northstarcourier.net Open in urlscan Pro
2a06:98c1:3121::3 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://northstardelivery.net/
Effective URL:
https://northstarcourier.net/
Submission: On November 27 via automatic, source certstream-suspicious (November 27th 2024, 12:27:28 am UTC) — Scanned from DE

Summary HTTP 62 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 25 IPs in 3 countries across 19 domains to perform 62 HTTP transactions. The main IP is 2a06:98c1:3121::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is northstarcourier.net.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on September 17th 2024. Valid for: 3 months.

This is the only time northstarcourier.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	15.197.225.128 15.197.225.128	16509 (AMAZON-02) (AMAZON-02)
6	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:800::200a	15169 (GOOGLE) (GOOGLE)
6	2400:52e0:1e0... 2400:52e0:1e00::1082:1	60068 (CDN77 Dat...) (CDN77 Datacamp Limited)
8	2a00:1450:400... 2a00:1450:4001:830::2008	15169 (GOOGLE) (GOOGLE)
1	2600:9000:223... 2600:9000:223d:e400:b:527a:2d40:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:235... 2600:9000:235a:d200:12:de4a:40:93a1	16509 (AMAZON-02) (AMAZON-02)
5	2400:52e0:1e0... 2400:52e0:1e00::1079:1	60068 (CDN77 Dat...) (CDN77 Datacamp Limited)
9	2a02:6ea0:c70... 2a02:6ea0:c700::112	60068 (CDN77 Dat...) (CDN77 Datacamp Limited)
1	2400:52e0:1e0... 2400:52e0:1e00::1080:1	60068 (CDN77 Dat...) (CDN77 Datacamp Limited)
2	2a00:1450:400... 2a00:1450:4001:80b::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
1	3.133.184.197 3.133.184.197	16509 (AMAZON-02) (AMAZON-02)
2	2620:1ec:bdf::45 2620:1ec:bdf::45	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a00:1450:400... 2a00:1450:4001:80b::2004	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:800::200e	15169 (GOOGLE) (GOOGLE)
1	18.245.60.90 18.245.60.90	16509 (AMAZON-02) (AMAZON-02)
2	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c00::9d	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81d::2003	15169 (GOOGLE) (GOOGLE)
1	2600:1f14:5db... 2600:1f14:5db:eb11:13c8:ad0b:49a5:68ae	16509 (AMAZON-02) (AMAZON-02)
1	13.248.238.122 13.248.238.122	16509 (AMAZON-02) (AMAZON-02)
1	76.223.116.242 76.223.116.242	16509 (AMAZON-02) (AMAZON-02)
3	172.175.38.6 172.175.38.6	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
62	25

1 15.197.225.128 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: aec037177372cc6cd.awsglobalaccelerator.com

northstardelivery.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

northstarcourier.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2400:52e0:1e00::1082:1 (Germany)

ASN60068 (CDN77 Datacamp Limited, GB)

hb.wpmucdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223d:e400:b:527a:2d40:93a1 (United States)

ASN16509 (AMAZON-02, US)

497479.tctm.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:235a:d200:12:de4a:40:93a1 (United States)

ASN16509 (AMAZON-02, US)

497479.tctm.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2400:52e0:1e00::1079:1 (Germany)

ASN60068 (CDN77 Datacamp Limited, GB)

b3590621.smushcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a02:6ea0:c700::112 (Frankfurt am Main, Germany)

ASN60068 (CDN77 Datacamp Limited, GB)

cdn.userway.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2400:52e0:1e00::1080:1 (Germany)

ASN60068 (CDN77 Datacamp Limited, GB)

stats.wpmucdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.133.184.197 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-133-184-197.us-east-2.compute.amazonaws.com

stats1.wpmudev.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:bdf::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.245.60.90 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-60-90.fra60.r.cloudfront.net

s.ksrndkehqnwntyxlhgto.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81d::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f14:5db:eb11:13c8:ad0b:49a5:68ae (Boardman, United States)

ASN16509 (AMAZON-02, US)

api.userway.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.248.238.122 (United States)

ASN16509 (AMAZON-02, US)
PTR: a171616d2c13795e3.awsglobalaccelerator.com

process.iconnode.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 76.223.116.242 (United States)

ASN16509 (AMAZON-02, US)
PTR: a171616d2c13795e3.awsglobalaccelerator.com

p.ksrndkehqnwntyxlhgto.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.175.38.6 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

k.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	userway.org cdn.userway.org — Cisco Umbrella Rank: 3208 api.userway.org — Cisco Umbrella Rank: 3180	67 KB
8	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	729 KB
7	wpmucdn.com hb.wpmucdn.com — Cisco Umbrella Rank: 33436 stats.wpmucdn.com — Cisco Umbrella Rank: 34084	173 KB
6	northstarcourier.net northstarcourier.net	177 KB
5	clarity.ms www.clarity.ms — Cisco Umbrella Rank: 625 k.clarity.ms — Cisco Umbrella Rank: 8151	30 KB
5	smushcdn.com b3590621.smushcdn.com	207 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 36 region1.google-analytics.com — Cisco Umbrella Rank: 3353	22 KB
3	google.com www.google.com — Cisco Umbrella Rank: 3 region1.analytics.google.com — Cisco Umbrella Rank: 4108
3	gstatic.com fonts.gstatic.com www.gstatic.com	256 KB
2	ksrndkehqnwntyxlhgto.com s.ksrndkehqnwntyxlhgto.com — Cisco Umbrella Rank: 63918 p.ksrndkehqnwntyxlhgto.com — Cisco Umbrella Rank: 63139	9 KB
1	iconnode.com process.iconnode.com — Cisco Umbrella Rank: 39678	163 B
1	google.de www.google.de — Cisco Umbrella Rank: 10745	63 B
1	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 135	557 B
1	wpmudev.com stats1.wpmudev.com — Cisco Umbrella Rank: 32023	134 B
1	tctm.co 497479.tctm.co	476 B
1	tctm.xyz 497479.tctm.xyz	476 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29	2 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 225	32 KB
1	northstardelivery.net 1 redirects northstardelivery.net	316 B
62	19

	Domain	Requested by
9	cdn.userway.org	northstarcourier.net cdn.userway.org
8	www.googletagmanager.com	northstarcourier.net www.googletagmanager.com www.google-analytics.com
6	hb.wpmucdn.com	northstarcourier.net
6	northstarcourier.net	northstarcourier.net
5	b3590621.smushcdn.com	northstarcourier.net
3	k.clarity.ms	www.clarity.ms
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	www.google.com	www.googletagmanager.com www.gstatic.com
2	www.clarity.ms	northstarcourier.net www.clarity.ms
2	fonts.gstatic.com	northstarcourier.net
1	p.ksrndkehqnwntyxlhgto.com	s.ksrndkehqnwntyxlhgto.com
1	process.iconnode.com	s.ksrndkehqnwntyxlhgto.com
1	region1.google-analytics.com	www.googletagmanager.com
1	api.userway.org	cdn.userway.org
1	www.google.de	northstarcourier.net
1	stats.g.doubleclick.net	www.googletagmanager.com
1	region1.analytics.google.com	www.googletagmanager.com
1	s.ksrndkehqnwntyxlhgto.com	www.googletagmanager.com
1	stats1.wpmudev.com	stats.wpmucdn.com
1	www.gstatic.com	hb.wpmucdn.com
1	stats.wpmucdn.com	northstarcourier.net
1	497479.tctm.co	northstarcourier.net
1	497479.tctm.xyz	northstarcourier.net
1	fonts.googleapis.com	northstarcourier.net
1	cdnjs.cloudflare.com	northstarcourier.net
1	northstardelivery.net	1 redirects
62	26

This site contains links to these domains. Also see Links.

Domain
secure.ontimesystem.com
goo.gl
smartboost.com

Subject Issuer	Validity	Valid
northstarcourier.net Go Daddy Secure Certificate Authority - G2	`2024-09-17` - `2024-12-16`	3 months	crt.sh
cdnjs.cloudflare.com WE1	`2024-11-26` - `2025-02-24`	3 months	crt.sh
upload.video.google.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
*.wpmucdn.com RapidSSL TLS RSA CA G1	`2024-03-13` - `2025-03-12`	a year	crt.sh
*.google-analytics.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
*.tctm.xyz Amazon RSA 2048 M03	`2024-09-21` - `2025-10-20`	a year	crt.sh
*.tctm.co Amazon RSA 2048 M03	`2024-07-06` - `2025-08-03`	a year	crt.sh
*.smushcdn.com RapidSSL TLS RSA CA G1	`2024-02-12` - `2025-02-11`	a year	crt.sh
1667503734.rsc.cdn77.org E6	`2024-09-25` - `2024-12-24`	3 months	crt.sh
stats.wpmucdn.com R11	`2024-10-22` - `2025-01-20`	3 months	crt.sh
*.gstatic.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
stats1.wpmudev.com Amazon RSA 2048 M03	`2024-02-15` - `2025-03-15`	a year	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2024-09-04` - `2025-09-04`	a year	crt.sh
*.google.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
*.iconnode.com Amazon RSA 2048 M02	`2024-07-16` - `2025-08-14`	a year	crt.sh
*.g.doubleclick.net WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
*.google.de WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
api.userway.org Amazon RSA 2048 M02	`2024-08-02` - `2025-08-31`	a year	crt.sh
a.clarity.ms Microsoft Azure RSA TLS Issuing CA 08	`2024-06-23` - `2025-06-18`	a year	crt.sh

This page contains 5 frames:

Primary Page: https://northstarcourier.net/
Frame ID: 3FC070AFB9CE15A742F676A68540B842
Requests: 60 HTTP requests in this frame

Frame: https://www.googletagmanager.com/static/service_worker/4bj0/sw_iframe.html?origin=https%3A%2F%2Fnorthstarcourier.net
Frame ID: E8E72118F0DFAD1828C20F4443F2EC56
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdXYuIUAAAAAPcxUYt-nkubIe_emUa9xHjVemxm&co=aHR0cHM6Ly9ub3J0aHN0YXJjb3VyaWVyLm5ldDo0NDM.&hl=en&v=-ZG7BC9TxCVEbzIO2m429usb&size=invisible&cb=4gndrrxultt6
Frame ID: 34AEC493F0197097D4246EE0860DE1CB
Requests: 1 HTTP requests in this frame

Frame: https://cdn.userway.org/styles/2024-11-25-13-06-33/widget_base.css?v=1732539993486
Frame ID: 1A5286602898EDB38F931B7AAD15E25A
Requests: 1 HTTP requests in this frame

Frame: https://cdn.userway.org/styles/2024-11-25-13-06-33/widget_base.css?v=1732539993486
Frame ID: A6D44B8C264B95F0E1A6DF8774E598AA
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

NorthStar Courier - Southern California Courier Service

Page URL History Show full URLs

https://northstardelivery.net/ HTTP 301
http://northstarcourier.net/ HTTP 307
https://northstarcourier.net/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

UserWay (Accessibility) Expand

Overall confidence: 100%
Detected patterns

cdn\.userway\.org/widget.*\.js

Page Statistics

62
Requests

98 %
HTTPS

76 %
IPv6

19
Domains

26
Subdomains

25
IPs

3
Countries

1735 kB
Transfer

4392 kB
Size

16
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://secure.ontimesystem.com/sites/NorthStar/login.aspx
Title: Customer Portal

Search URL Search Domain Scan URL

URL: https://secure.ontimesystem.com/sites/NorthStar/login.aspx?ReturnUrl=%2fsites%2fNorthStar
Title: Customer Portal

Search URL Search Domain Scan URL

URL: https://goo.gl/maps/ZhZTu69NjKRnwuvV6
Title: 8305 Vickers St #115 San Diego, CA 92111

Search URL Search Domain Scan URL

URL: https://smartboost.com/
Title: smartboost

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://northstardelivery.net/ HTTP 301
http://northstarcourier.net/ HTTP 307
https://northstarcourier.net/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

62 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3

200

Primary Request / Show response
northstarcourier.net/
Redirect Chain

https://northstardelivery.net/
http://northstarcourier.net/
https://northstarcourier.net/

270 KB
64 KB

45ms
20ms

Document
text/html

2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://northstarcourier.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aeab2e8c900a020c2d659d408aefd7fcedb74c505076f36125ae0d0d9c389542

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=2592000 max-age=300 max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1 1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

age: 2748
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=2678400
cf-cache-status: HIT
cf-edge-cache: cache, platform=WordPress
cf-ray: 8e8dfdf48ea0d279-FRA
content-encoding: br
content-security-policy: upgrade-insecure-requests
content-type: text/html; charset=UTF-8
date: Wed, 27 Nov 2024 00:27:21 GMT
expires: Sat, 28 Dec 2024 00:27:21 GMT
hummingbird-cache: Served
last-modified: Tue, 26 Nov 2024 22:05:36 GMT
permissions-policy: accelerometer=(self), autoplay=(self), camera=(self), encrypted-media=(self), fullscreen=(self), geolocation=(self), gyroscope=(self), magnetometer=(self), microphone=(self), midi=(self), payment=(self), usb=(self)
priority: u=0,i
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
server-timing: cfExtPri
strict-transport-security: max-age=2592000 max-age=300 max-age=31536000; includeSubDomains
vary: Accept-Encoding, User-Agent
x-backend: varnish_ssl
x-cache: cached
x-cache-hit: HIT
x-cacheable: YES:Forced
x-cacheproxy-retries: 0/2
x-content-type-options: nosniff nosniff
x-fawn-proc-count: 1,0,24
x-frame-options: sameorigin
x-php-version: 8.2
x-xss-protection: 1 1; mode=block

Redirect headers

Location: https://northstarcourier.net/
Non-Authoritative-Reason: HttpsUpgrades

GET
H3 200 foundation-icons.woff
cdnjs.cloudflare.com/ajax/libs/foundicons/3.0.0/ 31 KB
32 KB 27ms
16ms Font
application/octet-stream 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/foundicons/3.0.0/foundation-icons.woff

Requested by

Host: northstarcourier.net
URL: https://northstarcourier.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8c44c3feedae5331a281278ea3ba91d2255928a2f3010d316d6fbb9052e0c2ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://northstarcourier.net
Referer: https://northstarcourier.net/

Response headers

cf-cdnjs-via: cfworker/kv
content-encoding: br
cf-cache-status: HIT
etag: "5eb03e66-7d14"
age: 119375
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=c1CPq6fHpnCvZALUQ9bdAa0N460e9d2TA4jqURVFMcWrYbIdiL1JGiYgxZkv5gGpFAgwyrZOFN5wvM27ZKwYakFX9ivqkkHPa4IHMwWcMr19VAPk%2B0kSnbYNH8mKp%2B%2F8ROMhqNpqoVurJ3vQ%2FuIJjNOc"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Mon, 17 Nov 2025 00:27:21 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Wed, 27 Nov 2024 00:27:21 GMT
content-type: application/octet-stream; charset=utf-8
last-modified: Mon, 04 May 2020 16:10:14 GMT
vary: Accept-Encoding
priority: u=1,i=?0
strict-transport-security: max-age=15780000
cache-control: public, max-age=30672000
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 8e8dfdf4e8c4d392-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 31590
server: cloudflare

GET
H3 200 fa-solid-900.woff2
northstarcourier.net/wp-content/plugins/bb-plugin/fonts/fontawesome/5.15.4/webfonts/ 76 KB
77 KB 19ms
18ms Font
font/woff2 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://northstarcourier.net/wp-content/plugins/bb-plugin/fonts/fontawesome/5.15.4/webfonts/fa-solid-900.woff2

Requested by

Host: northstarcourier.net
URL: https://northstarcourier.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9834b82ad26e2a37583d22676a12dd2eb0fe7c80356a2114d0db1aa8b3899537

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://northstarcourier.net
Referer: https://northstarcourier.net/

Response headers

x-cacheproxy-retries: 0/2
cf-cache-status: HIT
etag: "131bc-6274d5d1534c4"
age: 2744
x-content-type-options: nosniff
x-cache-hit: HIT
expires: Sat, 28 Dec 2024 00:27:21 GMT
x-cacheable: YES
alt-svc: h3=":443"; ma=86400
x-cache: cached
server-timing: cfExtPri
date: Wed, 27 Nov 2024 00:27:21 GMT
content-type: font/woff2
last-modified: Wed, 20 Nov 2024 00:38:07 GMT
vary: Accept-Encoding
priority: u=1,i=?0
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
content-security-policy: upgrade-insecure-requests
cache-control: public, max-age=2678400
x-backend: varnish_ssl
cf-ray: 8e8dfdf4dee9d279-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 78268
x-xss-protection: 1; mode=block
server: cloudflare
x-php-version: 8.2

GET
H3 200 fa-regular-400.woff2
northstarcourier.net/wp-content/plugins/bb-plugin/fonts/fontawesome/5.15.4/webfonts/ 13 KB
13 KB 18ms
17ms Font
font/woff2 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://northstarcourier.net/wp-content/plugins/bb-plugin/fonts/fontawesome/5.15.4/webfonts/fa-regular-400.woff2

Requested by

Host: northstarcourier.net
URL: https://northstarcourier.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e42a88444448ac3d60549cc7c1ff2c8a9cac721034c073d80a14a44e79730cca

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://northstarcourier.net
Referer: https://northstarcourier.net/

Response headers

x-cacheproxy-retries: 0/2
cf-cache-status: HIT
etag: "33a8-6274d5d1538ac"
age: 2744
x-content-type-options: nosniff
x-cache-hit: HIT
expires: Sat, 28 Dec 2024 00:27:21 GMT
x-cacheable: YES
alt-svc: h3=":443"; ma=86400
x-cache: cached
server-timing: cfExtPri
date: Wed, 27 Nov 2024 00:27:21 GMT
content-type: font/woff2
last-modified: Wed, 20 Nov 2024 00:38:07 GMT
vary: Accept-Encoding
priority: u=1,i=?0
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
content-security-policy: upgrade-insecure-requests
cache-control: public, max-age=2678400
x-backend: varnish_ssl
cf-ray: 8e8dfdf4deead279-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 13224
x-xss-protection: 1; mode=block
server: cloudflare
x-php-version: 8.2

GET
H2 200 css
fonts.googleapis.com/ 10 KB
2 KB 39ms
17ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Comfortaa%3A600%7CMontserrat%3A600%7COpen+Sans%3A400&ver=6.6.2

Requested by

Host: northstarcourier.net
URL: https://northstarcourier.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5821ea6fe102402c41b237ed00010fbecc9b7444c74b71bf8b15a02bb436c549

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://northstarcourier.net/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Wed, 27 Nov 2024 00:27:21 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 27 Nov 2024 00:27:21 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Wed, 27 Nov 2024 00:27:21 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 744f6f0d-1f75-40f5-8842-d707742a725a.js Show response
hb.wpmucdn.com/northstarcourier.net/ 99 KB
35 KB 37ms
9ms Script
application/javascript 2400:52e0:1e00::1082:1
CDN77 Datacamp Li...

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.wpmucdn.com/northstarcourier.net/744f6f0d-1f75-40f5-8842-d707742a725a.js
Requested by: Host: northstarcourier.net
URL: https://northstarcourier.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1082:1 , Germany, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS
Software: BunnyCDN-DE1-1082 /
Resource Hash: c4d4233a44f3ae1cef58b97a2e551008e9a8a5403b1c26c67136a0a20f9c7eb1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://northstarcourier.net/

Response headers

cdn-status: 200
content-encoding: br
etag: "4f37101ff3ee8f069d1ca3852ffbbf18"
x-amz-meta-hb-minify: minify=0.0%, origSize=87553
date: Wed, 27 Nov 2024 00:27:21 GMT
last-modified: Wed, 06 Nov 2024 16:29:51 GMT
content-type: application/javascript
vary: Accept-Encoding
cdn-cache: HIT
cdn-requestpullcode: 200
cdn-cachedat: 11/26/2024 23:41:37
cache-control: public, max-age=31919000
cdn-requestpullsuccess: True
cdn-requesttime: 0
cdn-uid: 778bbc1f-fc99-4e43-843d-a54ddaa69624
cdn-requestid: a0a434a39758aa20443720dbb2def352
cdn-pullzone: 1101156
cdn-proxyver: 1.06
cdn-edgestorageid: 1080
server: BunnyCDN-DE1-1082
cdn-requestcountrycode: DE
x-amz-server-side-encryption: AES256

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 412 KB
133 KB 51ms
29ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-S1B6QX2S64

Requested by

Host: northstarcourier.net
URL: https://northstarcourier.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

038c1ebb646d49a9117333c06f05d330b5ab6b16ce5a6039f5d0e85f1206bd1e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://northstarcourier.net/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Wed, 27 Nov 2024 00:27:21 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 27 Nov 2024 00:27:21 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 135904
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 t.js Show response
497479.tctm.xyz/ 1 B
476 B 95ms
17ms Script
application/x-javascript 2600:9000:223d:e400:b:527a:2d40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://497479.tctm.xyz/t.js
Requested by: Host: northstarcourier.net
URL: https://northstarcourier.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223d:e400:b:527a:2d40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: ctm /
Resource Hash: 01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://northstarcourier.net/

Response headers

cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
etag: W/6746676900079747129c7426-497479
via: 1.1 740769d10d5ef217a54d33b1ec64faf4.cloudfront.net (CloudFront)
alt-svc: h3=":443"; ma=86400
x-cache: Miss from cloudfront
x-amz-cf-id: JDyX_Lc2r_fpITOtuQQQRkC28hdCDIJ6PUA_yI8kWPGd9DhiYlRD9w==
date: Wed, 27 Nov 2024 00:27:21 GMT
content-type: application/x-javascript
last-modified: Wed, 27 Nov 2024 00:27:21 GMT
server: ctm
x-amz-cf-pop: FRA56-P3

GET
H2 200 t.js Show response
497479.tctm.co/ 1 B
476 B 64ms
19ms Script
application/x-javascript 2600:9000:235a:d200:12:de4a:40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://497479.tctm.co/t.js
Requested by: Host: northstarcourier.net
URL: https://northstarcourier.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:235a:d200:12:de4a:40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: ctm /
Resource Hash: 01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://northstarcourier.net/

Response headers

cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
etag: W/67466769000797474955a211-497479
via: 1.1 51b32b366d2fc0baf4c02123f643c37c.cloudfront.net (CloudFront)
alt-svc: h3=":443"; ma=86400
x-cache: Miss from cloudfront
x-amz-cf-id: waojXZnBqTe3TWHRWLQMH0qNQPRY73XeAqMiUdBxSsqmuLWtqU1dtQ==
date: Wed, 27 Nov 2024 00:27:21 GMT
content-type: application/x-javascript
last-modified: Wed, 27 Nov 2024 00:27:21 GMT
server: ctm
x-amz-cf-pop: FRA60-P9

GET
H2 200 northstar-courier-logo-300x88.webp
b3590621.smushcdn.com/3590621/wp-content/uploads/2024/05/ 3 KB
4 KB 29ms
6ms Image
image/webp 2400:52e0:1e00::1079:1
CDN77 Datacamp Li...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://b3590621.smushcdn.com/3590621/wp-content/uploads/2024/05/northstar-courier-logo-300x88.webp?lossy=2&strip=1&webp=1
Requested by: Host: northstarcourier.net
URL: https://northstarcourier.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1079:1 , Germany, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS
Software: BunnyCDN-DE1-1079 /
Resource Hash: f064a6544cb6cafbf06319b12560ff4468b68c851726051fee01de985d1a9afc

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://northstarcourier.net/

Response headers

cdn-status: 200
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
etag: "b10145dce0445573c7bfbdc49db7d88d"
date: Wed, 27 Nov 2024 00:27:21 GMT
content-type: image/webp
last-modified: Thu, 14 Nov 2024 08:32:16 GMT
x-amz-expiration: expiry-date="Sun, 15 Dec 2024 00:00:00 GMT", rule-id="expire"
cdn-cache: HIT
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullcode: 200
cdn-cachedat: 11/26/2024 23:41:38
cache-control: public, max-age=31919000
cdn-requestpullsuccess: True
cdn-requesttime: 1
smushed: origFmt=webp, origSize=3688, smushRatio=20.17, skipped=0, originCache=HIT
cdn-uid: 778bbc1f-fc99-4e43-843d-a54ddaa69624
cdn-requestid: 4473501d5f1d6f405c0fa69a98f4b6da
cdn-pullzone: 2210922
cdn-proxyver: 1.06
accept-ranges: bytes
access-control-allow-origin: *
content-length: 2944
cdn-edgestorageid: 1079
server: BunnyCDN-DE1-1079
cdn-requestcountrycode: DE

GET
H2 200 northstar-courier-logo.jpg
b3590621.smushcdn.com/3590621/wp-content/uploads/2019/07/ 5 KB
6 KB 31ms
9ms Image
image/webp 2400:52e0:1e00::1079:1
CDN77 Datacamp Li...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://b3590621.smushcdn.com/3590621/wp-content/uploads/2019/07/northstar-courier-logo.jpg?lossy=2&strip=1&webp=1
Requested by: Host: northstarcourier.net
URL: https://northstarcourier.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1079:1 , Germany, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS
Software: BunnyCDN-DE1-1079 /
Resource Hash: 064a5953ce47d149505db1511d41a7e51acb727cf67ef8fb072d4bac6e3e2e9e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://northstarcourier.net/

Response headers

cdn-status: 200
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
etag: "2cc0a83f8fa909bdaf9bc95004ace6ee"
date: Wed, 27 Nov 2024 00:27:21 GMT
content-type: image/webp
last-modified: Thu, 14 Nov 2024 08:32:16 GMT
x-amz-expiration: expiry-date="Sun, 15 Dec 2024 00:00:00 GMT", rule-id="expire"
cdn-cache: HIT
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullcode: 200
cdn-cachedat: 11/26/2024 23:41:37
cache-control: public, max-age=31919000
cdn-requestpullsuccess: True
cdn-requesttime: 1
smushed: origFmt=jpg, origSize=10927, smushRatio=54.9, skipped=0, originCache=HIT
cdn-uid: 778bbc1f-fc99-4e43-843d-a54ddaa69624
cdn-requestid: fefec0ef11e92b835c5f2a5b059db16c
cdn-pullzone: 2210922
cdn-proxyver: 1.06
accept-ranges: bytes
access-control-allow-origin: *
content-length: 4928
cdn-edgestorageid: 1080
server: BunnyCDN-DE1-1079
cdn-requestcountrycode: DE

GET
H3 200 email-decode.min.js Show response
northstarcourier.net/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
836 B 8ms
8ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://northstarcourier.net/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: northstarcourier.net
URL: https://northstarcourier.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://northstarcourier.net/

Response headers

cache-control: max-age=172800, public
content-encoding: gzip
etag: W/"673dd3d6-4d7"
x-content-type-options: nosniff
cf-ray: 8e8dfdf50f20d279-FRA
expires: Fri, 29 Nov 2024 00:27:21 GMT
date: Wed, 27 Nov 2024 00:27:21 GMT
content-type: application/javascript
last-modified: Wed, 20 Nov 2024 12:19:34 GMT
vary: Accept-Encoding
server: cloudflare
x-frame-options: DENY

GET
H2 200 a0504c9e-d6d4-4e89-a938-3de8c56a6d42.js Show response
hb.wpmucdn.com/northstarcourier.net/ 82 KB
23 KB 8ms
7ms Script
application/javascript 2400:52e0:1e00::1082:1
CDN77 Datacamp Li...

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.wpmucdn.com/northstarcourier.net/a0504c9e-d6d4-4e89-a938-3de8c56a6d42.js
Requested by: Host: northstarcourier.net
URL: https://northstarcourier.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1082:1 , Germany, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS
Software: BunnyCDN-DE1-1082 /
Resource Hash: f592ea202098bc496b9d9a28c1268b0738662fd735fda1bcd92613dfa77dbbb6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://northstarcourier.net/

Response headers

cdn-status: 200
content-encoding: br
etag: "a56c7fcdf031d2c2b1cc4d04a7974951"
x-amz-meta-hb-minify: minify=0.0%, origSize=8833
date: Wed, 27 Nov 2024 00:27:21 GMT
last-modified: Wed, 20 Nov 2024 00:52:02 GMT
content-type: application/javascript
vary: Accept-Encoding
cdn-cache: HIT
cdn-requestpullcode: 200
cdn-cachedat: 11/26/2024 23:41:37
cache-control: public, max-age=31919000
cdn-requestpullsuccess: True
cdn-requesttime: 0
cdn-uid: 778bbc1f-fc99-4e43-843d-a54ddaa69624
cdn-requestid: 81803773a9169710010eaee3b262d2b4
cdn-pullzone: 1101156
cdn-proxyver: 1.06
cdn-edgestorageid: 1081
server: BunnyCDN-DE1-1082
cdn-requestcountrycode: DE
x-amz-server-side-encryption: AES256

GET
H2 200 6c64c510-65f2-4736-9052-ee7dbc1a1cbe.js Show response
hb.wpmucdn.com/northstarcourier.net/ 13 KB
5 KB 6ms
6ms Script
application/javascript 2400:52e0:1e00::1082:1
CDN77 Datacamp Li...

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.wpmucdn.com/northstarcourier.net/6c64c510-65f2-4736-9052-ee7dbc1a1cbe.js
Requested by: Host: northstarcourier.net
URL: https://northstarcourier.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1082:1 , Germany, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS
Software: BunnyCDN-DE1-1082 /
Resource Hash: bbd90e143917692a4337dcdf0f9bdeb628ff4a3f7c3d9b3230b4b5f3de504c53

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://northstarcourier.net/

Response headers

cdn-status: 200
content-encoding: br
etag: "6cfe4fc46fdad99cdc663a9640600858"
x-amz-meta-hb-minify: minify=0.0%, origSize=4307
date: Wed, 27 Nov 2024 00:27:21 GMT
last-modified: Fri, 25 Oct 2024 11:07:08 GMT
content-type: application/javascript
vary: Accept-Encoding
cdn-cache: HIT
cdn-requestpullcode: 200
cdn-cachedat: 11/26/2024 23:41:37
cache-control: public, max-age=31919000
cdn-requestpullsuccess: True
cdn-requesttime: 0
cdn-uid: 778bbc1f-fc99-4e43-843d-a54ddaa69624
cdn-requestid: a1d61d7336f383d112f22a530e49d056
cdn-pullzone: 1101156
cdn-proxyver: 1.06
cdn-edgestorageid: 1080
server: BunnyCDN-DE1-1082
cdn-requestcountrycode: DE
x-amz-server-side-encryption: AES256

GET
H2 200 3cb76820-6c7c-46f1-a900-f5c3819c6360.js Show response
hb.wpmucdn.com/northstarcourier.net/ 181 KB
54 KB 7ms
6ms Script
application/javascript 2400:52e0:1e00::1082:1
CDN77 Datacamp Li...

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.wpmucdn.com/northstarcourier.net/3cb76820-6c7c-46f1-a900-f5c3819c6360.js
Requested by: Host: northstarcourier.net
URL: https://northstarcourier.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1082:1 , Germany, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS
Software: BunnyCDN-DE1-1082 /
Resource Hash: 4bc8829c4454f9fbd2ede686b1a208e9e3f5235bdf4201eaa060a3b191d8e6f4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://northstarcourier.net/

Response headers

cdn-status: 200
content-encoding: br
etag: "7a282cd29ab74e2ac94238527a73915e"
x-amz-meta-hb-minify: minify=1.3%, origSize=12512
date: Wed, 27 Nov 2024 00:27:21 GMT
last-modified: Wed, 20 Nov 2024 00:52:04 GMT
content-type: application/javascript
vary: Accept-Encoding
cdn-cache: HIT
cdn-requestpullcode: 200
cdn-cachedat: 11/26/2024 23:41:37
cache-control: public, max-age=31919000
cdn-requestpullsuccess: True
cdn-requesttime: 0
cdn-uid: 778bbc1f-fc99-4e43-843d-a54ddaa69624
cdn-requestid: d55ab4109964442a8c7bdfde96dfa29f
cdn-pullzone: 1101156
cdn-proxyver: 1.06
cdn-edgestorageid: 1082
server: BunnyCDN-DE1-1082
cdn-requestcountrycode: DE
x-amz-server-side-encryption: AES256

GET
H2 200 15250b5d-305e-47d1-9669-1859d5abec6f.js Show response
hb.wpmucdn.com/northstarcourier.net/ 38 KB
14 KB 7ms
7ms Script
application/javascript 2400:52e0:1e00::1082:1
CDN77 Datacamp Li...

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.wpmucdn.com/northstarcourier.net/15250b5d-305e-47d1-9669-1859d5abec6f.js
Requested by: Host: northstarcourier.net
URL: https://northstarcourier.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1082:1 , Germany, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS
Software: BunnyCDN-DE1-1082 /
Resource Hash: 36e677c03140646e0da3809396da17f84a4499c42ed1b4464fa9b50c06c26ce4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://northstarcourier.net/

Response headers

cdn-status: 200
content-encoding: br
etag: "458e3a2bcec8b2910d19b46a6e3ede5e"
x-amz-meta-hb-minify: minify=0.0%, origSize=38590
date: Wed, 27 Nov 2024 00:27:21 GMT
last-modified: Fri, 25 Oct 2024 11:07:09 GMT
content-type: application/javascript
vary: Accept-Encoding
cdn-cache: HIT
cdn-requestpullcode: 200
cdn-cachedat: 11/26/2024 23:41:37
cache-control: public, max-age=31919000
cdn-requestpullsuccess: True
cdn-requesttime: 0
cdn-uid: 778bbc1f-fc99-4e43-843d-a54ddaa69624
cdn-requestid: 7fbd0f041ecba09f220d5ce7611dbdb0
cdn-pullzone: 1101156
cdn-proxyver: 1.06
cdn-edgestorageid: 1082
server: BunnyCDN-DE1-1082
cdn-requestcountrycode: DE
x-amz-server-side-encryption: AES256

GET
H2 200 52503396-f741-4707-9b04-31955420c7d4.js Show response
hb.wpmucdn.com/northstarcourier.net/ 51 KB
17 KB 9ms
6ms Script
application/javascript 2400:52e0:1e00::1082:1
CDN77 Datacamp Li...

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.wpmucdn.com/northstarcourier.net/52503396-f741-4707-9b04-31955420c7d4.js
Requested by: Host: northstarcourier.net
URL: https://northstarcourier.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1082:1 , Germany, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS
Software: BunnyCDN-DE1-1082 /
Resource Hash: e0c046ae9063218aa3306df720e994b800421d1543f9e09da964e741171ae604

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://northstarcourier.net/

Response headers

cdn-status: 200
content-encoding: br
etag: "e95dfcabc11b7bf8ed2a244bf679bf20"
x-amz-meta-hb-minify: minify=1.7%, origSize=934
date: Wed, 27 Nov 2024 00:27:21 GMT
last-modified: Wed, 20 Nov 2024 00:52:04 GMT
content-type: application/javascript
vary: Accept-Encoding
cdn-cache: HIT
cdn-requestpullcode: 200
cdn-cachedat: 11/26/2024 23:41:37
cache-control: public, max-age=31919000
cdn-requestpullsuccess: True
cdn-requesttime: 0
cdn-uid: 778bbc1f-fc99-4e43-843d-a54ddaa69624
cdn-requestid: d2ac3039be85daabf83d54deb616bcd7
cdn-pullzone: 1101156
cdn-proxyver: 1.06
cdn-edgestorageid: 1082
server: BunnyCDN-DE1-1082
cdn-requestcountrycode: DE
x-amz-server-side-encryption: AES256

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 303 KB
107 KB 55ms
33ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NK6HJ66

Requested by

Host: northstarcourier.net
URL: https://northstarcourier.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

712753554d9d58a6adb0d32f1ec1b230f66484388cd760c49df79236102ca000

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://northstarcourier.net/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires: Wed, 27 Nov 2024 00:27:21 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 27 Nov 2024 00:27:21 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Wed, 27 Nov 2024 00:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 108720
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 197 KB
71 KB 59ms
37ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PNSSQRM5

Requested by

Host: northstarcourier.net
URL: https://northstarcourier.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e8e96367d94460cdec64ecb97a6858acd05f2136817aee683d29347008fc0869

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://northstarcourier.net/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires: Wed, 27 Nov 2024 00:27:21 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 27 Nov 2024 00:27:21 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Wed, 27 Nov 2024 00:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 72315
x-xss-protection: 0
server: Google Tag Manager

GET
DATA 200
OK truncated
/ 37 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/gif

GET
H2 200 widget.js Show response
cdn.userway.org/ 2 KB
2 KB 45ms
7ms Script
application/javascript 2a02:6ea0:c700::112
CDN77 Datacamp Li...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/widget.js
Requested by: Host: northstarcourier.net
URL: https://northstarcourier.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::112 Frankfurt am Main, Germany, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 5cea36c208b4d1515d01b943a2c777ce4f08b9cea81bf80fbff42b21abc1b879

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://northstarcourier.net/

Response headers

access-control-max-age: 3000
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
content-encoding: gzip
etag: W/"ee2873ecf3f732e82be65d85aab36246"
age: 304
x-77-cache: HIT
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
x-amz-cf-id: Z1XVAQRyUnKYvg3mY_JwJd5Y28vuZv9U1oHTpC6rrt8hvfNixMa_-Q==
date: Wed, 27 Nov 2024 00:27:21 GMT
content-type: application/javascript
last-modified: Mon, 25 Nov 2024 13:10:44 GMT
x-77-nzt-ray: 15b3c7112cbb48f369674667119fd731
vary: Accept-Encoding
x-77-nzt: EgwBqZb/tgH3CwIAAAwBJRPCNAG3ZQwAAA
cache-control: max-age=3600, public
via: 1.1 c43915e0cad14ee7685e5f74a99ce93c.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-77-pop: frankfurtDE
x-77-age: 523
x-amz-cf-pop: FRA60-P3
server: CDN77-Turbo
x-amz-server-side-encryption: AES256

GET
H2 200 analytics.js Show response
stats.wpmucdn.com/ 69 KB
24 KB 32ms
11ms Script
application/javascript 2400:52e0:1e00::1080:1
CDN77 Datacamp Li...

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.wpmucdn.com/analytics.js
Requested by: Host: northstarcourier.net
URL: https://northstarcourier.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1080:1 , Germany, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS
Software: BunnyCDN-DE1-1080 /
Resource Hash: 230facbc81b146c0992a734f6b1a47df5e051302a2c5b0412020a411a49f3a14

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://northstarcourier.net/

Response headers

cdn-status: 200
content-encoding: br
etag: "65e9b379-1131c"
date: Wed, 27 Nov 2024 00:27:21 GMT
last-modified: Thu, 07 Mar 2024 12:30:49 GMT
cdn-cachedat: 11/14/2024 03:12:43
vary: Accept-Encoding
content-type: application/javascript
cdn-requestpullcode: 200
cdn-cache: HIT
cache-control: public, max-age=86400
cdn-requestpullsuccess: True
cdn-requesttime: 1
cdn-uid: 778bbc1f-fc99-4e43-843d-a54ddaa69624
cdn-requestid: c73da7c8df9c14b2b80397c5eb783f9d
cdn-pullzone: 1121147
cdn-proxyver: 1.06
cdn-edgestorageid: 1080
server: BunnyCDN-DE1-1080
cdn-requestcountrycode: DE

GET
H2 200 northstar_home_hero_06-1.jpg
b3590621.smushcdn.com/3590621/wp-content/uploads/2020/03/ 121 KB
122 KB 8ms
7ms Image
image/webp 2400:52e0:1e00::1079:1
CDN77 Datacamp Li...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://b3590621.smushcdn.com/3590621/wp-content/uploads/2020/03/northstar_home_hero_06-1.jpg?lossy=2&strip=1&webp=1
Requested by: Host: northstarcourier.net
URL: https://northstarcourier.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1079:1 , Germany, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS
Software: BunnyCDN-DE1-1079 /
Resource Hash: 5f95853eee2d1046a43f18c19b428cdbba76c3e08a9a3c7b0156f1876f3e2b49

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://northstarcourier.net/

Response headers

cdn-status: 200
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
etag: "4bef9344c6d00bb3ffff0bf25c53a430"
date: Wed, 27 Nov 2024 00:27:21 GMT
content-type: image/webp
last-modified: Sun, 10 Nov 2024 18:56:20 GMT
x-amz-expiration: expiry-date="Wed, 11 Dec 2024 00:00:00 GMT", rule-id="expire"
cdn-cache: HIT
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullcode: 200
cdn-cachedat: 11/26/2024 23:41:38
cache-control: public, max-age=31919000
cdn-requestpullsuccess: True
cdn-requesttime: 1
smushed: origFmt=jpg, origSize=193324, smushRatio=35.94, skipped=0, originCache=HIT
cdn-uid: 778bbc1f-fc99-4e43-843d-a54ddaa69624
cdn-requestid: ae5ad5c20d456e8aabef361836da6c76
cdn-pullzone: 2210922
cdn-proxyver: 1.06
accept-ranges: bytes
access-control-allow-origin: *
content-length: 123838
cdn-edgestorageid: 1080
server: BunnyCDN-DE1-1079
cdn-requestcountrycode: DE

GET
H2 200 northstar_home_02-1.jpg
b3590621.smushcdn.com/3590621/wp-content/uploads/2020/03/ 73 KB
74 KB 16ms
16ms Image
image/webp 2400:52e0:1e00::1079:1
CDN77 Datacamp Li...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://b3590621.smushcdn.com/3590621/wp-content/uploads/2020/03/northstar_home_02-1.jpg?lossy=2&strip=1&webp=1
Requested by: Host: northstarcourier.net
URL: https://northstarcourier.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1079:1 , Germany, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS
Software: BunnyCDN-DE1-1079 /
Resource Hash: e0554a1e3d3328c9ee08f1343a1f393b388a0009cd8f24abf5ad02a63e92a18f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://northstarcourier.net/

Response headers

cdn-status: 200
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
etag: "2fe7a039c41ff19f535aa282135000d9"
date: Wed, 27 Nov 2024 00:27:21 GMT
content-type: image/webp
last-modified: Sun, 10 Nov 2024 17:46:43 GMT
x-amz-expiration: expiry-date="Wed, 11 Dec 2024 00:00:00 GMT", rule-id="expire"
cdn-cache: HIT
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullcode: 200
cdn-cachedat: 11/26/2024 23:41:38
cache-control: public, max-age=31919000
cdn-requestpullsuccess: True
cdn-requesttime: 1
smushed: origFmt=jpg, origSize=131743, smushRatio=42.95, skipped=0, originCache=HIT
cdn-uid: 778bbc1f-fc99-4e43-843d-a54ddaa69624
cdn-requestid: a0fac4d6965d660ad2f8d711b0624286
cdn-pullzone: 2210922
cdn-proxyver: 1.06
accept-ranges: bytes
access-control-allow-origin: *
content-length: 75158
cdn-edgestorageid: 1079
server: BunnyCDN-DE1-1079
cdn-requestcountrycode: DE

GET
H3 200 1Pt_g8LJRfWJmhDAuUsSQamb1W0lwk4S4bbLDrMfJQ.ttf
fonts.gstatic.com/s/comfortaa/v45/ 33 KB
17 KB 28ms
11ms Font
font/ttf 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/comfortaa/v45/1Pt_g8LJRfWJmhDAuUsSQamb1W0lwk4S4bbLDrMfJQ.ttf

Requested by

Host: northstarcourier.net
URL: https://northstarcourier.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c07c947c5a631f5ae75a2a3d3c258a970a64ee05beef21b9a79e5503fb7e1beb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://northstarcourier.net
Referer: https://northstarcourier.net/

Response headers

content-encoding: gzip
age: 29438
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 26 Nov 2025 16:16:43 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 26 Nov 2024 16:16:43 GMT
last-modified: Thu, 24 Aug 2023 20:50:19 GMT
content-type: font/ttf
vary: Accept-Encoding
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 17770
x-xss-protection: 0
server: sffe

GET
DATA 200
OK truncated
/ 31 KB
31 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6db83b2803fed3f9b574567755102b18c401904a374c8acf4c9a2e9b0159cb4f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://northstarcourier.net
Referer

Response headers

Content-Type: application/x-font-woff;charset=utf-8

GET
H3 200 memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVc.ttf
fonts.gstatic.com/s/opensans/v40/ 34 KB
23 KB 23ms
7ms Font
font/ttf 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVc.ttf

Requested by

Host: northstarcourier.net
URL: https://northstarcourier.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

598911be4586332ffee19ea06d32199c323b6c8f75ebdb6e4b6b3c483c89f722

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://northstarcourier.net
Referer: https://northstarcourier.net/

Response headers

content-encoding: gzip
age: 27171
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 26 Nov 2025 16:54:30 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 26 Nov 2024 16:54:30 GMT
last-modified: Thu, 14 Dec 2023 02:00:41 GMT
content-type: font/ttf
vary: Accept-Encoding
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 23587
x-xss-protection: 0
server: sffe

GET
H3 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/-ZG7BC9TxCVEbzIO2m429usb/ 546 KB
215 KB 47ms
19ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/-ZG7BC9TxCVEbzIO2m429usb/recaptcha__en.js

Requested by

Host: hb.wpmucdn.com
URL: https://hb.wpmucdn.com/northstarcourier.net/3cb76820-6c7c-46f1-a900-f5c3819c6360.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f8e5f5ce9ff44073cff24bcd3d2b8aa4e67b67891b14ff929fe4743880fdf82e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://northstarcourier.net
Referer: https://northstarcourier.net/

Response headers

content-encoding: gzip
age: 377795
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
x-content-type-options: nosniff
expires: Sat, 22 Nov 2025 15:30:46 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 22 Nov 2024 15:30:46 GMT
last-modified: Tue, 22 Oct 2024 00:01:33 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: public, max-age=31536000
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
accept-ranges: bytes
access-control-allow-origin: *
content-length: 220347
x-xss-protection: 0
server: sffe

POST
H2 204 /
stats1.wpmudev.com/track/ 0
134 B 579ms
192ms Ping
text/plain 3.133.184.197
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://stats1.wpmudev.com/track/?action_name=NorthStar%20Courier%20-%20Southern%20California%20Courier%20Service&idsite=220715&rec=1&r=845236&h=1&m=27&s=21&url=https%3A%2F%2Fnorthstarcourier.net%2F&_id=9e7d1d7a4f3a07fb&_idts=1732667242&_idvc=1&_idn=1&_refts=0&_viewts=1732667242&send_image=0&pdf=1&qt=0&realp=0&wma=0&dir=0&fla=0&java=0&gears=0&ag=0&cookie=1&res=1600x1200&gt_ms=37&pv_id=qEOCuB
Requested by: Host: stats.wpmucdn.com
URL: https://stats.wpmucdn.com/analytics.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.133.184.197 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-133-184-197.us-east-2.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=utf-8
Referer: https://northstarcourier.net/

Response headers

access-control-allow-origin: https://northstarcourier.net
content-encoding: none
date: Wed, 27 Nov 2024 00:27:22 GMT
server: nginx
access-control-allow-credentials: true

GET
H2 200 widget_app_base_1732539993486.js Show response
cdn.userway.org/widgetapp/2024-11-25-13-06-33/ 130 KB
41 KB 27ms
12ms Script
application/javascript 2a02:6ea0:c700::112
CDN77 Datacamp Li...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/widgetapp/2024-11-25-13-06-33/widget_app_base_1732539993486.js
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::112 Frankfurt am Main, Germany, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: c1fa58e7086c1de253aeaa4de38a7dc682228843272b8be83b8c5b60c743f04d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://northstarcourier.net
Referer: https://northstarcourier.net/

Response headers

access-control-max-age: 3000
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
content-encoding: gzip
etag: W/"e3e026c36433457ba5bc2cb5b0ead0d7"
age: 302
x-77-cache: HIT
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
x-amz-cf-id: r8M4ZY0dw3FWLWKY6VvS7DemCjQVpRURBfDaICyUsp_WtkXdVg5a4w==
date: Wed, 27 Nov 2024 00:27:21 GMT
content-type: application/javascript
last-modified: Mon, 25 Nov 2024 13:10:30 GMT
vary: Accept-Encoding
x-77-nzt-ray: 15b3c7112cbb22f469674667b8e53035
x-77-nzt: EgwBqZb/tgH3+eEBAAwBJRPCNAG3ZQwAAA
cache-control: max-age=25920000, public
via: 1.1 fa8c9f29fb8ef5c537a2a53f4de05240.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-77-pop: frankfurtDE
x-77-age: 123385
x-amz-cf-pop: FRA60-P3
server: CDN77-Turbo
x-amz-server-side-encryption: AES256

GET
H3 200 northstar_home_01.jpg
northstarcourier.net/wp-content/uploads/2019/11/ 10 KB
10 KB 22ms
21ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://northstarcourier.net/wp-content/uploads/2019/11/northstar_home_01.jpg

Requested by

Host: northstarcourier.net
URL: https://northstarcourier.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b1adc4750ebc66c9e3d668dec07ed112f15ba36f60a0ddc97c368aab1299978e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://northstarcourier.net/

Response headers

x-cacheproxy-retries: 0/2
cf-bgj: imgq:100,h2pri
etag: "2656-61839e952d152"
age: 2743
cf-cache-status: HIT
x-content-type-options: nosniff
x-cache-hit: HIT
expires: Sat, 28 Dec 2024 00:27:21 GMT
x-cacheable: YES
cf-polished: status=not_needed
x-cache: cached
alt-svc: h3=":443"; ma=86400
date: Wed, 27 Nov 2024 00:27:21 GMT
content-type: image/jpeg
last-modified: Sun, 12 May 2024 04:07:46 GMT
vary: Accept-Encoding
priority: u=3,i
server-timing: cfExtPri
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
content-security-policy: upgrade-insecure-requests
cache-control: public, max-age=2678400
x-backend: varnish_ssl
cf-ray: 8e8dfdf5cfecd279-FRA
accept-ranges: bytes
content-length: 9814
x-xss-protection: 1; mode=block
server: cloudflare
x-php-version: 8.2

GET
H3 200 northstar_bg_blue_01.jpg
northstarcourier.net/wp-content/uploads/2019/11/ 11 KB
12 KB 17ms
17ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://northstarcourier.net/wp-content/uploads/2019/11/northstar_bg_blue_01.jpg

Requested by

Host: northstarcourier.net
URL: https://northstarcourier.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2c9a986af6cca0ca1786b45726db9e485ba476b3198fee17710be30c2c26a74b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://northstarcourier.net/

Response headers

x-cacheproxy-retries: 0/2
cf-bgj: imgq:100,h2pri
etag: "2dd6-61839e96a1292"
age: 2743
cf-cache-status: HIT
x-content-type-options: nosniff
x-cache-hit: HIT
expires: Sat, 28 Dec 2024 00:27:21 GMT
x-cacheable: YES
cf-polished: status=not_needed
x-cache: cached
alt-svc: h3=":443"; ma=86400
date: Wed, 27 Nov 2024 00:27:21 GMT
content-type: image/jpeg
last-modified: Sun, 12 May 2024 04:07:48 GMT
vary: Accept-Encoding
priority: u=3,i
server-timing: cfExtPri
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
content-security-policy: upgrade-insecure-requests
cache-control: public, max-age=2678400
x-backend: varnish_ssl
cf-ray: 8e8dfdf5cfedd279-FRA
accept-ranges: bytes
content-length: 11734
x-xss-protection: 1; mode=block
server: cloudflare
x-php-version: 8.2

GET
H2 200 mamdmk9fzm Show response
www.clarity.ms/tag/ 717 B
973 B 415ms
105ms Script
application/x-javascript 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/mamdmk9fzm?ref=gtm2
Requested by: Host: northstarcourier.net
URL: https://northstarcourier.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 6fc41d978533fe39f74e09403f5b2d3433d81e76e2504bee8420de33754f52fe

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://northstarcourier.net/

Response headers

cache-control: no-cache, no-store
request-context: appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78
expires: -1
accept-ranges: bytes
x-cache: CONFIG_NOCACHE
content-length: 717
date: Wed, 27 Nov 2024 00:27:22 GMT
content-type: application/x-javascript
x-azure-ref: 20241127T002722Z-r17f8d897ffdwbzfhC1FRA41z00000000hr000000000f72t

POST
H3 200 collect
www.google.com/ccm/ 0
0 315ms
17ms Ping
text/plain 2a00:1450:4001:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google.com/ccm/collect?en=page_view&dl=https%3A%2F%2Fnorthstarcourier.net%2F&scrsrc=www.googletagmanager.com&frm=0&rnd=1704388602.1732667242&auid=1033198770.1732667242&npa=1&gtm=45He4bk0v834829005za200&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102077855~102081485&tft=1732667241942&tfd=383&apve=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NK6HJ66
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://northstarcourier.net/

Response headers

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 317 KB
106 KB 27ms
26ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-4L564H4C25&l=dataLayer&cx=c&gtm=45He4bk0v834829005za200

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NK6HJ66

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

62166628d0c0f3518e8869cbd2be04d982ce80a0109671b4ef86fffc0187386e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://northstarcourier.net/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Wed, 27 Nov 2024 00:27:21 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 27 Nov 2024 00:27:21 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 108435
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 306ms
7ms Script
text/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NK6HJ66

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://northstarcourier.net/

Response headers

content-encoding: gzip
age: 3436
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options: nosniff
expires: Wed, 27 Nov 2024 01:30:06 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 26 Nov 2024 23:30:06 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
content-type: text/javascript
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 20994
server: Golfe2

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 288 KB
99 KB 27ms
26ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-467776155&l=dataLayer&cx=c&gtm=45He4bk0v834829005za200

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NK6HJ66

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

dbca7ecca163874906ae6f9ff30df04eadc0a24b2dfa01cd996a3c167fd6db1b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://northstarcourier.net/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcysghrgc:42:0"}],}
expires: Wed, 27 Nov 2024 00:27:21 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 27 Nov 2024 00:27:21 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Wed, 27 Nov 2024 00:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcysghrgc:42:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 101284
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 128774.js Show response
s.ksrndkehqnwntyxlhgto.com/ 55 KB
9 KB 307ms
10ms Script
application/javascript 18.245.60.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.ksrndkehqnwntyxlhgto.com/128774.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NK6HJ66
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.60.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-60-90.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9aef150c6f87a55413bbc67a868b414b034fab111e93442945a2ec4586fba1d3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://northstarcourier.net/

Response headers

content-encoding: gzip
x-amz-version-id: 0pMUYUyJdUWMEFXoIQ9Bcj9WytnV7N0L
etag: "de242abb8f6c3a8a2ddf6ca268ffaf48"
age: 2743
x-cache: Hit from cloudfront
x-amz-cf-id: sI0TgABmVQPZw-7YcHO4amR7mqQi2nySsU8SHpaKC57W-QVb1wUB8A==
date: Tue, 26 Nov 2024 23:41:40 GMT
content-type: application/javascript
vary: accept-encoding
last-modified: Fri, 20 Sep 2024 17:20:15 GMT
cache-control: max-age=0
via: 1.1 2b92d172bc628dd9c34a8c262218ac02.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 8420
x-amz-cf-pop: FRA60-P5
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 223 KB
80 KB 24ms
24ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-34039466-1&l=dataLayer&cx=c&gtm=45je4bk0v882908654za200

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-S1B6QX2S64

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

10488c299f3b5fc4e1a1e8c2d5c58a7742eb9b7445e9fabe209398696bc55a81

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://northstarcourier.net/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Wed, 27 Nov 2024 00:27:21 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 27 Nov 2024 00:27:21 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Wed, 27 Nov 2024 00:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 81564
x-xss-protection: 0
server: Google Tag Manager

POST
H2 204 collect
region1.analytics.google.com/g/ 0
0 284ms
14ms Fetch
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-S1B6QX2S64&gtm=45je4bk0v882908654z8834829005za200&_p=1732667241787&_gaz=1&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102077855~102081485&cid=704575662.1732667242&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1732667241&sct=1&seg=0&dl=https%3A%2F%2Fnorthstarcourier.net%2F&dt=NorthStar%20Courier%20-%20Southern%20California%20Courier%20Service&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=417
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-S1B6QX2S64
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://northstarcourier.net/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://northstarcourier.net
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 27 Nov 2024 00:27:22 GMT
content-type: text/plain
server: Golfe2

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
557 B 285ms
17ms Ping
text/plain 2a00:1450:400c:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-S1B6QX2S64&cid=704575662.1732667242&gtm=45je4bk0v882908654z8834829005za200&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=101925629~102067555~102067808~102077855~102081485
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-S1B6QX2S64
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://northstarcourier.net/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://northstarcourier.net
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 27 Nov 2024 00:27:22 GMT
content-type: text/plain
server: Golfe2

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 289ms
21ms Image
image/gif 2a00:1450:4001:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-S1B6QX2S64&cid=704575662.1732667242&gtm=45je4bk0v882908654z8834829005za200&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=101925629~102067555~102067808~102077855~102081485&tag_exp=101925629~102067555~102067808~102077855~102081485&z=1064452779

Requested by

Host: northstarcourier.net
URL: https://northstarcourier.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://northstarcourier.net/

Response headers

cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Wed, 27 Nov 2024 00:27:22 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

POST
H2 200 VMEsODIeww Show response
api.userway.org/api/tunings/ 1 KB
2 KB 568ms
185ms XHR
application/json 2600:1f14:5db:eb11:13c8:ad0b:49a5:68ae
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.userway.org/api/tunings/VMEsODIeww
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2024-11-25-13-06-33/widget_app_base_1732539993486.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1f14:5db:eb11:13c8:ad0b:49a5:68ae Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: c93e5b8fba618fc4ec82f1923855ba69c483a5f87a6df6a35ee060bf9a2ce547

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://northstarcourier.net/

Response headers

access-control-max-age: 3000
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: no-cache, no-store, must-revalidate
x-service-request-id: usr9041aeafabb2453
etag: W/"563-tuMjB9Tbt+JFSbYNs5oc3vyLnmg"
access-control-allow-methods: GET, HEAD, PUT, PATCH, POST, DELETE
access-control-allow-origin: *
content-length: 1379
date: Wed, 27 Nov 2024 00:27:22 GMT
content-type: application/json; charset=utf-8
x-service-version: uw-pr
access-control-allow-headers: *

GET
H2 200 sw_iframe.html
www.googletagmanager.com/static/service_worker/4bj0/ Frame E8E7 0
0 30ms
6ms Document
text/html 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/static/service_worker/4bj0/sw_iframe.html?origin=https%3A%2F%2Fnorthstarcourier.net

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NK6HJ66

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 2347
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 1476
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="analytics-container-tag-serving"
cross-origin-resource-policy: cross-origin
date: Tue, 26 Nov 2024 23:48:15 GMT
expires: Wed, 26 Nov 2025 23:48:15 GMT
last-modified: Tue, 19 Nov 2024 10:38:00 GMT
report-to: {"group":"analytics-container-tag-serving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/analytics-container-tag-serving"}]}
server: sffe
service-worker-allowed: /static/service_worker
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 anchor
www.google.com/recaptcha/api2/ Frame 34AE 0
0 46ms
33ms Document
text/html 2a00:1450:4001:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdXYuIUAAAAAPcxUYt-nkubIe_emUa9xHjVemxm&co=aHR0cHM6Ly9ub3J0aHN0YXJjb3VyaWVyLm5ldDo0NDM.&hl=en&v=-ZG7BC9TxCVEbzIO2m429usb&size=invisible&cb=4gndrrxultt6

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/-ZG7BC9TxCVEbzIO2m429usb/recaptcha__en.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-RiE7SfrJkc6dmpVoTUB91Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://northstarcourier.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-RiE7SfrJkc6dmpVoTUB91Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy: cross-origin
date: Wed, 27 Nov 2024 00:27:22 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server: ESF
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 collect
region1.google-analytics.com/g/ 0
0 16ms
14ms Fetch
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-4L564H4C25&gtm=45je4bk0v877671329z8834829005za200zb834829005&_p=1732667241787&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102077855~102081485&cid=704575662.1732667242&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1732667242&sct=1&seg=0&dl=https%3A%2F%2Fnorthstarcourier.net%2F&dt=NorthStar%20Courier%20-%20Southern%20California%20Courier%20Service&en=page_view&_fv=1&_ss=1&tfd=709
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-4L564H4C25&l=dataLayer&cx=c&gtm=45He4bk0v834829005za200
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://northstarcourier.net/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://northstarcourier.net
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 27 Nov 2024 00:27:22 GMT
content-type: text/plain
server: Golfe2

POST
H2 200 / Show response
process.iconnode.com/google-ads/ 0
163 B 314ms
101ms XHR
text/html 13.248.238.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://process.iconnode.com/google-ads/
Requested by: Host: s.ksrndkehqnwntyxlhgto.com
URL: https://s.ksrndkehqnwntyxlhgto.com/128774.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.248.238.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a171616d2c13795e3.awsglobalaccelerator.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Referer: https://northstarcourier.net/

Response headers

access-control-max-age: 86400
access-control-allow-origin: https://northstarcourier.net
content-length: 0
date: Wed, 27 Nov 2024 00:27:22 GMT
content-type: text/html; charset=UTF-8
server: Apache
access-control-allow-credentials: true

POST
H2 200 collect Show response
www.google-analytics.com/j/ 15 B
437 B 15ms
14ms XHR
text/plain 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1977895150&t=pageview&_s=1&dl=https%3A%2F%2Fnorthstarcourier.net%2F&ul=de-de&de=UTF-8&dt=NorthStar%20Courier%20-%20Southern%20California%20Courier%20Service&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAAI~&jid=1527566169&gjid=1703537558&cid=704575662.1732667242&tid=UA-34039466-1&_gid=219997898.1732667242&_r=1&_slc=1&gtm=45He4bk0n81NK6HJ66v834829005za200&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102077855~102081485&npa=1&z=1341824975

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

52e83a8c5a89fdcb4b3a595653b70ab1c0ada4548f04de2347c818a6e4ee62a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://northstarcourier.net/

Response headers

report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 27 Nov 2024 00:27:22 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: text/plain
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin: https://northstarcourier.net
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 15
server: Golfe2

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
71 B 15ms
14ms XHR
text/plain 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1977895150&t=pageview&_s=1&dl=https%3A%2F%2Fnorthstarcourier.net%2F&ul=de-de&de=UTF-8&dt=NorthStar%20Courier%20-%20Southern%20California%20Courier%20Service&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDACUABBAAAACAAI~&jid=84086411&gjid=316687608&cid=704575662.1732667242&tid=UA-34039466-1&_gid=219997898.1732667242&_r=1&gtm=457e4bk0z8882908654za200zb882908654&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102077855~102081485&jsscut=1&npa=1&z=1001371791

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://northstarcourier.net/

Response headers

report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 27 Nov 2024 00:27:22 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: text/plain
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin: https://northstarcourier.net
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 1
server: Golfe2

POST
H2 200 / Show response
p.ksrndkehqnwntyxlhgto.com/keyword/ 38 B
216 B 317ms
110ms XHR
text/html 76.223.116.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://p.ksrndkehqnwntyxlhgto.com/keyword/
Requested by: Host: s.ksrndkehqnwntyxlhgto.com
URL: https://s.ksrndkehqnwntyxlhgto.com/128774.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 76.223.116.242 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a171616d2c13795e3.awsglobalaccelerator.com
Software: Apache /
Resource Hash: 37446742bcc988338396dce6637a3e8a78e5308395cad5e3f30d9ae4cffa747d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Referer: https://northstarcourier.net/

Response headers

access-control-max-age: 86400
access-control-allow-origin: https://northstarcourier.net
date: Wed, 27 Nov 2024 00:27:22 GMT
content-type: text/html; charset=UTF-8
server: Apache
access-control-allow-credentials: true

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 413 KB
134 KB 25ms
25ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-S1B6QX2S64&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

234a67a1cb720deced507b72e76df75ed31bd6c00aa41b7fe909b2fa074005b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://northstarcourier.net/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Wed, 27 Nov 2024 00:27:22 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 27 Nov 2024 00:27:22 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 136683
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 clarity.js Show response
www.clarity.ms/s/0.7.56/ 66 KB
28 KB 15ms
13ms Script
application/javascript 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/s/0.7.56/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/mamdmk9fzm?ref=gtm2
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: dc1da692990307185621fd661b7305e29d3a0a5ba0f0d998e5a1463a17c57044

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://northstarcourier.net/

Response headers

x-azure-ref: 20241127T002722Z-r17f8d897ffdwbzfhC1FRA41z00000000hr000000000f739
cache-control: public, max-age=86400
x-ms-version: 2018-03-28
content-encoding: br
etag: W/"0x8DD041B2B98F09E"
x-fd-int-roxy-purgeid: 79034942
x-ms-request-id: db907913-a01e-003d-4e01-3d58c0000000
access-control-allow-origin: *
x-cache: TCP_HIT
date: Wed, 27 Nov 2024 00:27:22 GMT
content-type: application/javascript;charset=utf-8
vary: Accept-Encoding
last-modified: Wed, 13 Nov 2024 19:41:29 GMT

GET
H2 200 cropped-northstar_favicon-32x32.png
b3590621.smushcdn.com/3590621/wp-content/uploads/2020/03/ 278 B
1 KB 8ms
7ms Other
image/webp 2400:52e0:1e00::1079:1
CDN77 Datacamp Li...

General

Check archive.org

Show headers Download Go to

Full URL: https://b3590621.smushcdn.com/3590621/wp-content/uploads/2020/03/cropped-northstar_favicon-32x32.png?lossy=2&strip=1&webp=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1079:1 , Germany, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS
Software: BunnyCDN-DE1-1079 /
Resource Hash: c67b608e25f3a9f5ff6292792ffe8a3436415e1bf9b4c0d9f8e5f62f3c346644

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://northstarcourier.net/

Response headers

cdn-status: 200
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
etag: "63285aa56dc0756305a071c66273c6fd"
date: Wed, 27 Nov 2024 00:27:22 GMT
content-type: image/webp
last-modified: Thu, 14 Nov 2024 05:27:40 GMT
x-amz-expiration: expiry-date="Sun, 15 Dec 2024 00:00:00 GMT", rule-id="expire"
cdn-cache: HIT
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullcode: 200
cdn-cachedat: 11/26/2024 23:41:41
cache-control: public, max-age=31919000
cdn-requestpullsuccess: True
cdn-requesttime: 1
smushed: origFmt=png, origSize=406, smushRatio=31.53, skipped=0, originCache=HIT
cdn-uid: 778bbc1f-fc99-4e43-843d-a54ddaa69624
cdn-requestid: 2d1d99e4ed9455770070887ff40ae902
cdn-pullzone: 2210922
cdn-proxyver: 1.06
accept-ranges: bytes
access-control-allow-origin: *
content-length: 278
cdn-edgestorageid: 1080
server: BunnyCDN-DE1-1079
cdn-requestcountrycode: DE

POST
H/1.1 204
No Content collect Show response
k.clarity.ms/ 0
284 B 516ms
208ms XHR
text/plain 172.175.38.6
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://k.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.56/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 172.175.38.6 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept: application/x-clarity-gzip
Referer: https://northstarcourier.net/

Response headers

Request-Context: appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78
Access-Control-Allow-Origin: https://northstarcourier.net
Date: Wed, 27 Nov 2024 00:27:22 GMT
Vary: Origin
Server: nginx
Connection: keep-alive
Access-Control-Allow-Credentials: true

GET
H2 200 en-US.json Show response
cdn.userway.org/widgetapp/2024-11-25-13-06-33/locales/ 607 B
944 B 8ms
7ms XHR
application/json 2a02:6ea0:c700::112
CDN77 Datacamp Li...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/widgetapp/2024-11-25-13-06-33/locales/en-US.json
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2024-11-25-13-06-33/widget_app_base_1732539993486.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::112 Frankfurt am Main, Germany, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: c46936850cfa993988f2c32b0b04a5c4b0f94c30d36aca502626befbd2b802de

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://northstarcourier.net/

Response headers

access-control-max-age: 3000
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
content-encoding: gzip
etag: W/"971644f50e2020e1ff22e37edcad46f6"
age: 302
x-77-cache: HIT
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
x-amz-cf-id: 9UyQh6aRMAvVU4xCv9-6FKSb40s5CfnZk_rf-g5fFQHRPj_-51vLEQ==
date: Wed, 27 Nov 2024 00:27:22 GMT
content-type: application/json
last-modified: Mon, 25 Nov 2024 13:10:29 GMT
x-77-nzt-ray: 15b3c7112cbb22f46a6746678e9f6d21
vary: Accept-Encoding
x-77-nzt: EgwBqZb/tgH3+eEBAAwBw7WvAgG3YwwAAA
cache-control: max-age=25920000, public
via: 1.1 2a44338adc8233e5b25aca28287a69c8.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-77-pop: frankfurtDE
x-77-age: 123385
x-amz-cf-pop: FRA60-P3
server: CDN77-Turbo
x-amz-server-side-encryption: AES256

GET
H2 200 remediation-tool-free.js Show response
cdn.userway.org/remediation/2024-11-25-13-06-33/free/ 32 KB
13 KB 7ms
7ms Script
application/javascript 2a02:6ea0:c700::112
CDN77 Datacamp Li...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/remediation/2024-11-25-13-06-33/free/remediation-tool-free.js?ts=1732539993486
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2024-11-25-13-06-33/widget_app_base_1732539993486.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::112 Frankfurt am Main, Germany, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: ccf29bf1122c13da436d4262a69298603224f21f7085a70605a5abad7481fbc6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://northstarcourier.net
Referer: https://northstarcourier.net/

Response headers

access-control-max-age: 3000
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
content-encoding: gzip
etag: W/"5deb9c2444f05f1810d5a32d3059f8ec"
age: 301
x-77-cache: HIT
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
x-amz-cf-id: W7Z5vVSdua1bItGkp15DGl98L76AbRk6u59uqT01yU2rFlX0fdLWSA==
date: Wed, 27 Nov 2024 00:27:23 GMT
content-type: application/javascript
last-modified: Mon, 25 Nov 2024 13:10:41 GMT
vary: Accept-Encoding
x-77-nzt-ray: 15b3c7112cbb22f46b6746673f16b703
x-77-nzt: EgwBqZb/tgH3+uEBAAwBisclxAG3YwwAAA
cache-control: max-age=25920000, public
via: 1.1 2a44338adc8233e5b25aca28287a69c8.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-77-pop: frankfurtDE
x-77-age: 123386
x-amz-cf-pop: FRA60-P3
server: CDN77-Turbo
x-amz-server-side-encryption: AES256

GET
H2 200 widget_base.css
cdn.userway.org/styles/2024-11-25-13-06-33/ 30 KB
5 KB 8ms
7ms Stylesheet
text/css 2a02:6ea0:c700::112
CDN77 Datacamp Li...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/styles/2024-11-25-13-06-33/widget_base.css?v=1732539993486
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2024-11-25-13-06-33/widget_app_base_1732539993486.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::112 Frankfurt am Main, Germany, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: f4a9f0660f5c68ff763c6f5eb2d89f977cc2a61ed5d3f2688a2257de0f65fef3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://northstarcourier.net/

Response headers

access-control-max-age: 3000
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
content-encoding: gzip
etag: W/"35af998bd342763044abead4df839374"
age: 191
x-77-cache: HIT
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
x-amz-cf-id: a2v8NjNirEu3iW5Vhok6P1BUCao3-fw-mS0VUcHcw6CywU6YDmN4ig==
date: Wed, 27 Nov 2024 00:27:23 GMT
content-type: text/css
last-modified: Mon, 25 Nov 2024 13:09:49 GMT
vary: Accept-Encoding
x-77-nzt-ray: 15b3c7112cbb48f36b674667d280c203
x-77-nzt: EgwBqZb/tgH3++EBAAwBisclxAG30QwAAA
cache-control: max-age=864000, public
via: 1.1 544814e402956ba93c0a2d2b923e94c2.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-77-pop: frankfurtDE
x-77-age: 123387
x-amz-cf-pop: FRA60-P3
server: CDN77-Turbo
x-amz-server-side-encryption: AES256

GET
H2 200 widget_base.css
cdn.userway.org/styles/2024-11-25-13-06-33/ Frame 1A52 30 KB
0 9ms
9ms Stylesheet
text/css 2a02:6ea0:c700::112
CDN77 Datacamp Li...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/styles/2024-11-25-13-06-33/widget_base.css?v=1732539993486
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2024-11-25-13-06-33/widget_app_base_1732539993486.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::112 Frankfurt am Main, Germany, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: f4a9f0660f5c68ff763c6f5eb2d89f977cc2a61ed5d3f2688a2257de0f65fef3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

access-control-max-age: 3000
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
content-encoding: gzip
etag: W/"35af998bd342763044abead4df839374"
age: 191
x-77-cache: HIT
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
x-amz-cf-id: a2v8NjNirEu3iW5Vhok6P1BUCao3-fw-mS0VUcHcw6CywU6YDmN4ig==
date: Wed, 27 Nov 2024 00:27:23 GMT
content-type: text/css
last-modified: Mon, 25 Nov 2024 13:09:49 GMT
vary: Accept-Encoding
x-77-nzt-ray: 15b3c7112cbb48f36b674667d280c203
x-77-nzt: EgwBqZb/tgH3++EBAAwBisclxAG30QwAAA
cache-control: max-age=864000, public
via: 1.1 544814e402956ba93c0a2d2b923e94c2.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-77-pop: frankfurtDE
x-77-age: 123387
x-amz-cf-pop: FRA60-P3
server: CDN77-Turbo
x-amz-server-side-encryption: AES256

GET
H2 200 widget_base.css
cdn.userway.org/styles/2024-11-25-13-06-33/ Frame A6D4 30 KB
0 11ms
11ms Stylesheet
text/css 2a02:6ea0:c700::112
CDN77 Datacamp Li...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/styles/2024-11-25-13-06-33/widget_base.css?v=1732539993486
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2024-11-25-13-06-33/widget_app_base_1732539993486.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::112 Frankfurt am Main, Germany, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: f4a9f0660f5c68ff763c6f5eb2d89f977cc2a61ed5d3f2688a2257de0f65fef3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

access-control-max-age: 3000
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
content-encoding: gzip
etag: W/"35af998bd342763044abead4df839374"
age: 191
x-77-cache: HIT
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
x-amz-cf-id: a2v8NjNirEu3iW5Vhok6P1BUCao3-fw-mS0VUcHcw6CywU6YDmN4ig==
date: Wed, 27 Nov 2024 00:27:23 GMT
content-type: text/css
last-modified: Mon, 25 Nov 2024 13:09:49 GMT
vary: Accept-Encoding
x-77-nzt-ray: 15b3c7112cbb48f36b674667d280c203
x-77-nzt: EgwBqZb/tgH3++EBAAwBisclxAG30QwAAA
cache-control: max-age=864000, public
via: 1.1 544814e402956ba93c0a2d2b923e94c2.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-77-pop: frankfurtDE
x-77-age: 123387
x-amz-cf-pop: FRA60-P3
server: CDN77-Turbo
x-amz-server-side-encryption: AES256

GET
H2 200 body_bl.svg
cdn.userway.org/widgetapp/images/ 4 KB
3 KB 7ms
7ms Image
image/svg+xml 2a02:6ea0:c700::112
CDN77 Datacamp Li...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.userway.org/widgetapp/images/body_bl.svg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::112 Frankfurt am Main, Germany, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: de583c448ba7298a3d03f7a08756d0f0f7776a2ac59e2e3720b84fb30fd2919b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://northstarcourier.net/

Response headers

access-control-max-age: 3000
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
content-encoding: gzip
etag: W/"fea90479d6c22e0aa948a8c80f616fa0"
x-77-cache: HIT
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
x-amz-cf-id: anlWv15IqGAxywqcgi7EDeVDpk7-YNFBVxmH1Qo6I3LOjd1AlF1wog==
date: Wed, 27 Nov 2024 00:27:23 GMT
content-type: image/svg+xml
x-77-nzt-ray: 15b3c7112cbb48f36b67466761e64405
vary: Accept-Encoding
last-modified: Mon, 25 Nov 2024 13:10:31 GMT
x-77-nzt: EgwBqZb/tgH37uEBAAwB1GY4EQG3cQwAAA
cache-control: max-age=25920000, public
via: 1.1 5b6e22c950501920595c86fc25834582.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-77-pop: frankfurtDE
x-77-age: 123374
x-amz-cf-pop: FRA60-P3
server: CDN77-Turbo
x-amz-server-side-encryption: AES256

GET
H2 200 spin_bl.svg
cdn.userway.org/widgetapp/images/ 2 KB
1 KB 7ms
7ms Image
image/svg+xml 2a02:6ea0:c700::112
CDN77 Datacamp Li...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.userway.org/widgetapp/images/spin_bl.svg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::112 Frankfurt am Main, Germany, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 0866546ae9c65964cd912860db934e24d99b401dca5a2a206b8df2cacc60bda5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://northstarcourier.net/

Response headers

access-control-max-age: 3000
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
content-encoding: gzip
etag: W/"f1006e80919a554a181eeffcb6b3e381"
x-77-cache: HIT
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
x-amz-cf-id: YJAGa7t9wuywQSYDEp1JQQ8Hb7jtknHwjWuhLJg-SaStJFyI-IDn_g==
date: Wed, 27 Nov 2024 00:27:23 GMT
content-type: image/svg+xml
x-77-nzt-ray: 15b3c7112cbb48f36b674667b3594905
vary: Accept-Encoding
last-modified: Mon, 25 Nov 2024 13:10:32 GMT
x-77-nzt: EgwBqZb/tgH38OEBAAwBJRPCLgG3bwwAAA
cache-control: max-age=25920000, public
via: 1.1 fa8c9f29fb8ef5c537a2a53f4de05240.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-77-pop: frankfurtDE
x-77-age: 123376
x-amz-cf-pop: FRA60-P3
server: CDN77-Turbo
x-amz-server-side-encryption: AES256

POST
H/1.1 204
No Content collect Show response
k.clarity.ms/ 0
284 B 101ms
99ms XHR
text/plain 172.175.38.6
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://k.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.56/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 172.175.38.6 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept: application/x-clarity-gzip
Referer: https://northstarcourier.net/

Response headers

Request-Context: appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78
Access-Control-Allow-Origin: https://northstarcourier.net
Date: Wed, 27 Nov 2024 00:27:23 GMT
Vary: Origin
Server: nginx
Connection: keep-alive
Access-Control-Allow-Credentials: true

POST
H/1.1 204
No Content collect Show response
k.clarity.ms/ 0
284 B 102ms
100ms XHR
text/plain 172.175.38.6
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://k.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.56/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 172.175.38.6 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept: application/x-clarity-gzip
Referer: https://northstarcourier.net/

Response headers

Request-Context: appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78
Access-Control-Allow-Origin: https://northstarcourier.net
Date: Wed, 27 Nov 2024 00:27:25 GMT
Vary: Origin
Server: nginx
Connection: keep-alive
Access-Control-Allow-Credentials: true

GET status
api.userway.org/api/a11y-data/v0/page/https%3A%2F%2Fnorthstarcourier.net%2F/DESKTOP/WIDGET_OFF/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: api.userway.org
URL: https://api.userway.org/api/a11y-data/v0/page/https%3A%2F%2Fnorthstarcourier.net%2F/DESKTOP/WIDGET_OFF/status

Verdicts & Comments Add Verdict or Comment

132 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

16 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.google.com/recaptcha	1970-01-21 05:36:59	Name: _GRECAPTCHA Value: 09ANOXeZy-yr4Qw8b4oy-9_zWV6d3Rfg6w4lyk1sS4OGiqgWo80j39PoIAclmMxm0am6j4RwxteZydfWe7gYGmWZU
497479.tctm.co/	1969-12-31 23:59:59	Name: ct497479 Value: 67466769000797474955a211
northstarcourier.net/	1970-01-21 10:43:42	Name: _pk_id.220715.3b69 Value: 9e7d1d7a4f3a07fb.1732667242.1.1732667242.1732667242.
northstarcourier.net/	1970-01-21 01:17:49	Name: _pk_ses.220715.3b69 Value: 1
497479.tctm.xyz/	1969-12-31 23:59:59	Name: ct497479 Value: 6746676900079747129c7426
.northstarcourier.net/	1970-01-21 03:27:23	Name: _gcl_au Value: 1.1.1033198770.1732667242
.northstarcourier.net/	1970-01-21 10:53:47	Name: _ga_S1B6QX2S64 Value: GS1.1.1732667241.1.0.1732667241.60.0.0
.northstarcourier.net/	1970-01-21 10:53:47	Name: _ga_4L564H4C25 Value: GS1.1.1732667242.1.0.1732667242.0.0.0
.northstarcourier.net/	1970-01-21 10:53:47	Name: wc_visitor Value: 128774-e46a0f7f-8044-b23c-6752-e544eaf102e2
.northstarcourier.net/	1970-01-21 05:36:59	Name: wc_client Value: direct+..+none+..++..++..++..++..+https%3A%2F%2Fnorthstarcourier.net%2F+..+128774-e46a0f7f-8044-b23c-6752-e544eaf102e2+..++..++..+
.northstarcourier.net/	1969-12-31 23:59:59	Name: wc_client_current Value: direct+..+none+..++..++..++..++..+https%3A%2F%2Fnorthstarcourier.net%2F+..+128774-e46a0f7f-8044-b23c-6752-e544eaf102e2+..++..++..+
.northstarcourier.net/	1970-01-21 10:53:47	Name: _ga Value: GA1.2.704575662.1732667242
.northstarcourier.net/	1970-01-21 01:19:13	Name: _gid Value: GA1.2.219997898.1732667242
.northstarcourier.net/	1970-01-21 01:17:47	Name: _gat_UA-34039466-1 Value: 1
.northstarcourier.net/	1970-01-21 01:17:47	Name: _gat_gtag_UA_34039466_1 Value: 1
.northstarcourier.net/	1970-01-21 01:17:47	Name: wc_swap Value: 8582069124+..+8582688300+..+132394

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=2592000 max-age=300 max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

497479.tctm.co
497479.tctm.xyz
api.userway.org
b3590621.smushcdn.com
cdn.userway.org
cdnjs.cloudflare.com
fonts.googleapis.com
fonts.gstatic.com
hb.wpmucdn.com
k.clarity.ms
northstarcourier.net
northstardelivery.net
p.ksrndkehqnwntyxlhgto.com
process.iconnode.com
region1.analytics.google.com
region1.google-analytics.com
s.ksrndkehqnwntyxlhgto.com
stats.g.doubleclick.net
stats.wpmucdn.com
stats1.wpmudev.com
www.clarity.ms
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
api.userway.org
13.248.238.122
15.197.225.128
172.175.38.6
18.245.60.90
2001:4860:4802:34::36
2400:52e0:1e00::1079:1
2400:52e0:1e00::1080:1
2400:52e0:1e00::1082:1
2600:1f14:5db:eb11:13c8:ad0b:49a5:68ae
2600:9000:223d:e400:b:527a:2d40:93a1
2600:9000:235a:d200:12:de4a:40:93a1
2606:4700::6811:180e
2620:1ec:bdf::45
2a00:1450:4001:800::200a
2a00:1450:4001:800::200e
2a00:1450:4001:80b::2003
2a00:1450:4001:80b::2004
2a00:1450:4001:81d::2003
2a00:1450:4001:82a::2003
2a00:1450:4001:830::2008
2a00:1450:400c:c00::9d
2a02:6ea0:c700::112
2a06:98c1:3121::3
3.133.184.197
76.223.116.242
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
038c1ebb646d49a9117333c06f05d330b5ab6b16ce5a6039f5d0e85f1206bd1e
064a5953ce47d149505db1511d41a7e51acb727cf67ef8fb072d4bac6e3e2e9e
0866546ae9c65964cd912860db934e24d99b401dca5a2a206b8df2cacc60bda5
10488c299f3b5fc4e1a1e8c2d5c58a7742eb9b7445e9fabe209398696bc55a81
230facbc81b146c0992a734f6b1a47df5e051302a2c5b0412020a411a49f3a14
234a67a1cb720deced507b72e76df75ed31bd6c00aa41b7fe909b2fa074005b3
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2c9a986af6cca0ca1786b45726db9e485ba476b3198fee17710be30c2c26a74b
36e677c03140646e0da3809396da17f84a4499c42ed1b4464fa9b50c06c26ce4
37446742bcc988338396dce6637a3e8a78e5308395cad5e3f30d9ae4cffa747d
4bc8829c4454f9fbd2ede686b1a208e9e3f5235bdf4201eaa060a3b191d8e6f4
52e83a8c5a89fdcb4b3a595653b70ab1c0ada4548f04de2347c818a6e4ee62a4
5821ea6fe102402c41b237ed00010fbecc9b7444c74b71bf8b15a02bb436c549
598911be4586332ffee19ea06d32199c323b6c8f75ebdb6e4b6b3c483c89f722
5cea36c208b4d1515d01b943a2c777ce4f08b9cea81bf80fbff42b21abc1b879
5f95853eee2d1046a43f18c19b428cdbba76c3e08a9a3c7b0156f1876f3e2b49
62166628d0c0f3518e8869cbd2be04d982ce80a0109671b4ef86fffc0187386e
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6db83b2803fed3f9b574567755102b18c401904a374c8acf4c9a2e9b0159cb4f
6fc41d978533fe39f74e09403f5b2d3433d81e76e2504bee8420de33754f52fe
712753554d9d58a6adb0d32f1ec1b230f66484388cd760c49df79236102ca000
8c44c3feedae5331a281278ea3ba91d2255928a2f3010d316d6fbb9052e0c2ec
9834b82ad26e2a37583d22676a12dd2eb0fe7c80356a2114d0db1aa8b3899537
9aef150c6f87a55413bbc67a868b414b034fab111e93442945a2ec4586fba1d3
aeab2e8c900a020c2d659d408aefd7fcedb74c505076f36125ae0d0d9c389542
b1adc4750ebc66c9e3d668dec07ed112f15ba36f60a0ddc97c368aab1299978e
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bbd90e143917692a4337dcdf0f9bdeb628ff4a3f7c3d9b3230b4b5f3de504c53
c07c947c5a631f5ae75a2a3d3c258a970a64ee05beef21b9a79e5503fb7e1beb
c1fa58e7086c1de253aeaa4de38a7dc682228843272b8be83b8c5b60c743f04d
c46936850cfa993988f2c32b0b04a5c4b0f94c30d36aca502626befbd2b802de
c4d4233a44f3ae1cef58b97a2e551008e9a8a5403b1c26c67136a0a20f9c7eb1
c67b608e25f3a9f5ff6292792ffe8a3436415e1bf9b4c0d9f8e5f62f3c346644
c93e5b8fba618fc4ec82f1923855ba69c483a5f87a6df6a35ee060bf9a2ce547
ccf29bf1122c13da436d4262a69298603224f21f7085a70605a5abad7481fbc6
dbca7ecca163874906ae6f9ff30df04eadc0a24b2dfa01cd996a3c167fd6db1b
dc1da692990307185621fd661b7305e29d3a0a5ba0f0d998e5a1463a17c57044
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de583c448ba7298a3d03f7a08756d0f0f7776a2ac59e2e3720b84fb30fd2919b
e0554a1e3d3328c9ee08f1343a1f393b388a0009cd8f24abf5ad02a63e92a18f
e0c046ae9063218aa3306df720e994b800421d1543f9e09da964e741171ae604
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e42a88444448ac3d60549cc7c1ff2c8a9cac721034c073d80a14a44e79730cca
e8e96367d94460cdec64ecb97a6858acd05f2136817aee683d29347008fc0869
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f064a6544cb6cafbf06319b12560ff4468b68c851726051fee01de985d1a9afc
f4a9f0660f5c68ff763c6f5eb2d89f977cc2a61ed5d3f2688a2257de0f65fef3
f592ea202098bc496b9d9a28c1268b0738662fd735fda1bcd92613dfa77dbbb6
f8e5f5ce9ff44073cff24bcd3d2b8aa4e67b67891b14ff929fe4743880fdf82e

northstarcourier.net Open in urlscan Pro 2a06:98c1:3121::3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

62 Requests

98 %HTTPS

76 %IPv6

19 Domains

26 Subdomains

25 IPs

3 Countries

1735 kBTransfer

4392 kBSize

16 Cookies

4 Outgoing links

Page URL History

Redirected requests

62 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

northstarcourier.net Open in urlscan Pro
2a06:98c1:3121::3 Public Scan

Screenshot
Live screenshot

Full Image

62
Requests

98 %
HTTPS

76 %
IPv6

19
Domains

26
Subdomains

25
IPs

3
Countries

1735 kB
Transfer

4392 kB
Size

16
Cookies

62 HTTP transactions
2 data transactions