • https://gu.dyntrk.com/adx/lkqd/us.php?dynk=l1k4q1d4&gdpr=$$gdpr$$&gdpr_consent=$$gdprcs$$
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gu.dyntrk.com/adx/lkqd/us.php?dynk=l1k4q1d4&gdpr=$$gdpr$$&gdpr_consent=$$gdprcs$$
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
HTTP/1.1
Server
162.19.80.91 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3011793.ip-162-19-80.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Redirect headers

date
Wed, 14 Dec 2022 06:21:38 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
location
https://gu.dyntrk.com/adx/lkqd/us.php?dynk=l1k4q1d4&gdpr=$$gdpr$$&gdpr_consent=$$gdprcs$$
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
0
t
t.lkqd.net/ Frame 9314 		0
166 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.149 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.the-star.co.ke
date
Wed, 14 Dec 2022 06:21:38 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.146 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.the-star.co.ke
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
access-control-allow-origin
https://www.the-star.co.ke
access-control-expose-headers
Content-Type, Content-Disposition
access-control-max-age
300
cache-control
max-age=300
content-length
0
content-type
text/plain; charset=UTF-8
date
Wed, 14 Dec 2022 06:21:38 GMT
server
nginx
swfIndex.php
ads.stickyadstv.com/www/delivery/ 		67 B
691 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=2.0&_fw_us_privacy=&zoneId=7439281&_fw_gdpr=0&_fw_gdpr_consent=&schain=1.0%2C1%21vidoomy.com%2C63457%2C1%2C7863396417748850575282209711%2C%2C
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.55.110.82 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-55-110-82.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.the-star.co.ke/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 14 Dec 2022 06:21:38 GMT
Server
nginx
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://www.the-star.co.ke
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
67
x-sticky-vk
1670998898178070-582
Expires
Wed, 14 Dec 2022 06:21:38 GMT
218945
search.spotxchange.com/vast/2.0/ 		67 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/vast/2.0/218945?VPAID=JS&content_page_url=https%3A%2F%2Fwww.the-star.co.ke%2F&cb=1198749364&player_width=400&player_height=225&regs[gdpr]=0&user[consent]=&device[geo][lat]=&device[geo][lon]=&schain=1.0%2C1%21vidoomy.com%2C63457%2C1%2C77488505752822097111806025387%2C%2C
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.94.180.123 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
78e958d620d6e40a19e424eee3a9b23932cd9bfa4d7f736442048777d203052d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.the-star.co.ke/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date
Wed, 14 Dec 2022 06:21:38 GMT
X-SpotX-Timing-SpotMarket-Primary
0.004654
X-SpotX-Timing-Transform
0.000297
Content-Encoding
gzip
X-SpotX-Timing-SpotMarket
0.004654
X-SpotX-Timing-Page-Require
0.000551
X-fe
082
Connection
keep-alive
X-SpotX-Timing-Page-Misc
0.002818
X-SpotX-Timing-Page-Cookie
0.000028
Content-Length
79
X-SpotX-Timing-Page
0.008884
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.000279
Last-Modified
Wed, 14 Dec 2022 06:21:38 GMT
Server
nginx
Vary
Accept-Encoding
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
text/xml;charset=UTF-8
Access-Control-Allow-Origin
https://www.the-star.co.ke
X-SpotX-Timing-Page-Exception
0.000000
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Credentials
true
X-SpotX-Timing-Page-URI
0.000009
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-Mux
0.000248
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT
swfIndex.php
ads.stickyadstv.com/www/delivery/ 		67 B
691 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=2.0&zoneId=7439281&_fw_gdpr=0&_fw_gdpr_consent=&schain=1.0%2C1%21vidoomy.com%2C63457%2C1%2C77488505752822097112117980708,,
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.55.110.82 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-55-110-82.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.the-star.co.ke/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 14 Dec 2022 06:21:38 GMT
Server
nginx
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://www.the-star.co.ke
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
67
x-sticky-vk
1670998898177076-534
Expires
Wed, 14 Dec 2022 06:21:38 GMT
vadtag.html
vpaid.pubmatic.com/ads/video/ 		1013 B
874 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.the-star.co.ke%2F&schain=1.0%2C1%21vidoomy.com%2C63457%2C1%2C77488505752822097111112723773%2C%2C
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
af7d484011adc9015caf861daf0b7dadaa31aef82ca07e891a1dd0e74e28619d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.the-star.co.ke/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Dec 2022 06:21:38 GMT
content-encoding
gzip
server
Apache
etag
"23df-5decc5efc263b-gzip"
vary
Origin, Accept-Encoding
content-type
application/xml
access-control-allow-origin
https://www.the-star.co.ke
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
627
expires
Wed, 14 Dec 2022 06:21:38 GMT
vadtag.html
vpaid.pubmatic.com/ads/video/ 		1013 B
873 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.the-star.co.ke%2F&schain=1.0%2C1%21vidoomy.com%2C63457%2C1%2C77488505752822097111158159010%2C%2C
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
c41dcdff5761a7150045132050420e00de7b82834e057feeba56b67c728c17d4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.the-star.co.ke/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Dec 2022 06:21:38 GMT
content-encoding
gzip
server
Apache
etag
"23df-5decc5efc263b-gzip"
vary
Origin, Accept-Encoding
content-type
application/xml
access-control-allow-origin
https://www.the-star.co.ke
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
626
expires
Wed, 14 Dec 2022 06:21:38 GMT
vadtag.html
vpaid.pubmatic.com/ads/video/ 		1012 B
873 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.the-star.co.ke%2F&schain=1.0%2C1%21vidoomy.com%2C63457%2C1%2C2316069457748850575282209711%2C%2C
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
d6d513abc5d96532a8626f4b04379d65a1efc4f977a50b0cbb3c0df7b51c1520

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.the-star.co.ke/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Dec 2022 06:21:38 GMT
content-encoding
gzip
server
Apache
etag
"23df-5decc5efc263b-gzip"
vary
Origin, Accept-Encoding
content-type
application/xml
access-control-allow-origin
https://www.the-star.co.ke
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
626
expires
Wed, 14 Dec 2022 06:21:38 GMT
vadtag.html
vpaid.pubmatic.com/ads/video/ 		1012 B
875 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.the-star.co.ke%2F&schain=1.0%2C1%21vidoomy.com%2C63457%2C1%2C7748850575282209711514249263%2C%2C
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e95a0ce88edbfe2391f490938ece5641691e1d591b688398ddf26931290396db

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.the-star.co.ke/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Dec 2022 06:21:38 GMT
content-encoding
gzip
server
Apache
etag
"23df-5decc5efc263b-gzip"
vary
Origin, Accept-Encoding
content-type
application/xml
access-control-allow-origin
https://www.the-star.co.ke
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
628
expires
Wed, 14 Dec 2022 06:21:38 GMT
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.146 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.the-star.co.ke
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
access-control-allow-origin
https://www.the-star.co.ke
access-control-expose-headers
Content-Type, Content-Disposition
access-control-max-age
300
cache-control
max-age=300
content-length
0
content-type
text/plain; charset=UTF-8
date
Wed, 14 Dec 2022 06:21:38 GMT
server
nginx
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.146 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.the-star.co.ke
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
access-control-allow-origin
https://www.the-star.co.ke
access-control-expose-headers
Content-Type, Content-Disposition
access-control-max-age
300
cache-control
max-age=300
content-length
0
content-type
text/plain; charset=UTF-8
date
Wed, 14 Dec 2022 06:21:38 GMT
server
nginx
t
t.lkqd.net/ Frame 9314 		0
166 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.149 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.the-star.co.ke
date
Wed, 14 Dec 2022 06:21:38 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame 9314 		0
166 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.149 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.the-star.co.ke
date
Wed, 14 Dec 2022 06:21:38 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
ad
v.lkqd.net/ Frame B464 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=1169236&formats=true&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=https%3A%2F%2Fwww.the-star.co.ke%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C63457%2C1%2C&c4=true&c5=&c6=63457&c10=&c11=true&c12=&c13=true&c14=&c15=true&c16=&c17=true&rnd=13970030&m=
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.137 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
dabc0d2f88bbdb718fc67249e8844d6959cfa67b1c52cb4d85a08fba15f41846

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 06:21:39 GMT
content-encoding
gzip
server
nginx
content-type
application/xml; charset=UTF-8
access-control-allow-origin
https://www.the-star.co.ke
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
1404
vpaid.js
ad.lkqd.net/vpaid/ Frame 72BA 		230 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
/
Resource Hash
c0d59afc312f7f1d1346cc4dfdb1463c05b2d334cfa64e7b9240456a48bfcc11

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 06:21:39 GMT
content-encoding
gzip
last-modified
Thu, 13 Oct 2022 21:01:07 GMT
etag
"88ca76abee51b1544e17b021f04aaaed"
x-hw
1670998899.cds210.fr8.hn,1670998899.cds268.fr8.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1209600
accept-ranges
bytes
content-length
62021
usync.html
ad.lkqd.net/cookie-sync/ Frame A70B 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/cookie-sync/usync.html
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
/
Resource Hash
a09fb04841151074c73e8daf6edb12da7ffd8b5e7812492a6d9f3ae977fe3d31

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
1882
content-type
text/html
date
Wed, 14 Dec 2022 06:21:39 GMT
etag
"952dcfd8e3703b5a7e78418d51009535"
last-modified
Fri, 18 Feb 2022 17:38:44 GMT
x-hw
1670998899.cds210.fr8.hn,1670998899.cds226.fr8.c
ad
v.lkqd.net/ Frame 72BA 		46 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=1169236&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=https%3A%2F%2Fwww.the-star.co.ke%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C63457%2C1%2C&c4=true&c5=&c6=63457&c10=&c11=true&c12=&c13=true&c14=&c15=true&c16=&c17=true&rnd=13970030&m=&rtv=1&thost=www.the-star.co.ke
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.137 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
7c226d9164e1d8363e3d4a0bd7cfd2d082befd29c475a476c946bc9dc17b0238

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 14 Dec 2022 06:21:39 GMT
content-encoding
gzip
server
nginx
content-type
application/json
access-control-allow-origin
https://www.the-star.co.ke
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
3559
ad
v.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=1169236&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=https%3A%2F%2Fwww.the-star.co.ke%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C63457%2C1%2C&c4=true&c5=&c6=63457&c10=&c11=true&c12=&c13=true&c14=&c15=true&c16=&c17=true&rnd=13970030&m=&rtv=1&thost=www.the-star.co.ke
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.137 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.the-star.co.ke
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://www.the-star.co.ke
access-control-expose-headers
Content-Type, Content-Disposition
access-control-max-age
300
cache-control
max-age=300
content-length
0
date
Wed, 14 Dec 2022 06:21:39 GMT
server
nginx
cm
p.rfihub.com/ Frame A70B 		42 B
593 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.rfihub.com/cm?pub=35678&in=1
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
193.0.160.129 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software
Jetty(9.3.29.v20201019) /
Resource Hash
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type
image/gif
Date
Wed, 14 Dec 2022 06:21:39 GMT
Cache-Control
no-cache
Server
Jetty(9.3.29.v20201019)
Content-Length
42
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
CookieSyncLKQD
rtb.adentifi.com/ Frame A70B 		0
34 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adentifi.com/CookieSyncLKQD
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.147.255.25 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-147-255-25.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 06:21:39 GMT
/
loadm.exelator.com/load/ Frame A70B
Redirect Chain
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=lkqd
  • https://sb.scorecardresearch.com/p?c1=9&c2=5989497&cs_xi=31d4987b-b3d0-437f-9f40-c9a38950c7b7&rn=TIMESTAMP&cs_xs=3315&r=https%3A%2F%2Fsync.tidaltv.com%2Fgenericusersync.ashx%3Fdpid%3D1266&gdpr=1&gd...
  • https://sb.scorecardresearch.com/p2?c1=9&c2=5989497&cs_xi=31d4987b-b3d0-437f-9f40-c9a38950c7b7&rn=TIMESTAMP&cs_xs=3315&r=https%3A%2F%2Fsync.tidaltv.com%2Fgenericusersync.ashx%3Fdpid%3D1266&gdpr=1&g...
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=1266
  • https://d.turn.com/r/du/id/L2NzaWQvMS9tcGlkLzMxODMxNDE0/mpuid/31d4987b-b3d0-437f-9f40-c9a38950c7b7/rnd/0/url/https://sync.tidaltv.com/GenericUserSync.ashx?dpid=1261%2F&gdpr=1&gdpr_consent=
  • https://sync.tidaltv.com/GenericUserSync.ashx?dpid=1261%2F&gdpr=1&gdpr_consent=
  • https://dpm.demdex.net/ibs:dpid=445&dpuuid=31d4987b-b3d0-437f-9f40-c9a38950c7b7?redir=https%3A%2F%2Fsync.tidaltv.com%2Fgenericusersync.ashx%3Fdpid%3D1262&gdpr=1&gdpr_consent=
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=1262
  • https://tags.bluekai.com/site/5379?id=31d4987b-b3d0-437f-9f40-c9a38950c7b7&redir=https%3A%2F%2Fsync.tidaltv.com%2Fgenericusersync.ashx%3Fdpid%3D1263&gdpr=1&gdpr_consent=
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=1263&gdpr=1&gdpr_consent=
  • https://loadm.exelator.com/load/?p=204&g=281&buid=31d4987b-b3d0-437f-9f40-c9a38950c7b7&j=0&ru=https%3A%2F%2Fsync.tidaltv.com%2Fgenericusersync.ashx%3Fdpid%3D1265&gdpr=1&gdpr_consent=
0
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://loadm.exelator.com/load/?p=204&g=281&buid=31d4987b-b3d0-437f-9f40-c9a38950c7b7&j=0&ru=https%3A%2F%2Fsync.tidaltv.com%2Fgenericusersync.ashx%3Fdpid%3D1265&gdpr=1&gdpr_consent=
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Server
54.78.254.47 -, , ASN (),
Reverse DNS
Software
nginx / Undertow/1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 06:21:39 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

Redirect headers

location
https://loadm.exelator.com/load/?p=204&g=281&buid=31d4987b-b3d0-437f-9f40-c9a38950c7b7&j=0&ru=https%3A%2F%2Fsync.tidaltv.com%2Fgenericusersync.ashx%3Fdpid%3D1265&gdpr=1&gdpr_consent=
pragma
no-cache
date
Wed, 14 Dec 2022 06:21:39 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
x-xss-protection
1; mode=block
expires
0
cs
cs.lkqd.net/ Frame A70B
Redirect Chain
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3162
  • https://cs.lkqd.net/cs?partnerId=23&partnerUserId=31d4987b-b3d0-437f-9f40-c9a38950c7b7&gdpr=1&gdpr_consent=
43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=23&partnerUserId=31d4987b-b3d0-437f-9f40-c9a38950c7b7&gdpr=1&gdpr_consent=
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Server
146.20.132.149 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 06:21:39 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

location
https://cs.lkqd.net/cs?partnerId=23&partnerUserId=31d4987b-b3d0-437f-9f40-c9a38950c7b7&gdpr=1&gdpr_consent=
pragma
no-cache
date
Wed, 14 Dec 2022 06:21:39 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
x-xss-protection
1; mode=block
expires
0
generic
match.adsrvr.org/track/cmf/ Frame A70B 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=e0d6q5j&ttd_tpi=1
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 14 Dec 2022 06:21:39 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
t
t.lkqd.net/ Frame 7021 		0
166 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.149 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.the-star.co.ke
date
Wed, 14 Dec 2022 06:21:39 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.146 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.the-star.co.ke
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
access-control-allow-origin
https://www.the-star.co.ke
access-control-expose-headers
Content-Type, Content-Disposition
access-control-max-age
300
cache-control
max-age=300
content-length
0
content-type
text/plain; charset=UTF-8
date
Wed, 14 Dec 2022 06:21:39 GMT
server
nginx
swfIndex.php
ads.stickyadstv.com/www/delivery/ 		67 B
691 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=2.0&_fw_us_privacy=&zoneId=7439281&_fw_gdpr=0&_fw_gdpr_consent=&schain=1.0%2C1%21vidoomy.com%2C63457%2C1%2C16139014458942905535255197071%2C%2C
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.55.110.82 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-55-110-82.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.the-star.co.ke/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 14 Dec 2022 06:21:39 GMT
Server
nginx
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://www.the-star.co.ke
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
67
x-sticky-vk
1670998899633090-572
Expires
Wed, 14 Dec 2022 06:21:39 GMT
vadtag.html
vpaid.pubmatic.com/ads/video/ 		1012 B
875 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.the-star.co.ke%2F&schain=1.0%2C1%21vidoomy.com%2C63457%2C1%2C8942905535255197071526812834%2C%2C
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
2c2824974153a5f3321b612423befe6c63a0f13f0c84927ce6b2d8f0c26e15fa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.the-star.co.ke/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Dec 2022 06:21:39 GMT
content-encoding
gzip
server
Apache
etag
"23df-5decc5efc263b-gzip"
vary
Origin, Accept-Encoding
content-type
application/xml
access-control-allow-origin
https://www.the-star.co.ke
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
628
expires
Wed, 14 Dec 2022 06:21:39 GMT
vadtag.html
vpaid.pubmatic.com/ads/video/ 		1012 B
875 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.the-star.co.ke%2F&schain=1.0%2C1%21vidoomy.com%2C63457%2C1%2C8942905535255197071382449791%2C%2C
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
5fb7e0a4b933046510d8294af02216baf21e9407a36ed7e50924269ff42ee796

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.the-star.co.ke/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Dec 2022 06:21:39 GMT
content-encoding
gzip
server
Apache
etag
"23df-5decc5efc263b-gzip"
vary
Origin, Accept-Encoding
content-type
application/xml
access-control-allow-origin
https://www.the-star.co.ke
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
628
expires
Wed, 14 Dec 2022 06:21:39 GMT
vadtag.html
vpaid.pubmatic.com/ads/video/ 		1013 B
875 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.the-star.co.ke%2F&schain=1.0%2C1%21vidoomy.com%2C63457%2C1%2C19943933688942905535255197071%2C%2C
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
133dfca929e7b23060a6c9b1b69bc2b57f04c113c434cdc6a7c3d2fbcc850915

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.the-star.co.ke/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Dec 2022 06:21:39 GMT
content-encoding
gzip
server
Apache
etag
"23df-5decc5efc263b-gzip"
vary
Origin, Accept-Encoding
content-type
application/xml
access-control-allow-origin
https://www.the-star.co.ke
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
628
expires
Wed, 14 Dec 2022 06:21:39 GMT
vadtag.html
vpaid.pubmatic.com/ads/video/ 		1013 B
875 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.the-star.co.ke%2F&schain=1.0%2C1%21vidoomy.com%2C63457%2C1%2C89429055352551970712052026891%2C%2C
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
48dd404c4c07f4c714378cd5174fdad51a52640c05ab6a5ebdaf9127fb93e095

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.the-star.co.ke/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Dec 2022 06:21:39 GMT
content-encoding
gzip
server
Apache
etag
"23df-5decc5efc263b-gzip"
vary
Origin, Accept-Encoding
content-type
application/xml
access-control-allow-origin
https://www.the-star.co.ke
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
628
expires
Wed, 14 Dec 2022 06:21:39 GMT
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.146 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.the-star.co.ke
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
access-control-allow-origin
https://www.the-star.co.ke
access-control-expose-headers
Content-Type, Content-Disposition
access-control-max-age
300
cache-control
max-age=300
content-length
0
content-type
text/plain; charset=UTF-8
date
Wed, 14 Dec 2022 06:21:39 GMT
server
nginx
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.146 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.the-star.co.ke
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
access-control-allow-origin
https://www.the-star.co.ke
access-control-expose-headers
Content-Type, Content-Disposition
access-control-max-age
300
cache-control
max-age=300
content-length
0
content-type
text/plain; charset=UTF-8
date
Wed, 14 Dec 2022 06:21:39 GMT
server
nginx
t
t.lkqd.net/ Frame 7021 		0
166 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.149 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.the-star.co.ke
date
Wed, 14 Dec 2022 06:21:40 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame 7021 		0
166 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.149 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.the-star.co.ke
date
Wed, 14 Dec 2022 06:21:40 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
tt.onthe.io
URL
https://tt.onthe.io/xyfkqvVtTBnP/ht.json
Domain
myjobsinkenya.com
URL
https://myjobsinkenya.com/api/fetch/jobs
Domain
dpm.demdex.net
URL
https://dpm.demdex.net/ibs:dpid=445&dpuuid=31d4987b-b3d0-437f-9f40-c9a38950c7b7?redir=https%3A%2F%2Fsync.tidaltv.com%2Fgenericusersync.ashx%3Fdpid%3D1262&gdpr=1&gdpr_consent=
Domain
tags.bluekai.com
URL
https://tags.bluekai.com/site/5379?id=31d4987b-b3d0-437f-9f40-c9a38950c7b7&redir=https%3A%2F%2Fsync.tidaltv.com%2Fgenericusersync.ashx%3Fdpid%3D1263&gdpr=1&gdpr_consent=

Verdicts & Comments Add Verdict or Comment

248 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| oncontentvisibilityautostatechange object| googletag string| screenMode object| gptAdSlots object| interstitialSlot object| ggeac object| google_tag_data object| google_js_reporting_queue object| __cfQR undefined| google_measure_js_timing object| google_reactive_ads_global_state object| _taboola function| gtag object| dataLayer object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| gaGlobal function| cookieinfo object| cbinstance object| _io_widget object| __io object| google_tag_manager object| webpackJsonp object| __core-js_shared__ object| core function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill function| $ function| jQuery object| Modernizr function| onYouTubeIframeAPIReady function| _typeof string| fotoramaVersion function| GLOBAL_FOTORAMA boolean| ASSEMBLE_YOUTUBE_INIT_CALLED object| ASSEMBLE_YOUTUBE_INIT_CALLS object| ASSEMBLE_YOUTUBE_PLAYERS boolean| __cfRLUnblockHandlers function| callPlayers function| __tcfapi_8928924878912 object| vpaidLoader object| TRC object| _tblConsole undefined| msg object| FB object| _at object| GoogleGcLKhOms function| __trcCopyProps function| __trcFromError function| __trcClientTimestamp function| __trcLog function| __trcError function| __trcDebug function| __trcInfo function| __trcWarn function| __trcWarnUsingBeacon function| __trcDOMWalker function| __trcJSONify function| __trcUnJSONify function| __trcTrim function| __trcGetElementsByClass function| __trcToArray function| __trcObjectCreate function| PageManager function| addHashParam number| trc_debug_level string| trc_article_id object| TRCImpl object| __buffer object| teadsscript object| scriptUrl object| ttPolicy object| YT object| YTConfig boolean| yt_embedsEnableIframeSrcWithIntent function| onYTReady object| teads object| yt function| ytDomDomGetNextId object| ytEventsEventsListeners object| ytEventsEventsCounter object| ytglobal object| ytPubsub2Pubsub2Instance object| ytPubsub2Pubsub2SubscribedKeys object| ytPubsub2Pubsub2TopicToKeys object| ytPubsub2Pubsub2IsAsync object| ytPubsub2Pubsub2SkipSubKey object| ytNetworklessLoggingInitializationOptions object| ytPubsubPubsubInstance object| ytPubsubPubsubTopicToKeys object| ytPubsubPubsubIsSynchronous object| ytPubsubPubsubSubscribedKeys object| ytLoggingTransportGELQueue_ object| ytLoggingTransportGELProtoQueue_ object| ytLoggingTransportTokensToCttTargetIds_ object| ytLoggingTransportTokensToJspbCttTargetIds_ object| ytLoggingGelSequenceIdObj_ undefined| _aimtellPushToken boolean| _aimtellRanScript string| _aimtellSubscriberID undefined| _aimtellRefreshResult object| trackData object| _aimtellTrackData undefined| _aimtellDebug undefined| aimtellDebugBox string| _aimtellAPI boolean| _aimtellSWInitiated boolean| _aimtellNewSubscriberID number| _aimtellVersion object| _aimtellDebugQueue number| _aimtellDebugQueueActive boolean| _aimtellPrompted object| _aimtellUserDefinedWorker object| _aimtellWebsiteConfiguration object| _aimtellFunnelPixel string| _aimtellUpdateViaCache string| _aimtellWorkerScope object| _aimtellPreSubscriberTrackData object| _aimtellServiceWorker string| _aimtellCurrentPage object| _aimtellPromptConfiguration object| _aimtellPageLoadAttributes function| _aimtellDeferred function| _aimtellGetUrlVars function| _aimtellGetDeviceType function| _aimtellGetPageDetails function| _aimtellLoadBeacon function| _aimtellCrossDomainSubscriberID function| _aimtellCrossDomainSuppression function| _aimtellGetReferrer function| _aimtellGetLanguage function| _aimtellAbandonedFunnel function| _aimtellAbandonPage function| _aimtellGetResolution function| _aimtellGetBrowserInfo function| _aimtellGetSystemInfo function| _aimtellDebugger function| _aimtellDebugQueueProcess function| _aimtellLogDebug function| _aimtellInitialize function| _aimtellSPAOptinHelper function| _aimtellPromptConfig function| _aimtellEnablePageDelayPrompt function| _aimtellEnableScrollDelayPrompt function| _aimtellEnableSecondsDelayPrompt function| _aimtellGetSiteConfig function| _aimtellGetPercentageScrolled function| _aimtellLoadPrompt function| _aimtellPromptApprove function| _aimtellPromptDeny function| _aimtellPromptCancel function| _aimtellGetSubscriberID function| _aimtellIsNewData function| _aimtellTrack function| _aimtellAppendManifestHeader function| _aimtellGetManifestLocation function| _aimtellGetWebsiteConfiguration function| _aimtellGetGCMID function| _aimtellLogError function| _aimtellGetSubscriberIDFromToken function| _aimtellGetSubscriberAttributes function| _aimtellGenerateID function| _aimtellGetCookie function| _aimtellSetCookie function| _aimtellDeleteCookie function| _aimtellHashString function| _aimtellTrackAttributes function| _aimtellForcePrompt function| _aimtellPrompt function| _aimtellAlias function| _aimtellTrackEvent function| _aimtellAbandonedCart function| _aimtellTc undefined| logid undefined| subscriber_uid undefined| webURL function| _aimtellGetPushToken function| _aimtellSupportsPush function| _aimtellCheckHTTPS function| _aimtellListener function| _webpushCheckPermissions function| _webpushSupportsPush function| _webpushPrompt function| _webpushRunNative function| _webpushGetSubscriberIDFromToken function| _webpushTrackAttributes function| _webpushGetToken function| _webpushTrackEvent function| _webpushGetSubscriberID function| _aimtellCheckPermissions function| _aimtellRunNative function| _aimtellDelWidgetNotification function| _aimtellDelAllWidgetNotification function| _aimtellCheckNotificationRemaining function| _aimtellClickedNotification function| _aimtellShowNotificationCenter function| _aimtellHideNotificationCenter function| _aimtellAppendNotification function| _aimtellShowNoNotifications function| _aimtellShowNotSubscribed function| _aimtellLaunchNotificationCenter function| _aimtellGetWidgetNotifications function| _aimtellFillNotifications function| _aimtellWidgetPermissionGrantedCallback function| _aimtellPermissionDeniedCallbacks function| _aimtellPermissionIgnoredCallbacks function| _aimtellWebhook function| _aimtellPermissionGrantedCallbacks function| _aimtellSubscribe function| _aimtellUrlBase64ToUint8Array function| _aimtellExtractSubscriptionId function| _aimtellSendSubscriptionToServer function| _aimtellAmplifySubscriberWorkerData function| _aimtellRegisterWorker function| _aimtellValidateWorker function| _aimtellSendWorkerMessage function| _aimtellLoadIntegrations function| _aimtellLoad function| _aimtellProcessQueue function| _aimtellCheckConflictWorker function| _aimtellSignal function| _aimtellInitWorker function| _aimtellForceRefreshSW object| OPEN_AUTH_WINDOW_POST_DATA object| lkqd object| mobile_blocked_mfs function| lkqd_http_response object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager object| google_image_requests

59 Cookies

Domain/Path Name / Value
www.the-star.co.ke/ Name: session
Value: "eyJyZXR1cm5fdXJsIjoiaHR0cHM6Ly93d3cudGhlLXN0YXIuY28ua2UvIn0\075|1670998892|3a30a6f946536fb6425e877d4c57e39a46c87e48"
www.the-star.co.ke/ Name: _io_ht_r
Value: 1
.the-star.co.ke/ Name: _ga_YVV0QW5VF1
Value: GS1.1.1670998893.1.0.1670998893.60.0.0
.the-star.co.ke/ Name: _ga
Value: GA1.1.658005635.1670998893
.yahoo.com/ Name: A3
Value: d=AQABBG1rmWMCECOCKAZuVc61oG2haAwPQtgFEgEBAQG8mmOjYwAAAAAA_eMAAA&S=AQAAAquPSGSEbxMZWB3ULApscBE
.analytics.yahoo.com/ Name: IDSYNC
Value: 1982~28u6
.ads.stickyadstv.com/ Name: UID
Value: 173b225618c8d5c073da16c8b2858e
.youtube.com/ Name: YSC
Value: OtFKdzNiqtA
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: MS7WqSFtkLk
.bidswitch.net/ Name: tuuid
Value: 0375164a-3d98-41b8-8a2c-704d8e362c4e
.bidswitch.net/ Name: c
Value: 1670998893
.bidswitch.net/ Name: tuuid_lu
Value: 1670998893
a.vidoomy.com/ Name: SSCookie
Value: 1
.turn.com/ Name: uid
Value: 2594843786619520761
.csync.loopme.me/ Name: viewer_token
Value: 9d8c06e2-68a7-4c12-a643-d606d019c2ec
.lkqd.net/ Name: sr103
Value: 1||1670998893
.lkqd.net/ Name: lkqdidts
Value: 1670998893
.lkqd.net/ Name: sr94
Value: 1|2594843786619520761|1670998893
.lkqd.net/ Name: sr54
Value: 1|9d8c06e2-68a7-4c12-a643-d606d019c2ec|1670998893
.lkqd.net/ Name: lkqdid
Value: _xt7vX3zMtk
pool.admedo.com/ Name: tuuid
Value: 966975cf-d556-4473-9f1a-b66650d36f0b
pool.admedo.com/ Name: c
Value: 1670998893
pool.admedo.com/ Name: tuuid_lu
Value: 1670998893
.the-star.co.ke/ Name: __gads
Value: ID=b900225aae0e9fde:T=1670998892:S=ALNI_MZfBpnPuQMho8XSl54blrbGXEhbhA
.the-star.co.ke/ Name: __gpi
Value: UID=00000b9262d2d6d3:T=1670998892:RT=1670998892:S=ALNI_Ma4pZguOvc0IPQJ_GsIpdnk73S6sg
.krushmedia.com/ Name: krm_r
Value: 57
.krushmedia.com/ Name: krm_usr
Value: 34e47b4b-0439-4ba7-80fc-13dbceeb235a
.lkqd.net/ Name: sr85
Value: 1||1670998893
.lkqd.net/ Name: sr102
Value: 1|34e47b4b-0439-4ba7-80fc-13dbceeb235a|1670998893
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-0dca93a0-11fb-4e04-5bb2-23e680102145.6j%2F%2BS7J4TxLZVNyekGv6iscm1WyOB7AYMyMQg1l7N%2FI
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3ADcqToBH7TgRbsiPmgBAhRYrHJoQ.nVFMq29bk1Fzfjtf%2B8prp99jj%2BrffwdzGoQdrfOCRWU
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSNjU0sDSzMDUzMjUyMzAzMDIyNxXiM9StrKyw8M5KyXJ0Kc8BAMtplYElAAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSNjU0sDSzMDUzMjUyMzAzMDIyNxXiM9StrKyw8M5KyXJ0Kc8BAMtplYElAAAA
.doubleclick.net/ Name: IDE
Value: AHWqTUkbksJbDJnVF0nowbarfCIhu5O9rlYYJYDBaBn1cgrjvrXasOPYF3w2w3zlwis
.lkqd.net/ Name: sr93
Value: 1|DcqToBH7TgRbsiPmgBAhRYrHJoQ|1670998894
.adhaven.com/ Name: uid
Value: 4c_033ac60a-6973-41be-9af3-34cb467e4999
.bidr.io/ Name: bito
Value: AAGCck7HMtcAACAJ4unM0Q
.bidr.io/ Name: bitoIsSecure
Value: ok
.lkqd.net/ Name: sr90
Value: 1|4c_033ac60a-6973-41be-9af3-34cb467e4999|1670998894
.lkqd.net/ Name: sr80
Value: 1|AAGCck7HMtcAACAJ4unM0Q|1670998894
.ads.stickyadstv.com/ Name: pxId
Value: 7169
.tribalfusion.com/ Name: ANON_ID
Value: aTnr6iNj6WkCyhURALhIkNFfb3wQWlmP2LSDTWfTK878TjtqqXnwYsCLBU374w39fvsTWifh
.doubleclick.net/ Name: DSID
Value: NO_DATA
www.the-star.co.ke/ Name: _aimtellSubscriberID
Value: 0bb7c23e-2c77-6bc4-23da-d5d13f1a95a8
.quantserve.com/ Name: d
Value: EC4BDQHnJ6vLkwA
.quantserve.com/ Name: mc
Value: 63996b6f-4ceb4-b3ca1-43c52
.lkqd.net/ Name: sr55
Value: 1||1670998895
.lkqd.net/ Name: sr76
Value: 1|7PEz2OygPIf39mmEuPYng-mha9D39jmC7_Dihr6h|1670998895
.lkqd.net/ Name: sr59
Value: 1|CAESEJ48Muo5w10xR45ip7I1KoA|1670998895
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~Y5lrcAAAAkGtpAAo
.tidaltv.com/ Name: tidal_ttid
Value: 31d4987b-b3d0-437f-9f40-c9a38950c7b7
.lkqd.net/ Name: sr52
Value: 1|Y5lrcAAAAkGtpAAo|1670998896
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: cf49289e00724795
.lkqd.net/ Name: sr53
Value: 1|F9WkjGDl8fJ0|1670998897
.lkqd.net/ Name: sr25
Value: 1||1670998898
.sabio.us/ Name: sbid
Value: 514795109016775980
.spotxchange.com/ Name: audience
Value: 911c7514-7b77-11ed-8840-15758c630006
.lkqd.net/ Name: sr39
Value: 1|514795109016775980|1670998898
.tidaltv.com/ Name: sync-his
Value: H4sIAAAAAAAAADM0NjY2tDI0tNA1NDXVNTSw1DU0N9Y1NDIHAMAloDUZAAAA

15 Console Messages

Source Level URL
Text
network error URL: https://www.myjobsinkenya.com/images/xgreen-logo-ss.png.pagespeed.ic.ZEI47I_OoG.webp
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://polls.the-star.co.ke/polls/embed/poll/-NJEAttc2Gb0_iDDorBm
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://polls.the-star.co.ke/polls/static/css/main.6a3a9404.css
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://polls.the-star.co.ke/polls/static/js/main.af74b8b9.js
Message:
Failed to load resource: the server responded with a status of 404 ()
javascript error URL: https://www.the-star.co.ke/
Message:
Access to XMLHttpRequest at 'https://tt.onthe.io/xyfkqvVtTBnP/ht.json' from origin 'https://www.the-star.co.ke' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://tt.onthe.io/xyfkqvVtTBnP/ht.json
Message:
Failed to load resource: net::ERR_FAILED
other warning URL: https://a.teads.tv/media/format/v3/teads-format.min.js
Message:
Origin trial controlled feature not enabled: 'attribution-reporting'.
javascript error URL: https://www.the-star.co.ke/
Message:
Access to XMLHttpRequest at 'https://myjobsinkenya.com/api/fetch/jobs' from origin 'https://www.the-star.co.ke' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://myjobsinkenya.com/api/fetch/jobs
Message:
Failed to load resource: net::ERR_FAILED
other warning URL: https://cdn.ampproject.org/rtv/012211060024000/v0/amp-ad-exit-0.1.mjs(Line 1)
Message:
Unrecognized feature: 'attribution-reporting'.
other warning URL: https://cdn.ampproject.org/rtv/012211060024000/v0/amp-ad-exit-0.1.mjs(Line 1)
Message:
Unrecognized feature: 'attribution-reporting'.
network error URL: https://cs.lkqd.net/cs?partnerId%3D85%26partnerUserId%3D18072662277490772174
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://idsync.rlcdn.com/464986.gif?partner_uid=_xt7vX3zMtk
Message:
Failed to load resource: the server responded with a status of 451 ()
other error URL: https://www.the-star.co.ke/
Message:
Chrome currently does not support the Push API in incognito mode (https://crbug.com/401439). There is deliberately no way to feature-detect this, since incognito mode needs to be undetectable by websites.
network error URL: https://gu.dyntrk.com/adx/lkqd/us.php?dynk=l1k4q1d4&gdpr=$$gdpr$$&gdpr_consent=$$gdprcs$$
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.teads.tv
a.tribalfusion.com
a.vidoomy.com
ad.lkqd.net
ad.turn.com
ads.eu.criteo.com
ads.stickyadstv.com
ads.vidoomy.com
adservice.google.co.uk
adservice.google.com
b8e0ce453c4825c070d42c0107d46d94.safeframe.googlesyndication.com
beacon.aimtell.com
bh.contextweb.com
cat.nl.eu.criteo.com
cdn.aimtell.io
cdn.ampproject.org
cdn.mgazeti.com
cdn.onthe.io
cdn.taboola.com
cm.g.doubleclick.net
cms.quantserve.com
connect.facebook.net
cs.krushmedia.com
cs.lkqd.net
csm.eu.criteo.net
csync.loopme.me
d.turn.com
dpm.demdex.net
event.clientgear.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
gu.dyntrk.com
i.ytimg.com
idsync.rlcdn.com
jnn-pa.googleapis.com
lh3.googleusercontent.com
loadm.exelator.com
match.adsrvr.org
match.prod.bidr.io
maxcdn.bootstrapcdn.com
media.sabio.us
myjobsinkenya.com
nxd.adhaven.com
p.rfihub.com
pagead2.googlesyndication.com
pix.eu.criteo.net
polls.the-star.co.ke
pool.admedo.com
radioafricagroup.github.io
region1.analytics.google.com
rtb.adentifi.com
rtb.nl.eu.criteo.com
s.tribalfusion.com
s0.2mdn.net
s3.amazonaws.com
sb.scorecardresearch.com
search.spotxchange.com
secure-gl.imrworldwide.com
securepubads.g.doubleclick.net
signals.aimtell.com
static.criteo.net
static.doubleclick.net
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.srv.stackadapt.com
sync.teads.tv
sync.tidaltv.com
t.lkqd.net
t.teads.tv
tags.bluekai.com
the-star.co.ke
tpc.googlesyndication.com
tt.onthe.io
ups.analytics.yahoo.com
v.lkqd.net
vpaid.pubmatic.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.mgazeti.com
www.myjobsinkenya.com
www.the-star.co.ke
www.youtube.com
x.bidswitch.net
yt3.ggpht.com
dpm.demdex.net
myjobsinkenya.com
tags.bluekai.com
tt.onthe.io
142.250.181.226
142.93.104.37
146.20.128.137
146.20.132.146
146.20.132.149
15.197.193.217
151.101.1.195
151.101.193.44
151.101.194.49
151.139.128.10
162.19.80.91
178.250.2.148
18.156.0.31
18.172.153.4
18.194.50.17
184.24.1.49
184.30.21.51
184.30.24.201
185.94.180.123
193.0.160.129
198.148.27.140
2.18.232.7
2.18.233.180
2001:4860:4802:32::36
2001:678:cb4:bbbb::11
2001:678:cb4:bbbb::13
23.55.110.82
2600:9000:223c:8000:1e:a43d:b640:93a1
2606:4700:10::6816:46e7
2606:4700:3032::6815:31d2
2606:4700:3033::ac43:c18c
2606:4700::6812:18ad
2606:4700::6812:1f97
2606:4700::6812:bcf
2606:50c0:8002::153
2620:116:800d:21:b314:a0ef:ab7c:d546
2a00:1450:4001:800::2003
2a00:1450:4001:800::2006
2a00:1450:4001:806::2001
2a00:1450:4001:80b::2002
2a00:1450:4001:80b::200e
2a00:1450:4001:80e::2002
2a00:1450:4001:80e::2008
2a00:1450:4001:80f::2001
2a00:1450:4001:80f::2016
2a00:1450:4001:810::200a
2a00:1450:4001:812::2003
2a00:1450:4001:827::2002
2a00:1450:4001:829::2001
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::2006
2a00:1450:4001:82a::200a
2a00:1450:4001:82b::2001
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::2003
2a00:1450:4001:830::2004
2a00:1450:4001:831::2001
2a00:1450:400c:c08::9a
2a02:2638:1::2
2a02:2638:1::4
2a02:2638:1::8
2a02:2638::21
2a02:2638::3
2a03:2880:f01c:216:face:b00c:0:3
2a05:d018:24:b002:d133:9dc2:a783:2cd2
2a06:98c1:3121::3
3.19.54.139
3.69.101.30
34.107.184.81
34.234.229.82
34.243.172.78
35.210.53.219
35.214.223.115
35.244.174.68
44.205.120.122
47.252.78.131
52.213.183.212
54.147.255.25
54.231.236.32
54.78.254.47
8.2.110.134
000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c
00185ef41abf2f454083c4d30ec9767ce52782b6f4ee19e0dda5d6de5881fab5
008a1d103902f15fdb1c191fcb1ce8954330e7b8de43d09abb08555ba609f420
01a3f6e2a720a4b39d24b88578a0fe693ca7b5907e882be1a62d985a580b0ffa
024e3e4388509660aaf0b3d31e213508ac969dd6aed1f3b876f52991e5abe21e
02b6b3f78db38c36e361be7aea812aced8a46d308d7e17062a0918bd0d1fab21
03064acdab807ad7d6a936b31b7f77cae92fdd216c2ea9a0ab392b734ca461a2
06cf74ed3353facd504802a5773d2c1edf9c6168019802e4ca08f7cbd8478a8c
06fd2a61dce61487dc324f208fdf13c255b8b1d2c6969c27609bde27488f0fa3
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
087894981002e214813e1b2893a475ed8e5fd4889c817dd6dce2275607deff45
08875dffc763f5b1fd4735b8aad5674e6b39840b42bd11411a74ca98f774fa26
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0b9c86af394e4b0b68f4289ee3c470e4fe7bb00512785f3cfd2b7ac6c46c02b7
0be58fb0639cde895aefea4feddde840395c6ce1bf28345678042f3b031a104d
0cbf1651ecf588a2dc002985e10061975e7000cd0d842e1d2f2b1ba56fad7170
0f4a5ad23cc5b11e3d3a589a24fcc32addcffdd6c8842e1cfbaf870e7ec48c70
116ad0e55e56b7180e078d1d05b5084ddc64b12290ef489f12b83d6d893e3c9b
133dfca929e7b23060a6c9b1b69bc2b57f04c113c434cdc6a7c3d2fbcc850915
13c1a9cc135edffa92f4f21c434cafe7d9421dd5b09496481e40020f903736d2
15d3c3958b58b92c485db6e5265536e0a7f364948edb90a62ca5e5ab20e0403f
16d3bf055ac41e1d589b4beb685c14eaa03003bbc989bca4c111cad62e485c4f
1700f83003b043d183ab54ed4925d06ec9f28639c45cd8444c85403acaeab533
182e4ce4dfd537795577b12b9b19a57422a8b21815f5dd92ef8acb3fd872a19c
18e21aa71f9cb4159176eb80c1c9677d75fbd1da3a028931a63fdb483d089cf3
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
1a12c830ad965e840254e34ba7f920933730e2c2ce291f4f0f24c701871605ef
1b1c3ea8b3d9fec1913ac70c81c83f2172acc41988e747bd24d22bf779fd19a0
1c4fe0cc424c39e9c4797b25e8a4fda45cf96ca81c0c5d799144e21fba76a477
1d986e5aa82de1798ce40ba2fdcdb8a811b0b1773d7f01909d2735d5a48fb6b9
1e288c4dc57f72a69a497baef524f41c57e1c6a414b09a5bde22cd5b2f1b7cdf
1fe12f038a5e825c53c1a59c81cd2755fdb7a6477a33f64f6ce2b3060673e2c6
202caa48a1b5be1a7a460e055f1e7c373667747ed47749acb11eaf4d76573b14
24707433eb19a7c5f523950106af8fd4596c1501a4ad0c899f51a14da1a38bde
24b28b35859e2321ee6ae443bc3b3bc9a17cd00790f84b124b0aacf3c6a9293a
24ed15e9fb058e344618b8c7a68b56b5765ea51b1765fac3372a040955da6877
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
25bc555ee72e3b016bd92686344c0ef1a5ccdcefe2045e7862742a5bee8f9341
2601ead8fa5287b471a02cd1e1df0b9057f56f457fa968d536cfae0d3b0d57c5
2715d7400fc9d49eca775ec3a8814267b28be978f14edc9f4458ae9789605a38
273c8613cdd2852dd5318f224d804ae6d2fc717c48d3f1dab587b6d396fb4fc8
287881f0ceb6fdc21943d23658bbfc8acc405283d00e464d823bdf5be2626b7e
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe
2a1331047fb3afa65f98be0248a07e6227b3f89e1f78e7311d93b417c0a7b366
2a29e79bd75cc83eade181c4acc1c198786539997766b648bc21ed5aa7698408
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2bf6fa34d89d072392d9608976ebcf09580bcdecd034ffe0c1467db6bf7f58b3
2c2824974153a5f3321b612423befe6c63a0f13f0c84927ce6b2d8f0c26e15fa
2ca894bf1b052d3850519b33f5874b9eb22693471114ba1eadfe61fbd4783c3e
2dc41532218c4aedb2e069256335e97cfce9ee7307fd71530240499636493fca
2e05ba8596a366d4e8e37a6a16451583bc9cf4857c55115dded6cce8620fe228
2e98ef142a087c8c7da0afd1c303dc1e7f2e6e9eec1e8fa8a9448d35f38fcd8c
30eb99425a0afc0ccc7802996844c817100b8cec24009e6dd98f531ea3829a44
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
32a9404c5662ae6cf8c59f12375a4c9bee0b3fad9dc81733b9b7e45d9aa505ad
32f1b13b68c11ae38845e45c4fbdc1068005152f4f8019c97f2cb3b3b4be6905
3351186dc844da3717f530937537f04c546d53acb6ce92799414f941cd76cac2
3358c34480e959b05f293c96d34c132d6be2a1130a1887f49e71bbd2ca850676
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
3642df12f0d930d5846a96652080908eb2f383b602a95cf80d1e6227e66e1c46
36c8c49511f02f28b45b94fd621b747c835ff7850534361219632d0290cde85e
3764679237549375d7fbb391167dab11339c32babcfd59ff40eef531f64339be
37656c5725c002db62930e85a89f30be8fb0f6d48e71c6db83dbec71296d2c87
38354e6a0119fe113356e1506a115ca148a6b9ea22cf88136baa9167d6fde794
389b654c92e941c98cde3416bd0d9fde36ce0b3712579a83f7fe8be98d8b46a5
3944a8598cb1a26aa0c18d6899a19e6e76cba672d6e301dcf00341f07f7747bf
3b6932e7eeb074c5fe60282c584ed4bab4cd98d6eab611f3ad64871e57f7d110
3e017c8dc8bfec81eb35aded524718a846070d0ffe8118399394fd0e6e851757
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3eed7b517bf0301b429f8777b0685f7bab48925c1ca9935c9e8d591be1a190ee
406d5ab3d026eb797f23ce36845ee34bae9d639d7cabddc367654f12eb9bb1f2
42b1ed60cbdf88e3c800046c8cccb40d31206a5fe16d86d67cf28184d68c3e07
45fa735c6df15f15a1293a9cb3125033408874bf284280e8bcac23f95ad8feac
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
46d1791d45e9e6840842ef90f192c2c6f1f4247baa7c1f32f2da75d3a05c0de2
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
47c7188d8a8c546806eda7758802d071aa67f30b16ac565f207b250b9e737a17
482f6923b75a2880441f35ead0912d3abf72325e55ef230caa8a30b30f2eccdb
48abbbb87d8a3a1f97940449fd42b27a75079b449e844fad811e1231cdc57836
48dd404c4c07f4c714378cd5174fdad51a52640c05ab6a5ebdaf9127fb93e095
490319aff00a55cfc00d9e24f71f39fc0801858055c62c07bec8fabf2f6e24ff
498340b5ce57af046941ab37ea458fa90fb70d7561fd4507db89d6510c7bdde2
498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9
498d521089ab4acd1cae9ffcc81f4fafec6c3f5a0c2c167af2c23bdfa2a726c8
4a0c9a9877faa71ad0dcea580dd7a3514f8a13ca6d46820a1c2684536b8a0f69
4b778d016878e5fcff89cda54ca63724e000c53f2e779c9d78f7ee067215d997
4db57355a20b52e1c5cfea2fef736bd9203ecea7321b54005439dca6037926c1
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4ea7f54f824a6fc2544000de63c3459f6e743ab13039b5abdee715dee7ac9c25
4ed769852ff93f5fd1225c4248e02ff3798ecca0f7b2328ea1e986ed90c71bb7
5205891d52040fe7348f8724599c00040f3c69b5dfb19fe4f191b871f4cad1b5
520c678e5c27cd38f5c8cbed72cd68c52b6bbd9b34fbcca0db577684acaf61c1
52f59979c61ec03c4c7a1be02e827322ab7dd656dccbc8e3a70cc9b7ebae0b60
539eb6d2511a5017738b539919b691bb7b2b7265b97b4f06673eef710612069b
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5806fc91e8380c3cab9ff4ab77390a9ad5787ce71b55030ad6552f683069ffb2
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5b8704514ddb13142fe7a2b083cbf2394afcc35318434cb592d19c48039df1af
5ba76e6f632f82d934eaf4066d2ae0572b4c73310f02971c64090c86c31ce288
5c2d662e92bcbf1a5970b97040f901031295e79a96314db8302f549003022087
5c61fad8be7927ed7d37dd145329101f8707a0cf18218edc378d61ac997d2b62
5cb78dbc15468524400c8a5ecf6ca08a92921c394c25324736ae870cf9ca56e4
5eadb3853810c64a037b947f6355ca7f98036d56bfb46ee9f51a01f881259ed6
5eb9168c31d8e279a529edcb5463777d6e58a1d08fe28f070395499b6237d8ba
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3
5fb7e0a4b933046510d8294af02216baf21e9407a36ed7e50924269ff42ee796
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9
61014c361ca697a474f92b408a0b06f8528d0753e695361bd56b21324d591ba8
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6247e4942b5fdece7eff5aae5870274c71d568167e8bb4e801e5c5a6ede2d91a
63941bc4ee706ee7e8073c6a1a7b969fa382a0ae81c4a1e41022e16c0b9247bc
63cbb4d3bd7ad1f3eeaa54b37a2e137be0836466218d3bd4ab2b0ef3eb82fc3b
64da655821289a2d5334052c6980478c0ec94c85f00e756be237a26586505999
6586e02fc41048097838a33b144abab0545beb575e1ed8708e111a53ca0b3e7b
65cb5cd5882c666a22bf188d80f04fe01f56fbb3428e29d74aa24e3d9b1c783b
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
685fff79efccad8fa7ea8efde2501a85df0282114d9582b29c1934c312f13f47
69e6272a596cae3d98422c59a27238c9a6466958534ecef86ef227ef9e5892ef
6c81b292bf9d922440a8e86d8d896f8b3e17bbbe0bfad83e8857dc8916ef0cd9
6da58309c2b41920290031163bc4dae426d0e70922edb00a0b2ecda99b4d3932
701d511fc415613bd03681506371a60e966db7a858142dcf5c7e497d2a6606cf
7239602728eda88e4dd4307a6aab7129bfe1966461357b3ee36f504724fb57f5
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
72ab663925ecacafce058db542850be48a01953885fd418c1ee3717193c9bbb4
73b19e275299e4c438c2529b5e0d74822b774a0c183e56db9f01709ed4370550
73fc4621fd5d3c63d23aee9f301449e307f0f98e790024f6590a562f0ffcacd4
75d479a0bb2de95e36aba92639eefc91e31a644e2b7a96052e3173ec5657130c
78e958d620d6e40a19e424eee3a9b23932cd9bfa4d7f736442048777d203052d
79e372e119eadc84b7085543be082e981e3150bedee027e7a20459fb08f3d092
7a570a18c3e8be58a090e3295d3ff7d5bf12a14295868345ef24857ecf65e6c1
7c226d9164e1d8363e3d4a0bd7cfd2d082befd29c475a476c946bc9dc17b0238
7cfe458faed6fe5c3094bd51f1f10174604be983739ade9d828b0aad190043e5
7d24edd264151f326a963822300fe909351ac85f1dee3ce29541cc92cbfef29a
7d3c220e8b91066f924ecbdd6905a6e98a8a60e1210aae9a0af69b380efe9319
7e9b1418237b95ba1e4a8cd22dd6966da3384265585c15cc27983b26bc59be8a
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
7ff0a74af02c5fd32ced1f281f2ab9dc0c279e8f872f31301936a7e5b9b90b01
811fbe251991b76cc7c03247f23c64fc2eb463880f2108aedfe0d04978e3a778
81809aa166a76dd99939edd3df52a70720e5ee9b65fefe1de4b32500e324e763
82c2846e1cfc97ab99893211dd3c20de6c1dd0f6d1099cf362b1aad84faa0f2d
84161c46238fff2c6920ebc28f02cddd7b710cf3d1107853f540b084320f6afd
84b962439653ddbe2aa48df1291f99c9eaaed3ed226f70f2414a812f8dc455a0
85d02d0a75eb2247a55f3dc4714f3db54f126ef57d4adbdf2ffffed589d4b629
85f681c608f719dc76edeafbeec74e8fb9c79fbc77cf01308d5deda9fb00a62b
864e9e2769e144006f181df17c7c12111939bb09e038200904bbaa384f0c80db
86a2a3999c65a6ee0bbee35ac7515f04856e0fcbcebdffd56001c0dc924d887a
8767a153c7e72f2c42693bf86cda7bb2613802be672e650a3ff0809cb1527aef
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8ee5f53d3752309af021002b2199a06523b1fd03f3ea1cdaf5d59e911d4d8178
90e728f69e2b018245a4726c0f499e56e5a5f71330c07b0978596fb1bf45a831
9123e69ec42adf7e8de45494f948394ccce0565f0b032b0c013776a15c5a6c37
9406874f46f62e5ddf8aaef06eddb9dac85cda9930d87e3605b123986323e4eb
942b061441de9ae6bd3a854f0ffc64c7c40dc6ac52e1408da58978bc60aecc4e
94b0d2f07c7c243c3be2fc315000465da4fbaf9607ad8fae8a7d71049c12c73b
951da460e1a7961083ca5f9af8d2e1dce631eb98117853bacab0622968a39d26
98139308023fe5252488c071279384011a3d93812a3c000e8431fce38744759c
99ccc8ca357e3013dafd3a054f4b8719e4c3b0fa0819b6777808afa421fcb8a9
9a0eefcef60e76fb405898ec6f44620d6978ac16edda818183e207abc544a8d3
9d654a99347f7f8609875a1cb303ab6499e527049be3bc47f240c285e9d06d16
a01f9f2f5ba1812441a49f7f1dc0b04fb56a18b486005289b8df4212381f10ce
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a09fb04841151074c73e8daf6edb12da7ffd8b5e7812492a6d9f3ae977fe3d31
a0b3e0c83ddfac2fdae4f678c8bce83a9fb64ca27c5cef9c80652c6734c75800
a0e0a7a96cb99a0c3b5693f6d8c0210a0b945c9feeede5851e5aa4a7c9920672
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a1164d38f35c8d9599848239639641326905ba695401405af5e5ed66dcd5c811
a13c674ab5700fe40ea77abbae8a8c8d7ff9aa6ec42c54e40f728306f2ae18e2
a1501167cd9b39c9dde05a08b6d438a8565e56ba7bbbacec2518ff3122213969
a174ce3d0e66cfea95ba4288c928291b37bd679f3044ac1a7f4dc3958036be11
a25b4ea2db2c4dc1844de60c4c250d48cc20a763f4a973b890d7c5b5ad15488d
a2cc385b3adf3199bc4c73b1fb63c3dca41f27e094b2011aa8bda1598eaeb5e0
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a491c56726826ca847ad1bf4e52b42c9b45fc1892491b954f3d14eed4da49580
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5d38d4ad8b82e6363e4b700dd0a2ffca99d8e49d62f6225b415d187df789ef4
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a7adba2a4ae2281b7d8cdbf0f3dc1e83fcc5c2602be46ba339ec3cabf218a786
a950eb2a113b6519371037b16aaa880230d823caaa9ccb78dc1a81a5af366462
a98064cca8a7895059d086c2ef279d92d1e68161bc4e7f0f72fa0c4cd7788ae9
a983ec1308781984ea4503dd1c4e1317b2b48dcb17dd1a6e68df68560951784b
a9b93a5a995ac345e943ba453034bcd7b40ca906b010de612dd2aa1e7ffce055
a9c3152b1f921defaf879a7f6514623aa21e0656a12f143b20cde6648ff5036c
ad5bed8cc0da4c7a05e39a40365cbe993dae1683da8e46b51df734d9e60c0386
ad8b1cb061ce071eaf100af9944c3409cfe16abc891377eb2e74310e92c390d0
ae0040e0961c9ed9b43b6eee8a92d21c2d1eb2f672ca13860a7fad72681438b3
af7d484011adc9015caf861daf0b7dadaa31aef82ca07e891a1dd0e74e28619d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b0f005ee73493fb10f179e1200181c2f867ec5cf5df6e8f45c696e7c9d751221
b12df28928ae6402d9d672b356057877a9829fb5701e913e162c03774ab4cec7
b23088f603559282fd1e3267a4726944b4dfd24570f8f4573b94f2f47dfd14a8
b5ef89e903158b043bfcbaaf1e1a475b816e56e5e3887d5f5d99634eafd8458e
b6b6a321a301b05f87c762c6d3309c7077b9aaafb5d7389f86bf42a79d823d2c
b889cd4be09bec30d99de26961d2e3a4c1fc87c187ab9326caa70d9b97ca9d79
b94a89259ef175b881195823edba0134e626911f4dc3baaac1bece619eff6bb9
ba5283ced9c89d851e0a501e9bd8294ccc98c03138020be052060aea58b9ed1d
ba7eef81c1b81bfba6ae3137cd7c58c3f65dcce009fe916f24d7dfec23e77c9d
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
c0479b07a3cb6e825527814e9f1ab3980eb36c10bcdd055b09570a7e62ed233f
c0d59afc312f7f1d1346cc4dfdb1463c05b2d334cfa64e7b9240456a48bfcc11
c19cca3effa7e674cdd64ff08f6b6a07b2b612ce81848514f7d60c08827e31c2
c387c2370eed4d6430a3da7d4c0317aac9a3f9367cda0202f6e0928b9e12ae5c
c3f73b989e0620a4d2e12ed57a0d538e4580b8fefaa1fefbad73e0abad6d227f
c41dcdff5761a7150045132050420e00de7b82834e057feeba56b67c728c17d4
c46c4076e9cd02124528cf31777e0c098aa55f3293a0216cc0a156a8c71e1f6c
c7b8e523ed85f88aa0d75c9092ae6a4a4d5eae30fe2c6bdd2c2a7295d94d7ec7
c82984d6351e635cc9422937680205eccf44b662dd84d0a966f3dc98f2253618
c8356c413b566272ba50c98d4ce0546e1fce6177ceb6cf8c2a7efe0a65e085a1
c85b2145ae65127325a57a49292936ef153ee58707b549fb188c2520f6ca3a6b
c8ed4fc0c09d47d779670b90574a3c6a1a61a684e5974b0b99bda6165014574c
ca1242df9d6cd66f56274472d99ebe85b072ef35264f41f3fa02a9c15230401e
cbf6767dc875423191ba05f826ac2ecde67adfb307ef2f22ee2d3537a7691779
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cfd37c485b1f670c5c0e4f67610f2aed3095a78f7c15e53c941ea284cc271672
d1313bec86fb7ec78256af4326680f6437ec7a02de758ad92cf4bf7822da0126
d257e40483564a2a319051298dde85b893e1b5719eb330334b792f4fc6d4b742
d3de7488ac6723f0788c9a774701fa787e513a6b03ea875b6ea5c3ae5e2b426b
d4b3ffb2451b816a612010078b48f2ba7ced63d17c63b323457d5ba49fc0fc9e
d6d513abc5d96532a8626f4b04379d65a1efc4f977a50b0cbb3c0df7b51c1520
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
d85f6474893e823b6eb6ce2ad936235ff13be5d10d1c1dba6517f6dd3a731c59
d89cb9800cc62dcc44a0ba866b4a080ad06f735f60a6afecbd6d691d2e8939dd
dabc0d2f88bbdb718fc67249e8844d6959cfa67b1c52cb4d85a08fba15f41846
dafd5e3dd079e6aa6a45e93b0f41cea154a4db95a09d7a8ef9df4ce248e87015
dbbe34e3621b349c931a185ec2379c82d68b40f7265c2a914506a5c15b03a3e1
dc844ee88095c655fec2c9ac44bc0d8d0f4ffb3f062f3722aed89695b08718da
dd870101ad4e95d687a2eb734707b0dd7c20808f76d7be77a71a5d13cf99401c
df968abe67a5829be53c836be60dd68bfc1659cd869f912f306383786d3dc73c
dfe76a619d9b8b1711652a049ec4a19bd32c4f15c9215dc26c3f23f6ad53926c
e063e1c51f4aa6edc41f31d1caafdc45ac2884e6343eaa2a9d4fc1de23157cbd
e070c65fa6115515c6dd68f600a8bbc9ff1271d9d8b235c48723942efc67c3e0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4766ca461eaea3d386a1a17d8d1056d8b9e84efd3d9eaa4f216c0cf690300c5
e7a2a5ff7b5052fd5e605aef1cae4fbd16b85d830b2b6353da0feceda5b45608
e934f02d55d8994d6f471e3aba0ee3c352005af4dabb11aedae018197d769e41
e95a0ce88edbfe2391f490938ece5641691e1d591b688398ddf26931290396db
edb3ad39da49fc271ad343fa141104e847059c17a189c40024bbfeb8432a3977
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
eef488fa7d2ab87253eae94fd61fefbdf9c06720588e26f54c55b24ef519811d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f081381a3487cb253565ad7e1a12d23a5f8f5a952d21c389356b5af25a00ce8e
f19f656dbb9200aa6cae2b6ae01fcb162c03c0738be116c35d9549c93b7398b6
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f57b087063d1be22653ab9579eae1e5c640bfc7654d182d5b5ef55110f63c266
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f7de7f0c860667d6316ddfc6e9480f39c336aeac610fca636d9a92417c3d1a4c
f92cc7ae28eb75c3a92e8b34257912eb932dc22cc7dcabd7b29d15f6abeba4fb
f933d1ce742005229ee6ac90b11e1c69f27dbfbd55dcc9d9b9bdffb59db24983
fdea46a4ec9abb7b92479fad87a3780bfbebc8100ff2965c46dd51c2596a34a8
fdf7b97297c6b787d2a4fe8a9309ab9e4b4dd526f0a1a12f65df4fcbdc21ac8b
fe243a9e09757562376b46d2432998b74e1b28b5f5d67d8f3451639299836371
fec5f6af5919cd467cd2c0f4c13d5d3bd9c40eacc0f2fc2690b9bdb24fe9fe82