urlscan.io logo urlscan.io
SecurityTrails logo

www.staradvertiser.com Open in urlscan Pro
34.68.132.100  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.staradvertiser.com/
Effective URL: https://www.staradvertiser.com/
Submission: On September 22 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 158 IPs in 12 countries across 109 domains to perform 905 HTTP transactions. The main IP is 34.68.132.100, located in Council Bluffs, United States and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is www.staradvertiser.com. The Cisco Umbrella rank of the primary domain is 159742.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on January 29th 2022. Valid for: a year.
This is the only time www.staradvertiser.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 81 34.68.132.100 396982 (GOOGLE-CL...)
17 2600:9000:223... 16509 (AMAZON-02)
3 2606:4700::68... 13335 (CLOUDFLAR...)
4 2a02:26f0:11a... 20940 (AKAMAI-ASN1)
8 172.64.133.15 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
2 2600:9000:223... 16509 (AMAZON-02)
1 2600:9000:225... 16509 (AMAZON-02)
1 23.35.237.64 16625 (AKAMAI-AS)
1 2a04:4e42::282 54113 (FASTLY)
18 2a00:1450:400... 15169 (GOOGLE)
1 54.221.208.196 14618 (AMAZON-AES)
5 52.216.242.208 16509 (AMAZON-02)
6 54.231.229.145 16509 (AMAZON-02)
13 34.96.77.232 15169 (GOOGLE)
3 3.209.43.118 14618 (AMAZON-AES)
1 2606:2800:233... 15133 (EDGECAST)
3 18.66.122.72 16509 (AMAZON-02)
2 35.184.218.133 396982 (GOOGLE-CL...)
18 2a00:1450:400... 15169 (GOOGLE)
2 8 2a04:4e42:400... 54113 (FASTLY)
17 2606:4700::68... 13335 (CLOUDFLAR...)
18 2606:4700:303... 13335 (CLOUDFLAR...)
1 23.35.236.201 16625 (AKAMAI-AS)
10 18.64.114.85 16509 (AMAZON-02)
1 2a02:26f0:350... 20940 (AKAMAI-ASN1)
21 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:225... 16509 (AMAZON-02)
1 18.66.147.88 16509 (AMAZON-02)
4 13.32.99.90 16509 (AMAZON-02)
3 2a03:2880:f00... 32934 (FACEBOOK)
2 2a00:1450:400... 15169 (GOOGLE)
2 2620:1ec:46::60 8068 (MICROSOFT...)
1 2a04:4e42:200... 54113 (FASTLY)
9 2a00:1450:400... 15169 (GOOGLE)
10 2a04:4e42:600... 54113 (FASTLY)
5 6 2600:9000:225... 16509 (AMAZON-02)
5 63.34.160.33 16509 (AMAZON-02)
1 52.160.40.218 8075 (MICROSOFT...)
4 2001:4860:480... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
1 2 107.178.250.234 15169 (GOOGLE)
1 18.66.15.17 16509 (AMAZON-02)
6 99.86.240.121 16509 (AMAZON-02)
1 2 3.212.26.31 14618 (AMAZON-AES)
1 13.224.189.97 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
17 2a00:1450:400... 15169 (GOOGLE)
2 34.232.27.202 14618 (AMAZON-AES)
9 52.44.229.202 14618 (AMAZON-AES)
1 18.214.111.9 14618 (AMAZON-AES)
3 2600:9000:225... 16509 (AMAZON-02)
3 18.64.79.103 16509 (AMAZON-02)
6 151.101.129.194 54113 (FASTLY)
7 2600:9000:206... 16509 (AMAZON-02)
51 2a00:1450:400... 15169 (GOOGLE)
2 35.244.184.131 15169 (GOOGLE)
2 2a04:4e42:600... 54113 (FASTLY)
4 2606:4700::68... 13335 (CLOUDFLAR...)
1 52.89.126.190 16509 (AMAZON-02)
2 2 2400:52e0:1e0... 200325 (BUNNYCDN)
4 2606:4700:303... 13335 (CLOUDFLAR...)
1 2 2a02:2638::1c 44788 (ASN-CRITE...)
2 178.250.2.146 44788 (ASN-CRITE...)
1 23.35.236.247 16625 (AKAMAI-AS)
12 13.32.145.10 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
7 52.206.60.169 14618 (AMAZON-AES)
1 104.18.12.242 13335 (CLOUDFLAR...)
1 142.250.185.66 15169 (GOOGLE)
2 2a00:1450:402... 15169 (GOOGLE)
2 3 142.250.185.134 15169 (GOOGLE)
1 23.35.237.86 16625 (AKAMAI-AS)
2 2a04:4e42:200... 54113 (FASTLY)
1 7 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 18.66.248.107 16509 (AMAZON-02)
4 2a00:1450:400... 15169 (GOOGLE)
55 2a00:1450:400... 15169 (GOOGLE)
4 13.225.87.188 16509 (AMAZON-02)
1 18.66.112.48 16509 (AMAZON-02)
1 143.204.89.60 16509 (AMAZON-02)
2 18.66.2.51 16509 (AMAZON-02)
3 198.47.127.22 62713 (AS-PUBMATIC)
7 2a00:1450:400... 15169 (GOOGLE)
28 2a00:1450:400... 15169 (GOOGLE)
14 2a00:1450:400... 15169 (GOOGLE)
6 2a03:2880:f12... 32934 (FACEBOOK)
4 35.170.30.54 14618 (AMAZON-AES)
1 18.66.147.44 16509 (AMAZON-02)
2 3.219.38.131 14618 (AMAZON-AES)
1 34.234.134.156 14618 (AMAZON-AES)
4 52.223.40.198 16509 (AMAZON-02)
2 34.120.133.55 396982 (GOOGLE-CL...)
24 2a00:1450:400... 15169 (GOOGLE)
1 2a02:26f0:dc:... 20940 (AKAMAI-ASN1)
5 20.85.30.134 8075 (MICROSOFT...)
1 92.123.21.200 16625 (AKAMAI-AS)
3 9 104.18.19.126 13335 (CLOUDFLAR...)
1 3.120.106.63 16509 (AMAZON-02)
1 35.158.20.13 16509 (AMAZON-02)
1 185.94.180.124 35220 (SPOTX-AMS)
1 6 185.89.210.153 29990 (ASN-APPNEX)
19 20.60.81.107 8075 (MICROSOFT...)
1 141.95.98.64 16276 (OVH)
1 54.216.193.48 16509 (AMAZON-02)
4 2a00:1450:400... 15169 (GOOGLE)
2 2a04:4e42:41:... 54113 (FASTLY)
2 2600:9000:249... 16509 (AMAZON-02)
1 1 142.250.185.98 15169 (GOOGLE)
1 172.255.62.200 36483 (GOSSAMERT...)
1 35.158.236.126 16509 (AMAZON-02)
1 213.19.147.43 3356 (LEVEL3)
2 209.191.163.209 14744 (INTERNAP-...)
1 2602:803:c003... 26667 (RUBICONPR...)
1 178.250.0.165 44788 (ASN-CRITE...)
1 34.98.64.218 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
4 2a02:2638:1::2 44788 (ASN-CRITE...)
6 2a02:2638::b 44788 (ASN-CRITE...)
2 2a02:2638::2 44788 (ASN-CRITE...)
47 2a02:2638:1::3 44788 (ASN-CRITE...)
6 178.250.0.160 44788 (ASN-CRITE...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
22 178.250.0.139 44788 (ASN-CRITE...)
12 178.250.0.162 44788 (ASN-CRITE...)
1 198.47.127.18 3257 (GTT-BACKB...)
1 99.86.91.74 16509 (AMAZON-02)
3 5 52.94.223.37 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
1 34.120.58.62 15169 (GOOGLE)
1 2600:1901:0:7... 15169 (GOOGLE)
14 2606:4700:20:... 13335 (CLOUDFLAR...)
1 35.227.252.103 15169 (GOOGLE)
1 185.64.190.78 62713 (AS-PUBMATIC)
1 1 52.54.46.88 14618 (AMAZON-AES)
4 19 172.217.16.130 15169 (GOOGLE)
1 69.166.1.10 27630 (AS-XFERNET)
2 2 51.89.9.253 16276 (OVH)
1 1 124.146.215.42 2514 (INFOSPHER...)
2 2 185.89.210.244 29990 (ASN-APPNEX)
4 3.82.239.242 14618 (AMAZON-AES)
4 2600:9000:225... 16509 (AMAZON-02)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
2 23.205.235.133 16625 (AKAMAI-AS)
1 3.124.27.64 16509 (AMAZON-02)
3 3 92.123.17.141 16625 (AKAMAI-AS)
1 148.251.139.77 24940 (HETZNER-AS)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 142.251.39.34 15169 (GOOGLE)
1 18.132.138.70 16509 (AMAZON-02)
2 2 18.197.134.247 16509 (AMAZON-02)
1 1 103.229.205.243 30419 (MEDIAMATH...)
1 1 35.186.193.173 15169 (GOOGLE)
3 3 3.126.140.73 16509 (AMAZON-02)
1 1 193.0.160.128 54312 (ROCKETFUEL)
3 5 69.173.144.138 26667 (RUBICONPR...)
4 4 69.173.144.165 26667 (RUBICONPR...)
1 2620:1ec:21::14 8068 (MICROSOFT...)
2 3 52.46.155.104 16509 (AMAZON-02)
1 1 2a05:d018:d29... 16509 (AMAZON-02)
1 108.157.4.61 16509 (AMAZON-02)
1 18.66.2.73 16509 (AMAZON-02)
1 69.166.1.14 27630 (AS-XFERNET)
1 35.157.246.167 16509 (AMAZON-02)
2 18.134.23.117 16509 (AMAZON-02)
2 13.32.121.57 16509 (AMAZON-02)
1 2 34.248.187.45 16509 (AMAZON-02)
1 1 34.95.127.121 15169 (GOOGLE)
2 99.83.181.31 16509 (AMAZON-02)
905 158
81    34.68.132.100 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 100.132.68.34.bc.googleusercontent.com
www.staradvertiser.com
17    2600:9000:223e:7000:13:a391:88c0:21 (United States)

ASN16509 (AMAZON-02, US)
d3plfjw9uod7ab.cloudfront.net
3    2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)
maxcdn.bootstrapcdn.com
4    2a02:26f0:11a::6867:4841 (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)
use.typekit.net
8    172.64.133.15 (United States)

ASN13335 (CLOUDFLARENET, US)
use.fontawesome.com
1    2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
2    2600:9000:223c:2e00:18:1fcd:351:7bc1 (United States)

ASN16509 (AMAZON-02, US)
static.chartbeat.com
1    2600:9000:225e:7200:1:a3fa:7cc0:93a1 (United States)

ASN16509 (AMAZON-02, US)
content.jwplatform.com
1    23.35.237.64 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-237-64.deploy.static.akamaitechnologies.com
s.ntv.io
1    2a04:4e42::282 (United States)

ASN54113 (FASTLY, US)
polyfill.io
18    2a00:1450:400a:800::200a (Zurich, Switzerland)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    54.221.208.196 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-221-208-196.compute-1.amazonaws.com
staradvertiser-hi.newsmemory.com
5    52.216.242.208 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-us-east-1-r-w.amazonaws.com
sa-media.s3.us-east-1.amazonaws.com
6    54.231.229.145 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com
sa-media.s3.amazonaws.com
recruitology-static.s3.amazonaws.com
13    34.96.77.232 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 232.77.96.34.bc.googleusercontent.com
origami.secure.ownlocal.com
3    3.209.43.118 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-209-43-118.compute-1.amazonaws.com
embed.sendtonews.com
1    2606:2800:233:1cb7:261b:1f9c:2074:3c (United States)

ASN15133 (EDGECAST, US)
cdn.cityspark.com
3    18.66.122.72 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-122-72.fra60.r.cloudfront.net
widgets.recruitology.com
2    35.184.218.133 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 133.218.184.35.bc.googleusercontent.com
dining.staradvertiser.com
hawaiirenovation.staradvertiser.com
18    2a00:1450:400d:80a::2004 (Ireland)

ASN15169 (GOOGLE, US)
www.google.com
8    2a04:4e42:400::485 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
17    2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
18    2606:4700:3030::6815:251b (United States)

ASN13335 (CLOUDFLARENET, US)
analyticssystems.net
1    23.35.236.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-201.deploy.static.akamaitechnologies.com
ads.pubmatic.com
10    18.64.114.85 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-64-114-85.txl50.r.cloudfront.net
c.amazon-adsystem.com
1    2a02:26f0:3500:16::215:148b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
p.typekit.net
21    2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
5    2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2600:9000:2251:6200:14:c3e7:6780:93a1 (United States)

ASN16509 (AMAZON-02, US)
aamcftag.aamsitecertifier.com
1    18.66.147.88 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-88.fra60.r.cloudfront.net
d2na2p72vtqyok.cloudfront.net
4    13.32.99.90 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-90.fra60.r.cloudfront.net
sb.scorecardresearch.com
3    2a03:2880:f007:8:face:b00c:0:1 (Vienna, Austria)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2620:1ec:46::60 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.clarity.ms
1    2a04:4e42:200::714 (United States)

ASN54113 (FASTLY, US)
mab.chartbeat.com
9    2a00:1450:4001:806::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube.com
10    2a04:4e42:600::626 (United States)

ASN54113 (FASTLY, US)
ssl.p.jwpcdn.com
assets-jpcust.jwpsrv.com
prd.jwpltx.com
6    2600:9000:225e:4000:1:a3fa:7cc0:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.jwplayer.com
5    63.34.160.33 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-34-160-33.eu-west-1.compute.amazonaws.com
jadserve.postrelease.com
1    52.160.40.218 (San Jose, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
p.cityspark.com
4    2001:4860:4802:36::36 (United States)

ASN15169 (GOOGLE, US)
us-central1-recruitology-app.cloudfunctions.net
us-central1-kube-ownlocal.cloudfunctions.net
6    2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
2    107.178.250.234 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 234.250.178.107.bc.googleusercontent.com
js.matheranalytics.com
1    18.66.15.17 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-15-17.vie50.r.cloudfront.net
ecdn.analysis.fi
6    99.86.240.121 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-240-121.vie50.r.cloudfront.net
ecdn.firstimpression.io
cdn.firstimpression.io
2    3.212.26.31 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-212-26-31.compute-1.amazonaws.com
trkn.us
1    13.224.189.97 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-97.fra2.r.cloudfront.net
ats.rlcdn.com
3    2a00:1450:4001:82b::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
i.ytimg.com
17    2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    34.232.27.202 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-232-27-202.compute-1.amazonaws.com
ping.chartbeat.net
9    52.44.229.202 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-44-229-202.compute-1.amazonaws.com
geoip.insticator.com
event.insticator.com
1    18.214.111.9 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-214-111-9.compute-1.amazonaws.com
h99w9l39sa.execute-api.us-east-1.amazonaws.com
3    2600:9000:2251:6400:10:3422:3f00:21 (United States)

ASN16509 (AMAZON-02, US)
df80k0z3fi8zg.cloudfront.net
3    18.64.79.103 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-64-79-103.txl50.r.cloudfront.net
get.s-onetag.com
6    151.101.129.194 (United States)

ASN54113 (FASTLY, US)
confiant-integrations.global.ssl.fastly.net
7    2600:9000:206e:7000:9:78a:e540:93a1 (United States)

ASN16509 (AMAZON-02, US)
auth.instiengage.com
product.instiengage.com
51    2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
2    35.244.184.131 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 131.184.244.35.bc.googleusercontent.com
snowplow.ownlocal.com
2    2a04:4e42:600::282 (United States)

ASN54113 (FASTLY, US)
cdn.polyfill.io
4    2606:4700::6810:7daf (United States)

ASN13335 (CLOUDFLARENET, US)
unpkg.com
1    52.89.126.190 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-89-126-190.us-west-2.compute.amazonaws.com
aamcf.aamsitecertifier.com
2    2400:52e0:1e00::864:1 (Slovenia)

ASN200325 (BUNNYCDN, DE)
cdn.materialdesignicons.com
4    2606:4700:3035::6815:4ea2 (United States)

ASN13335 (CLOUDFLARENET, US)
rsms.me
2    2a02:2638::1c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
2    178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
1    23.35.236.247 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-247.deploy.static.akamaitechnologies.com
js-sec.indexww.com
12    13.32.145.10 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-145-10.cdg50.r.cloudfront.net
d29xw9s9x32j3w.cloudfront.net
2    2a00:1450:400d:807::200a (Ireland)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
7    52.206.60.169 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-206-60-169.compute-1.amazonaws.com
s2l.sendtonews.com
1    104.18.12.242 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.resonate.com
1    142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net
www.googleadservices.com
2    2a00:1450:4025:402::9a (Den Helder, Netherlands)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
3    142.250.185.134 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f6.1e100.net
ad.doubleclick.net
1    23.35.237.86 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-237-86.deploy.static.akamaitechnologies.com
widgets.outbrain.com
2    2a04:4e42:200::626 (United States)

ASN54113 (FASTLY, US)
assets-jpcust.jwpsrv.com
7    2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
adservice.google.de
1    2a00:1450:4001:803::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
static.doubleclick.net
3    2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
1    18.66.248.107 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-248-107.dus51.r.cloudfront.net
geo.privacymanager.io
4    2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
jnn-pa.googleapis.com
55    2a00:1450:4001:806::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
yt3.ggpht.com
tpc.googlesyndication.com
4    13.225.87.188 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-87-188.fra2.r.cloudfront.net
aax-dtb-cf.amazon-adsystem.com
1    18.66.112.48 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-48.fra56.r.cloudfront.net
onetag-geo.s-onetag.com
1    143.204.89.60 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-89-60.fra50.r.cloudfront.net
signal-beacon.s-onetag.com
2    18.66.2.51 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-2-51.txl50.r.cloudfront.net
signal-segments.s-onetag.com
3    198.47.127.22 (United States)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
7    2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
28    2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
14    2a00:1450:400d:80a::2001 (Ireland)

ASN15169 (GOOGLE, US)
d728ad254c91b2c39129194f45466e21.safeframe.googlesyndication.com
17b0de2947672e3435c036d26a10ff7b.safeframe.googlesyndication.com
144588f010523d2468bf3a1c1df8e211.safeframe.googlesyndication.com
8d7be3625a97d28e0bfa042004ddc3d1.safeframe.googlesyndication.com
a132e780e94323eea01bca5efa1eeda0.safeframe.googlesyndication.com
6    2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
4    35.170.30.54 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-170-30-54.compute-1.amazonaws.com
timber.sendtonews.com
1    18.66.147.44 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-44.fra60.r.cloudfront.net
player.sendtonews.com
2    3.219.38.131 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-219-38-131.compute-1.amazonaws.com
www.i.matheranalytics.com
1    34.234.134.156 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-234-134-156.compute-1.amazonaws.com
id.sv.rkdms.com
4    52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
2    34.120.133.55 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 55.133.120.34.bc.googleusercontent.com
api.rlcdn.com
24    2a00:1450:400d:80c::2006 (Ireland)

ASN15169 (GOOGLE, US)
s0.2mdn.net
1    2a02:26f0:dc::6853:521 (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)
csp.azureedge.net
5    20.85.30.134 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
j.clarity.ms
1    92.123.21.200 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a92-123-21-200.deploy.static.akamaitechnologies.com
secure.cdn.fastclick.net
9    104.18.19.126 (None, )

ASN13335 (CLOUDFLARENET, US)
as-sec.casalemedia.com
htlb.casalemedia.com
dsum-sec.casalemedia.com
1    3.120.106.63 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-106-63.eu-central-1.compute.amazonaws.com
tlx.3lift.com
1    35.158.20.13 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-158-20-13.eu-central-1.compute.amazonaws.com
prebid-server.rubiconproject.com
1    185.94.180.124 (Amsterdam, Netherlands)

ASN35220 (SPOTX-AMS, US)
search.spotxchange.com
6    185.89.210.153 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ib.adnxs.com
19    20.60.81.107 (San Jose, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
citysparkstorage.blob.core.windows.net
1    141.95.98.64 (France)

ASN16276 (OVH, FR)
PTR: ns3216658.ip-141-95-98.eu
id5-sync.com
1    54.216.193.48 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-216-193-48.eu-west-1.compute.amazonaws.com
id.crwdcntrl.net
4    2a00:1450:4001:809::2010 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
storage.googleapis.com
2    2a04:4e42:41::720 (Vienna, Austria)

ASN54113 (FASTLY, US)
images.unsplash.com
2    2600:9000:2491:d000:1c:386f:ec80:21 (United States)

ASN16509 (AMAZON-02, US)
d3lcz8vpax4lo2.cloudfront.net
1    142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net
adclick.g.doubleclick.net
1    172.255.62.200 (London, United Kingdom)

ASN36483 (GOSSAMERTHREADS, CA)
tradehouse.advertserve.com
1    35.158.236.126 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-158-236-126.eu-central-1.compute.amazonaws.com
hb.emxdgt.com
1    213.19.147.43 (Amsterdam, Netherlands)

ASN3356 (LEVEL3, US)
tag.1rx.io
2    209.191.163.209 (United States)

ASN14744 (INTERNAP-BLOCK-4, US)
ap.lijit.com
1    2602:803:c003:200::21 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
1    178.250.0.165 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.par.vip.prod.criteo.com
bidder.criteo.com
1    34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com
firstimpression-d.openx.net
2    2a00:1450:400d:80c::2002 (Ireland)

ASN15169 (GOOGLE, US)
pubads.g.doubleclick.net
4    2a02:2638:1::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
rtb.nl.eu.criteo.com
6    2a02:2638::b (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
ads.eu.criteo.com
2    2a02:2638::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
rtb.fr.eu.criteo.com
47    2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
6    178.250.0.160 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
cat.fr.eu.criteo.com
2    2606:4700::6812:116b (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.confiant-integrations.net
22    178.250.0.139 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: pix.par.vip.prod.criteo.com
pix.eu.criteo.net
12    178.250.0.162 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
csm.eu.criteo.net
1    198.47.127.18 (United States)

ASN3257 (GTT-BACKBONE GTT, US)
image8.pubmatic.com
1    99.86.91.74 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-91-74.cdg50.r.cloudfront.net
outbid.firstimpression.io
5    52.94.223.37 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
2    2a00:1450:400d:80a::2002 (Ireland)

ASN15169 (GOOGLE, US)
adservice.google.de
1    34.120.58.62 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 62.58.120.34.bc.googleusercontent.com
americanhometownmedia.com
1    2600:1901:0:76b9:: (Kansas City, United States)

ASN15169 (GOOGLE, US)
prod-rtb.ad4mat.net
14    2606:4700:20::681a:bd1 (United States)

ASN13335 (CLOUDFLARENET, US)
as.ad4m.at
ad4m.at
assets.ad4m.at
1    35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com
rtb.openx.net
1    185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
1    52.54.46.88 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-54-46-88.compute-1.amazonaws.com
sync.srv.stackadapt.com
19    172.217.16.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f2.1e100.net
cm.g.doubleclick.net
1    69.166.1.10 (United States)

ASN27630 (AS-XFERNET, US)
sync.go.sonobi.com
2    51.89.9.253 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip253.ip-51-89-9.eu
onetag-sys.com
1    124.146.215.42 (Japan)

ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP)
tg.socdm.com
2    185.89.210.244 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
secure.adnxs.com
4    3.82.239.242 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-82-239-242.compute-1.amazonaws.com
geoip.instiengage.com
cms.instiengage.com
event.instiengage.com
4    2600:9000:225e:d600:17:5bae:c7c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.instiengage.com
1    2606:4700:20::681a:71b (United States)

ASN13335 (CLOUDFLARENET, US)
static-de.ad4mat.net
2    23.205.235.133 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-205-235-133.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
1    3.124.27.64 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-27-64.eu-central-1.compute.amazonaws.com
protected-by.clarium.io
3    92.123.17.141 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a92-123-17-141.deploy.static.akamaitechnologies.com
www.awin1.com
www.zenaps.com
1    148.251.139.77 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.77.139.251.148.clients.your-server.de
banner.congstar.de
1    2606:4700::6812:7f05 (United States)

ASN13335 (CLOUDFLARENET, US)
www.conrad.de
2    142.251.39.34 (United States)

ASN15169 (GOOGLE, US)
PTR: bud02s38-in-f2.1e100.net
googleads4.g.doubleclick.net
1    18.132.138.70 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-132-138-70.eu-west-2.compute.amazonaws.com
track.webgains.com
2    18.197.134.247 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-197-134-247.eu-central-1.compute.amazonaws.com
pm.w55c.net
1    103.229.205.243 (Singapore)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
1    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com
gcm.ctnsnet.com
3    3.126.140.73 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-140-73.eu-central-1.compute.amazonaws.com
x.bidswitch.net
1    193.0.160.128 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
5    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
4    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
1    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
3    52.46.155.104 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
1    2a05:d018:d29:3605:2390:b34:10a7:b503 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
1    108.157.4.61 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-157-4-61.dus51.r.cloudfront.net
analytics.webgains.io
1    18.66.2.73 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-2-73.txl50.r.cloudfront.net
cdn.track.production.webgains.team
1    69.166.1.14 (United States)

ASN27630 (AS-XFERNET, US)
apex.go.sonobi.com
1    35.157.246.167 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
c2shb.ssp.yahoo.com
2    18.134.23.117 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-134-23-117.eu-west-2.compute.amazonaws.com
api.webgains.io
2    13.32.121.57 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-57.fra60.r.cloudfront.net
a.impactradius-go.com
2    34.248.187.45 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-248-187-45.eu-west-1.compute.amazonaws.com
backcountry.tnu8.net
1    34.95.127.121 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 121.127.95.34.bc.googleusercontent.com
www.ojrq.net
2    99.83.181.31 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0cb5afe0ce76779e.awsglobalaccelerator.com
connect-metrics-collector.s-onetag.com
signal-metrics-collector-beta.s-onetag.com
Apex Domain
Subdomains		 Transfer
96 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 105
d728ad254c91b2c39129194f45466e21.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 142
17b0de2947672e3435c036d26a10ff7b.safeframe.googlesyndication.com
144588f010523d2468bf3a1c1df8e211.safeframe.googlesyndication.com
8d7be3625a97d28e0bfa042004ddc3d1.safeframe.googlesyndication.com
a132e780e94323eea01bca5efa1eeda0.safeframe.googlesyndication.com
623 KB
86 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 180
stats.g.doubleclick.net — Cisco Umbrella Rank: 79
ad.doubleclick.net — Cisco Umbrella Rank: 178
googleads.g.doubleclick.net — Cisco Umbrella Rank: 41
static.doubleclick.net — Cisco Umbrella Rank: 340
adclick.g.doubleclick.net — Cisco Umbrella Rank: 7355
pubads.g.doubleclick.net — Cisco Umbrella Rank: 437
cm.g.doubleclick.net — Cisco Umbrella Rank: 210
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 307
966 KB
83 staradvertiser.com
www.staradvertiser.com — Cisco Umbrella Rank: 159742
dining.staradvertiser.com — Cisco Umbrella Rank: 613981
hawaiirenovation.staradvertiser.com — Cisco Umbrella Rank: 638217
896 KB
81 criteo.net
static.criteo.net — Cisco Umbrella Rank: 673
pix.eu.criteo.net — Cisco Umbrella Rank: 8383
csm.eu.criteo.net — Cisco Umbrella Rank: 8385
608 KB
35 cloudfront.net
d3plfjw9uod7ab.cloudfront.net
d2na2p72vtqyok.cloudfront.net
df80k0z3fi8zg.cloudfront.net
d29xw9s9x32j3w.cloudfront.net
d3lcz8vpax4lo2.cloudfront.net
2 MB
29 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 293
fonts.googleapis.com — Cisco Umbrella Rank: 40
imasdk.googleapis.com — Cisco Umbrella Rank: 424
jnn-pa.googleapis.com — Cisco Umbrella Rank: 273
storage.googleapis.com — Cisco Umbrella Rank: 387
555 KB
25 google.com
www.google.com — Cisco Umbrella Rank: 2
adservice.google.com — Cisco Umbrella Rank: 75
40 KB
24 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 271
163 KB
23 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 406
mug.criteo.com — Cisco Umbrella Rank: 2876
bidder.criteo.com — Cisco Umbrella Rank: 761
rtb.nl.eu.criteo.com — Cisco Umbrella Rank: 12695
ads.eu.criteo.com — Cisco Umbrella Rank: 8147
rtb.fr.eu.criteo.com — Cisco Umbrella Rank: 14670
cat.fr.eu.criteo.com — Cisco Umbrella Rank: 10317
277 KB
23 gstatic.com
www.gstatic.com
fonts.gstatic.com
909 KB
22 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 275
aax-dtb-cf.amazon-adsystem.com — Cisco Umbrella Rank: 6415
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1232
s.amazon-adsystem.com — Cisco Umbrella Rank: 295
189 KB
21 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 190
882 KB
19 windows.net
citysparkstorage.blob.core.windows.net — Cisco Umbrella Rank: 28239
1 MB
18 analyticssystems.net
analyticssystems.net — Cisco Umbrella Rank: 10472
8 KB
17 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 209
130 KB
15 instiengage.com
auth.instiengage.com — Cisco Umbrella Rank: 17532
product.instiengage.com — Cisco Umbrella Rank: 19930
geoip.instiengage.com — Cisco Umbrella Rank: 24188
static.instiengage.com — Cisco Umbrella Rank: 26932
cms.instiengage.com — Cisco Umbrella Rank: 29895
event.instiengage.com
293 KB
15 sendtonews.com
embed.sendtonews.com — Cisco Umbrella Rank: 13803
s2l.sendtonews.com — Cisco Umbrella Rank: 14618
timber.sendtonews.com — Cisco Umbrella Rank: 15025
player.sendtonews.com — Cisco Umbrella Rank: 15114
206 KB
15 ownlocal.com
origami.secure.ownlocal.com — Cisco Umbrella Rank: 60634
snowplow.ownlocal.com — Cisco Umbrella Rank: 81896
188 KB
14 ad4m.at
as.ad4m.at — Cisco Umbrella Rank: 27692
ad4m.at — Cisco Umbrella Rank: 2111
assets.ad4m.at — Cisco Umbrella Rank: 34810
445 KB
13 rubiconproject.com
prebid-server.rubiconproject.com — Cisco Umbrella Rank: 936
fastlane.rubiconproject.com — Cisco Umbrella Rank: 466
eus.rubiconproject.com — Cisco Umbrella Rank: 564
pixel.rubiconproject.com — Cisco Umbrella Rank: 335
token.rubiconproject.com — Cisco Umbrella Rank: 667
15 KB
12 amazonaws.com
sa-media.s3.us-east-1.amazonaws.com — Cisco Umbrella Rank: 409098
sa-media.s3.amazonaws.com — Cisco Umbrella Rank: 279901
recruitology-static.s3.amazonaws.com — Cisco Umbrella Rank: 139485
h99w9l39sa.execute-api.us-east-1.amazonaws.com — Cisco Umbrella Rank: 28269
386 KB
9 casalemedia.com
as-sec.casalemedia.com — Cisco Umbrella Rank: 1353
htlb.casalemedia.com — Cisco Umbrella Rank: 479
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 528
6 KB
9 s-onetag.com
get.s-onetag.com — Cisco Umbrella Rank: 4296
onetag-geo.s-onetag.com — Cisco Umbrella Rank: 4842
signal-beacon.s-onetag.com — Cisco Umbrella Rank: 5249
signal-segments.s-onetag.com — Cisco Umbrella Rank: 8295
connect-metrics-collector.s-onetag.com — Cisco Umbrella Rank: 3921
signal-metrics-collector-beta.s-onetag.com — Cisco Umbrella Rank: 3713
34 KB
9 insticator.com
geoip.insticator.com — Cisco Umbrella Rank: 23549
event.insticator.com — Cisco Umbrella Rank: 17718
934 B
9 youtube.com
www.youtube.com — Cisco Umbrella Rank: 96
813 KB
8 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 228
secure.adnxs.com — Cisco Umbrella Rank: 432
8 KB
8 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 392
606 KB
8 fontawesome.com
use.fontawesome.com — Cisco Umbrella Rank: 884
219 KB
7 google.de
www.google.de — Cisco Umbrella Rank: 6352
adservice.google.de — Cisco Umbrella Rank: 9081
2 KB
7 firstimpression.io
ecdn.firstimpression.io — Cisco Umbrella Rank: 19912
cdn.firstimpression.io — Cisco Umbrella Rank: 20042
outbid.firstimpression.io — Cisco Umbrella Rank: 42040
315 KB
7 clarity.ms
www.clarity.ms — Cisco Umbrella Rank: 557
j.clarity.ms — Cisco Umbrella Rank: 5320
26 KB
6 facebook.com
www.facebook.com — Cisco Umbrella Rank: 113
594 B
6 jwpsrv.com
assets-jpcust.jwpsrv.com — Cisco Umbrella Rank: 3320
223 KB
6 fastly.net
confiant-integrations.global.ssl.fastly.net — Cisco Umbrella Rank: 1310
265 KB
6 jwplayer.com
cdn.jwplayer.com — Cisco Umbrella Rank: 2394
7 KB
6 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 462
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 433
image8.pubmatic.com — Cisco Umbrella Rank: 607
image6.pubmatic.com — Cisco Umbrella Rank: 648
55 KB
5 postrelease.com
jadserve.postrelease.com — Cisco Umbrella Rank: 1218
3 KB
5 jwpcdn.com
ssl.p.jwpcdn.com — Cisco Umbrella Rank: 2530
233 KB
5 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
39 KB
5 typekit.net
use.typekit.net — Cisco Umbrella Rank: 430
p.typekit.net — Cisco Umbrella Rank: 577
38 KB
4 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 342
1 KB
4 rsms.me
rsms.me — Cisco Umbrella Rank: 13080
448 KB
4 unpkg.com
unpkg.com — Cisco Umbrella Rank: 797
70 KB
4 matheranalytics.com
js.matheranalytics.com — Cisco Umbrella Rank: 12509
www.i.matheranalytics.com — Cisco Umbrella Rank: 12450
42 KB
4 cloudfunctions.net
us-central1-recruitology-app.cloudfunctions.net — Cisco Umbrella Rank: 131635
us-central1-kube-ownlocal.cloudfunctions.net — Cisco Umbrella Rank: 82787
944 B
4 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 153
3 KB
3 webgains.io
analytics.webgains.io — Cisco Umbrella Rank: 23027
api.webgains.io — Cisco Umbrella Rank: 59421
85 KB
3 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 301
2 KB
3 ytimg.com
i.ytimg.com — Cisco Umbrella Rank: 117
96 KB
3 rlcdn.com
ats.rlcdn.com — Cisco Umbrella Rank: 1358
api.rlcdn.com — Cisco Umbrella Rank: 804
38 KB
3 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 152
197 KB
3 recruitology.com
widgets.recruitology.com — Cisco Umbrella Rank: 110879
13 KB
3 polyfill.io
polyfill.io — Cisco Umbrella Rank: 1329
cdn.polyfill.io — Cisco Umbrella Rank: 2265
1 KB
3 chartbeat.com
static.chartbeat.com — Cisco Umbrella Rank: 1317
mab.chartbeat.com — Cisco Umbrella Rank: 2270
25 KB
3 bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 691
65 KB
2 tnu8.net
backcountry.tnu8.net — Cisco Umbrella Rank: 92239
1 KB
2 impactradius-go.com
a.impactradius-go.com — Cisco Umbrella Rank: 40393
61 KB
2 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 468
c2shb.ssp.yahoo.com — Cisco Umbrella Rank: 953
894 B
2 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 739
2 KB
2 awin1.com
www.awin1.com — Cisco Umbrella Rank: 16122
1 KB
2 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 754
672 B
2 sonobi.com
sync.go.sonobi.com — Cisco Umbrella Rank: 1018
apex.go.sonobi.com — Cisco Umbrella Rank: 1504
1 KB
2 ad4mat.net
prod-rtb.ad4mat.net — Cisco Umbrella Rank: 120642
static-de.ad4mat.net — Cisco Umbrella Rank: 157656
4 KB
2 confiant-integrations.net
cdn.confiant-integrations.net
80 KB
2 openx.net
firstimpression-d.openx.net — Cisco Umbrella Rank: 52636
rtb.openx.net — Cisco Umbrella Rank: 1505
733 B
2 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 597
1 KB
2 unsplash.com
images.unsplash.com — Cisco Umbrella Rank: 3556
75 KB
2 materialdesignicons.com
cdn.materialdesignicons.com — Cisco Umbrella Rank: 27973
2 KB
2 chartbeat.net
ping.chartbeat.net — Cisco Umbrella Rank: 1220
401 B
2 trkn.us
trkn.us — Cisco Umbrella Rank: 2310
1 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 62
90 KB
2 aamsitecertifier.com
aamcftag.aamsitecertifier.com — Cisco Umbrella Rank: 56921
aamcf.aamsitecertifier.com — Cisco Umbrella Rank: 33598
26 KB
2 cityspark.com
cdn.cityspark.com — Cisco Umbrella Rank: 32066
p.cityspark.com — Cisco Umbrella Rank: 21785
18 KB
1 ojrq.net
www.ojrq.net — Cisco Umbrella Rank: 5573
513 B
1 webgains.team
cdn.track.production.webgains.team — Cisco Umbrella Rank: 69591
85 KB
1 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 394
707 B
1 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 728
761 B
1 ctnsnet.com
gcm.ctnsnet.com — Cisco Umbrella Rank: 45393
608 B
1 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 444
862 B
1 webgains.com
track.webgains.com — Cisco Umbrella Rank: 48798
2 KB
1 conrad.de
www.conrad.de — Cisco Umbrella Rank: 73156
657 B
1 zenaps.com
www.zenaps.com — Cisco Umbrella Rank: 20138
696 B
1 congstar.de
banner.congstar.de — Cisco Umbrella Rank: 82540
518 B
1 clarium.io
protected-by.clarium.io — Cisco Umbrella Rank: 1735
345 B
1 socdm.com
tg.socdm.com — Cisco Umbrella Rank: 1085
1 KB
1 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 694
696 B
1 americanhometownmedia.com
americanhometownmedia.com — Cisco Umbrella Rank: 50804
104 KB
1 jwpltx.com
prd.jwpltx.com — Cisco Umbrella Rank: 2746
82 B
1 1rx.io
tag.1rx.io — Cisco Umbrella Rank: 1340
170 B
1 emxdgt.com
hb.emxdgt.com — Cisco Umbrella Rank: 2297
164 B
1 advertserve.com
tradehouse.advertserve.com — Cisco Umbrella Rank: 91084
1 crwdcntrl.net
id.crwdcntrl.net — Cisco Umbrella Rank: 1389
342 B
1 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 463
632 B
1 spotxchange.com
search.spotxchange.com — Cisco Umbrella Rank: 485
1 KB
1 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 543
512 B
1 fastclick.net
secure.cdn.fastclick.net — Cisco Umbrella Rank: 1360
17 KB
1 azureedge.net
csp.azureedge.net — Cisco Umbrella Rank: 30404
61 KB
1 rkdms.com
id.sv.rkdms.com — Cisco Umbrella Rank: 4070
172 B
1 ggpht.com
yt3.ggpht.com — Cisco Umbrella Rank: 232
6 KB
1 privacymanager.io
geo.privacymanager.io — Cisco Umbrella Rank: 1400
593 B
1 outbrain.com
widgets.outbrain.com — Cisco Umbrella Rank: 1260
3 KB
1 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 128
16 KB
1 resonate.com
cdn.resonate.com — Cisco Umbrella Rank: 8562
96 B
1 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 615
13 KB
1 analysis.fi
ecdn.analysis.fi — Cisco Umbrella Rank: 23883
5 KB
1 newsmemory.com
staradvertiser-hi.newsmemory.com — Cisco Umbrella Rank: 349021
42 KB
1 ntv.io
s.ntv.io — Cisco Umbrella Rank: 3145
137 KB
1 jwplatform.com
content.jwplatform.com — Cisco Umbrella Rank: 3497
45 KB
0 insiderdata360online.com Failed
insiderdata360online.com Failed
905 109
Domain Requested by
81 www.staradvertiser.com 1 redirects www.staradvertiser.com
d3plfjw9uod7ab.cloudfront.net
54 tpc.googlesyndication.com securepubads.g.doubleclick.net
www.staradvertiser.com
d728ad254c91b2c39129194f45466e21.safeframe.googlesyndication.com
17b0de2947672e3435c036d26a10ff7b.safeframe.googlesyndication.com
a132e780e94323eea01bca5efa1eeda0.safeframe.googlesyndication.com
tpc.googlesyndication.com
s0.2mdn.net
51 securepubads.g.doubleclick.net d3plfjw9uod7ab.cloudfront.net
d2na2p72vtqyok.cloudfront.net
www.staradvertiser.com
www.googletagservices.com
ecdn.firstimpression.io
securepubads.g.doubleclick.net
adclick.g.doubleclick.net
d3lcz8vpax4lo2.cloudfront.net
d728ad254c91b2c39129194f45466e21.safeframe.googlesyndication.com
47 static.criteo.net ads.eu.criteo.com
ecdn.firstimpression.io
static.criteo.net
28 pagead2.googlesyndication.com www.staradvertiser.com
www.googletagservices.com
securepubads.g.doubleclick.net
17b0de2947672e3435c036d26a10ff7b.safeframe.googlesyndication.com
a132e780e94323eea01bca5efa1eeda0.safeframe.googlesyndication.com
tpc.googlesyndication.com
s0.2mdn.net
24 s0.2mdn.net imasdk.googleapis.com
www.staradvertiser.com
s0.2mdn.net
22 pix.eu.criteo.net ads.eu.criteo.com
21 www.googletagservices.com www.staradvertiser.com
securepubads.g.doubleclick.net
d728ad254c91b2c39129194f45466e21.safeframe.googlesyndication.com
www.googletagmanager.com
17b0de2947672e3435c036d26a10ff7b.safeframe.googlesyndication.com
a132e780e94323eea01bca5efa1eeda0.safeframe.googlesyndication.com
19 cm.g.doubleclick.net 4 redirects 17b0de2947672e3435c036d26a10ff7b.safeframe.googlesyndication.com
googleads.g.doubleclick.net
a132e780e94323eea01bca5efa1eeda0.safeframe.googlesyndication.com
www.staradvertiser.com
19 citysparkstorage.blob.core.windows.net www.staradvertiser.com
18 analyticssystems.net www.staradvertiser.com
d3plfjw9uod7ab.cloudfront.net
d728ad254c91b2c39129194f45466e21.safeframe.googlesyndication.com
18 www.google.com www.staradvertiser.com
d3plfjw9uod7ab.cloudfront.net
www.youtube.com
www.google.com
d728ad254c91b2c39129194f45466e21.safeframe.googlesyndication.com
a132e780e94323eea01bca5efa1eeda0.safeframe.googlesyndication.com
tpc.googlesyndication.com
18 fonts.googleapis.com www.staradvertiser.com
d3plfjw9uod7ab.cloudfront.net
origami.secure.ownlocal.com
embed.sendtonews.com
client
cdnjs.cloudflare.com
17 fonts.gstatic.com fonts.googleapis.com
www.youtube.com
www.google.com
17 cdnjs.cloudflare.com www.staradvertiser.com
d3plfjw9uod7ab.cloudfront.net
origami.secure.ownlocal.com
embed.sendtonews.com
cdn.cityspark.com
ads.eu.criteo.com
17 d3plfjw9uod7ab.cloudfront.net www.staradvertiser.com
securepubads.g.doubleclick.net
d728ad254c91b2c39129194f45466e21.safeframe.googlesyndication.com
13 origami.secure.ownlocal.com www.staradvertiser.com
d3plfjw9uod7ab.cloudfront.net
cdnjs.cloudflare.com
12 csm.eu.criteo.net ads.eu.criteo.com
12 d29xw9s9x32j3w.cloudfront.net embed.sendtonews.com
www.staradvertiser.com
d3plfjw9uod7ab.cloudfront.net
10 c.amazon-adsystem.com www.staradvertiser.com
d3plfjw9uod7ab.cloudfront.net
embed.sendtonews.com
c.amazon-adsystem.com
ecdn.firstimpression.io
9 www.youtube.com www.staradvertiser.com
www.youtube.com
8 d728ad254c91b2c39129194f45466e21.safeframe.googlesyndication.com securepubads.g.doubleclick.net
d3plfjw9uod7ab.cloudfront.net
8 event.insticator.com d3plfjw9uod7ab.cloudfront.net
d3lcz8vpax4lo2.cloudfront.net
8 cdn.jsdelivr.net 2 redirects www.staradvertiser.com
origami.secure.ownlocal.com
d3plfjw9uod7ab.cloudfront.net
cdn.jsdelivr.net
8 use.fontawesome.com www.staradvertiser.com
use.fontawesome.com
d3plfjw9uod7ab.cloudfront.net
client
7 adservice.google.com d3plfjw9uod7ab.cloudfront.net
securepubads.g.doubleclick.net
7 s2l.sendtonews.com d3plfjw9uod7ab.cloudfront.net
6 assets.ad4m.at as.ad4m.at
6 cat.fr.eu.criteo.com ads.eu.criteo.com
6 ads.eu.criteo.com d728ad254c91b2c39129194f45466e21.safeframe.googlesyndication.com
6 ib.adnxs.com 1 redirects d29xw9s9x32j3w.cloudfront.net
ecdn.firstimpression.io
googleads.g.doubleclick.net
d3plfjw9uod7ab.cloudfront.net
6 www.facebook.com www.staradvertiser.com
6 assets-jpcust.jwpsrv.com www.staradvertiser.com
6 auth.instiengage.com d3plfjw9uod7ab.cloudfront.net
auth.instiengage.com
d3lcz8vpax4lo2.cloudfront.net
6 confiant-integrations.global.ssl.fastly.net d2na2p72vtqyok.cloudfront.net
confiant-integrations.global.ssl.fastly.net
d3lcz8vpax4lo2.cloudfront.net
6 www.gstatic.com www.google.com
www.gstatic.com
www.youtube.com
6 cdn.jwplayer.com 5 redirects d3plfjw9uod7ab.cloudfront.net
5 pixel.rubiconproject.com 3 redirects www.staradvertiser.com
5 dsum-sec.casalemedia.com 3 redirects googleads.g.doubleclick.net
5 aax-eu.amazon-adsystem.com 3 redirects c.amazon-adsystem.com
www.staradvertiser.com
5 j.clarity.ms d3plfjw9uod7ab.cloudfront.net
5 googleads.g.doubleclick.net 1 redirects www.youtube.com
d3plfjw9uod7ab.cloudfront.net
a132e780e94323eea01bca5efa1eeda0.safeframe.googlesyndication.com
www.staradvertiser.com
5 jadserve.postrelease.com d3plfjw9uod7ab.cloudfront.net
www.staradvertiser.com
5 ssl.p.jwpcdn.com content.jwplatform.com
d3plfjw9uod7ab.cloudfront.net
5 www.google-analytics.com www.staradvertiser.com
d3plfjw9uod7ab.cloudfront.net
5 sa-media.s3.us-east-1.amazonaws.com www.staradvertiser.com
4 token.rubiconproject.com 4 redirects
4 static.instiengage.com www.staradvertiser.com
4 ad4m.at as.ad4m.at
ad4m.at
4 as.ad4m.at 17b0de2947672e3435c036d26a10ff7b.safeframe.googlesyndication.com
as.ad4m.at
ad4m.at
4 adservice.google.de securepubads.g.doubleclick.net
4 rtb.nl.eu.criteo.com www.staradvertiser.com
4 storage.googleapis.com www.staradvertiser.com
4 match.adsrvr.org d3plfjw9uod7ab.cloudfront.net
a132e780e94323eea01bca5efa1eeda0.safeframe.googlesyndication.com
www.staradvertiser.com
4 timber.sendtonews.com d3plfjw9uod7ab.cloudfront.net
4 aax-dtb-cf.amazon-adsystem.com d3plfjw9uod7ab.cloudfront.net
c.amazon-adsystem.com
4 jnn-pa.googleapis.com www.youtube.com
4 rsms.me origami.secure.ownlocal.com
rsms.me
4 unpkg.com origami.secure.ownlocal.com
4 ecdn.firstimpression.io d3plfjw9uod7ab.cloudfront.net
ecdn.firstimpression.io
4 sb.scorecardresearch.com www.staradvertiser.com
4 use.typekit.net www.staradvertiser.com
use.typekit.net
d3plfjw9uod7ab.cloudfront.net
3 s.amazon-adsystem.com 2 redirects www.staradvertiser.com
3 x.bidswitch.net 3 redirects
3 us-central1-kube-ownlocal.cloudfunctions.net www.staradvertiser.com
3 htlb.casalemedia.com d29xw9s9x32j3w.cloudfront.net
ecdn.firstimpression.io
d3plfjw9uod7ab.cloudfront.net
3 hbopenbid.pubmatic.com d3plfjw9uod7ab.cloudfront.net
d29xw9s9x32j3w.cloudfront.net
ecdn.firstimpression.io
3 www.google.de www.staradvertiser.com
3 ad.doubleclick.net 2 redirects www.staradvertiser.com
3 get.s-onetag.com d3plfjw9uod7ab.cloudfront.net
d3lcz8vpax4lo2.cloudfront.net
3 df80k0z3fi8zg.cloudfront.net d2na2p72vtqyok.cloudfront.net
d3lcz8vpax4lo2.cloudfront.net
3 i.ytimg.com www.staradvertiser.com
www.youtube.com
3 recruitology-static.s3.amazonaws.com www.staradvertiser.com
3 connect.facebook.net www.staradvertiser.com
connect.facebook.net
3 widgets.recruitology.com www.staradvertiser.com
d3plfjw9uod7ab.cloudfront.net
3 embed.sendtonews.com www.staradvertiser.com
d3plfjw9uod7ab.cloudfront.net
3 sa-media.s3.amazonaws.com www.staradvertiser.com
3 maxcdn.bootstrapcdn.com www.staradvertiser.com
d3plfjw9uod7ab.cloudfront.net
2 event.instiengage.com product.instiengage.com
2 backcountry.tnu8.net 1 redirects a.impactradius-go.com
2 a.impactradius-go.com d728ad254c91b2c39129194f45466e21.safeframe.googlesyndication.com
a.impactradius-go.com
2 api.webgains.io analytics.webgains.io
2 pm.w55c.net 2 redirects
2 googleads4.g.doubleclick.net www.staradvertiser.com
2 www.awin1.com 2 redirects
2 eus.rubiconproject.com d29xw9s9x32j3w.cloudfront.net
eus.rubiconproject.com
2 secure.adnxs.com 2 redirects
2 onetag-sys.com 2 redirects
2 a132e780e94323eea01bca5efa1eeda0.safeframe.googlesyndication.com securepubads.g.doubleclick.net
confiant-integrations.global.ssl.fastly.net
2 17b0de2947672e3435c036d26a10ff7b.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 cdn.confiant-integrations.net www.googletagmanager.com
cdn.confiant-integrations.net
2 rtb.fr.eu.criteo.com www.staradvertiser.com
2 pubads.g.doubleclick.net imasdk.googleapis.com
2 ap.lijit.com ecdn.firstimpression.io
d3plfjw9uod7ab.cloudfront.net
2 d3lcz8vpax4lo2.cloudfront.net www.staradvertiser.com
2 images.unsplash.com www.staradvertiser.com
2 cdn.firstimpression.io d3plfjw9uod7ab.cloudfront.net
ecdn.firstimpression.io
2 api.rlcdn.com d3plfjw9uod7ab.cloudfront.net
2 www.i.matheranalytics.com www.staradvertiser.com
2 signal-segments.s-onetag.com d3plfjw9uod7ab.cloudfront.net
2 stats.g.doubleclick.net d3plfjw9uod7ab.cloudfront.net
2 imasdk.googleapis.com d3plfjw9uod7ab.cloudfront.net
2 mug.criteo.com www.staradvertiser.com
2 gum.criteo.com 1 redirects
2 cdn.materialdesignicons.com 2 redirects
2 cdn.polyfill.io origami.secure.ownlocal.com
2 snowplow.ownlocal.com www.staradvertiser.com
2 ping.chartbeat.net www.staradvertiser.com
2 trkn.us 1 redirects www.staradvertiser.com
2 js.matheranalytics.com 1 redirects www.staradvertiser.com
2 www.clarity.ms www.staradvertiser.com
www.clarity.ms
2 www.googletagmanager.com www.staradvertiser.com
2 static.chartbeat.com www.staradvertiser.com
1 signal-metrics-collector-beta.s-onetag.com d3plfjw9uod7ab.cloudfront.net
1 connect-metrics-collector.s-onetag.com d3plfjw9uod7ab.cloudfront.net
1 www.ojrq.net 1 redirects
1 c2shb.ssp.yahoo.com d3plfjw9uod7ab.cloudfront.net
1 apex.go.sonobi.com d3plfjw9uod7ab.cloudfront.net
1 cdn.track.production.webgains.team as.ad4m.at
1 analytics.webgains.io track.webgains.com
1 pr-bh.ybp.yahoo.com 1 redirects
1 px.ads.linkedin.com www.staradvertiser.com
1 p.rfihub.com 1 redirects
1 gcm.ctnsnet.com 1 redirects
1 sync.mathtag.com 1 redirects
1 track.webgains.com as.ad4m.at
1 www.conrad.de as.ad4m.at
1 www.zenaps.com 1 redirects
1 banner.congstar.de as.ad4m.at
1 protected-by.clarium.io a132e780e94323eea01bca5efa1eeda0.safeframe.googlesyndication.com
1 static-de.ad4mat.net as.ad4m.at
1 cms.instiengage.com product.instiengage.com
1 geoip.instiengage.com product.instiengage.com
1 tg.socdm.com 1 redirects
1 sync.go.sonobi.com 17b0de2947672e3435c036d26a10ff7b.safeframe.googlesyndication.com
1 sync.srv.stackadapt.com 1 redirects
1 image6.pubmatic.com 17b0de2947672e3435c036d26a10ff7b.safeframe.googlesyndication.com
1 rtb.openx.net 17b0de2947672e3435c036d26a10ff7b.safeframe.googlesyndication.com
1 prod-rtb.ad4mat.net www.staradvertiser.com
1 product.instiengage.com d2na2p72vtqyok.cloudfront.net
1 8d7be3625a97d28e0bfa042004ddc3d1.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 americanhometownmedia.com www.googletagmanager.com
1 144588f010523d2468bf3a1c1df8e211.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 prd.jwpltx.com www.staradvertiser.com
1 outbid.firstimpression.io ecdn.firstimpression.io
1 image8.pubmatic.com www.staradvertiser.com
1 firstimpression-d.openx.net ecdn.firstimpression.io
1 bidder.criteo.com ecdn.firstimpression.io
1 fastlane.rubiconproject.com ecdn.firstimpression.io
1 tag.1rx.io ecdn.firstimpression.io
1 hb.emxdgt.com ecdn.firstimpression.io
1 tradehouse.advertserve.com www.staradvertiser.com
1 adclick.g.doubleclick.net 1 redirects
1 id.crwdcntrl.net d3plfjw9uod7ab.cloudfront.net
1 id5-sync.com d3plfjw9uod7ab.cloudfront.net
1 search.spotxchange.com d29xw9s9x32j3w.cloudfront.net
1 prebid-server.rubiconproject.com d29xw9s9x32j3w.cloudfront.net
1 tlx.3lift.com d29xw9s9x32j3w.cloudfront.net
1 as-sec.casalemedia.com d3plfjw9uod7ab.cloudfront.net
1 secure.cdn.fastclick.net www.staradvertiser.com
1 csp.azureedge.net d3plfjw9uod7ab.cloudfront.net
1 id.sv.rkdms.com d3plfjw9uod7ab.cloudfront.net
1 player.sendtonews.com embed.sendtonews.com
1 signal-beacon.s-onetag.com d3plfjw9uod7ab.cloudfront.net
1 onetag-geo.s-onetag.com d3plfjw9uod7ab.cloudfront.net
1 yt3.ggpht.com www.youtube.com
1 geo.privacymanager.io d3plfjw9uod7ab.cloudfront.net
1 static.doubleclick.net www.youtube.com
1 widgets.outbrain.com www.staradvertiser.com
1 www.googleadservices.com www.googletagmanager.com
1 cdn.resonate.com embed.sendtonews.com
1 js-sec.indexww.com d3plfjw9uod7ab.cloudfront.net
1 aamcf.aamsitecertifier.com www.staradvertiser.com
1 h99w9l39sa.execute-api.us-east-1.amazonaws.com d3plfjw9uod7ab.cloudfront.net
1 geoip.insticator.com d3plfjw9uod7ab.cloudfront.net
1 ats.rlcdn.com d3plfjw9uod7ab.cloudfront.net
1 ecdn.analysis.fi d3plfjw9uod7ab.cloudfront.net
1 us-central1-recruitology-app.cloudfunctions.net d3plfjw9uod7ab.cloudfront.net
1 p.cityspark.com d3plfjw9uod7ab.cloudfront.net
1 mab.chartbeat.com d3plfjw9uod7ab.cloudfront.net
1 d2na2p72vtqyok.cloudfront.net www.staradvertiser.com
1 aamcftag.aamsitecertifier.com www.staradvertiser.com
1 p.typekit.net use.typekit.net
1 ads.pubmatic.com www.staradvertiser.com
1 hawaiirenovation.staradvertiser.com www.staradvertiser.com
1 dining.staradvertiser.com www.staradvertiser.com
1 cdn.cityspark.com www.staradvertiser.com
1 staradvertiser-hi.newsmemory.com www.staradvertiser.com
1 polyfill.io www.staradvertiser.com
1 s.ntv.io www.staradvertiser.com
1 content.jwplatform.com www.staradvertiser.com
1 ajax.googleapis.com www.staradvertiser.com
0 insiderdata360online.com Failed www.staradvertiser.com
905 193
Subject Issuer Validity Valid
*.staradvertiser.com
Go Daddy Secure Certificate Authority - G2		 2022-01-29 -
2023-03-02		 a year crt.sh
*.cloudfront.net
Amazon		 2022-02-01 -
2023-01-31		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-01-29 -
2023-01-29		 a year crt.sh
use.typekit.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-09-14 -
2023-10-15		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-08-29 -
2022-11-21		 3 months crt.sh
*.chartbeat.com
Thawte RSA CA 2018		 2022-05-06 -
2023-06-03		 a year crt.sh
jwplayer.com
Amazon		 2021-12-29 -
2023-01-25		 a year crt.sh
*.ntv.io
DigiCert SHA2 Secure Server CA		 2021-12-04 -
2022-12-06		 a year crt.sh
polyfill.io
GlobalSign Atlas R3 DV TLS CA 2022 Q1		 2022-03-08 -
2023-04-09		 a year crt.sh
*.newsmemory.com
Sectigo RSA Domain Validation Secure Server CA		 2022-03-01 -
2023-03-31		 a year crt.sh
s3.amazonaws.com
Amazon		 2022-04-01 -
2023-03-30		 a year crt.sh
*.s3.amazonaws.com
Amazon		 2021-12-15 -
2022-12-03		 a year crt.sh
widget.secure.ownlocal.com
GTS CA 1D4		 2022-08-30 -
2022-11-28		 3 months crt.sh
*.sendtonews.com
Amazon		 2022-05-18 -
2023-06-16		 a year crt.sh
sni0f49gl.wpc.edgecastcdn.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-08-24 -
2023-09-24		 a year crt.sh
*.recruitology.com
Amazon		 2022-05-14 -
2023-06-12		 a year crt.sh
www.google.com
GTS CA 1C3		 2022-09-05 -
2022-11-28		 3 months crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2022 Q1		 2022-03-21 -
2023-04-22		 a year crt.sh
*.analyticssystems.net
E1		 2022-08-02 -
2022-10-31		 3 months crt.sh
*.pubmatic.com
DigiCert SHA2 Secure Server CA		 2022-02-04 -
2023-02-03		 a year crt.sh
c.amazon-adsystem.com
Amazon		 2022-05-09 -
2023-04-18		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-09-05 -
2022-11-28		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-09-05 -
2022-11-28		 3 months crt.sh
*.aamsitecertifier.com
Amazon		 2022-05-29 -
2023-06-27		 a year crt.sh
*.scorecardresearch.com
Amazon		 2022-01-29 -
2023-02-27		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-07-02 -
2022-09-30		 3 months crt.sh
www.clarity.ms
DigiCert TLS RSA SHA256 2020 CA1		 2022-02-27 -
2023-02-27		 a year crt.sh
*.google.com
GTS CA 1C3		 2022-08-29 -
2022-11-21		 3 months crt.sh
*.jwplayer.com
GlobalSign Atlas R3 DV TLS CA 2022 Q1		 2022-02-22 -
2023-03-26		 a year crt.sh
*.postrelease.com
Amazon		 2022-02-17 -
2023-03-18		 a year crt.sh
*.cityspark.com
Sectigo RSA Domain Validation Secure Server CA		 2022-02-08 -
2023-03-11		 a year crt.sh
misc.google.com
GTS CA 1C3		 2022-08-29 -
2022-11-21		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-08-29 -
2022-11-21		 3 months crt.sh
analysis.fi
Amazon		 2021-12-04 -
2023-01-01		 a year crt.sh
*.firstimpression.io
Sectigo RSA Domain Validation Secure Server CA		 2021-11-21 -
2022-12-05		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2022-02-03 -
2023-02-25		 a year crt.sh
edgestatic.com
GTS CA 1C3		 2022-08-29 -
2022-11-21		 3 months crt.sh
*.chartbeat.net
Thawte RSA CA 2018		 2021-12-01 -
2022-12-30		 a year crt.sh
*.insticator.com
Sectigo RSA Organization Validation Secure Server CA		 2022-07-27 -
2023-08-26		 a year crt.sh
*.execute-api.us-east-1.amazonaws.com
Amazon		 2022-06-22 -
2023-07-21		 a year crt.sh
*.s-onetag.com
Amazon		 2022-01-04 -
2023-02-01		 a year crt.sh
*.freetls.fastly.net
GlobalSign Atlas R3 DV TLS CA 2022 Q2		 2022-05-04 -
2023-06-05		 a year crt.sh
*.instiengage.com
Sectigo RSA Organization Validation Secure Server CA		 2022-05-24 -
2023-05-24		 a year crt.sh
snowplow.ownlocal.com
GTS CA 1D4		 2022-08-10 -
2022-11-08		 3 months crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-08-27 -
2022-11-22		 3 months crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-12-12 -
2022-12-13		 a year crt.sh
www.googleadservices.com
GTS CA 1C3		 2022-09-05 -
2022-11-28		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-09-05 -
2022-11-28		 3 months crt.sh
*.outbrain.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-04-03 -
2023-04-04		 a year crt.sh
www.google.de
GTS CA 1C3		 2022-09-05 -
2022-11-28		 3 months crt.sh
*.privacymanager.io
Amazon		 2022-08-26 -
2023-09-24		 a year crt.sh
*.googleusercontent.com
GTS CA 1C3		 2022-08-29 -
2022-11-21		 3 months crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon		 2022-06-15 -
2023-06-15		 a year crt.sh
www.i.matheranalytics.com
Amazon		 2022-01-13 -
2023-02-11		 a year crt.sh
securedvisit.com
Amazon		 2021-11-30 -
2022-12-27		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
*.azureedge.net
Microsoft Azure ECC TLS Issuing CA 01		 2022-07-27 -
2023-07-22		 a year crt.sh
a.clarity.ms
Microsoft Azure TLS Issuing CA 02		 2022-06-07 -
2023-06-02		 a year crt.sh
secure.cdn.fastclick.net
DigiCert SHA2 Secure Server CA		 2022-01-15 -
2023-01-17		 a year crt.sh
*.3lift.com
Amazon		 2022-05-13 -
2023-06-11		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-08 -
2023-04-04		 a year crt.sh
*.spotxchange.com
GeoTrust RSA CA 2018		 2022-03-11 -
2023-03-29		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
*.blob.core.windows.net
Microsoft Azure TLS Issuing CA 01		 2022-08-18 -
2023-08-13		 a year crt.sh
*.google.de
GTS CA 1C3		 2022-09-05 -
2022-11-28		 3 months crt.sh
*.id5-sync.com
R3		 2022-08-18 -
2022-11-16		 3 months crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2		 2022-05-01 -
2023-06-02		 a year crt.sh
storage.googleapis.com
GTS CA 1C3		 2022-08-29 -
2022-11-21		 3 months crt.sh
images.unsplash.com
GlobalSign Atlas R3 DV TLS CA 2022 Q2		 2022-06-08 -
2023-07-10		 a year crt.sh
*.advertserve.com
Go Daddy Secure Certificate Authority - G2		 2022-03-03 -
2023-04-04		 a year crt.sh
*.emxdgt.com
Amazon		 2022-06-02 -
2023-07-01		 a year crt.sh
*.1rx.io
Sectigo RSA Domain Validation Secure Server CA		 2022-06-28 -
2023-07-29		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2022-06-27 -
2023-06-05		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2022-07-21 -
2023-08-21		 a year crt.sh
*.nl.eu.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-08-02 -
2022-11-01		 3 months crt.sh
*.eu.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-08-03 -
2022-11-05		 3 months crt.sh
*.fr.eu.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-07-22 -
2022-10-19		 3 months crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-09-01 -
2022-11-30		 3 months crt.sh
*.confiant-integrations.net
E1		 2022-07-29 -
2022-10-27		 3 months crt.sh
*.eu.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-08-21 -
2022-11-23		 3 months crt.sh
aax-eu.amazon-adsystem.com
Amazon		 2022-07-20 -
2023-07-19		 a year crt.sh
www.americanhometownmedia.com
Go Daddy Secure Certificate Authority - G2		 2022-05-12 -
2023-06-13		 a year crt.sh
prod-rtb.ad4mat.net
GTS CA 1D4		 2022-08-16 -
2022-11-14		 3 months crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2		 2021-12-08 -
2023-01-09		 a year crt.sh
protected-by.clarium.io
Gandi Standard SSL CA 2		 2022-04-10 -
2023-04-26		 a year crt.sh
*.webgains.com
Amazon		 2022-06-14 -
2023-07-13		 a year crt.sh
*.webgains.io
Amazon		 2022-08-23 -
2023-09-21		 a year crt.sh
cdn.track.production.webgains.team
Amazon		 2022-08-08 -
2023-09-06		 a year crt.sh
web.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-08-02 -
2023-01-25		 6 months crt.sh
*.impactradius-go.com
Sectigo RSA Domain Validation Secure Server CA		 2021-12-10 -
2023-01-07		 a year crt.sh

This page contains 62 frames:

Primary Page: https://www.staradvertiser.com/
Frame ID: 1D208B825D52AC99AB56AD1775BDD243
Requests: 331 HTTP requests in this frame

Frame: https://www.youtube.com/embed/videoseries?list=PL4hYTOAQ-Qk4ksml-4NKgz3JafpO-tfY-
Frame ID: 19D2F1DED0F0FE8F67A11E0F5EBD53ED
Requests: 20 HTTP requests in this frame

Frame: https://auth.instiengage.com/auth/index.html
Frame ID: 526E56113CA345D212A215427335D18A
Requests: 2 HTTP requests in this frame

Frame: https://origami.secure.ownlocal.com/origami_unit/production/ares-unit.css.gz
Frame ID: 14682908A60AB341C0D0E003ABF7631F
Requests: 18 HTTP requests in this frame

Frame: https://origami.secure.ownlocal.com/origami_unit/production/ares-unit.css.gz
Frame ID: 232FB97EBB026B37F39912F3AC3B709C
Requests: 19 HTTP requests in this frame

Frame: https://cdnjs.cloudflare.com/ajax/libs/overlayscrollbars/1.13.1/js/OverlayScrollbars.min.js
Frame ID: 52B260805928BB8C7A580A80E5C4A78A
Requests: 17 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdAlLwUAAAAABkgsamHb8lqNqVqvZQKWYXKl57b&co=aHR0cHM6Ly93d3cuc3RhcmFkdmVydGlzZXIuY29tOjQ0Mw..&hl=de&v=zmiYzsHi8INTJBWt2QZC9aM5&size=invisible&cb=pim0lxr6s77v
Frame ID: 390FEF9DA2A373378504011F05C931A7
Requests: 7 HTTP requests in this frame

Frame: https://d728ad254c91b2c39129194f45466e21.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 27D569639FF360989EE5C7F559974F52
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.532.0_en.html
Frame ID: 9DAC09BBD676DD74883B0F09E7983ADF
Requests: 3 HTTP requests in this frame

Frame: https://d3plfjw9uod7ab.cloudfront.net/ad/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Frame ID: C162A2FEE38CA32A999CB05490C0CBF9
Requests: 10 HTTP requests in this frame

Frame: https://d3plfjw9uod7ab.cloudfront.net/ad/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Frame ID: D8E1C06FD45A108FF251C793492B294C
Requests: 10 HTTP requests in this frame

Frame: https://d3plfjw9uod7ab.cloudfront.net/ad/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Frame ID: CE8D62599507424D0D2EFFC089B9EB12
Requests: 10 HTTP requests in this frame

Frame: https://ecdn.firstimpression.io/static/js/fiamp.js
Frame ID: 954BDA1408AE8A35B974465533DCD172
Requests: 29 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 1B009368480673F486B2B33AA160AF59
Requests: 1 HTTP requests in this frame

Frame: https://d728ad254c91b2c39129194f45466e21.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: ED5054480D22CC0B220D3FF7E52A8036
Requests: 13 HTTP requests in this frame

Frame: https://d728ad254c91b2c39129194f45466e21.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 9021E58D594A61816EAC415EFC284C73
Requests: 13 HTTP requests in this frame

Frame: https://d3plfjw9uod7ab.cloudfront.net/ad/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Frame ID: EA2D6D24E88B9915BDD9D94F5644D5A5
Requests: 12 HTTP requests in this frame

Frame: https://d3plfjw9uod7ab.cloudfront.net/ad/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Frame ID: 457F17B2F4D9F62C4C85B492270EEDF6
Requests: 11 HTTP requests in this frame

Frame: https://d3plfjw9uod7ab.cloudfront.net/ad/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Frame ID: 79CB122D4E9253C435E1FF20E6EF1C31
Requests: 21 HTTP requests in this frame

Frame: https://d728ad254c91b2c39129194f45466e21.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 29380C27FF314C8A6EC987437C8CD9B7
Requests: 12 HTTP requests in this frame

Frame: https://d728ad254c91b2c39129194f45466e21.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: C87158B276682B4B7F93D5C1F05EE865
Requests: 12 HTTP requests in this frame

Frame: https://d3plfjw9uod7ab.cloudfront.net/ad/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Frame ID: 03FEC4652782BCAD157C78911A41BF0D
Requests: 15 HTTP requests in this frame

Frame: https://d3plfjw9uod7ab.cloudfront.net/ad/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Frame ID: C656DD1D666D2BB1B46416F7F8F3CDC4
Requests: 21 HTTP requests in this frame

Frame: https://d3plfjw9uod7ab.cloudfront.net/ad/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Frame ID: 71C1E55C28E9F5165CAF694EA95491FD
Requests: 8 HTTP requests in this frame

Frame: https://d728ad254c91b2c39129194f45466e21.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 4BE697E09698785E71BB44C56CF7AE55
Requests: 13 HTTP requests in this frame

Frame: https://d728ad254c91b2c39129194f45466e21.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 4B86AC7ACD031A830885D3DFB4C97500
Requests: 12 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 2DAF24E942617DE6AD69BFD47357E4D9
Requests: 1 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yyyp-AAPLOQIu-UwAAUbuw6LzDfe00S78k6aZg&u=%7ChIUXIrGDpJLB33NFN%2B3rCXe2AtJekpDZuvl0gFCv2bk%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNy44cDHK1QYNdJ71gdyCWvylMYxXMLCj4fODidRdwMR55tQ-B9hy0g4MQ3Y2uLD3JJ7lEKfzn4aFBSnAzQtPDFlUCNVr5sGfcUGLidg4S-JIc8fkmU7t_3lDQ-7uQxz5KC1LVpZy0lTa47_eeDpJKgFIqyafXhv162gFLR43EChItsYynTLOrVYw7Xvntv1WZxGmwZA1EiEi2zVPGXSbK9GhrMGiMwJURESq7rVw--kcOCp7nieQq5XY1ZIpbKSVjSYozomh1w65iM4eXCeJp7G7V4FRP88_JQnm5cNer5kQaUNtQbVLysjqCDWd4GLZt6HIFEhmm8nIeSK6hGQgfU1oZ2-MfYrKAq4WWH_m9HYby1rekhU_OJXaYhFKP3DRpqYfQem3JtNGI3cvBXqg7sh1d8l7Jk7mlCT4BGh-Bkg_lmQ0IOCDdCCRpasPsxBL0-bCARgZ-Grtr32oZ9UMlssSMisy958bc-MCRG4d8elEigRpLbUZiebWfBMEjyiUqyyUyBCIthKQHlfnh85NMDMQCISVJSN3BD4oOt8T1UHUiEGwTJnQ-hNa56F65jt-tHGtnoDsdEURWYIc9zriXgjwdc1LIWe16WpZuQxQDnfg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCVk0s-KksY-TZPLDK7_UPu7eUqArJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTMyMzg1NTUyMTg1ODg0MzmgAdW20uoDyAEJqQJRkiwkv3iwPuACAKgDAaoEjwJP0BQWJUFwle9V2J5_nSXkGxeQ0xxITrODZatVfDrtmnz-S0nmjk9vH1hZcHBvUMaAIVglImsb8dvAtyRNXBDYMU0s0A4BCP79eD7G81qQwuZdKx6rfIvQk32vE26O7tH3OBbaLr96QO0dFTcqKyi6uN8XmgeUYbnCOT-ZWvdugNvn5uDZGG4g5pOXLORMIZFUcNQad6tiyVOLaL1kuIQC54FeyJPxJF26OEzndVFhzT1GitqFYvbSvejD78ayJ7TWBJXt5JfPw9UWt19tirIOmBlTHkFuBRFVsTqPJJp6CY14e_dVCskJOFYS1IFsq5w775NuhNgN_rgVrZmacAG2MgiEGlbtLkDQ27v3nDGP4AQBgAaWmt3Y0N-Y5osBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YBwEAEyAusCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3uVn_vXnUP5W6OXrQ1iFPoN9D3NQ%26client%3Dca-pub-3238555218588439%26adurl%3D
Frame ID: E1BAABB6797C98DF15B244B9AD9A01E3
Requests: 17 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yyyp-AAPLOUIu-UwAAUbuxe_kjS-X3qD5Pr_xQ&u=%7ChIUXIrGDpJK759hFcJIrfPzCzTrExvh6vYUvpezIPF0%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNy44cDHK1QYNdJ71gdyCWvylMYxXMLCj4fODidRdwMR55tQ-B9hy0g4MQ3Y2uLD3JJ7lEKfzn4aGxZFJgNB2TpNcNBw4A1xZ6hsv-V10fUCPEi72bbOVQPHldwVW2uHxuCq4e4SNc2fb-DRN3AaoZ3PFtmUBb1kM79_wXOVk_cQc8ypAxD1Qv-jcaGvgyYe7flx0YZ7PFy5sHXBjw4zHU8jjmfgHAGfFlq0_eyR1Ln5PnpOt1-gog_Y7efWSSEAW82QmtxSFvyIcgpTHMcqqX9FI60hyHP8fXPxib_s4coQ-SmlYTtxG3t6gKs-swQyhBBEUql04uvN1p2xmq66EnPlkmcSa0QEXwcZjcejqt3NxUD9I1LYt9J9Nv-uT5caTYeLczIGXGeKhTLxb5ujisZqW7X-YDmA3npTW6ewAKP8ktrCQBc71UgBzNEgqBKS9LS1UIPs2QsxOuu_EtiHsu3nKbGiPMxiNFSnMPUNpIusmw_-S9pH5KCrdbAVYQzHykxHH-iGKz8sEAangpklUbp5n5XzAhB2E4KApbU8SJhFvSzz5aqsVC11ANz6IDFNOr3RD-BCn7cAiFhf6ZfDVq3IglhWwx37exlo2n1S4bE3o7LJpZhWhZdQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCLlUY-KksY-XZPLDK7_UPu7eUqArJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTMyMzg1NTUyMTg1ODg0MzmgAdW20uoDyAEJqQJRkiwkv3iwPuACAKgDAaoEjwJP0Mofhcty9SdKssCL--yyKdEEj07NcYmeTiMNaDF8KIlSN45dcYgbb8oo7GbkW-5o2cDA6R8f-bpIAdjAcy4PypA0GdKnhcEa6uO-R8ck951VHojpHAR4BUcuyy3R2gQdy8n8SSTH-qwsYUdcnKUeuXlbvy96hmbTl0XdZxYFUXv9LVQDGerg304JhaDHZOjil4o-eOpJR0NH8u0qLSZtf-cCffFmmvGdgXASr9gf6ciQTG69A8m5nXP03TQqjxRFHwihpRjkFOvNSJGXZaJOe2GKugYLbM4bWMowFRCe0kkkT1sUFjNKxJJdQ4tV44VA7qexylPXgS_lQcJMoR4lLIAYyZMu846pMn74Zjh24AQBgAaWmt3Y0N-Y5osBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YBwEAEyAusCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0q2SxgFUiv9khkeoSN-tKeMIVBVw%26client%3Dca-pub-3238555218588439%26adurl%3D
Frame ID: 6E1E119D634208944D7EA33550220565
Requests: 17 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yyyp-AAPLOkIu-UwAAUbu3KcBS0Ool-dONwgjQ&u=%7ChIUXIrGDpJIglTT91dladBEXYD9pJZ8Qq6ERhbBffsg%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNy44cDHK1QYNdJ71gdyCWvylMYxXMLCj4fODidRdwMR55tQ-B9hy0g1QCKGju0TMFrgLV7AJgRHBH_AV6w0tnRtraPfdmSHY4VtN0I-eUNMs4nmiqSNt0Ts_20On4dI7aNaxYBPLA60J-6UxxkNxuhC38fb3U0ZCgJ0I0lHbkVJmerFFOwRPGKj2DC9iI2OuMncSNa0RkdE9lg1H4-4LSHFfJodqv7ikBsyJVJNvN7ASwCYgQSBlRti6kuaBc_SXWrpK3TGJnSx2HqthwaHqXkqZr8RcTVeGGL0AMWqxUmceE0TDDDz7jTnLaMa7SWSI1_x0ENiGdp53cFyATf44fQQCpnRxVvL4J6CDI2JWCOGZtbOjIsiBL3CBMA-wr2iIeDPvGnHpd5hoVXAtr4sWayze4JKvxHxdzFhvdri-dDbNS-vXLfGuircLDmvUcU3_Dths2MS3qp1syIk4N41T8U2RoanX40iS7uUovmDK3p6ZsjiM8t0fKPotZs-ekcy3ZrEMRP5mtwWoiukwzVdwd0Ytql7kAdbph9Q91kaUwH1vsE9iyx7F96qdOOdNhG6P2Ps85fCzoZxBuOf6VVaq-A8ehIrGgm_Xz9Ltfgx5_S_GD13liMl1IgQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCGRhB-KksY-nZPLDK7_UPu7eUqArJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTMyMzg1NTUyMTg1ODg0MzmgAdW20uoDyAEJqQJRkiwkv3iwPuACAKgDAaoElgJP0C6ySL7s-LjAmx1VXuYarmCKyi83AH_FGEmZ-4PVCRf1G_bJvPeeAMXpbc_TycCpFZzV1lUEDnCSe5Zef5NXIYQ254EpqWCMWHmrGw0kS0ixYw5W5lNI9gzrO4EAJe9N9Hza1BZLUhO4IbuLZ8DI-WbdBWpzfbDmDVmf5KodQh-KGNfsutxa2ITg5d8YLSGi2pX7pQX3aY1PDwKCnDmkpALHnuV_kcSrUae_9CmkbtWIA08rf3PK317-22E3wcHAQgl3T3XAVwvklEiLYsrhbRV7mDI7gkxyajh3wVonas8rg0U5DuzXD-IdLrL4FAWNar7SIaoRarYn_coggGjucUmy4laI_Sd9XpvH675XLOHnRB4_ReAEAYAGj_aIluyviaSkAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAcBABMgLrAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0Ntpq278oR3lEOV3kZoJmoTG-uBA%26client%3Dca-pub-3238555218588439%26adurl%3D
Frame ID: 9781E15E073B05433A92C8BEBAA1E84F
Requests: 23 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yyyp-AAPLOsIu-UwAAUbuzfaEK0lLx-rdBQm-w&u=%7ChIUXIrGDpJKs%2BNQhCogTOVXt6NMGZn2MLqy7hzamzrA%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrGxHd21mMpxNh6ptbvoFGr5-taiijmDVNfEog-pHxa6wvg-tUOFnI36QG0DZhqQiWFLzK9PeXkRUnRcJnQGiAJN1oUKXq_0FiTwIkyB5pawzTsYyrVn4RaACGKq-geHHNBGwUeH42rbtlPUycZCimCT4WrjS_nVwovPqf-iMMZzU6kUYCdOTqtTvbFFQlxGXW-RoNdmKRIy_YWCcgNzIKbBUp0Br_k1CuvilQJ2gWk88N1lz-3TcnzkAMF6A6Tg0Crnu1dFcVaCfIIOncAIm-H5BN2h9qdMHiE7-0_x-1lU2v7HgXPizZPO61sDpdSq8QvSKo0z4Tz0Mxip6UfJCOomN0tMaLH0NaND0mETmaHrbpTnGLpuFSCarUhywpv-C8vKHNt1wpOoIocV6zmPp-QPfkue6YU6dDTW-6F48TKA71R8SBZo_2cFVi2Mnp2oyrFBRhbGXitC7T1e963VNEP4lxtli_GfeCFlYbR2P3XiE5RizYasXEgzJ9AY6qbL6Fnggr9OTQFOU6rY-Xlb5mK8tT2GzWxDivHNUUIoENXQFRi9xDx_8pEoD2noMFIsxddScxQyzotCyIVMNa0prenBtUbtfGYMnQqoD771xYSDQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9evf-KksY-vZPLDK7_UPu7eUqArJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTMyMzg1NTUyMTg1ODg0MzmgAdW20uoDyAEJqQJRkiwkv3iwPuACAKgDAaoEmgJP0GMtPfwPFcfwgrcF14hVtttrdBm4ayu5gghJueZFX9_KOV8XuEEsUSR5U9IeKAizuJzRjA2JAJvmITiNDutMvFEeKOUhyUlm7J9Ptkb270A9UnEyBrqWNZt42_DTls1VJQ436PXJmXQV9M2_x1QFtNwyUzyPpwaGxKy1OoCh4j4tLZ9MbmWVZlg10xCkMVbbg1f_8vWsukW2_rSsjNX0d0Xdar1Pe6IgjW_dsO2Ny2ivgWX7YlpZ-lOHlB8Vgf-1dpGB6iRPslOJOxtWRAL9B6EzD5bzkcMhLdtf3WeF-JX8KJn8eABjPdojp3NPcvJU62QTY_X4Tni5GEniHU3Z4VVHSOZtbVnmg0qV8ey2xsIYEKMMLW2rs5jgBAGABuv1oOjThojk4QGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgHAQATIC6wI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0QiN2AxmuZc7TwqL_FL7RXFI5oEQ%26client%3Dca-pub-3238555218588439%26adurl%3D
Frame ID: 2AC422791A6BB450AC30AD75B0E546C3
Requests: 18 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yyyp-AAPLO8Iu-UwAAUbu6ATRCWZyvoag5SHug&u=%7ChIUXIrGDpJLE91T41VdP1QqeHXE1ueDWpukZm9DeKWM%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANZE5PA-gwcExOc4fDdBFkrmfhkfAt6HIWmOd02SfG27iABCa-gZ4QnmR2GsviQVGam_af1ScQc3kOMOAwYRqJLyqucb5imnzI7qjQPWBQiJCzleM1PQX7_dq6Q5chDkCeP7nYFqajOQnv_oXgGArTbmN_HIyopxe2oW2gANA4IU1SxJscmLbdPuClTnoFFM5SjEVK9IwKEW5d9N2kIH0ZmDcvOChObf4HU0nOauCBlUZRppf2ihM3wTk3KEFo363oyoA3YHLL06ew-unYFH2iDSOw_0KlvUWGf89OgUdTGgjCv5rwG28GetA6aS5oRMjhBDy9TUgAgl6hXAXo6mB44Pt9vaR6QhFOGOHLSD_5YrrQBQuNQtbsqiQgrnancVjuTTVRcJwRAv3zPpUopyWu14YcwWOghBj5T-3MlhZjg69m3jd8DQB4Ch9s6TmRH4yJhEXLBMjIV13CGGmxMCQATfF4Vs4FitmXei9SpuO1SVD6U_cmbo3CIcOPtTS45ehtuRlSNcbgFPOS0G08FWtm1jciFrjHZ3tzllApI55K-Yz9_AbZdeJKHE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCSzQ2-KksY-_ZPLDK7_UPu7eUqArJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTMyMzg1NTUyMTg1ODg0MzmgAdW20uoDyAEJqQJRkiwkv3iwPuACAKgDAaoElAJP0IGe1f1aPfJuwKhBjEX4nlbcW60HbisKyMx0oJhOJsuTH0MuvTLCh6uS5cNmHXhSsgw3CX4ccRZFvQoRJT1t5FehBmHnfcyg1Czv7lpMXtghgn8rlXwZ6aUWLRKk94nRRjn2apw0SI98kOtvu7HcqtLMilbiXmEuVRqLMKbHWTPc6_Yl0gTSzCxV3dvqqFglnBMPDDjv_L1AZN1H_C6PJ58aTOyi-F368GCRffTa5NYexW_Z1CG0lA3UI9KBdAxaxIfZ7bn1o9l1AfL_XCTvCJc3W2-knBT49vvg5RO1W9LK90sAe0oPF308kSnJAj3n4t07kZOJCo-ncJdHc9E4R058xwjTPkn-9aHqyYjPSFq8FqPgBAGABpaa3djQ35jmiwGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgHAQATIC6wI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2S_66pDEEever9jLoLHtRIWF3m6A%26client%3Dca-pub-3238555218588439%26adurl%3D
Frame ID: FF42AEED73E17A715396FCA4529C44F9
Requests: 18 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yyyp-AAPLPAIu-UwAAUbu4IGuQ-NwO_ih8iFfQ&u=%7ChIUXIrGDpJL6ACliD7asN7bF%2FtPdfLs3BxdlWUEBWhU%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy3nBR3pkar3jW9x1qp97j4VxsJ0frS2_wLdRBXhALqgDilxRAFHEEdI_JvtZc4hgvnhPqIP-IQMXIpmr0QWwpQTLcqY2ARHL-jzZ_VofujCAGeYp6ibKVLCjhxz68EIja199XyVD29nh9P2AlXuvysrnDpb2k0ErKNEpWr8lK7-XCv4kVcixdVFlNgWk2quHhEf2sUIi-0WWu58WPEPeWwWca29UwhQ2EG7msLe-cPckpeIF_1ky2sw9u2idVAqrOhuklMzLvG8PW7uz_3YxN0r-6WKHIPNEL2bugxhuD-OraOuFjRJRLQd1BmQ7Mm3g3fmMWpckUvIdeOxA8bd_DJIZi1MIHtICVwkxKTsDC3D6bFAkqpN0mYFoMElbs5KlGPfA-X-evXJCRflnm8zZerELqwQ-lpqEKtk6Bpef0Qnje1D2xmHi7J5DEVMvu6f4-EvAzYsgHCVEwwvx_1rLTpZZJffFi5VpBDDmavkDkonfKO2Z1XHT6sWIHfMGK4-WpYdjIPplipR0su_qss9fKKR7KVuWcKmvA3KzxA4mGaRzEHnqhSEeFIRxzNOtYlSMQTKj7Pg6YuJ9N77JhOnTmjY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCglD4-KksY_DZPLDK7_UPu7eUqArJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTMyMzg1NTUyMTg1ODg0MzmgAdW20uoDyAEJqQJRkiwkv3iwPuACAKgDAaoEnAJP0HWI8UnqOGOv6n0_lc5AWvQHEOep17No4x2EuW89V39r-QhwPiqlz-Tldp0wyrXVAGrnrRTwkvvrAuYO0izMctkucGZPP3DcqE13QhJTOk9PZE9PW_py7nGlEWCof5HeJQYOML9qNMwqbgv3XoECuCrJNz-3PnUouWfGG_FRJrUdvlQm1TeWFohE5px04ewNVEMXTxAMOvXVjj1FWh1pYiFTGYTpbvgd3fIRSRUNA09bZLBlMhqTgIkDSxXZdxueKrY9EJ-SXuRwUL0Lf4fdO4LNVffs4c5cbIVv1c1GWtiO5cJSYu5kizVZLjtFCWxBBpsDBCwDOIbuUSY0mNhpnHPAyaaA0LXQu9j7Wn01tTBbHK5l7TEc3sTb3uAEAYAG6_Wg6NOGiOThAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAcBABMgLrAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1s8A8x-l3C2aW9Kzq0nlvzaS2pTw%26client%3Dca-pub-3238555218588439%26adurl%3D
Frame ID: 5CF77B4D0F41320705A5B6DF2058C603
Requests: 19 HTTP requests in this frame

Frame: https://auth.instiengage.com/auth/index.html
Frame ID: 1AF7FE03B05287F39C5817C5C616E34E
Requests: 2 HTTP requests in this frame

Frame: https://auth.instiengage.com/auth/index.html
Frame ID: A22C8A5471D1C404B9B6925C8B47649A
Requests: 2 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-mediagrid_n-sharethrough_n-LoopMe_pm-db5_rbd_ox-db5_smrt_n-amobee_sovrn_n-Outbrain&dcc=t
Frame ID: 957997D36192797F3EB062946700E7B1
Requests: 1 HTTP requests in this frame

Frame: https://17b0de2947672e3435c036d26a10ff7b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: A5BE343AD5B1AA2B679E5D94CFBE9BE0
Requests: 1 HTTP requests in this frame

Frame: https://144588f010523d2468bf3a1c1df8e211.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: D85B3E734D4A7E7368EA027289769455
Requests: 1 HTTP requests in this frame

Frame: https://8d7be3625a97d28e0bfa042004ddc3d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 367350F926937053BA65EF2CED2D19B7
Requests: 1 HTTP requests in this frame

Frame: https://a132e780e94323eea01bca5efa1eeda0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 30D249CFC2FC3C22C61547EF9A094BBF
Requests: 1 HTTP requests in this frame

Frame: https://17b0de2947672e3435c036d26a10ff7b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: E68328AB947E498673EEF3A21AC0BA9D
Requests: 8 HTTP requests in this frame

Frame: https://product.instiengage.com/ceu-code/e5666664-52a2-4b8b-bca2-c3f0a6d328e9.js
Frame ID: 57A78C5229432189C1BB291EC518A43B
Requests: 14 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1h1y0sh83a7fypftge3n2ewyp45bkz01xnhsnyxb2p9zq24my27bc5qaqvs8940b6bcgqf1z9zgjwqyqbr4b6a811jm075k8f6qrnmf01ftwsq1hv9j1khqzkfpvw5waw85qk871s9t2a7dd0x2193cnhvtxs54h4tv66b0m5edq0vdzn9h0s10r9jqvesrxzprt45t0rzz1e1w4hvbddw09c33qxb57pzc8ck8q0a395gp4rfvkb4mm5py35w8p44zf8d708fqq9f1rfqbck9te2hgn9tf5hxnqjczcgq6w5vsbyct4c5z0rjtkbgmpf60b7npmzehpe3rrm5b242jmavkcfcyzpc4a7h59yhrg3dxs1j3jsw477ae5vhdjtcvfc56smx7nr3n2msyh12kx9ct7j8r51c&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCSmuW_KksY6XOHJ6A7_UPlcOauAuQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0wNzk2NzkwODkwMzA3ODM4oAHCrujdA8gBCakCUZIsJL94sD7gAgCoAwGqBMICT9BIZrNJ0-QszY1qHJ8N5jL8qDWguT6AcoEWHPCPqCfWwdF15s45KM42xjk55Tr1aPdYXlwAEQEbpQ6dkyvcpLa-Z_vwk8P0N7uXK7uisaU5PS_8hhJJVF-6G4Lc2PiAl0-AZeOlZA2N0GCViLDaWf6twjp5T8eRNKRbVxweFElxsAiCoGtPtcIZRCNReTCYc8im5Fzv5QJi0hnYJJemvsqkej7UAoBOlV1RqyS9SwSEFnJy5q84baJ_KdPgllZPdDaqYvwed9sIUcZRrAgiilvw2fdB8D8haXzIO1udYif3GMmUFUWaDdhZ2mKx3ZeaXiMtHJZoyMduISvjutff-HXrXZ3VSCTQ5mze7_Fe1XfkQUfzPeSNcYjXwSlTV2Olv8uIk01ZCn1Qt8Yga3kg5KvxVGTquB71qBtjqS33OTqTbOAEAYAG8bq-wcyDn7X8AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0v7i0dDhmxlJ4mRiZUpnmuJBR6kg%26client%3Dca-pub-0796790890307838%26adurl%3D
Frame ID: 4F427DC3C7B7F7F7FDFE77CF3C247E32
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: A35D84E1EAD0FF335C7803E2719D9D0A
Requests: 9 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstVCQLWLXk6cJBfETpb0G4Ly5BSDhs25hOLz__xbEypRIWsAxTDIP5BxvVQF96JpLegj3az1EJf32xDVXeEEaogFmOivW-RShIcxIADd7OwFQ4mWQfB9yZxKBlKmSRVZz3y2jpaCXgFbk1_2MKY9dB9ldKMkcwxsc7Txk0ann7DIcU7zTnYkUBJy3ghiIrb3e2_Prnr3iQo37VuP8wx6XngIgUETtDtVhsz2kGLptW16mqUulZ13hHCuZWU5uYAC5BgZFVMZN2cLN2KZ9uXi2sk71w1eBQD1-GZ8_viFjBIZaWGXPh7YC-DWgrk9KHBFBLp8kdtcPOehI2O2uRXmgBuurt5iNyjBUda&sai=AMfl-YR7hsmivG5p3HYiCQlyW8qwfwZYBB2Kf-cO4YIwTF-SPc3K80HKW_Po6VjFxlc7K1mCYMXGKEZ5DtMbG64t-bJfzuU4e_dzHG84dyYE7GtiirEXFqrjjSnTF-N33MvzetyfvEvc4eBdPfuMGPSQqQ&sig=Cg0ArKJSzDrHbnQ7iWwPEAE&uach_m=[UACH]&adurl=
Frame ID: 335FF7DE8ABCCB192F524DA9088CCC0A
Requests: 7 HTTP requests in this frame

Frame: https://a132e780e94323eea01bca5efa1eeda0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: FB35D592E0B09F6CB40C8B6BA8FE7960
Requests: 15 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 23EBD29B3C26099C1E2AB08551F2D8A2
Requests: 10 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: BC634DD854339A5C2133EE8A4AF03087
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLnBuAEQhp3m6AIYg4iG0wEwAQ&v=APEucNWwnsL171Zx-5kJWqgKOE_5g0H8ZupGYVp4-X93B7DhWCPJbW_wAmPB9rGRKpXhe6K-r_zW2SXP71aBKx_YI2d-wvyPVBbAucuWm5dKIANUJerN6xqXsN9UJzGQdv4I7S-Zwg1lT2-2LHoEwGC7p2qBU6YAlY9ohHHZ0W6bpWWO1sEzN4M
Frame ID: 0FA0A406057B6CB96D51C7B248F521FB
Requests: 5 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=22451%2C24673%2C14019&b=PxefBfbfM5Qa9HjHbtMtR5KaJS9TPM7Fp%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2CRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7&f=bM4CQfZfmzVaYHbHzt8Cpb1tbSJT5WecJ%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CQxef4fjfbV7txH5HYt9CZekh6S4T5qBcV&c=300&d=250&e=&g=6139e630d8eac2fd633001bd18afc8be%2F17761228636701703322&i=25174%2C20430%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1663871485487&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jys3wdshqt1re4wx2kk2sb7gnzdes7842nxyfz7yba62spr2fybd20mzhpgwz7x45gtxgc9d9y5km7zvt3f2keb0byg7fn4mbxkfmz9yx1b1bv69f35zbxfm0trqfndp1x3zg6w8er6b0168m9zwj1t5r02r1edasyz3fx95kc2d7n7fnnzsqsjwjan6devb1bzra1ehg4rdmn1hg3cr6bdwpmxg6d960hjwxsxarwpftbqg1m2m2mbf773b9f9v10gvd8a0jygg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCSmuW_KksY6XOHJ6A7_UPlcOauAuQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0wNzk2NzkwODkwMzA3ODM4oAHCrujdA8gBCakCUZIsJL94sD7gAgCoAwGqBMICT9BIZrNJ0-QszY1qHJ8N5jL8qDWguT6AcoEWHPCPqCfWwdF15s45KM42xjk55Tr1aPdYXlwAEQEbpQ6dkyvcpLa-Z_vwk8P0N7uXK7uisaU5PS_8hhJJVF-6G4Lc2PiAl0-AZeOlZA2N0GCViLDaWf6twjp5T8eRNKRbVxweFElxsAiCoGtPtcIZRCNReTCYc8im5Fzv5QJi0hnYJJemvsqkej7UAoBOlV1RqyS9SwSEFnJy5q84baJ_KdPgllZPdDaqYvwed9sIUcZRrAgiilvw2fdB8D8haXzIO1udYif3GMmUFUWaDdhZ2mKx3ZeaXiMtHJZoyMduISvjutff-HXrXZ3VSCTQ5mze7_Fe1XfkQUfzPeSNcYjXwSlTV2Olv8uIk01ZCn1Qt8Yga3kg5KvxVGTquB71qBtjqS33OTqTbOAEAYAG8bq-wcyDn7X8AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0v7i0dDhmxlJ4mRiZUpnmuJBR6kg%2526client%253Dca-pub-0796790890307838%2526adurl%253D&y=1&s=&z=0
Frame ID: F2185D1476490CEEE9E784E63B777923
Requests: 14 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 89BCBA5BF4B186A9441896B515E7A007
Requests: 9 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/4022321549259309056/index.html?e=69&leftOffset=0&topOffset=0&c=acjD3co0Uo&t=1&renderingType=2&ev=01_247
Frame ID: 6EF09EBAB83941DA8F6CA4195A4D1FFA
Requests: 24 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 5953DC8D0FEEEE3BC399CEF7BE548CF3
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: EA43F4D17358AF3C3DFF23542E54B566
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 7ECF41982D525A9FD67CC0EAD4F42A3F
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: D8F4A884213D3BDC8125B51932A98222
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 3A691DC727DBCA21F9A2DCF2185E990D
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: B9137677F47D5D869A2A9A3382EDF5A8
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 26301C08EE9CA23995370B86AC34DB84
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/6BYXhZMCT46-9MEs0mF7PtO-2LtaEInKrtcRBPC9dKM.js
Frame ID: DCB5D12DBF480732F533CB44F3363F81
Requests: 1 HTTP requests in this frame

Frame: https://d728ad254c91b2c39129194f45466e21.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 73845AFDEF91CE578E1A648C642E7EA2
Requests: 9 HTTP requests in this frame

Frame: https://a.impactradius-go.com/gen-ad-code/258147/1107357/5311/
Frame ID: C8D15EA995FF4EC517A6109F4B41F9E7
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Hawaii News | Honolulu Star-AdvertiserArrow LeftArrow Right

Page URL History Show full URLs

  1. http://www.staradvertiser.com/ HTTP 301
    https://www.staradvertiser.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
  • wp-embed\.min\.js\?ver=([\d.]+)
Overall confidence: 100%
Detected patterns
  • rollbar\.js/([0-9.]+)
Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • chartbeat\.js
Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googleapis\.com/.+webfont
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • /polyfill\.min\.js
Overall confidence: 100%
Detected patterns
  • /prebid\.js
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • (?:/([\d.]+))?/slick(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • underscore.*\.js(?:\?ver=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • analytics\.webgains\.io
Overall confidence: 100%
Detected patterns
  • <iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
  • \.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

905
Requests

93 %
HTTPS

40 %
IPv6

109
Domains

193
Subdomains

158
IPs

12
Countries

16289 kB
Transfer

37300 kB
Size

87
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.staradvertiser.com/ HTTP 301
    https://www.staradvertiser.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 122
  • https://js.matheranalytics.com/s/ma15446/988352900/ml.js?cb=1605 HTTP 301
  • https://js.matheranalytics.com/static/ltm/ma15446/988352900/2/ml.br.js
Request Chain 126
  • https://trkn.us/pixel/conv/ppt=10159;g=hsa_formers_jan-2021;gid=31282;ord=792361013803.089;v=120 HTTP 302
  • https://trkn.us/pixel/conv/ppt=10159;g=hsa_formers_jan-2021;gid=31282;ord=792361013803.089;v=120;ip=185.213.155.166;cuidchk=1
Request Chain 198
  • https://cdn.materialdesignicons.com/4.5.95/css/materialdesignicons.min.css HTTP 301
  • https://cdn.jsdelivr.net/mdi/4.5.95/css/materialdesignicons.min.css HTTP 301
  • https://cdn.jsdelivr.net/npm/@mdi/font@4.5.95/css/materialdesignicons.min.css
Request Chain 209
  • https://cdn.materialdesignicons.com/4.5.95/css/materialdesignicons.min.css HTTP 301
  • https://cdn.jsdelivr.net/mdi/4.5.95/css/materialdesignicons.min.css HTTP 301
  • https://cdn.jsdelivr.net/npm/@mdi/font@4.5.95/css/materialdesignicons.min.css
Request Chain 216
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.staradvertiser.com%2F&domain=www.staradvertiser.com&cw=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=vmCrK3xRdU1sYjhXYmFmVE9paUxkWW03OXA1UmR4RU1qYjlZbS93YlZiZFZWbXMxOWdCSEhkYTJIOTg5Y1FSK2NiSU5xVzhYbUtZSHNaTS9Ib2REdkgvL3EyT0Z1N2NpaDkyYkpMWjVwWW9XcnBHRjRDdmhTOWxndXh3NWpldE53UFBTcXY2ajVmOUg2RG0rTlhqTjkzZkhHR0NmdGtUT3B2dzZRSUN1WU5RS1ZoOHpLbE9FdVd6SW9EZmRZY2daazh0Tk1rRnJsTXlKb1oyb1locUNLTGZ2WVlJN1cwUXdVWlJISGFhWmFLeEJOTHJCbFlFamhkSHp2YUFueFlNUlhjL2QvfA&cppv=2
Request Chain 243
  • https://cdn.jwplayer.com/strips/XmpMMLRv-120.vtt HTTP 301
  • https://assets-jpcust.jwpsrv.com/strips/XmpMMLRv-120.vtt
Request Chain 245
  • https://cdn.jwplayer.com/v2/media/XmpMMLRv/poster.jpg?width=720 HTTP 302
  • https://assets-jpcust.jwpsrv.com/thumbnails/wc3pgjt9-720.jpg
Request Chain 246
  • https://cdn.jwplayer.com/v2/media/v7puK1SS/poster.jpg?width=720 HTTP 302
  • https://assets-jpcust.jwpsrv.com/thumbnails/9q2qzyae-720.jpg
Request Chain 247
  • https://cdn.jwplayer.com/strips/v7puK1SS-120.vtt HTTP 301
  • https://assets-jpcust.jwpsrv.com/strips/v7puK1SS-120.vtt
Request Chain 249
  • https://googleads.g.doubleclick.net/pagead/id HTTP 302
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
Request Chain 379
  • https://cdn.jwplayer.com/v2/media/nVrGkzGw/poster.jpg?width=120 HTTP 302
  • https://assets-jpcust.jwpsrv.com/thumbnails/yh94ie0p-120.jpg
Request Chain 425
  • https://adclick.g.doubleclick.net/pcs/click%253Fxai%253DAKAOjstojREte-DmwtlM19ePB_LpLypVmNU6Ul0nYG2G-uuj1hH2tpBVHVH-ll9XvXewDKT2DxWWsQECD_o4Nhy3u9oo8CL31whzoZIWhRPcBdLUi_SlmSz_B7652e3RtHEXvEWx_zJrg0bYVDSsnE4wP7AnJaLj0gI8zKevVfDlK5ZxApDynEgzLXSdYoMgLmPBxHM-KR16sZVPSUcytidY_hOutCMz_7arAUsEfpgYmPGKiX-U2Wd9Bk1mgOdWoXp0PxE6Od6M6eFeO7A-N1D7yudja_74Gu_xUIioMLVRjSss4fl2tXnecQR08-3vl3d2Ard7P7BVR763GgeN%2526sai%253DAMfl-YTb4nxJ9yu1QCubM19okBR5y8z8KI00bIHUK7hCH9HUKvQTPTIjd-BHhCPF5fTLIspuGyU37nSW1z9XF5avvQ4fQ3r9P1E9qTOHBlDkRHvUns_A0FhnhPjVd27wag%2526sig%253DCg0ArKJSzNi4mZbtiUuWEAE%2526fbs_aeid%253D%255Bgw_fbsaeid%255D%2526urlfix%253D1%2526adurl%253Dhttps://securepubads.g.doubleclick.net/tag/js/gpt.js HTTP 302
  • https://securepubads.g.doubleclick.net/tag/js/gpt.js
Request Chain 690
  • https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-mediagrid_n-sharethrough_n-LoopMe_pm-db5_rbd_ox-db5_smrt_n-amobee_sovrn_n-Outbrain HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-mediagrid_n-sharethrough_n-LoopMe_pm-db5_rbd_ox-db5_smrt_n-amobee_sovrn_n-Outbrain&dcc=t
Request Chain 753
  • https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEHVesn3tOzduKsNPrVY_sQg&google_cver=1&google_push=AZmPxg9VmXCF9XpkYTf_wFzBS02Nqdj-Wan7f4pxjkX_ycnF4Dwu828wzVcYkocUE1Auw9-8jHCs2eFHSS4wMVnEmbkfejP7gnh9Iw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=uiediYpZRVZ_QRTVHxPs8LnVm6Y&google_push=AZmPxg9VmXCF9XpkYTf_wFzBS02Nqdj-Wan7f4pxjkX_ycnF4Dwu828wzVcYkocUE1Auw9-8jHCs2eFHSS4wMVnEmbkfejP7gnh9Iw
Request Chain 755
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEMDM5L11zjfdRhEWnNU9UYA&google_cver=1&google_push=AZmPxg_CPyfPjejzXx-XZXdb6MfmvsiCFzh7bbVIih-3F0Z3sxmDW4DUu7XUdAQKfPSoyrL6HFIcVRjQcUEp-YnIsOd58lh2O4jeXg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AZmPxg_CPyfPjejzXx-XZXdb6MfmvsiCFzh7bbVIih-3F0Z3sxmDW4DUu7XUdAQKfPSoyrL6HFIcVRjQcUEp-YnIsOd58lh2O4jeXg
Request Chain 756
  • https://tg.socdm.com/rtb/sync_before?proto=google_ebda&google_gid=CAESEPohff0dT-Zj2_TjEoyuLew&google_cver=1&google_push=AZmPxg9t5K8FPqZJXV-cHR-Jjur3VfZJm2BeQ0mJcem_qX3Pe4g2vnfX7YgGlZNmC3SeTcE04Pg3pqABvPJ0ocDPtNl9ATyLC_Af9A HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=AZmPxg9t5K8FPqZJXV-cHR-Jjur3VfZJm2BeQ0mJcem_qX3Pe4g2vnfX7YgGlZNmC3SeTcE04Pg3pqABvPJ0ocDPtNl9ATyLC_Af9A&google_hm=WXl5cC1jQ284WG9BQUhzR2pJWUFBQUFB
Request Chain 757
  • https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEJvTZ4m7aOVpa3__LihqwLo&google_cver=1&google_push=AZmPxg-nwZb4gRJWu4WtDlwdt-g9di46130jPXIApa9yjyarizzUuOk7SV0o3sYb_qGtZJpz6eM_qxKPhtMoe4QMKcgpH0ybN5fXkA HTTP 307
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dxandr_eb%26google_hm%3D%24%7BBASE64_UID_ENC%7D%26google_gid%3DCAESEJvTZ4m7aOVpa3__LihqwLo%26google_cver%3D1%26google_push%3DAZmPxg-nwZb4gRJWu4WtDlwdt-g9di46130jPXIApa9yjyarizzUuOk7SV0o3sYb_qGtZJpz6eM_qxKPhtMoe4QMKcgpH0ybN5fXkA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NDQ2MDcyMDU0MjMxMDcyMjcwMw%3D%3D&google_gid=CAESEJvTZ4m7aOVpa3__LihqwLo&google_cver=1&google_push=AZmPxg-nwZb4gRJWu4WtDlwdt-g9di46130jPXIApa9yjyarizzUuOk7SV0o3sYb_qGtZJpz6eM_qxKPhtMoe4QMKcgpH0ybN5fXkA
Request Chain 794
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEsYEQmi6aEu2d6RkX0jnJc&google_cver=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEsYEQmi6aEu2d6RkX0jnJc&google_cver=1&C=1
Request Chain 795
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Yyyp-Ttj082QvHNJVBjr7AAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEsYEQmi6aEu2d6RkX0jnJc&google_cver=1
Request Chain 796
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEGWM2X_NxW_b34WQjHkpN_U&google_cver=1
Request Chain 797
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDQ2MDcyMDU0MjMxMDcyMjcwMw%3D%3D
Request Chain 810
  • https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%2F%2Fwww.awin1.com%2Fcawshow.php%3Fv=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneidPxefBfbfM5Qa9HjHbtMtR5KaJS9TPM7Fponeid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_pre=CMPT9aaEqfoCFSqI_QcdjyIHJg;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%2F%2Fwww.awin1.com%2Fcawshow.php%3Fv=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneidPxefBfbfM5Qa9HjHbtMtR5KaJS9TPM7Fponeid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://www.awin1.com/cawshow.php?v=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneidPxefBfbfM5Qa9HjHbtMtR5KaJS9TPM7Fponeid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1663871485_c43e2cd0-3aa4-11ed-8770-22389f118591
Request Chain 815
  • https://www.awin1.com/cshow.php?s=2470185&v=11354&q=377129&r=412871&pv=1&pref3=oneidRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7oneid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://www.zenaps.com/cshow.php?pvr=c42f38b1-3aa4-11ed-871f-22647c990db1&v=11354&r=412871&q=377129&s=2470185&viewref3=oneidRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7oneid__dc_reach_suite02wkz&pv=1&gdpr=0&gdpr_consent= HTTP 302
  • https://www.conrad.de/ztpv.php?awc=11354_412871_1663871485_c42f38b1-3aa4-11ed-871f-22647c990db1&insert=AW&&gdpr=0&gdpr_consent=
Request Chain 823
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEJQLc9i0a6nLoOxLAqovm-0&google_cver=1&google_push=AZmPxg8FCNbixXo0pr0waF_TDezIHJC_5ONwXkBjJvICN6v-sy6quq3pyv5hUaMwjUp82_9NTRpcGikRJ2ZyQwpzjZouTA2aus9P HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEJQLc9i0a6nLoOxLAqovm-0&google_cver=1&google_push=AZmPxg8FCNbixXo0pr0waF_TDezIHJC_5ONwXkBjJvICN6v-sy6quq3pyv5hUaMwjUp82_9NTRpcGikRJ2ZyQwpzjZouTA2aus9P HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=bVdFNG16dncxT0JxWVI1&google_gid=CAESEJQLc9i0a6nLoOxLAqovm-0&google_cver=1&google_push=AZmPxg8FCNbixXo0pr0waF_TDezIHJC_5ONwXkBjJvICN6v-sy6quq3pyv5hUaMwjUp82_9NTRpcGikRJ2ZyQwpzjZouTA2aus9P
Request Chain 824
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESENvyBZznkf1Z1NQz83z91sw&google_cver=1&google_push=AZmPxg-hVmaBRp5Mngej9drZgow1pZHuPmRj0ZPQlK0pFBa-OtGxyqjkLb23kHMRdSe8AnmoIvg5JeHSC4pwpk3Loti0i-AOiLqE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AZmPxg-hVmaBRp5Mngej9drZgow1pZHuPmRj0ZPQlK0pFBa-OtGxyqjkLb23kHMRdSe8AnmoIvg5JeHSC4pwpk3Loti0i-AOiLqE
Request Chain 826
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEEGqX3I8wQr2yAsSD1_MMDA&google_cver=1&google_push=AZmPxg8Nx0p09wFz04cQ63AkKm8Jp94ntxu_0A3Nrh2lat-uukL2rTuMzETMgrnuL-WymSUpGTXOloauMOf50ZF7Wc3PRQMnju1t HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AZmPxg8Nx0p09wFz04cQ63AkKm8Jp94ntxu_0A3Nrh2lat-uukL2rTuMzETMgrnuL-WymSUpGTXOloauMOf50ZF7Wc3PRQMnju1t&google_hm=68cTRg5UTDCb7TwuIkVNQaY
Request Chain 827
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEL5kXyUjVXjStgztzuQNAe0&google_cver=1&google_push=AZmPxg9oEK0oHl_9rAoxKs5R75JXzxJPKEYJtmGCwplR0Yv21LT_QXUYV74-YrrqJCuLXKNbZ61rwF0Ru9uQRcewTpLizUTMrI8 HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEL5kXyUjVXjStgztzuQNAe0&google_cver=1&google_push=AZmPxg9oEK0oHl_9rAoxKs5R75JXzxJPKEYJtmGCwplR0Yv21LT_QXUYV74-YrrqJCuLXKNbZ61rwF0Ru9uQRcewTpLizUTMrI8 HTTP 302
  • https://p.rfihub.com/cm?in=1&pub=20513&ssp=google HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=119&user_id=5107433824612667870&expires=30&ssp=google HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AZmPxg9oEK0oHl_9rAoxKs5R75JXzxJPKEYJtmGCwplR0Yv21LT_QXUYV74-YrrqJCuLXKNbZ61rwF0Ru9uQRcewTpLizUTMrI8&google_hm=njvRS1V2RJydxd5SaudtDg==
Request Chain 828
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEAlxKcxasdzgn4y1FOVWdxY&google_cver=1&google_push=AZmPxg_HuyosoT7ZbUQx2hi1Er0qzixrEhPAzJeLbKfSbMZT85YSaaDlsV7xC0gVvY088UxnsHT5keYSf4KT5ywcpuKmx6xMlh6e HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhERTRDUk4tVi0yT0FZ&google_push=AZmPxg_HuyosoT7ZbUQx2hi1Er0qzixrEhPAzJeLbKfSbMZT85YSaaDlsV7xC0gVvY088UxnsHT5keYSf4KT5ywcpuKmx6xMlh6e
Request Chain 829
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEMDM5L11zjfdRhEWnNU9UYA&google_cver=1&google_push=AZmPxg-F8cDFVbODEej5Tzf0XSNuftFgmxKiZZX0TLSNX-kRrVrWfG_JRs-7nJxiR_GsskxwOgegvyoXiC89jkbC9BM6Zogv2yI6 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AZmPxg-F8cDFVbODEej5Tzf0XSNuftFgmxKiZZX0TLSNX-kRrVrWfG_JRs-7nJxiR_GsskxwOgegvyoXiC89jkbC9BM6Zogv2yI6
Request Chain 831
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEH1lM3OeNGyt8sIq5sz3y70&google_cver=1
Request Chain 833
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L8DE4CRN-V-2OAY
Request Chain 834
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhERTRDUk4tVi0yT0FZ
Request Chain 835
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=RsabL-drTMeRk4Xqrpaggw&rk=usync-other HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=RsabL-drTMeRk4Xqrpaggw
Request Chain 836
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZTA0ODcwZjc2ODdiNDk5ZjgyM2M4ZTY3M2YzMjYwNjE0MjZmNzZlMA
Request Chain 837
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=VnFBTeoKTYaTCelOkkMysQ&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=VnFBTeoKTYaTCelOkkMysQ
Request Chain 838
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/JbFT2HXGL9aXs850AUjeGw?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=746615151415472651
Request Chain 912
  • https://backcountry.tnu8.net/i/258147/1107357/5311 HTTP 302
  • https://www.ojrq.net/p/?return=https%3A%2F%2Fbackcountry.tnu8.net%2Fi%2F258147%2F1107357%2F5311%3Flevel%3D1%26srcref%3Dhttps%253A%252F%252Fa.impactradius-go.com%252F&cid=5311&tpsync=no HTTP 302
  • https://backcountry.tnu8.net/i/258147/1107357/5311?level=1&srcref=https%3A%2F%2Fa.impactradius-go.com%2F&brwsr=c663f38f-3aa4-11ed-976c-296187fec1ce&brwsrsig=xgyWbU3o1ww9TLC3esWudR5gwHBSmk

905 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.staradvertiser.com/
Redirect Chain
  • http://www.staradvertiser.com/
  • https://www.staradvertiser.com/
384 KB
49 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx / WP Engine
Resource Hash
c81f31509d82f49a3b104252b29b829a96acb10a478e8d0da5e1cb2645f53b17

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=600, must-revalidate
content-encoding
br
content-type
text/html; charset=UTF-8
date
Thu, 22 Sep 2022 18:31:17 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
link
<https://www.staradvertiser.com/wp-api/>; rel="https://api.w.org/" <https://www.staradvertiser.com/wp-json>; rel="https://github.com/WP-API/WP-API"
pragma
no-cache
server
nginx
vary
Accept-Encoding Accept-Encoding Accept-Encoding,Cookie
x-cache
HIT: 299
x-cache-group
normal
x-cacheable
SHORT
x-powered-by
WP Engine

Redirect headers

Connection
keep-alive
Content-Length
162
Content-Type
text/html
Date
Thu, 22 Sep 2022 18:31:17 GMT
Keep-Alive
timeout=20
Location
https://www.staradvertiser.com/
Server
nginx
41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
d3plfjw9uod7ab.cloudfront.net/ 		255 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:7000:13:a391:88c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e85578ed90d67f3670527831ae5251c881093a9818b4dd50b930a2adf8e74ca2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id
5mXLc2UV56lR.q6wGypGAHu5rCVPVIwx
content-encoding
br
last-modified
Mon, 19 Sep 2022 14:34:11 GMT
server
AmazonS3
age
2203
etag
W/"a0c60bc36f01719985868afc9a2472da"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 89e34e3fd814f1393ef77867b93dd12e.cloudfront.net (CloudFront)
cache-control
max-age=3600, public
date
Thu, 22 Sep 2022 17:54:35 GMT
x-amz-cf-pop
FRA56-P4
x-amz-cf-id
ruOkWby6j4BqeB1-iOBYXGS-i6eTfJfZV0Q_kf_S_seA4ZEMKnh1Sg==
pubcid.min.js
www.staradvertiser.com/wp-content/themes/staradvertiser/js/ 		57 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.staradvertiser.com/wp-content/themes/staradvertiser/js/pubcid.min.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
afd2447f77118df6fd4b8710c2b23e7bb4edb557795c643e3d8a7c12df4e6586

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:17 GMT
content-encoding
br
last-modified
Fri, 13 Nov 2020 19:41:56 GMT
server
nginx
etag
W/"5faee184-e358"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/ 		141 KB
22 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/bootstrap.min.css
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c0f3dcfe93d7e380c290fe4ab838ed8cadff1596d62697f5444be460d1f876d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.staradvertiser.com/
Origin
https://www.staradvertiser.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:17 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
756
age
2565458
cdn-cachedat
08/11/2021 06:00:03
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cdn-proxyver
1.0
timing-allow-origin
*
access-control-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:04 GMT
server
cloudflare
cdn-requestpullcode
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css; charset=utf-8
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
0e2c5c6d0f923b14a11b987f36221b3c
cf-ray
74ed1de05b239962-FRA
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
sa-style-2018.css
www.staradvertiser.com/wp-content/themes/staradvertiser/css/ 		68 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.staradvertiser.com/wp-content/themes/staradvertiser/css/sa-style-2018.css?version=1.90
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
90beaf7b6e4e14893df279b22a8b5255a276d2d444fd431ef272070b72869f90

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:17 GMT
content-encoding
br
last-modified
Fri, 05 Aug 2022 19:12:00 GMT
server
nginx
etag
W/"62ed6b80-11006"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
wsl8gsu.css
use.typekit.net/ 		6 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/wsl8gsu.css
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:11a::6867:4841 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
bf78c9bad3b9a376810a5a12afa3d5a7a3ec5199228f34ee33d8ae13536a5f1f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains;
content-encoding
gzip
server
nginx
date
Thu, 22 Sep 2022 18:31:17 GMT
vary
Accept-Encoding
content-type
text/css;charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
922
all.css
use.fontawesome.com/releases/v5.0.10/css/ 		36 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.0.10/css/all.css
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.133.15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cfac6241dd3aabb5f1552c17501790093015c006a8e13671823c1ff4872beaae

Request headers

Referer
https://www.staradvertiser.com/
Origin
https://www.staradvertiser.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:18 GMT
content-encoding
br
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2540918
access-control-allow-methods
GET
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
WFND7H2PN8S2KVW4
x-amz-id-2
pjDophXCihoG6HMK/rb0lxuCuZ2md/xa5jK0VP/v7Bx9PEQqU3II5VFL3rxhKaLkGAaHHCBmxvw=
last-modified
Wed, 30 Jun 2021 15:26:49 GMT
server
cloudflare
etag
W/"d1acb8ad33b1526acbfd3f0028b859b0"
access-control-max-age
3000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n6eXo2MLhc32oA89tDVGGEiRX%2B%2F%2BLa1qZQqGcveevuFDA%2BOpDxyDjl0qdtWXkpFUfMe0g7RMahlj5weNSVvw2LoCLCyleYrsb4k%2Bo9RntK0P0cRDXqIXC9p%2FUHZPt2zo8Y1EuG4T"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31556926
cf-ray
74ed1de22f009078-FRA
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/2.1.1/ 		82 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/2.1.1/jquery.min.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 14:13:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
15438
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29671
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 22 Sep 2023 14:13:59 GMT
adblockDetector.js
www.staradvertiser.com/wp-content/themes/staradvertiser/js/adblockerdetector/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.staradvertiser.com/wp-content/themes/staradvertiser/js/adblockerdetector/adblockDetector.js?v=
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
d114053b0734a32984149e572c5886d065dfe4bcc4c0ab76334dcc6d3662ccc5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:17 GMT
content-encoding
br
last-modified
Thu, 01 Sep 2022 00:15:33 GMT
server
nginx
etag
W/"630ff9a5-3592"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
adblockerTrigger.js
www.staradvertiser.com/wp-content/themes/staradvertiser/js/adblockerdetector/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.staradvertiser.com/wp-content/themes/staradvertiser/js/adblockerdetector/adblockerTrigger.js?v=
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
4232418f7cc732582f6471f0e121f91014253ed22617d140b4252977d8c18ddb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:17 GMT
content-encoding
br
last-modified
Wed, 14 Sep 2022 02:07:31 GMT
server
nginx
etag
W/"63213763-cee"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
chartbeat_mab.js
static.chartbeat.com/js/ 		23 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.chartbeat.com/js/chartbeat_mab.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:2e00:18:1fcd:351:7bc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
5da042d5812f163384470df8b5fbca46e8364922c47407a8dbdcf114066fc6ab

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 17:19:52 GMT
content-encoding
gzip
last-modified
Wed, 20 Jul 2022 00:57:56 GMT
server
nginx
age
4286
etag
W/"62d75314-5d6b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
via
1.1 3f3b012fad703fdac0f14efdb7b78b6e.cloudfront.net (CloudFront)
cache-control
max-age=7200
cross-origin-resource-policy
cross-origin
x-amz-cf-pop
FRA56-P2
x-amz-cf-id
VXjY1f5Cj7cmxaXz-8H8E58-6Ogb-L8B6fNjg1ETDA2Xara74kGqSQ==
expires
Thu, 22 Sep 2022 19:19:52 GMT
ZoPFXSjg.js
content.jwplatform.com/libraries/ 		131 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://content.jwplatform.com/libraries/ZoPFXSjg.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:7200:1:a3fa:7cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty /
Resource Hash
85a585e78f45829ebec0142b3cbb22ce1900a3be9c8a5941941a2a19d6319c14

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:17 GMT
content-encoding
gzip
server
openresty
x-amz-cf-pop
FRA60-P4
x-cache
Miss from cloudfront
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=180
content-length
45637
via
1.1 0c371064bf157d89e4b3520c0b29474c.cloudfront.net (CloudFront)
x-amz-cf-id
Ncwk2IU0sW-PdJh0A8k6f3ugTzRQ7awlNY62LDX915zhmS7ES3lKKw==
hsa-jwplayer.cmd-hsa-minified.1601588720.js
www.staradvertiser.com/wp-content/themes/staradvertiser/js/ 		12 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.staradvertiser.com/wp-content/themes/staradvertiser/js/hsa-jwplayer.cmd-hsa-minified.1601588720.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
0159831273549544cb9ff04cb7f31edfa5797d9aa4bf1666636bdca542479b76

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:17 GMT
content-encoding
br
last-modified
Thu, 01 Oct 2020 21:45:24 GMT
server
nginx
etag
W/"5f764df4-2eb2"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
sa-jwplayer.css
www.staradvertiser.com/wp-content/themes/staradvertiser/css/ 		2 KB
869 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.staradvertiser.com/wp-content/themes/staradvertiser/css/sa-jwplayer.css?version=1.0
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
6e206304ef613bb43bbad63baeeef8a0fa2c96dc7295c45f025131467c14aee8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:17 GMT
content-encoding
br
last-modified
Mon, 23 Sep 2019 21:22:01 GMT
server
nginx
etag
W/"5d893779-603"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
load.js
s.ntv.io/serve/ 		479 KB
137 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.ntv.io/serve/load.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.237.64 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-64.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
9e877167f6f54a122bd114c9429ffdcac4704c20443c9a0aca0fa4b90a86aca9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Thu, 22 Sep 2022 18:31:18 GMT
Content-Encoding
gzip
x-amz-request-id
NE78K8EBT6DCFF91
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
Connection
keep-alive, Transfer-Encoding
x-amz-id-2
9QuaoecH2QAOz+oJxR6WZ1nx/2mDp0Cut6vjRgJ3M3z84C/alDjCtrCJWMWYtRlOz0BxhXP+72s=
Last-Modified
Mon, 19 Sep 2022 22:01:53 GMT
Server
AmazonS3
ETag
"304142478e3c49065ff794612c24a84b"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=3600
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
usprivacy-string.js
www.staradvertiser.com/wp-content/themes/staradvertiser/iab_ccpa/src/ 		1 KB
817 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.staradvertiser.com/wp-content/themes/staradvertiser/iab_ccpa/src/usprivacy-string.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
e5d3f7cad9534723e28aed704f7f5bcbb7f6a2323b2c29f01aa09bc3a46c930d

Request headers

Referer
https://www.staradvertiser.com/
Origin
https://www.staradvertiser.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:17 GMT
content-encoding
br
last-modified
Fri, 24 Jan 2020 19:14:59 GMT
server
nginx
etag
W/"5e2b4233-4e0"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
uspapi.js
www.staradvertiser.com/wp-content/themes/staradvertiser/iab_ccpa/src/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.staradvertiser.com/wp-content/themes/staradvertiser/iab_ccpa/src/uspapi.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
d8921a0fcfd2507826836106dcc06e0612c413bf3797cab39402171724b32df0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:17 GMT
content-encoding
br
last-modified
Fri, 24 Jan 2020 19:14:59 GMT
server
nginx
etag
W/"5e2b4233-1158"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
uspapi_call.js
www.staradvertiser.com/wp-content/themes/staradvertiser/iab_ccpa/src/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.staradvertiser.com/wp-content/themes/staradvertiser/iab_ccpa/src/uspapi_call.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
87228b5246ece9b12bac05b438794791bb67239aab563dafb7e43eb4ddfc8fa9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:17 GMT
content-encoding
br
last-modified
Fri, 24 Jan 2020 19:14:59 GMT
server
nginx
etag
W/"5e2b4233-899"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
polyfill.min.js
polyfill.io/v2/ 		222 B
450 B 		Script
General
Check archive.org
Download Go to
Full URL
https://polyfill.io/v2/polyfill.min.js?features=IntersectionObserver
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::282 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
cae897bdde94867960ad284a56b1631296eaceddf5710a2857127ca0aa2777d3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:17 GMT
content-encoding
br
last-modified
Wed, 21 Sep 2022 18:47:57 GMT
age
0
vary
User-Agent, Accept-Encoding
access-control-allow-methods
GET,HEAD,OPTIONS
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
useragent_normaliser
chrome/105.0.0
server-timing
cache-hhn4077, PASS, fastly;desc="Edge time";dur=19
accept-ranges
bytes
content-length
126
common.cmd-hsa-minified.1569273721.css
www.staradvertiser.com/wp-content/plugins/hsa-polls/css/ 		502 B
460 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.staradvertiser.com/wp-content/plugins/hsa-polls/css/common.cmd-hsa-minified.1569273721.css?ver=5.8.5
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
0e2a560f13627bee0925e5e49243f611d9a4cef76f56f4c96d3d3a6510a1d29c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:17 GMT
content-encoding
br
last-modified
Tue, 04 Feb 2020 19:56:12 GMT
server
nginx
etag
W/"5e39cc5c-1f6"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
style.min.css
www.staradvertiser.com/wp-includes/css/dist/block-library/ 		79 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.staradvertiser.com/wp-includes/css/dist/block-library/style.min.css?ver=5.8.5
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:17 GMT
content-encoding
br
last-modified
Wed, 01 Sep 2021 04:05:58 GMT
server
nginx
etag
W/"612efc26-13abe"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
vfb-style.min.css
www.staradvertiser.com/wp-content/plugins/vfb-pro/public/assets/css/ 		66 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.staradvertiser.com/wp-content/plugins/vfb-pro/public/assets/css/vfb-style.min.css?ver=2019.05.10
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
2a03771453248c5eb3ee390d87edddd490ac37484b6a6c95567ffc222fccd107

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:17 GMT
content-encoding
br
last-modified
Wed, 10 Feb 2021 19:20:25 GMT
server
nginx
etag
W/"602431f9-108dd"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
css
fonts.googleapis.com/ 		16 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Source+Sans+Pro%3A300%2C400%2C700%2C300italic%2C400italic%2C700italic%7CBitter%3A400%2C700&subset=latin%2Clatin-ext
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400a:800::200a Zurich, Switzerland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e2e53e528694d0489b0452944f6e47f8a45448d351cf30513cfa4ff6e5815312
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 22 Sep 2022 17:16:07 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 22 Sep 2022 18:31:17 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 22 Sep 2022 18:31:17 GMT
genericons.css
www.staradvertiser.com/wp-content/themes/staradvertiser/genericons/ 		30 KB
19 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.staradvertiser.com/wp-content/themes/staradvertiser/genericons/genericons.css?ver=3.03
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
4d5679eb4ffe764c49e2fb1386bf3ef04139e7a5a9e867da46aa1045374d6925

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:17 GMT
content-encoding
br
last-modified
Mon, 23 Sep 2019 21:22:01 GMT
server
nginx
etag
W/"5d893779-7945"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
style.css
www.staradvertiser.com/wp-content/themes/staradvertiser/ 		0
188 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.staradvertiser.com/wp-content/themes/staradvertiser/style.css?ver=2015-12-08
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:17 GMT
last-modified
Mon, 23 Sep 2019 21:22:01 GMT
server
nginx
etag
"5d893779-0"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
0
facets.min.css
www.staradvertiser.com/wp-content/plugins/elasticpress/features/facets/assets/css/ 		789 B
479 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.staradvertiser.com/wp-content/plugins/elasticpress/features/facets/assets/css/facets.min.css?ver=2.5.2
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
125b1c5f96e7bd6829d8ce638c463f14c0a78f7cadee45d6ea4584b897aaf1e3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:17 GMT
content-encoding
br
last-modified
Mon, 23 Sep 2019 21:22:01 GMT
server
nginx
etag
W/"5d893779-315"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
jquery.min.js
www.staradvertiser.com/wp-includes/js/jquery/ 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.staradvertiser.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:17 GMT
content-encoding
br
last-modified
Wed, 10 Mar 2021 15:07:24 GMT
server
nginx
etag
W/"6048e0ac-15db1"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
jquery-migrate.min.js
www.staradvertiser.com/wp-includes/js/jquery/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.staradvertiser.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:17 GMT
content-encoding
br
last-modified
Wed, 18 Nov 2020 09:06:06 GMT
server
nginx
etag
W/"5fb4e3fe-2bd8"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
common.cmd-hsa-minified.1569273721.js
www.staradvertiser.com/wp-content/plugins/hsa-polls/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.staradvertiser.com/wp-content/plugins/hsa-polls/js/common.cmd-hsa-minified.1569273721.js?ver=5.8.5
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
3596c8db4dfd165d2fa4af70f72fbb7d22caab7c9b7aa1cd7e91af4a663e6a8d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:17 GMT
content-encoding
br
last-modified
Tue, 04 Feb 2020 19:56:12 GMT
server
nginx
etag
W/"5e39cc5c-100a"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
sa-logo-white-small.png
www.staradvertiser.com/wp-content/themes/staradvertiser/images/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.staradvertiser.com/wp-content/themes/staradvertiser/images/sa-logo-white-small.png
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
cadc72dc81a8e767b3da7e015267c1ed4eb439249277937a2e83f7d29876350e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:18 GMT
last-modified
Mon, 23 Sep 2019 21:22:01 GMT
server
nginx
etag
"5d893779-19dc"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
6620
longs-drugs-logo-v2.png
www.staradvertiser.com/wp-content/themes/staradvertiser/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.staradvertiser.com/wp-content/themes/staradvertiser/images/longs-drugs-logo-v2.png
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
e0f9afd978bd46213b0bf16a6ddd54ef257e84dde88e9b428c373b501a2b0b74

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:18 GMT
last-modified
Tue, 15 Jun 2021 01:44:26 GMT
server
nginx
etag
"60c805fa-914"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
2324
sa-logo-large.png
www.staradvertiser.com/wp-content/themes/staradvertiser/images/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.staradvertiser.com/wp-content/themes/staradvertiser/images/sa-logo-large.png
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
0a2176bad5be68ea7fe742d9ea76084443f8891101898e212361a057b291ca62

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:18 GMT
last-modified
Mon, 23 Sep 2019 21:22:01 GMT
server
nginx
etag
"5d893779-4056"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
16470
partly_cloudy_rain.png
www.staradvertiser.com/wp-content/themes/staradvertiser/images/small-icons/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.staradvertiser.com/wp-content/themes/staradvertiser/images/small-icons/partly_cloudy_rain.png
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
317411aa4ace0961a35e28f5a79c28dd52b28cdda84efa46f80d697fbf695b02

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:18 GMT
last-modified
Mon, 23 Sep 2019 21:22:01 GMT
server
nginx
etag
"5d893779-597"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
1431
getprima.php
staradvertiser-hi.newsmemory.com/ 		41 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://staradvertiser-hi.newsmemory.com/getprima.php
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.221.208.196 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-221-208-196.compute-1.amazonaws.com
Software
Apache /
Resource Hash
2b3afd179f48753686fa80cd090089c5088dcea5842218e3929659d4aa05e923

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Thu, 22 Sep 2022 18:31:19 GMT
Cache-Control
max-age=900,s-maxage=900
Expires
Thu, 22 Sep 2022 18:46:19 GMT
Server
Apache
Transfer-Encoding
chunked
Content-Type
image/png
SA-election-banner.gif
sa-media.s3.us-east-1.amazonaws.com/images/election/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sa-media.s3.us-east-1.amazonaws.com/images/election/SA-election-banner.gif
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.242.208 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-us-east-1-r-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
1395f98bd995218653eb521ddaadbf2728ae9bf8920c8c69f2e9d8381fe88afe

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Thu, 22 Sep 2022 18:31:19 GMT
Last-Modified
Fri, 08 Jul 2022 21:54:45 GMT
Server
AmazonS3
x-amz-request-id
BB7N6XBKZDR2JRRR
ETag
"36e3d866257076701333e171247d5022"
Content-Type
image/gif
x-amz-version-id
y24JXrVo3WWD_0kNTkO67T9b24ktIHCL
Accept-Ranges
bytes
Content-Length
10145
x-amz-id-2
YlKYAT9D6kLjRZ3G36Br6oxgbMCfx1y1BfdixR2p6DTTQVs2rDXggnwBhbpiQuELtuo5k+qIY5Q=
big-q-logo.png
www.staradvertiser.com/wp-content/plugins/cmd-hsa-big-q/class/images/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.staradvertiser.com/wp-content/plugins/cmd-hsa-big-q/class/images/big-q-logo.png
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
42197f868c8a022a8f36574a2ce910d007c7254e7282742500154471ca82408d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:18 GMT
last-modified
Mon, 23 Sep 2019 21:22:01 GMT
server
nginx
etag
"5d893779-2806"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
10246
SA-LocalBusinessGuide-982x300.gif
sa-media.s3.amazonaws.com/sa_ads/localbusinessguide/ 		269 KB
270 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sa-media.s3.amazonaws.com/sa_ads/localbusinessguide/SA-LocalBusinessGuide-982x300.gif
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.231.229.145 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
09dc0765a9dd7efe2c16814e023c0509771ef4cf8dd880a306c59b765942d983

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Thu, 22 Sep 2022 18:31:19 GMT
Last-Modified
Thu, 16 Jul 2020 21:43:25 GMT
Server
AmazonS3
x-amz-request-id
BB7JBZ2WKCS6PN47
ETag
"1b3f2c17628b6f0face0aba72b58a731"
Content-Type
image/gif
x-amz-version-id
N.oxyDEQv3OEdP44ADgABZ71w4.UpJZ_
Accept-Ranges
bytes
Content-Length
275925
x-amz-id-2
dli0AuFeCXC5C1EIlge+rMoFnV4tTVoGsDJitRKDzIrH03YC0jG/Q8Gz7hA7qU8jRMaqoxWzNlQ=
fv-play-btn-1.png
www.staradvertiser.com/wp-content/themes/staradvertiser/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.staradvertiser.com/wp-content/themes/staradvertiser/images/fv-play-btn-1.png
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
dca48f3a946bbfa6545510ed71076aa805c1b8a84bba5ecc79fa39ccfcd088f5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:18 GMT
last-modified
Mon, 23 Sep 2019 21:22:01 GMT
server
nginx
etag
"5d893779-d24"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
3364
loader-sa.gif
sa-media.s3.amazonaws.com/images/redesign/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sa-media.s3.amazonaws.com/images/redesign/loader-sa.gif
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.231.229.145 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
0697912270d4ad04615851261fa60a3db4bc88e3c0316d1c97fdd3a5a7c68931

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Thu, 22 Sep 2022 18:31:19 GMT
Last-Modified
Thu, 09 Jan 2020 19:44:41 GMT
Server
AmazonS3
x-amz-request-id
BB7TPTDVSRM5EDJ0
ETag
"5482571331280690fa02f6d418610e2f"
x-amz-version-id
GPY34XsOEB_u0Uf8iwc7gZbkwoeYJPhF
Cache-Control
31556952
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
16428
x-amz-id-2
czxjWPxvs76wUc1hT+KP+Hu30mWygpoYBRMRa85n/Oe4B15YPuRF0PhzzRMD4ieE/X1VeKV7ppk=
origami-widget.js
origami.secure.ownlocal.com/ 		13 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://origami.secure.ownlocal.com/origami-widget.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.77.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.77.96.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
d6a5789ddcefcde65aca42763fdf458a4df543f92f13d903aab39e05918971cc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 17:36:26 GMT
age
3292
x-guploader-uploadid
ADPycds3JFZHIXYSKoC4H2RMYNowGoEp47nUpdmSzl2RjUica-2inYCHz78J6axhZwAjUGBpzNokeezgOfoW-dGhXXRmeS5leOGc
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13289
last-modified
Mon, 19 Oct 2020 18:40:43 GMT
server
UploadServer
etag
"f5183a07384a657e61aaaeba0fc72448"
x-goog-hash
crc32c=FHVKdg==, md5=9Rg6BzhKZX5hqq66D8ckSA==
x-goog-generation
1603132843078573
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=86400
x-goog-stored-content-length
13289
accept-ranges
bytes
content-type
application/javascript
expires
Fri, 23 Sep 2022 17:36:26 GMT
embedcode.php
embed.sendtonews.com/player2/ 		7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.sendtonews.com/player2/embedcode.php?fk=NxulL6Ef&cid=13479
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.209.43.118 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-209-43-118.compute-1.amazonaws.com
Software
Apache /
Resource Hash
601355040d9e7825c1c8318a75936be30c28a284e4052d4130009a30c470b41e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:18 GMT
content-encoding
gzip
server
Apache
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600
content-length
3098
expires
Thu, 22 Sep 2022 19:31:18 GMT
get.js
cdn.cityspark.com/wid/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cityspark.com/wid/get.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CB9) /
Resource Hash
948c224783bfc65ebe57eaca98e5968a10717272ed8120746501997509fa564c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 22 Sep 2022 18:31:18 GMT
content-encoding
gzip
content-md5
DgH26NwpVpUJ7mY3mCxUbA==
age
66032
x-cache
HIT
content-length
919
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Thu, 07 May 2020 14:25:32 GMT
server
ECAcc (frc/4CB9)
etag
"0x8D7F2927FD84964+gzip"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
62151191-f01e-004f-1e17-ce8959000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
x-ms-version
2014-02-14
FF2022-sponsor-longs.png
sa-media.s3.us-east-1.amazonaws.com/sa_ads/football-fever/2022/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sa-media.s3.us-east-1.amazonaws.com/sa_ads/football-fever/2022/FF2022-sponsor-longs.png
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.242.208 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-us-east-1-r-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
18ea529b7205175dc1cea86369857467bea10907f294e8d22ba8f6b4e5862e61

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Thu, 22 Sep 2022 18:31:19 GMT
Last-Modified
Fri, 19 Aug 2022 20:31:17 GMT
Server
AmazonS3
x-amz-request-id
BB7TZ8EKQZ9GPHM7
ETag
"ff4dd3b302b565e2ba6eae315d262364"
Content-Type
image/png
x-amz-version-id
xD.loI7d_56IeoYVTybqclPdXANYM2mN
Accept-Ranges
bytes
Content-Length
11203
x-amz-id-2
l5Zpv1m9j3ZKnzQpFkjCck34YEmxJb29Chcy7IS/sYGVOWql/h8A0RPhUBEsh/OYp2nUsuIgGWs=
FF2022-HSA-logo.png
sa-media.s3.us-east-1.amazonaws.com/sa_ads/football-fever/2022/ 		21 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sa-media.s3.us-east-1.amazonaws.com/sa_ads/football-fever/2022/FF2022-HSA-logo.png
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.242.208 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-us-east-1-r-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
9c90f5895a0db476c81ba4fffb769a03b7e097ef26bad2fcda65d507e188d583

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Thu, 22 Sep 2022 18:31:19 GMT
Last-Modified
Wed, 31 Aug 2022 19:21:27 GMT
Server
AmazonS3
x-amz-request-id
BB7WREYYBA19Q745
ETag
"6d9c3923b6a273f5a94b2233076b470c"
Content-Type
image/png
x-amz-version-id
5JXxmQEOInPRZIdfePb9g5hRZatrwClg
Accept-Ranges
bytes
Content-Length
21934
x-amz-id-2
SneZxaZcrK2Mm7edG723GPBes3LO7yNw1pvEtpo0EyJL4f4+btQZZB6R2xUHQlM7C0cDnO/xC+k=
FF2022-sponsor-mercedesbenz.png
sa-media.s3.us-east-1.amazonaws.com/sa_ads/football-fever/2022/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sa-media.s3.us-east-1.amazonaws.com/sa_ads/football-fever/2022/FF2022-sponsor-mercedesbenz.png
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.242.208 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-us-east-1-r-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
29e3c74e291617b3ab2e1f42871d78d17770719a0d3ec70d9d8cbd986773792c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Thu, 22 Sep 2022 18:31:19 GMT
Last-Modified
Fri, 19 Aug 2022 20:31:17 GMT
Server
AmazonS3
x-amz-request-id
BB7YKXR88AC7307D
ETag
"ef49e78591a08d8a97487618b48eee6d"
Content-Type
image/png
x-amz-version-id
zKK_KEOu4icvBDf42EaeUhI9EBcf7WXk
Accept-Ranges
bytes
Content-Length
13633
x-amz-id-2
FjTjBHcbcLL5mMtcKd9QvU4RIvyxAnY5boPbhPjzjlMEiE50Hrd+4YX+ncB196CTdfVGuty5OBc=
FF2022-sponsor-hawaiiantelcom.png
sa-media.s3.us-east-1.amazonaws.com/sa_ads/football-fever/2022/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sa-media.s3.us-east-1.amazonaws.com/sa_ads/football-fever/2022/FF2022-sponsor-hawaiiantelcom.png
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.242.208 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-us-east-1-r-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
3abbb2131f0dde8b5097f8dc5bfc64b269496967281503242d53bf362083976e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Thu, 22 Sep 2022 18:31:19 GMT
Last-Modified
Fri, 19 Aug 2022 20:31:17 GMT
Server
AmazonS3
x-amz-request-id
BB7MCHGXC7126TNV
ETag
"ea7b624eb79f6144bd4376d0baf2bb7d"
Content-Type
image/png
x-amz-version-id
9B1JLMrHpD57rf.burFJ7QJXMv8ov3uL
Accept-Ranges
bytes
Content-Length
4455
x-amz-id-2
pnfF1bbbRksMO78OD3YntCp6FRGktMkbUA5yYZLfVs6mWmOSF9y2/vDbJn+Pm27CerJ66Nq4YA0=
gD12H3oM9Iqch4Y2IgeBpEqQnAvfOv.js
widgets.recruitology.com/scripts/ 		45 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.recruitology.com/scripts/gD12H3oM9Iqch4Y2IgeBpEqQnAvfOv.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-72.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c8973d0c17f0197328db2b887c2208f9a331fc0f56ab2b5f2a7f93ecd7cecefb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:19 GMT
content-encoding
br
last-modified
Tue, 20 Sep 2022 03:33:52 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
etag
W/"32448544ed8fd1bb632ce629cc761a03"
vary
Accept-Encoding, Origin
x-cache
RefreshHit from cloudfront
content-type
text/javascript
via
1.1 90bb130ecccb71953b38a1c0e3b5721a.cloudfront.net (CloudFront)
cache-control
max-age=60, public
x-amz-cf-id
Vji8qWgTriRqFGgSYyeiXusJs_KcLs769E47U1B9FY44j4Yty8kMqw==
expires
Thu, 22 Sep 2022 18:20:17 GMT
DO-091822-Cover-Dukes-LT001-180x180.jpg
dining.staradvertiser.com/wp-content/uploads/2022/09/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dining.staradvertiser.com/wp-content/uploads/2022/09/DO-091822-Cover-Dukes-LT001-180x180.jpg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.184.218.133 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
133.218.184.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
90d445c5330607ef269ff71d28fce7503453b79560583b4b2bd66836fbb6eb6a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:18 GMT
last-modified
Mon, 19 Sep 2022 20:01:06 GMT
server
nginx
etag
"6328ca82-3f95"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
16277
Copy-of-2019.04.06.HK_.Makakilo_003-150x150.jpg
hawaiirenovation.staradvertiser.com/wp-content/uploads/2022/09/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hawaiirenovation.staradvertiser.com/wp-content/uploads/2022/09/Copy-of-2019.04.06.HK_.Makakilo_003-150x150.jpg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.184.218.133 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
133.218.184.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
02b3ed8b16f9e8eaeed74f6429ca3ebb2073c5ccb33ab0b0477d1ee13f495cbc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:19 GMT
last-modified
Mon, 19 Sep 2022 20:57:58 GMT
server
nginx
etag
"6328d7d6-1b30"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
6960
AlohaFestivals2022-242x250.jpg
www.staradvertiser.com/wp-content/uploads/2022/09/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.staradvertiser.com/wp-content/uploads/2022/09/AlohaFestivals2022-242x250.jpg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
a7b4483f9426b5407d14cbbc79ff707cc89f10c5a78917a9bd9c4dceb3770110

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:18 GMT
last-modified
Fri, 16 Sep 2022 18:57:41 GMT
server
nginx
etag
"6324c725-3fdf"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
16351
2022hawaiisbest-240x250.jpg
www.staradvertiser.com/wp-content/uploads/2022/09/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.staradvertiser.com/wp-content/uploads/2022/09/2022hawaiisbest-240x250.jpg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
3c86d02f206440cf3d81cbf052fdd8f978f5e558b79d75ba27536771137c2ffe

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:18 GMT
last-modified
Fri, 09 Sep 2022 18:24:48 GMT
server
nginx
etag
"631b84f0-429e"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
17054
SA-LocalBusinessGuide-RightRail.gif
sa-media.s3.amazonaws.com/sa_ads/localbusinessguide/ 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sa-media.s3.amazonaws.com/sa_ads/localbusinessguide/SA-LocalBusinessGuide-RightRail.gif
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.231.229.145 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
b9992e87acdce0b56ae06a416a40ba5b4771a9cd7701d97e9487044dbf1b65e0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Thu, 22 Sep 2022 18:31:19 GMT
Last-Modified
Fri, 17 Jul 2020 01:10:19 GMT
Server
AmazonS3
x-amz-request-id
BB7PY5RTWGKZP111
ETag
"4de67d2a7b83c7aa57c53c16e04f45fe"
Content-Type
image/gif
x-amz-version-id
6IbaSWxCO7LzRPA4INzeWwcVLvh1Iht9
Accept-Ranges
bytes
Content-Length
33694
x-amz-id-2
U17N66jwlkBsLJc8RHnR7Oiqvf4jkYDdO+MdYzKv3Cq+jxqVXFAqs0Vw9aDXMZaloD0pqRlPrxM=
20220920_WEB_HSB-A1-9.29.2002-take-2.jpg
www.staradvertiser.com/wp-content/uploads/2022/09/ 		81 KB
81 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.staradvertiser.com/wp-content/uploads/2022/09/20220920_WEB_HSB-A1-9.29.2002-take-2.jpg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
15a39e4e0d5be9203fcce886c5f740a09b64fe9ec72c9af4c59f7cb10bd78064

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:18 GMT
last-modified
Tue, 20 Sep 2022 23:13:48 GMT
server
nginx
etag
"632a492c-142b4"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
82612
api.js
www.google.com/recaptcha/ 		884 B
1001 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?render=6LdAlLwUAAAAABkgsamHb8lqNqVqvZQKWYXKl57b
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
486278462338724cba65ef7ed7dc06d9b7d891383b4ce4c257e59cc9befeb06b
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
588
x-xss-protection
1; mode=block
expires
Thu, 22 Sep 2022 18:31:18 GMT
newsletter-signup.js
www.staradvertiser.com/resources/newsletter/ 		2 KB
947 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.staradvertiser.com/resources/newsletter/newsletter-signup.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
d1a0a1b6d83366106e152f1703e7a4762df4f2a95bcd45dda95c362e27c64fa0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:18 GMT
content-encoding
br
last-modified
Sat, 12 Oct 2019 01:57:07 GMT
server
nginx
etag
W/"5da132f3-7ed"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
frontend.js
www.staradvertiser.com/wp-content/plugins/ad-refresh-control/dist/js/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.staradvertiser.com/wp-content/plugins/ad-refresh-control/dist/js/frontend.js?ver=1.0.5
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
3cd0f7339e3fe1e7228f087ed90b78e9fdcbcc1db30e4f228e510ce6bb220f46

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:18 GMT
content-encoding
br
last-modified
Fri, 23 Jul 2021 07:01:13 GMT
server
nginx
etag
W/"60fa6939-3583"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
functions.js
www.staradvertiser.com/wp-content/themes/staradvertiser/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.staradvertiser.com/wp-content/themes/staradvertiser/js/functions.js?ver=20200320
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
3cab875a2a392985fb6bc7269ea092a6b16d208b2ba247cba8bfc0f626d9caac

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:18 GMT
content-encoding
br
last-modified
Tue, 24 Mar 2020 19:28:26 GMT
server
nginx
etag
W/"5e7a5f5a-10af"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
underscore.min.js
www.staradvertiser.com/wp-includes/js/ 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.staradvertiser.com/wp-includes/js/underscore.min.js?ver=1.13.1
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
5dacc86b8a64742e60d70192353e5643da219a3f84c0b26cf6116b06b67fff32

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:18 GMT
content-encoding
br
last-modified
Thu, 27 May 2021 19:33:19 GMT
server
nginx
etag
W/"60aff3ff-4a84"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
facets.min.js
www.staradvertiser.com/wp-content/plugins/elasticpress/features/facets/assets/js/ 		399 B
476 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.staradvertiser.com/wp-content/plugins/elasticpress/features/facets/assets/js/facets.min.js?ver=2.5.2
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
842542e571b27f1586b2472b0f927e13973b6b47e5d9fe345abfd2436eb24fe6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:18 GMT
content-encoding
br
last-modified
Mon, 23 Sep 2019 21:22:01 GMT
server
nginx
etag
W/"5d893779-18f"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
wp-embed.min.js
www.staradvertiser.com/wp-includes/js/ 		1 KB
947 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.staradvertiser.com/wp-includes/js/wp-embed.min.js?ver=5.8.5
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:18 GMT
content-encoding
br
last-modified
Wed, 06 Jan 2021 15:29:24 GMT
server
nginx
etag
W/"5ff5d754-592"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
slick.js
cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/ 		87 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/slick.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
9baa573e4378873b7ac81ccb1d954ce9bb2b1a933947ad3012263ddc604d8505
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
1437306
x-jsd-version
1.8.1
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
15050
etag
W/"15b7b-XpZQCGXagm+FCTNPA0QivnZitG0"
x-served-by
cache-fra19160-FRA, cache-hhn4078-HHN
x-jsd-version-type
version
date
Thu, 22 Sep 2022 18:31:18 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
popper.min.js
www.staradvertiser.com/wp-content/themes/staradvertiser/js/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.staradvertiser.com/wp-content/themes/staradvertiser/js/popper.min.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
a52f7aa54d7bcaafa056ee0a050262dfc5694ae28dee8b4cac3429af37ff0d66

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:18 GMT
content-encoding
br
last-modified
Mon, 23 Sep 2019 21:22:01 GMT
server
nginx
etag
W/"5d893779-4af4"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
bootstrap.min.js
cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.0.0/js/ 		48 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.0.0/js/bootstrap.min.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:18 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1213436
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
11522
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:17:20 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb04010-bf30"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MXAGOYl2rk%2BpyV5CA6Ix2QDBKTOmtdBWXodXOAysnSPzPjf7E2J7UtBJfu%2FTSKNlEyao%2FSOLjgolHzcD340c7nZPMJ%2FiPl4ke%2Bh9JJI%2B4fxNNo3HOLG7S%2B1RKmNaJhNlbWVcCquTIeDCO%2FZZWkXn7dR0"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
74ed1de3185fbbeb-FRA
expires
Tue, 12 Sep 2023 18:31:18 GMT
prefixfree.min.js
cdnjs.cloudflare.com/ajax/libs/prefixfree/1.0.7/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/prefixfree/1.0.7/prefixfree.min.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
19a28e2d74e7eee25716e5a9e7bba44191ae28ada05995a5107d7a85cea3054f
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:18 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1211161
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2135
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:15:38 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03faa-16f4"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=biFtEUPpmMiFaIPEAOlCJRMLHPVNUAePcOCrbDLERgj6vEw%2FA2vutpyj1LKVCZNDOpW5ZZxpd1DOKZayLo%2FeWVAE3fue%2FxoM6ncdFIOlwL%2FGM0yYAzZKmMisR7H1dhT5dHwfs42d6OXMtBZp%2FrgsBs7w"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
74ed1de31860bbeb-FRA
expires
Tue, 12 Sep 2023 18:31:18 GMT
hawaiian-text.js
www.staradvertiser.com/wp-content/themes/staradvertiser/js/ 		915 B
427 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.staradvertiser.com/wp-content/themes/staradvertiser/js/hawaiian-text.js?v3
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
27a248eda1fdeed115a09b6721edd068770883206d013e5b493a12aab50a7c41

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:18 GMT
content-encoding
br
last-modified
Mon, 23 Sep 2019 21:22:01 GMT
server
nginx
etag
W/"5d893779-393"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
custom-author.cmd-hsa-minified.1659488333.js
www.staradvertiser.com/wp-content/themes/staradvertiser/js/ 		11 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.staradvertiser.com/wp-content/themes/staradvertiser/js/custom-author.cmd-hsa-minified.1659488333.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
50a160cfe093d79770aa560368661b1ba826f3889e419198822a96b22e644991

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:18 GMT
content-encoding
br
last-modified
Wed, 03 Aug 2022 00:58:58 GMT
server
nginx
etag
W/"62e9c852-2a3a"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
41e899d4-eecb-4906-b3ea-3f7a3f7fae2f
analyticssystems.net/api/v2/client/impression/ 		0
545 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analyticssystems.net/api/v2/client/impression/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f?rand=522878&referer=https://www.staradvertiser.com/
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:251b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:19 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9k%2Fg5wcjMe%2BEmimRa1SwYgMDSsbaJR1sZMsVdUz80l4zptchS33vIxZ8S4w7VovUU4fwFSDVo%2FTddOkt5Mx4aILoYkOohZsEWGM9FvFAEaDo6LF0UtwZGajZQmBLT3%2BbFPAIllgGMBtnmz8meiA%2FKcJSxQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
cf-ray
74ed1de718709174-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-request-id
FxdCS2eCrfrmPSAINuGR
pwt.js
ads.pubmatic.com/AdServer/js/pwt/160074/3146// 		169 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/pwt/160074/3146//pwt.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
5022fcf9de86b31fb30f480f4aa29fe96298d33242f5455a778da9f3079550b9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:19 GMT
content-encoding
gzip
last-modified
Thu, 30 Sep 2021 19:22:25 GMT
server
Apache
etag
"11c1a63-2a268-5cd3b5de565d2"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=78641
accept-ranges
bytes
content-type
text/javascript
content-length
55348
expires
Fri, 23 Sep 2022 16:22:00 GMT
apstag.js
c.amazon-adsystem.com/aax2/ 		167 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.64.114.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-64-114-85.txl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d420ee64cb607d68e208a3105b39934807ed2e4d43ced2542f7b6b0cd153ca43

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Thu, 22 Sep 2022 17:57:15 GMT
via
1.1 814952d19d560b49ff15ad2f71e400d2.cloudfront.net (CloudFront), 1.1 1a620bb236f3df5588fc787c47ccfafa.cloudfront.net (CloudFront)
last-modified
Thu, 15 Sep 2022 20:15:31 GMT
server
AmazonS3
age
2044
etag
W/"da0e8e1151d3ebb7a34f07d19a6e05d0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-pop
FRA60-P1, TXL50-P4
content-encoding
gzip
x-amz-cf-id
sRpM6N9DhNT18y0dZeZUYwrDwaf3Nw3KR3lRe2IIsX_vlYEr8kXVRw==
p.css
p.typekit.net/ 		5 B
181 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://p.typekit.net/p.css?s=1&k=wsl8gsu&ht=tk&f=139.140.175.176.28494.28496.28497.28498&a=84346937&app=typekit&e=css
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/wsl8gsu.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:148b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://use.typekit.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:18 GMT
last-modified
Sat, 16 Oct 2021 08:18:43 GMT
server
nginx
etag
"616a8ae3-5"
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
5
gpt.js
www.googletagservices.com/tag/js/ 		80 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c1895630dd470cf7cec36822c5d6367191d530ee9979fc72f0bb96a79da4122c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27800
x-xss-protection
0
server
sffe
etag
"1342 / 553 of 1000 / last-modified: 1663845016"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 22 Sep 2022 18:31:18 GMT
prebid4.15.0.js
www.staradvertiser.com/wp-content/themes/staradvertiser/js/ 		196 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.staradvertiser.com/wp-content/themes/staradvertiser/js/prebid4.15.0.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
d2be56cea1a4dcdfe58a21865c56188678e70e0cb288a965f649829ad71d467d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:18 GMT
content-encoding
br
last-modified
Tue, 16 Feb 2021 02:08:00 GMT
server
nginx
etag
W/"602b2900-3117a"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
9e25469f734732205f33dd80ff8ca12080406c18d2fa99a1f368103e51f7999f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Sun, 11 Sep 2022 13:50:09 GMT
server
Golfe2
age
5358
date
Thu, 22 Sep 2022 17:02:00 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19826
expires
Thu, 22 Sep 2022 19:02:00 GMT
aam.js
aamcftag.aamsitecertifier.com/ 		74 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aamcftag.aamsitecertifier.com/aam.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2251:6200:14:c3e7:6780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c1a476b3442043756f97fc98c480c06c65c74207e12ae6ba150eee21d7eed067

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 03:44:42 GMT
content-encoding
gzip
last-modified
Mon, 01 Feb 2021 19:46:45 GMT
server
AmazonS3
age
53492
etag
"d01602293dda6546ca8f8ededd0e44e8"
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 5b6e22c950501920595c86fc25834582.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
accept-ranges
bytes
content-length
25648
x-amz-cf-id
0hF-iXyYR-Gr2zz81iCTFupQqzzbKreuSi7ontDn5t1IE04Akloyvg==
x-amz-meta-s3b-last-modified
20210201T194158Z
134cd2a0-7eab-4f89-ad56-f416cc5743c6.js
d2na2p72vtqyok.cloudfront.net/client-embed/ 		197 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d2na2p72vtqyok.cloudfront.net/client-embed/134cd2a0-7eab-4f89-ad56-f416cc5743c6.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-88.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
21366c3c33ff44793eef95d72777f5208600cdf01fcc7276ef1b10f16971b324

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id
imjUu1SaTd3KA08BWv_BFXiU2zUSkvX4
Content-Encoding
br
ETag
W/"006b57646e2d0d43de8a62774551d5e7"
Age
15
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Thu, 01 Sep 2022 16:52:48 GMT
Server
AmazonS3
Date
Thu, 22 Sep 2022 18:31:04 GMT
Vary
Accept-Encoding
Content-Type
application/javascript
Via
1.1 760a29e891ec10bba1274911260e1fc8.cloudfront.net (CloudFront)
Cache-Control
max-age=60
X-Amz-Cf-Pop
FRA60-P4
X-Amz-Cf-Id
bqiyM1twHh4L1QBFEgnUH71YMWdj3-OjAXMnsk7cBl7UHUp5jUskgg==
beacon.js
sb.scorecardresearch.com/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-90.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 05:38:47 GMT
content-encoding
gzip
etag
W/"eaf85c1c6758e84acfe134efd70e9373"
last-modified
Tue, 28 Jun 2022 13:19:23 GMT
server
AmazonS3
age
46353
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 372875ad1ec20daf24f3f29f14a73cd0.cloudfront.net (CloudFront)
cache-control
max-age=86400
x-amz-cf-pop
FRA60-P3
x-amz-cf-id
wWuZnXTj2zEWXwfyxSaVVZj8uz_9KSkqtSvoV2mx79Qv8KmK3s2mQQ==
fbevents.js
connect.facebook.net/en_US/ 		101 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
844bfb2ff3311ad9b5611b51d8c72e0c483a8ceafe7c625a5c321637f9277399
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
26839
x-xss-protection
0
pragma
public
x-fb-debug
7e4xtddzxDhJnYAnXHcllGSiOz3oQmoWtVwyWTFmvgNBxvT+TdR9iXN8k0Er8aZKEQtwm7Hgxu/QOHjbVNgRfw==
x-fb-trip-id
720026100
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Thu, 22 Sep 2022 18:31:19 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
gtm.js
www.googletagmanager.com/ 		120 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WTV5NMZ
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
06c670d4a516e776af191035f68642cacdbf4765d12069722a53e501905044db
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:19 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48216
x-xss-protection
0
last-modified
Thu, 22 Sep 2022 18:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 22 Sep 2022 18:31:19 GMT
c13p8ejhds
www.clarity.ms/tag/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/tag/c13p8ejhds
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::60 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
3abd2dce8d526360df84778868c24f749c9f707335f5ac8781c8cba7560fa320

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:18 GMT
x-powered-by
ASP.NET
x-azure-ref
096ksYwAAAADP3jxuooqbT7VPgb4lLaWUTE9OMjFFREdFMTYwOAA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-cache
CONFIG_NOCACHE
content-type
application/x-javascript
expires
-1
cache-control
no-cache, no-store
request-context
appId=cid-v1:b1d896b3-bec7-448b-b764-240152e813e8
wp-emoji-release.min.js
www.staradvertiser.com/wp-includes/js/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.staradvertiser.com/wp-includes/js/wp-emoji-release.min.js?ver=5.8.5
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:18 GMT
content-encoding
br
last-modified
Tue, 08 Jun 2021 22:15:12 GMT
server
nginx
etag
W/"60bfebf0-4705"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
bg-ad-black.png
www.staradvertiser.com/wp-content/themes/staradvertiser/images/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.staradvertiser.com/wp-content/themes/staradvertiser/images/bg-ad-black.png
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/wp-content/themes/staradvertiser/css/sa-style-2018.css?version=1.90
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
c6d36a345aad21002e4db0c4578eba8e9979a61c22f112f55ac95c166cabdaf9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/wp-content/themes/staradvertiser/css/sa-style-2018.css?version=1.90
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:18 GMT
last-modified
Mon, 23 Sep 2019 21:22:01 GMT
server
nginx
etag
"5d893779-40b"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
1035
fa-solid-900.woff2
use.fontawesome.com/releases/v5.0.10/webfonts/ 		43 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.0.10/webfonts/fa-solid-900.woff2
Requested by
Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.0.10/css/all.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.133.15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb7aa6b06aa5a8eea3670662c4b0c37104041c14575fc170dc48677a0506a33a

Request headers

Referer
https://use.fontawesome.com/releases/v5.0.10/css/all.css
Origin
https://www.staradvertiser.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:18 GMT
access-control-allow-methods
GET
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
20776956
cf-ray
74ed1de318b69078-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44068
x-amz-id-2
zP3WCiWMkK7OphU/lc+2Ga4/eePfOM5mnisKBITLm3//OV7gqsWQAnaJv6cADvDkW9FnvDGAZNI=
last-modified
Wed, 30 Jun 2021 15:27:03 GMT
server
cloudflare
etag
"84f351b3972185aed620f78489e48b2d"
access-control-max-age
3000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7Fv4zhw%2FvDUA72%2BvlW5dIHuw5RH9mb1hX5AJs5TPHC2jNZgbMVz13DkJW3JtN17WzeRkE7rqgPK0VURQBi5uokwCssN4iZwxY79ceu1HyELsvVmZgRdOmGOvDkLxGnCfzG3WmjWZ"}],"group":"cf-nel","max_age":604800}
x-amz-request-id
12N407YFT7FRHN6Q
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
content-type
font/woff2
fa-regular-400.woff2
use.fontawesome.com/releases/v5.0.10/webfonts/ 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.0.10/webfonts/fa-regular-400.woff2
Requested by
Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.0.10/css/all.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.133.15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d2cdb4f2ed4b585d772068df75c01d0a360d45d27294188fccf5ceb4255fdc83

Request headers

Referer
https://use.fontawesome.com/releases/v5.0.10/css/all.css
Origin
https://www.staradvertiser.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:18 GMT
access-control-allow-methods
GET
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
20776956
cf-ray
74ed1de359069078-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
12216
x-amz-id-2
h0gfUlo+UehVL0Qc+jqLCwWIcON8kMPRryv3Gbi8knWzthnmTg5pkB6FwPxtj6J7WSyjPUY0YtM=
last-modified
Wed, 30 Jun 2021 15:27:03 GMT
server
cloudflare
etag
"12717b4a013de862452c4ffcf4e1c264"
access-control-max-age
3000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4CIWEhZ8c5rHIhL%2BvHAUQ1XLaZKR2CVkMnK%2FRhEleCTHZp3uMbkDpIlveVkKqNn%2B%2BuB8TzezOMwd1a69t61Hu%2BA8S8KJnPsmxc6pBpp9rnXW3YIlaQDbLDiOLfrL3G4yTZtG8K8q"}],"group":"cf-nel","max_age":604800}
x-amz-request-id
12N02MF5QF4681R3
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
content-type
font/woff2
bg-ad.png
www.staradvertiser.com/wp-content/themes/staradvertiser/images/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.staradvertiser.com/wp-content/themes/staradvertiser/images/bg-ad.png
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/wp-content/themes/staradvertiser/css/sa-style-2018.css?version=1.90
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
05488f9b88e6509afa4c9438d1352309aee2b020a508c76d66f5691f03824ff1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/wp-content/themes/staradvertiser/css/sa-style-2018.css?version=1.90
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:18 GMT
last-modified
Mon, 23 Sep 2019 21:22:01 GMT
server
nginx
etag
"5d893779-3ac5"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
15045
l
use.typekit.net/af/65a133/00000000000000003b9adc1a/27/ 		34 KB
34 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/65a133/00000000000000003b9adc1a/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/wsl8gsu.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:11a::6867:4841 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
acc3c4b04f19bc9067921dc3e4ce4f734521bb13b9d0c9943e8fa9585797114f

Request headers

Referer
https://use.typekit.net/wsl8gsu.css
Origin
https://www.staradvertiser.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:18 GMT
server
nginx
etag
"d1273710b7f550512dbb2ff62d904ba6dde81f28"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
34860
web1_20220922-a8-CTY-LEWIS-96--1-.jpg
www.staradvertiser.com/wp-content/uploads/2022/09/ 		52 KB
52 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.staradvertiser.com/wp-content/uploads/2022/09/web1_20220922-a8-CTY-LEWIS-96--1-.jpg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
27fc1140d13e14d49a0489a504c6666969c0f1df2d70397e1c2b639a19e0a265

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:18 GMT
last-modified
Thu, 22 Sep 2022 08:44:08 GMT
server
nginx
etag
"632c2058-d005"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
53253
web1_20220922-a8-CTY-tmt-day-10-1971-300x200.jpg
www.staradvertiser.com/wp-content/uploads/2022/09/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.staradvertiser.com/wp-content/uploads/2022/09/web1_20220922-a8-CTY-tmt-day-10-1971-300x200.jpg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
2615691f85ac35b22617512b2fbe9cf25fc68820884d8b0ae574180624d17a8a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:18 GMT
last-modified
Thu, 22 Sep 2022 08:45:10 GMT
server
nginx
etag
"632c2096-2cbe"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
11454
web1_20220921_brk_sms01-300x190.jpg
www.staradvertiser.com/wp-content/uploads/2022/09/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.staradvertiser.com/wp-content/uploads/2022/09/web1_20220921_brk_sms01-300x190.jpg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
1947a61853d92ddbe4cadba9b1b9b1f82ad5ab0e29e327577dc00bd81ae667f6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:18 GMT
last-modified
Thu, 22 Sep 2022 08:52:18 GMT
server
nginx
etag
"632c2242-34a7"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
13479
web1_CTY-aloha-stadium-7230-300x200.jpg
www.staradvertiser.com/wp-content/uploads/2022/09/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.staradvertiser.com/wp-content/uploads/2022/09/web1_CTY-aloha-stadium-7230-300x200.jpg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
65e226000123799297a56f51eef94bc0776a2c43daa6bfeb43b4cab3c178ee6c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:18 GMT
last-modified
Thu, 22 Sep 2022 08:10:09 GMT
server
nginx
etag
"632c1861-2d38"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
11576
web1_20220922_B2_CTY-MAHI-87-300x200.jpg
www.staradvertiser.com/wp-content/uploads/2022/09/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.staradvertiser.com/wp-content/uploads/2022/09/web1_20220922_B2_CTY-MAHI-87-300x200.jpg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
3bdf9d951bc2a887da328c2c2be2342fdecae4494fbdc563e2188e0ccf1264ee

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:18 GMT
last-modified
Thu, 22 Sep 2022 07:57:00 GMT
server
nginx
etag
"632c154c-3835"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
14389
web1_CTY-HART-UPDATE-185-300x200.jpg
www.staradvertiser.com/wp-content/uploads/2022/09/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.staradvertiser.com/wp-content/uploads/2022/09/web1_CTY-HART-UPDATE-185-300x200.jpg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
a3c7185db72206d6b59ae8d25fd2686eccdf6c1cce9a62b5fc2a68a9a246c765

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:18 GMT
last-modified
Thu, 22 Sep 2022 08:57:20 GMT
server
nginx
etag
"632c2370-448d"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
17549
web1_20220922_B2_CTY-CENTER-FOR-KOREAN-STUDIES0056-300x200.jpg
www.staradvertiser.com/wp-content/uploads/2022/09/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.staradvertiser.com/wp-content/uploads/2022/09/web1_20220922_B2_CTY-CENTER-FOR-KOREAN-STUDIES0056-300x200.jpg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
1fe58e459d53d2988182091d15182b1299831468e014f5ff74a66856a46b966f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:18 GMT
last-modified
Thu, 22 Sep 2022 07:56:10 GMT
server
nginx
etag
"632c151a-3552"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
13650
web1_2018-kokua-line-donnelly-mug-300x200.jpg
www.staradvertiser.com/wp-content/uploads/2022/09/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.staradvertiser.com/wp-content/uploads/2022/09/web1_2018-kokua-line-donnelly-mug-300x200.jpg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
abe55dd6b57ac421f1aeb49391d2746584cbf8545fa0fe597b929e82fb6e436a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:18 GMT
last-modified
Thu, 22 Sep 2022 08:48:41 GMT
server
nginx
etag
"632c2169-207b"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
8315
web1_SPT-kapolei-aiea-1857-300x220.jpg
www.staradvertiser.com/wp-content/uploads/2022/09/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.staradvertiser.com/wp-content/uploads/2022/09/web1_SPT-kapolei-aiea-1857-300x220.jpg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
922f21a191031ac9fe71d2e81be84fa3a0f11547225503818ed419315db5b4ed

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:18 GMT
last-modified
Thu, 22 Sep 2022 09:07:56 GMT
server
nginx
etag
"632c25ec-3be6"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
15334
web1_12981318-24791360bc5846c6b44d048317a8b499-300x200.jpg
www.staradvertiser.com/wp-content/uploads/2022/09/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.staradvertiser.com/wp-content/uploads/2022/09/web1_12981318-24791360bc5846c6b44d048317a8b499-300x200.jpg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
936b618782946d0715e6e2072e8cfbca6c75c508eaa21e1a09dc9bf6fea67d7c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:18 GMT
last-modified
Thu, 22 Sep 2022 11:17:58 GMT
server
nginx
etag
"632c4466-2b56"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
11094
web1_091922-WEB-Honolulu-EMS-ambulance-300x177.jpg
www.staradvertiser.com/wp-content/uploads/2022/09/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.staradvertiser.com/wp-content/uploads/2022/09/web1_091922-WEB-Honolulu-EMS-ambulance-300x177.jpg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
0c8b503ee21a8166aaf1014f6754c6c53a7ade6ae48ed5ee4dbee415e6aff24a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:18 GMT
last-modified
Thu, 22 Sep 2022 17:47:18 GMT
server
nginx
etag
"632c9fa6-3794"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
14228
web1_20220921-leonard-300x189.jpg
www.staradvertiser.com/wp-content/uploads/2022/09/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.staradvertiser.com/wp-content/uploads/2022/09/web1_20220921-leonard-300x189.jpg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
df861097109f6796e59883ff419d4844a6ff2dae0d619a0d33b9b942bec0cf68

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:18 GMT
last-modified
Thu, 22 Sep 2022 05:23:34 GMT
server
nginx
etag
"632bf156-11af"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
4527
web1_091922-HPD-car-crop-300x200.jpg
www.staradvertiser.com/wp-content/uploads/2022/09/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.staradvertiser.com/wp-content/uploads/2022/09/web1_091922-HPD-car-crop-300x200.jpg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
280ba18a8f425a1b61e54b9ba124525f0a098e61d3b73f6cac37f88d5bce2821

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:18 GMT
last-modified
Thu, 22 Sep 2022 18:17:46 GMT
server
nginx
etag
"632ca6ca-39b1"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
14769
web1_20220921-web-chirila-300x189.jpg
www.staradvertiser.com/wp-content/uploads/2022/09/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.staradvertiser.com/wp-content/uploads/2022/09/web1_20220921-web-chirila-300x189.jpg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
3db1dddce331aee93f257f7b27e47af45cb11cfe485cd914afdb076bea09d21f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:18 GMT
last-modified
Thu, 22 Sep 2022 00:29:17 GMT
server
nginx
etag
"632bac5d-1486"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
5254
web1_12981328-b44441ce807943dead3ece8888abdfcd-300x200.jpg
www.staradvertiser.com/wp-content/uploads/2022/09/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.staradvertiser.com/wp-content/uploads/2022/09/web1_12981328-b44441ce807943dead3ece8888abdfcd-300x200.jpg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
a15fc8ec93b66e1fbc725d156dd541033810b93ad270f976205cd819e6f137ad

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:18 GMT
last-modified
Thu, 22 Sep 2022 16:56:08 GMT
server
nginx
etag
"632c93a8-208b"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
8331
web1_12978968-314019a5cb134280b66b9b2c6d7901ec-300x200.jpg
www.staradvertiser.com/wp-content/uploads/2022/09/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.staradvertiser.com/wp-content/uploads/2022/09/web1_12978968-314019a5cb134280b66b9b2c6d7901ec-300x200.jpg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
f6d529bc087c14855a22d6ffcd851d552b21bd16f644c46c566c88c3f43729ff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:18 GMT
last-modified
Thu, 22 Sep 2022 02:39:28 GMT
server
nginx
etag
"632bcae0-339a"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
13210
web1_12978998-a24da872304c47dfa568ffa957b8fda1-300x200.jpg
www.staradvertiser.com/wp-content/uploads/2022/09/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.staradvertiser.com/wp-content/uploads/2022/09/web1_12978998-a24da872304c47dfa568ffa957b8fda1-300x200.jpg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
0e90a6fc772e2d98b5cd30bbff9abab44fe94642b7f93594d8c9c925f7d15944

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:18 GMT
last-modified
Thu, 22 Sep 2022 02:43:28 GMT
server
nginx
etag
"632bcbd0-2846"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
10310
web1_12976445-39758a5aa55840e5a4c9eef1a328def0-300x200.jpg
www.staradvertiser.com/wp-content/uploads/2022/09/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.staradvertiser.com/wp-content/uploads/2022/09/web1_12976445-39758a5aa55840e5a4c9eef1a328def0-300x200.jpg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
067efced960244ae0901d54bd080fc97a44151fbaeee876bf8156ba5aaf465e2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:18 GMT
last-modified
Wed, 21 Sep 2022 21:18:56 GMT
server
nginx
etag
"632b7fc0-3b69"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
15209
web1_20220921-web-queens-vax-300x200.jpg
www.staradvertiser.com/wp-content/uploads/2022/09/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.staradvertiser.com/wp-content/uploads/2022/09/web1_20220921-web-queens-vax-300x200.jpg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
7620aad53cf1205b9e8d2937abaedd14720f36596090ac12ac4e1b64c12eeeea

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:18 GMT
last-modified
Thu, 22 Sep 2022 00:00:51 GMT
server
nginx
etag
"632ba5b3-3cdc"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
15580
loader-sa.jpg
www.staradvertiser.com/wp-content/plugins/cmd-hsa-lazy-load/assets/img/ 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.staradvertiser.com/wp-content/plugins/cmd-hsa-lazy-load/assets/img/loader-sa.jpg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
969c577b1459c03ad78597e6c1f13a836dc74a439e9c17b0094bedf4d312e57a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:18 GMT
last-modified
Mon, 23 Sep 2019 21:22:01 GMT
server
nginx
etag
"5d893779-6cb8"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
27832
/
mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/ 		167 B
481 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/?host=staradvertiser.com&domain=staradvertiser.com&path=%2F
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:200::714 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
1bdd3e645e5be204ed300083ad58af70cd5eb69e6b4235bc5b6f7e98170951f0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:18 GMT
content-encoding
gzip
x-cache-hits
1
age
1847
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
128
x-served-by
cache-hhn4038-HHN
access-control-allow-origin
*
x-timer
S1663871479.708420,VS0,VE1
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type
application/json
via
1.1 varnish (Varnish/6.0), 1.1 varnish
cache-control
no-store, no-cache, must-revalidate, max-age=0, s-maxage=0
accept-ranges
bytes
expires
Tue, 20 Sep 2022 18:00:31 GMT
videoseries
www.youtube.com/embed/ Frame 19D2 		214 KB
43 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/videoseries?list=PL4hYTOAQ-Qk4ksml-4NKgz3JafpO-tfY-
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
06f649b4f873471f1260fb558665d798f22b84463c4dd1e34d01b14a3d8cb9c5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.staradvertiser.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-type
text/html; charset=utf-8
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
date
Thu, 22 Sep 2022 18:31:18 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options
nosniff
x-xss-protection
0
jwpsrv.js
ssl.p.jwpcdn.com/player/v/8.26.0/ 		62 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.p.jwpcdn.com/player/v/8.26.0/jwpsrv.js
Requested by
Host: content.jwplatform.com
URL: https://content.jwplatform.com/libraries/ZoPFXSjg.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8d8de3829d2383650a9308f175c7017fe6f3a60c3888d6d61e089f9b19141323

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:19 GMT
content-encoding
gzip
age
870
x-cache
HIT
content-length
18857
via
1.1 varnish
x-served-by
cache-hhn4065-HHN
last-modified
Wed, 31 Aug 2022 18:45:24 GMT
server
AmazonS3
x-timer
S1663871479.057375,VS0,VE0
etag
"662d21d9cc48caa9758882be57e10e92"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=900, immutable
accept-ranges
bytes
x-cache-hits
1944
gapro.js
ssl.p.jwpcdn.com/player/v/8.26.0/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.p.jwpcdn.com/player/v/8.26.0/gapro.js
Requested by
Host: content.jwplatform.com
URL: https://content.jwplatform.com/libraries/ZoPFXSjg.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
21776cdffe2c79712ad66769d9b72ff19b15ea3d00b05742a86bf89108b62325

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:19 GMT
content-encoding
gzip
age
1891320
x-cache
HIT
content-length
1141
via
1.1 varnish
x-served-by
cache-hhn4065-HHN
last-modified
Wed, 31 Aug 2022 18:45:21 GMT
server
AmazonS3
x-timer
S1663871479.057551,VS0,VE0
etag
"a25475abdf8f9478ef994b7a149e7da3"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000, immutable
accept-ranges
bytes
x-cache-hits
64072
jwplayer.core.controls.js
ssl.p.jwpcdn.com/player/v/8.26.0/ 		313 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.p.jwpcdn.com/player/v/8.26.0/jwplayer.core.controls.js
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
902c8fa8b74a04712f93754ef18d25cbbd7ff7d3cf2c5d9ba41bb33233a6762f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:19 GMT
content-encoding
gzip
age
846726
x-cache
HIT
content-length
83724
via
1.1 varnish
x-served-by
cache-hhn4065-HHN
last-modified
Wed, 31 Aug 2022 18:45:15 GMT
server
AmazonS3
x-timer
S1663871479.057558,VS0,VE0
etag
"ec88d8889c04ff5ee385f656e016a0e6"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000, immutable
accept-ranges
bytes
x-cache-hits
502627
025uSCQm
cdn.jwplayer.com/v2/playlists/ 		51 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jwplayer.com/v2/playlists/025uSCQm
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:4000:1:a3fa:7cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty /
Resource Hash
aa5f1659f3273f8415c6b6fbb1caa04e9a8cced46b25e84a80e583b1f857bf12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:19 GMT
content-encoding
gzip
server
openresty
x-amz-cf-pop
FRA60-P4
x-cache
Miss from cloudfront
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=180, max-stale=180
content-length
4840
via
1.1 77517a7f5d9094d359ba5186c3bda1e6.cloudfront.net (CloudFront)
x-amz-cf-id
k0KZ4nNeHPRKoDqxhrNpxk2NIG_xbIHsxpd0C0wu6GLXKYkaOcNlcw==
expires
Thu, 22 Sep 2022 18:34:19
t
jadserve.postrelease.com/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jadserve.postrelease.com/t?ntv_url=https%3A%2F%2Fwww.staradvertiser.com%2F&ntv_mvi
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.34.160.33 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-34-160-33.eu-west-1.compute.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
d9fd8548782ebdcb2dd99ff91bac5d397807a6ef8d57e14289226a4d29507e86

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Sep 2022 18:31:19 GMT
content-encoding
gzip
server
nginx/1.12.1
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
text/javascript;charset=UTF-8
content-length
1033
expires
Mon, 1 Jan 1990 12:00:00 GMT
easy-stn-player.js
embed.sendtonews.com/easy-stn-player/20220901/ 		655 KB
193 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.sendtonews.com/easy-stn-player/20220901/easy-stn-player.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.209.43.118 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-209-43-118.compute-1.amazonaws.com
Software
Apache /
Resource Hash
11a4b7dd6aa3534c1dc9517e87d10874580c121a55b6534b2f2aa75892db69d4

Request headers

Referer
https://www.staradvertiser.com/
Origin
https://www.staradvertiser.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:18 GMT
content-encoding
gzip
last-modified
Fri, 02 Sep 2022 00:03:42 GMT
server
Apache
etag
"a3c23-5e7a6767c5380-gzip"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
x-robots-tag
noindex, nofollow
expires
Thu, 22 Sep 2022 19:31:18 GMT
widgetinfo
p.cityspark.com/api/widgets/ 		50 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p.cityspark.com/api/widgets/widgetinfo?wid=9865&callback=jsonp1663872241116
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.160.40.218 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
6df57539628b216a0cc2686a286fbaff2b2b1f2eb7218136d9b97dd486298442

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Thu, 22 Sep 2022 18:31:19 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
cleanslate.min.css
cdnjs.cloudflare.com/ajax/libs/cleanslate/0.10.1/ 		14 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/cleanslate/0.10.1/cleanslate.min.css
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
69f0e66de394788011c9e0d5fcf53f1a0feb32aba17b18c4c78612cd92adb44f
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:18 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
20774178
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2379
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:09:12 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e28-38a2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DvXb0Sp%2BjYOtCIO0QpVI3fVOIGdbe2dHCGULZyksr%2BIkPPRHuCoZpn4SDKoTuzL4lmTjqmEBrDW5VuMGCICmmcGrDb2eUnDLU2phOKwGzAOpmbH2YG7WnsA2g6xmnE%2BB0zCU0TlkaU6Ssc%2F9tJPYMNGA"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
74ed1de53c4dbbeb-FRA
expires
Tue, 12 Sep 2023 18:31:18 GMT
css
fonts.googleapis.com/ 		8 KB
808 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,600,700
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400a:800::200a Zurich, Switzerland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
dda36ab0dda2b7ba616e824e0dd455eb222bf9fee24984c74e19df9fa962758e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 22 Sep 2022 17:30:35 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 22 Sep 2022 18:31:18 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 22 Sep 2022 18:31:18 GMT
search-bar-autocomplete.css
widgets.recruitology.com/lib/ 		809 B
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://widgets.recruitology.com/lib/search-bar-autocomplete.css
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-72.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f78e3422084b9a403f0d1fe0657cc8464a8b9ed4535a374608974e70539422a3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:19 GMT
via
1.1 90bb130ecccb71953b38a1c0e3b5721a.cloudfront.net (CloudFront)
last-modified
Mon, 24 Apr 2017 21:04:29 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
etag
"94c4aff69d9031d7ac28ab2f706d8ff0"
vary
Accept-Encoding, Origin
x-cache
RefreshHit from cloudfront
content-type
text/css
accept-ranges
bytes
content-length
809
x-amz-cf-id
uJ_Um7FVGQ9DVj7ZCbJ3Sw_ZjYYMYxTUpUEsGFf2S-3cG8k77nKy8A==
auto-complete.min.js
widgets.recruitology.com/lib/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.recruitology.com/lib/auto-complete.min.js
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-72.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ba1bfdef6fd715d9b9c3d6f09f1d1c46ae3e1abf8344750c22af4e57d1f7ee31

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:19 GMT
content-encoding
gzip
last-modified
Mon, 24 Apr 2017 21:04:29 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
etag
W/"0731475e6a55c38b7ff6cd23c98c121f"
vary
Accept-Encoding, Origin
x-cache
RefreshHit from cloudfront
content-type
application/javascript
via
1.1 90bb130ecccb71953b38a1c0e3b5721a.cloudfront.net (CloudFront)
x-amz-cf-id
_O4DTHtwxynR8x2NsY-bnZ4OtA1lPtCfnlntS7PRv47UaS36FPx4tw==
geolocation
us-central1-recruitology-app.cloudfunctions.net/ 		157 B
482 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://us-central1-recruitology-app.cloudfunctions.net/geolocation
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:36::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
8e6939e5f7b51aff73455e90d19f3934a9f4dbd2aca2b32218c8f916578af783

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:18 GMT
content-encoding
gzip
server
Google Frontend
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.staradvertiser.com
x-cloud-trace-context
c5a8cd44b4f27a4fd3f3d0d7d3892578
cache-control
private
function-execution-id
7ycm7aibszsc
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
135
fa-briefcase.png
recruitology-static.s3.amazonaws.com/static/images/ 		835 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://recruitology-static.s3.amazonaws.com/static/images/fa-briefcase.png
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.231.229.145 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
982fd78f58ce2a94e199e5b624969a8e7261b31955160fce4d1ea98bb36bafb0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Thu, 22 Sep 2022 18:31:20 GMT
Last-Modified
Fri, 23 Jul 2021 13:24:54 GMT
Server
AmazonS3
x-amz-request-id
ESD1VN7Z63TK07GM
ETag
"6b0ea0515ba755249bf5d4a22b41805e"
Content-Type
image/png
Cache-Control
max-age=3600
Accept-Ranges
bytes
Content-Length
835
x-amz-id-2
rNtH/5TyZfn/vnbGvn2CCMaDQc9mcQd/w9MVpBkuCALw+gRFnPkEIUltqlFhoubEkZgT3jhXFqY=
fa-location-arrow.png
recruitology-static.s3.amazonaws.com/static/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://recruitology-static.s3.amazonaws.com/static/images/fa-location-arrow.png
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.231.229.145 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
a3d2e1e7066775143da6681809d6f2c359736315cbc6457e1faacf8647f3e4b9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Thu, 22 Sep 2022 18:31:20 GMT
Last-Modified
Fri, 23 Jul 2021 13:24:54 GMT
Server
AmazonS3
x-amz-request-id
ESD9X9RVYSX16R93
ETag
"afb85cfd6600a866bb3ab634a12b73ca"
Content-Type
image/png
Cache-Control
max-age=3600
Accept-Ranges
bytes
Content-Length
1152
x-amz-id-2
ffFNDE2kkMKoOvyI++BEafDpIofVBtEONkNf2g6FSV+cS2TMapCD6S/CQQv+oFLdKuHaTNuhcWo=
fa-search.png
recruitology-static.s3.amazonaws.com/static/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://recruitology-static.s3.amazonaws.com/static/images/fa-search.png
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.231.229.145 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
f7008fb6ed25a1eedb24388fa3f2024f7be118b310d492699dcb6b3ccf06cead

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Thu, 22 Sep 2022 18:31:20 GMT
Last-Modified
Fri, 23 Jul 2021 13:24:53 GMT
Server
AmazonS3
x-amz-request-id
ESDCQGQ288G60VPY
ETag
"1a48a4475bcc37e8866403c27000c83d"
Content-Type
image/png
Cache-Control
max-age=3600
Accept-Ranges
bytes
Content-Length
1212
x-amz-id-2
e+9Czeu7IWlh5zfiZxZ69VKAbK7ABo6pUWRYqwDmr1soEohqMFkea0CVmHX+EYpevKBwWvjtLj0=
recaptcha__de.js
www.gstatic.com/recaptcha/releases/zmiYzsHi8INTJBWt2QZC9aM5/ 		391 KB
157 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/zmiYzsHi8INTJBWt2QZC9aM5/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6LdAlLwUAAAAABkgsamHb8lqNqVqvZQKWYXKl57b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9337f499c9b0cc63404026b5448c6fd449df6ed57abf148722751a3a4b992c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.staradvertiser.com/
Origin
https://www.staradvertiser.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:30:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
39
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
159646
x-xss-protection
0
last-modified
Wed, 14 Sep 2022 00:24:01 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 22 Sep 2023 18:30:40 GMT
ml.br.js
js.matheranalytics.com/static/ltm/ma15446/988352900/2/
Redirect Chain
  • https://js.matheranalytics.com/s/ma15446/988352900/ml.js?cb=1605
  • https://js.matheranalytics.com/static/ltm/ma15446/988352900/2/ml.br.js
144 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.matheranalytics.com/static/ltm/ma15446/988352900/2/ml.br.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Server
107.178.250.234 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
234.250.178.107.bc.googleusercontent.com
Software
nginx /
Resource Hash
6b88007a74c504349058e7426f51eab20681dc27d871d34401cd08570e04df58

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 10:18:00 GMT
via
1.1 google
last-modified
Fri, 20 May 2022 17:46:28 GMT
server
nginx
age
29599
etag
"22446afe5b2e160c4085229787c1a44a"
vary
Accept-Encoding
x-cache
HIT Fri, 20 May 2022 17:54:17 GMT
content-type
application/x-javascript
cache-control
public,max-age=3600
content-encoding
br
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42777

Redirect headers

date
Thu, 22 Sep 2022 18:31:19 GMT
via
1.1 google
server
nginx
vary
Accept-Encoding
location
https://js.matheranalytics.com/static/ltm/ma15446/988352900/2/ml.br.js
cache-control
public, max-age=269200
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-served-by
2-gc-euw1-10924
chartbeat.js
static.chartbeat.com/js/ 		37 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.chartbeat.com/js/chartbeat.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:2e00:18:1fcd:351:7bc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
300706e57de1a7af148bd670379c4b39bb36dda8160e42d92747a3139af37816

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 16:36:56 GMT
content-encoding
gzip
last-modified
Wed, 20 Jul 2022 00:50:34 GMT
server
nginx
age
6862
etag
W/"62d7515a-933f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
via
1.1 3f3b012fad703fdac0f14efdb7b78b6e.cloudfront.net (CloudFront)
cache-control
max-age=7200
cross-origin-resource-policy
cross-origin
x-amz-cf-pop
FRA56-P2
x-amz-cf-id
L0OOwXajg7nH2ZHYo0x1yx04NY-mzLwNv-XwJr7OcceIXCUOq7bGAA==
expires
Thu, 22 Sep 2022 18:36:56 GMT
fab.js
ecdn.analysis.fi/static/js/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ecdn.analysis.fi/static/js/fab.js
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.15.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-15-17.vie50.r.cloudfront.net
Software
nginx/1.20.0 /
Resource Hash
d8a34aeacc4054bd4e119e538c7eb4956421014f48a9b603d3f9314a7435b5a6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 17:38:47 GMT
via
1.1 dcbc01ed47e0218a59f0fec8e1b9aa18.cloudfront.net (CloudFront)
last-modified
Tue, 14 Dec 2021 15:30:51 GMT
server
nginx/1.20.0
age
3155
etag
"61b8b8ab-1090"
x-cache
Hit from cloudfront
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
x-amz-cf-pop
VIE50-P1
accept-ranges
bytes
content-length
4240
x-amz-cf-id
NEmZSLzZx0qRrXZQWwxMg3kySnjpvXhT-bLhVW0caxhDpRzi8aMrfw==
expires
Thu, 22 Sep 2022 18:38:44 GMT
fi_client.js
ecdn.firstimpression.io/ 		347 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ecdn.firstimpression.io/fi_client.js
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.240.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-240-121.vie50.r.cloudfront.net
Software
nginx/1.20.0 / PHP/8.0.14
Resource Hash
860ebff04b63aa7bd13e38ce1c12500f2d7cfc73a42afa0ceca62a526aa00fc1
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 17:34:42 GMT
content-encoding
br
etag
W/"92c5481a73ee54003677a601b648abb5"
last-modified
Thu, 22 Sep 2022 17:34:42 UTC
server
nginx/1.20.0
age
3397
x-powered-by
PHP/8.0.14
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 108e63109879954f4e720db50559f788.cloudfront.net (CloudFront)
x-amz-cf-pop
VIE50-C1
x-amz-cf-id
Orn3oNh7oklABL-pWgfKBMinTvjCr3Cl4Z2FmvW_cJWEVtY019kQoA==
x-xss-protection
0
ppt=10159;g=hsa_formers_jan-2021;gid=31282;ord=792361013803.089;v=120;ip=185.213.155.166;cuidchk=1
trkn.us/pixel/conv/
Redirect Chain
  • https://trkn.us/pixel/conv/ppt=10159;g=hsa_formers_jan-2021;gid=31282;ord=792361013803.089;v=120
  • https://trkn.us/pixel/conv/ppt=10159;g=hsa_formers_jan-2021;gid=31282;ord=792361013803.089;v=120;ip=185.213.155.166;cuidchk=1
42 B
780 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trkn.us/pixel/conv/ppt=10159;g=hsa_formers_jan-2021;gid=31282;ord=792361013803.089;v=120;ip=185.213.155.166;cuidchk=1
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
HTTP/1.1
Server
3.212.26.31 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-212-26-31.compute-1.amazonaws.com
Software
Apache /
Resource Hash
b2c78c910f5ea29e3a9d223dabc203c055c8708b1fe7d83788b490638126db4d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 22 Sep 2022 18:31:19 GMT
X-Content-Type-Options
nosniff
Last-Modified
Sun, 9 Nov 1980 12:59:00 GMT
Server
Apache
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Cache-Control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Connection
keep-alive
Content-Type
image/gif
Content-Length
42
Expires
Sun, 9 Nov 1980 12:58:00 GMT

Redirect headers

Date
Thu, 22 Sep 2022 18:31:19 GMT
X-Content-Type-Options
nosniff
Server
Apache
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location
/pixel/conv/ppt=10159;g=hsa_formers_jan-2021;gid=31282;ord=792361013803.089;v=120;ip=185.213.155.166;cuidchk=1
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
0
ats.js
ats.rlcdn.com/ 		109 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ats.rlcdn.com/ats.js
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-97.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4b05d7f4339a505c65d2fcb1b21addd2a13a0c155ddf7ca766d1e7203b2b6cae

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id
qhkEQKrW4Gg_gxbK41emvSsDXWYdvDMl
content-encoding
gzip
etag
W/"148e21f812b555a13b2a9c6b616141f4"
age
57965
x-amz-server-side-encryption
AES256
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:eu-west-1:469675294282:build/ATSLibrary-prod:598424ed-c6de-48e8-8068-45662e39c3ce
x-cache
Hit from cloudfront
x-amz-meta-codebuild-content-md5
58acf9e97c03c481f490be71338f7f57
last-modified
Tue, 17 May 2022 11:35:33 GMT
server
AmazonS3
date
Thu, 22 Sep 2022 02:25:57 GMT
vary
Accept-Encoding
x-amz-meta-codebuild-content-sha256
57180e34d853b9e6be67670dae22a049fb237e6bca37c60f7ba138272a8487cc
via
1.1 42b60ee17f7593fff72ca1cb725d6c9a.cloudfront.net (CloudFront)
cache-control
must-revalidate,public,max-age=86400
x-amz-cf-pop
FRA2-C1
content-type
application/x-javascript
x-amz-cf-id
XeaChtkqEbYKck96ELBK7LLOgG3ZCSJzOQK0XS_vElVLSFV-FwSBrA==
email-signup-bg2.gif
www.staradvertiser.com/wp-content/themes/staradvertiser/images/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.staradvertiser.com/wp-content/themes/staradvertiser/images/email-signup-bg2.gif
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/wp-content/themes/staradvertiser/css/sa-style-2018.css?version=1.90
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
21ae863e166094b37618bb195db2b44719d89ea2f7748b02ef140c6ed03f0370

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/wp-content/themes/staradvertiser/css/sa-style-2018.css?version=1.90
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:18 GMT
last-modified
Sat, 12 Oct 2019 02:20:59 GMT
server
nginx
etag
"5da1388b-4158"
vary
Accept-Encoding
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
16728
fa-brands-400.woff2
use.fontawesome.com/releases/v5.0.10/webfonts/ 		54 KB
54 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.0.10/webfonts/fa-brands-400.woff2
Requested by
Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.0.10/css/all.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.133.15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8562087317b34c4b2ac60e28e272b7b33e37523aacd5f2adba7a4f108e415c6

Request headers

Referer
https://use.fontawesome.com/releases/v5.0.10/css/all.css
Origin
https://www.staradvertiser.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:18 GMT
access-control-allow-methods
GET
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1807697
cf-ray
74ed1de57c689078-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
55144
x-amz-id-2
71rPjkaKMA2vGx2uS+JJZyfWk1xptaBP2qNWjMRCidMd54WleLsuzKT0gchTOIzozpZF1mvGIFE=
last-modified
Wed, 30 Jun 2021 15:27:03 GMT
server
cloudflare
etag
"2ac01f7650b5ab76bfebbc708928929e"
access-control-max-age
3000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oosIo9m5uIxgXUFRPpCC8RtBr9VC3nBzJeRRgG1qrnaOrPddakUcCjNDVeU4mYGqT8RPSS6NOWW27KdWTyPGPUka4h0IYyd7Cqfdp6wXg9aJuB6QPJ%2BrsuQ9spEtq1x2pUpnVr9x"}],"group":"cf-nel","max_age":604800}
x-amz-request-id
3DC9GRK96FV81AZF
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
content-type
font/woff2
hqdefault.jpg
i.ytimg.com/vi/8D0otF6VwlQ/ 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi/8D0otF6VwlQ/hqdefault.jpg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b802fb3c01ca3f7db8a34b590089a2b42cbd17fc9f54f7427f3b9baee195e5bd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:19 GMT
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31620
x-xss-protection
0
server
sffe
etag
"1663801223"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/jpeg
cache-control
public, max-age=300
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 22 Sep 2022 18:36:19 GMT
hqdefault.jpg
i.ytimg.com/vi/GyzEiIwKHlY/ 		37 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi/GyzEiIwKHlY/hqdefault.jpg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6bc768bea624dea37c72c8c10e291ec038548e9efb239b25eac78c77c595714a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:19 GMT
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38029
x-xss-protection
0
server
sffe
etag
"1662698318"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 22 Sep 2022 20:31:19 GMT
bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/ 		141 KB
21 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/bootstrap.min.css
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c0f3dcfe93d7e380c290fe4ab838ed8cadff1596d62697f5444be460d1f876d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:18 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
756
age
2565459
cdn-cachedat
08/11/2021 06:00:03
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cdn-proxyver
1.0
timing-allow-origin
*
access-control-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:04 GMT
server
cloudflare
cdn-requestpullcode
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css; charset=utf-8
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
0e2c5c6d0f923b14a11b987f36221b3c
cf-ray
74ed1de58d459962-FRA
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
sa-style-2018.css
www.staradvertiser.com/wp-content/themes/staradvertiser/css/ 		68 KB
15 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.staradvertiser.com/wp-content/themes/staradvertiser/css/sa-style-2018.css?version=1.90
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
90beaf7b6e4e14893df279b22a8b5255a276d2d444fd431ef272070b72869f90

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:18 GMT
content-encoding
br
last-modified
Fri, 05 Aug 2022 19:12:00 GMT
server
nginx
etag
W/"62ed6b80-11006"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
wsl8gsu.css
use.typekit.net/ 		6 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/wsl8gsu.css
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:11a::6867:4841 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
bf78c9bad3b9a376810a5a12afa3d5a7a3ec5199228f34ee33d8ae13536a5f1f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains;
content-encoding
gzip
server
nginx
date
Thu, 22 Sep 2022 18:31:18 GMT
vary
Accept-Encoding
content-type
text/css;charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
922
all.css
use.fontawesome.com/releases/v5.0.10/css/ 		36 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.0.10/css/all.css
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.133.15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cfac6241dd3aabb5f1552c17501790093015c006a8e13671823c1ff4872beaae

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:18 GMT
content-encoding
br
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2540918
access-control-allow-methods
GET
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
WFND7H2PN8S2KVW4
x-amz-id-2
pjDophXCihoG6HMK/rb0lxuCuZ2md/xa5jK0VP/v7Bx9PEQqU3II5VFL3rxhKaLkGAaHHCBmxvw=
last-modified
Wed, 30 Jun 2021 15:26:49 GMT
server
cloudflare
etag
W/"d1acb8ad33b1526acbfd3f0028b859b0"
access-control-max-age
3000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OZHhwmLdQS1%2Bz9Xaj0yccdL4QkSZnVHuvwKDffeqVF4BvdPu8dwrNmjNK8CxSZHQxTi6yorDCuvcKZSt5e7EXIjpFAY7pd4Lq3%2FttSiZThm87tKOc5RnUmIoSWhAPWIAfuBmHxjg"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31556926
cf-ray
74ed1de58c729078-FRA
sa-jwplayer.css
www.staradvertiser.com/wp-content/themes/staradvertiser/css/ 		2 KB
869 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.staradvertiser.com/wp-content/themes/staradvertiser/css/sa-jwplayer.css?version=1.0
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
6e206304ef613bb43bbad63baeeef8a0fa2c96dc7295c45f025131467c14aee8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:18 GMT
content-encoding
br
last-modified
Mon, 23 Sep 2019 21:22:01 GMT
server
nginx
etag
W/"5d893779-603"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
common.cmd-hsa-minified.1569273721.css
www.staradvertiser.com/wp-content/plugins/hsa-polls/css/ 		502 B
460 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.staradvertiser.com/wp-content/plugins/hsa-polls/css/common.cmd-hsa-minified.1569273721.css?ver=5.8.5
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
0e2a560f13627bee0925e5e49243f611d9a4cef76f56f4c96d3d3a6510a1d29c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:18 GMT
content-encoding
br
last-modified
Tue, 04 Feb 2020 19:56:12 GMT
server
nginx
etag
W/"5e39cc5c-1f6"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
style.min.css
www.staradvertiser.com/wp-includes/css/dist/block-library/ 		79 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.staradvertiser.com/wp-includes/css/dist/block-library/style.min.css?ver=5.8.5
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
cb16845f3c28284255639a36b2d6fed7a0f10aad38ac166cb8a7c90ee07b4372

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:18 GMT
content-encoding
br
last-modified
Wed, 01 Sep 2021 04:05:58 GMT
server
nginx
etag
W/"612efc26-13abe"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
vfb-style.min.css
www.staradvertiser.com/wp-content/plugins/vfb-pro/public/assets/css/ 		66 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.staradvertiser.com/wp-content/plugins/vfb-pro/public/assets/css/vfb-style.min.css?ver=2019.05.10
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
2a03771453248c5eb3ee390d87edddd490ac37484b6a6c95567ffc222fccd107

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:18 GMT
content-encoding
br
last-modified
Wed, 10 Feb 2021 19:20:25 GMT
server
nginx
etag
W/"602431f9-108dd"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
css
fonts.googleapis.com/ 		16 KB
1018 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Source+Sans+Pro%3A300%2C400%2C700%2C300italic%2C400italic%2C700italic%7CBitter%3A400%2C700&subset=latin%2Clatin-ext
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400a:800::200a Zurich, Switzerland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e2e53e528694d0489b0452944f6e47f8a45448d351cf30513cfa4ff6e5815312
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 22 Sep 2022 17:43:02 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 22 Sep 2022 18:31:18 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 22 Sep 2022 18:31:18 GMT
genericons.css
www.staradvertiser.com/wp-content/themes/staradvertiser/genericons/ 		30 KB
19 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.staradvertiser.com/wp-content/themes/staradvertiser/genericons/genericons.css?ver=3.03
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
4d5679eb4ffe764c49e2fb1386bf3ef04139e7a5a9e867da46aa1045374d6925

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:18 GMT
content-encoding
br
last-modified
Mon, 23 Sep 2019 21:22:01 GMT
server
nginx
etag
W/"5d893779-7945"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
style.css
www.staradvertiser.com/wp-content/themes/staradvertiser/ 		0
188 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.staradvertiser.com/wp-content/themes/staradvertiser/style.css?ver=2015-12-08
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:18 GMT
last-modified
Mon, 23 Sep 2019 21:22:01 GMT
server
nginx
etag
"5d893779-0"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
0
facets.min.css
www.staradvertiser.com/wp-content/plugins/elasticpress/features/facets/assets/css/ 		789 B
479 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.staradvertiser.com/wp-content/plugins/elasticpress/features/facets/assets/css/facets.min.css?ver=2.5.2
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
125b1c5f96e7bd6829d8ce638c463f14c0a78f7cadee45d6ea4584b897aaf1e3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:18 GMT
content-encoding
br
last-modified
Mon, 23 Sep 2019 21:22:01 GMT
server
nginx
etag
W/"5d893779-315"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
cleanslate.min.css
cdnjs.cloudflare.com/ajax/libs/cleanslate/0.10.1/ 		14 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/cleanslate/0.10.1/cleanslate.min.css
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
69f0e66de394788011c9e0d5fcf53f1a0feb32aba17b18c4c78612cd92adb44f
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:18 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
5676580
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2379
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:09:12 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e28-38a2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hUFcfW68slDWI3Gz6Yh1d5JcvPPZCz8CQqChftgn7SQoyusRYnv7npXr7uKGSPAmuCc1yl%2FvcIuYyVbxJYTJI%2BFUGkjUaHcc33I3eyXfH5%2FOZJew%2F%2BLYMonm9BOLfnneonzupze%2FvjSHokzr4Dg6pplw"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
74ed1de5bc6f6997-FRA
expires
Tue, 12 Sep 2023 18:31:18 GMT
css
fonts.googleapis.com/ 		8 KB
712 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,600,700
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400a:800::200a Zurich, Switzerland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
dda36ab0dda2b7ba616e824e0dd455eb222bf9fee24984c74e19df9fa962758e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 22 Sep 2022 17:19:28 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 22 Sep 2022 18:31:18 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 22 Sep 2022 18:31:18 GMT
search-bar-autocomplete.css
widgets.recruitology.com/lib/ 		0
0
play.png
www.staradvertiser.com/wp-content/plugins/cmd-hsa-dbn-video/include/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.staradvertiser.com/wp-content/plugins/cmd-hsa-dbn-video/include/images/play.png
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
12617a86d84e318f81b68310fb64c66b79059877e1b550d2e7a43472e0c417f2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:18 GMT
last-modified
Mon, 23 Sep 2019 21:22:01 GMT
server
nginx
etag
"5d893779-87d"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
2173
play.png
www.staradvertiser.com/wp-content/plugins/cmd-hsa-video/include/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.staradvertiser.com/wp-content/plugins/cmd-hsa-video/include/images/play.png
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
12617a86d84e318f81b68310fb64c66b79059877e1b550d2e7a43472e0c417f2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:18 GMT
last-modified
Mon, 23 Sep 2019 21:22:01 GMT
server
nginx
etag
"5d893779-87d"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
2173
bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/ 		141 KB
22 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/bootstrap.min.css
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c0f3dcfe93d7e380c290fe4ab838ed8cadff1596d62697f5444be460d1f876d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:18 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
756
age
2565459
cdn-cachedat
08/11/2021 06:00:03
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cdn-proxyver
1.0
timing-allow-origin
*
access-control-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:04 GMT
server
cloudflare
cdn-requestpullcode
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css; charset=utf-8
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
0e2c5c6d0f923b14a11b987f36221b3c
cf-ray
74ed1de5beda5c02-FRA
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
sa-style-2018.css
www.staradvertiser.com/wp-content/themes/staradvertiser/css/ 		68 KB
15 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.staradvertiser.com/wp-content/themes/staradvertiser/css/sa-style-2018.css?version=1.90
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
90beaf7b6e4e14893df279b22a8b5255a276d2d444fd431ef272070b72869f90

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:18 GMT
content-encoding
br
last-modified
Fri, 05 Aug 2022 19:12:00 GMT
server
nginx
etag
W/"62ed6b80-11006"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
wsl8gsu.css
use.typekit.net/ 		6 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/wsl8gsu.css
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:11a::6867:4841 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
bf78c9bad3b9a376810a5a12afa3d5a7a3ec5199228f34ee33d8ae13536a5f1f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains;
content-encoding
gzip
server
nginx
date
Thu, 22 Sep 2022 18:31:18 GMT
vary
Accept-Encoding
content-type
text/css;charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
922
all.css
use.fontawesome.com/releases/v5.0.10/css/ 		36 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.0.10/css/all.css
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.133.15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cfac6241dd3aabb5f1552c17501790093015c006a8e13671823c1ff4872beaae

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:18 GMT
content-encoding
br
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2540918
access-control-allow-methods
GET
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
WFND7H2PN8S2KVW4
x-amz-id-2
pjDophXCihoG6HMK/rb0lxuCuZ2md/xa5jK0VP/v7Bx9PEQqU3II5VFL3rxhKaLkGAaHHCBmxvw=
last-modified
Wed, 30 Jun 2021 15:26:49 GMT
server
cloudflare
etag
W/"d1acb8ad33b1526acbfd3f0028b859b0"
access-control-max-age
3000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A0zG8BF00RoY4e8%2F9VX0TMsqjJs6HmxdIeCun3JMI7SFbSyB0qe8r%2B%2Fl5BwJNduaRKJDzRPx8NiYHtGObGA%2Frm9GAhEtWOhMRMndlduCcNNDUg0G5K5uH7A6kd2nOMNzObbIgfJv"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31556926
cf-ray
74ed1de798cd9078-FRA
sa-jwplayer.css
www.staradvertiser.com/wp-content/themes/staradvertiser/css/ 		2 KB
869 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.staradvertiser.com/wp-content/themes/staradvertiser/css/sa-jwplayer.css?version=1.0
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
6e206304ef613bb43bbad63baeeef8a0fa2c96dc7295c45f025131467c14aee8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:18 GMT
content-encoding
br
last-modified
Mon, 23 Sep 2019 21:22:01 GMT
server
nginx
etag
W/"5d893779-603"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
common.cmd-hsa-minified.1569273721.css
www.staradvertiser.com/wp-content/plugins/hsa-polls/css/ 		502 B
460 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.staradvertiser.com/wp-content/plugins/hsa-polls/css/common.cmd-hsa-minified.1569273721.css?ver=5.8.5
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
0e2a560f13627bee0925e5e49243f611d9a4cef76f56f4c96d3d3a6510a1d29c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:18 GMT
content-encoding
br
last-modified
Tue, 04 Feb 2020 19:56:12 GMT
server
nginx
etag
W/"5e39cc5c-1f6"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
style.min.css
www.staradvertiser.com/wp-includes/css/dist/block-library/ 		79 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.staradvertiser.com/wp-includes/css/dist/block-library/style.min.css?ver=5.8.5
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
cb16845f3c28284255639a36b2d6fed7a0f10aad38ac166cb8a7c90ee07b4372

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:18 GMT
content-encoding
br
last-modified
Wed, 01 Sep 2021 04:05:58 GMT
server
nginx
etag
W/"612efc26-13abe"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
vfb-style.min.css
www.staradvertiser.com/wp-content/plugins/vfb-pro/public/assets/css/ 		66 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.staradvertiser.com/wp-content/plugins/vfb-pro/public/assets/css/vfb-style.min.css?ver=2019.05.10
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
2a03771453248c5eb3ee390d87edddd490ac37484b6a6c95567ffc222fccd107

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:18 GMT
content-encoding
br
last-modified
Wed, 10 Feb 2021 19:20:25 GMT
server
nginx
etag
W/"602431f9-108dd"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
css
fonts.googleapis.com/ 		16 KB
1018 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Source+Sans+Pro%3A300%2C400%2C700%2C300italic%2C400italic%2C700italic%7CBitter%3A400%2C700&subset=latin%2Clatin-ext
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400a:800::200a Zurich, Switzerland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e2e53e528694d0489b0452944f6e47f8a45448d351cf30513cfa4ff6e5815312
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 22 Sep 2022 17:36:30 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 22 Sep 2022 18:31:18 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 22 Sep 2022 18:31:18 GMT
genericons.css
www.staradvertiser.com/wp-content/themes/staradvertiser/genericons/ 		30 KB
19 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.staradvertiser.com/wp-content/themes/staradvertiser/genericons/genericons.css?ver=3.03
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
4d5679eb4ffe764c49e2fb1386bf3ef04139e7a5a9e867da46aa1045374d6925

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:18 GMT
content-encoding
br
last-modified
Mon, 23 Sep 2019 21:22:01 GMT
server
nginx
etag
W/"5d893779-7945"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
style.css
www.staradvertiser.com/wp-content/themes/staradvertiser/ 		0
188 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.staradvertiser.com/wp-content/themes/staradvertiser/style.css?ver=2015-12-08
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:18 GMT
last-modified
Mon, 23 Sep 2019 21:22:01 GMT
server
nginx
etag
"5d893779-0"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
0
facets.min.css
www.staradvertiser.com/wp-content/plugins/elasticpress/features/facets/assets/css/ 		789 B
479 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.staradvertiser.com/wp-content/plugins/elasticpress/features/facets/assets/css/facets.min.css?ver=2.5.2
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
125b1c5f96e7bd6829d8ce638c463f14c0a78f7cadee45d6ea4584b897aaf1e3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:18 GMT
content-encoding
br
last-modified
Mon, 23 Sep 2019 21:22:01 GMT
server
nginx
etag
W/"5d893779-315"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
cleanslate.min.css
cdnjs.cloudflare.com/ajax/libs/cleanslate/0.10.1/ 		14 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/cleanslate/0.10.1/cleanslate.min.css
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
69f0e66de394788011c9e0d5fcf53f1a0feb32aba17b18c4c78612cd92adb44f
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:18 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
5676580
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2379
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:09:12 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e28-38a2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m23wPAGlY41xSvsTrYHGQSsscyY3cF%2BSBQgsul%2BXpjkut0pw0hRaHgc%2FBcxjF6%2FD0PtoPzXazZsnwGySbYL9L8luqlF7e8Az8ZWp%2FneoqE2xU85dO6FaZK8ejsXVK2774G%2BKc8cHKF16XE2p%2FMJbE8dp"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
74ed1de5ec209966-FRA
expires
Tue, 12 Sep 2023 18:31:18 GMT
css
fonts.googleapis.com/ 		8 KB
712 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,600,700
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400a:800::200a Zurich, Switzerland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
dda36ab0dda2b7ba616e824e0dd455eb222bf9fee24984c74e19df9fa962758e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 22 Sep 2022 17:27:27 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 22 Sep 2022 18:31:18 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 22 Sep 2022 18:31:18 GMT
search-bar-autocomplete.css
widgets.recruitology.com/lib/ 		0
0
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,600,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.staradvertiser.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 18:50:34 GMT
x-content-type-options
nosniff
age
258044
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44856
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 18:20:18 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 19 Sep 2023 18:50:34 GMT
rollbar.min.js
cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.4.6/ 		61 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.4.6/rollbar.min.js
Requested by
Host: origami.secure.ownlocal.com
URL: https://origami.secure.ownlocal.com/origami-widget.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e2d476a3da7d96d989379c7fb3be5ed4595a5dcdf7164cda8b5ecf0ed9a39fe
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.staradvertiser.com/
Origin
https://www.staradvertiser.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:18 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
675963
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
17086
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:16:01 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03fc1-f4a1"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T%2FZ71RcI9W5sJF6JhKKFaGs0EtZHfZKbFE%2BbJbziGNceiOj931UNZDAp9B%2BfEO9oFzfDiw%2Bn84O3ahuA5QTTopHY7NV0cM4Jm62yz1AC50OX1X6NoTf8guDBwxMxvzP8qoecxocwciD2U%2BnSnJdXrf4B"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
74ed1de75f129966-FRA
expires
Tue, 12 Sep 2023 18:31:18 GMT
active_orders
origami.secure.ownlocal.com/api/ 		611 B
642 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://origami.secure.ownlocal.com/api/active_orders?owned_by=11d8bf01-4a0d-42f1-9c82-39f1b7726234
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.77.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.77.96.34.bc.googleusercontent.com
Software
nginx/1.17.2 /
Resource Hash
c32f6d59451b0d7f467ca522d2c309ada7fe3af76f8020217a59ba43ffcfdc02
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json
Referer
https://www.staradvertiser.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 google
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
age
2999
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
611
x-xss-protection
1; mode=block
x-request-id
7cc477bb-c4cf-4eda-8336-b2e7c5580d61
x-runtime
0.033468
referrer-policy
strict-origin-when-cross-origin
server
nginx/1.17.2
x-frame-options
SAMEORIGIN
date
Thu, 22 Sep 2022 17:41:19 GMT
x-download-options
noopen
access-control-max-age
7200
access-control-allow-methods
GET, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
*
vary
Origin
cache-control
max-age=3600, public
etag
W/"c32f6d59451b0d7f467ca522d2c309ad"
access-control-expose-headers
active_orders
origami.secure.ownlocal.com/api/ 		5 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://origami.secure.ownlocal.com/api/active_orders?owned_by=c46cf15d-1622-4157-8f3f-18b9a61946de
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.77.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.77.96.34.bc.googleusercontent.com
Software
nginx/1.17.2 /
Resource Hash
b85d3d93070d110bbdeae3fbf2f78091404e348e2264e0b53f922e4b85bde2f9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json
Referer
https://www.staradvertiser.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 google
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
age
2820
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4705
x-xss-protection
1; mode=block
x-request-id
609f2c3b-e6e7-4146-9346-9d2f45c21d4d
x-runtime
0.032546
referrer-policy
strict-origin-when-cross-origin
server
nginx/1.17.2
x-frame-options
SAMEORIGIN
date
Thu, 22 Sep 2022 17:44:18 GMT
x-download-options
noopen
access-control-max-age
7200
access-control-allow-methods
GET, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
*
vary
Origin
cache-control
max-age=3600, public
etag
W/"b85d3d93070d110bbdeae3fbf2f78091"
access-control-expose-headers
ping
ping.chartbeat.net/ 		43 B
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ping.chartbeat.net/ping?h=staradvertiser.com&p=%2F&u=CzGjNUCwJ5zSC8AOVY&d=staradvertiser.com&g=48334&g0=Homepage&g1=Star-Advertiser%20staff&n=1&f=00001&c=0&x=0&m=0&y=11673&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&b=2120&t=KWYVVBlCAmVihJ8QuzraKBxT64t&V=136&i=Hawaii%20News%20%7C%20Honolulu%20Star-Advertiser&tz=0&_acct=anon&sn=1&sv=xqzn9CNXClWvNq7LCZ1WOSCLE8jE&sd=1&im=067b2fff&_
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.232.27.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-232-27-202.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Sep 2022 18:31:19 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
content-length
43
expires
0
41e899d4-eecb-4906-b3ea-3f7a3f7fae2f
analyticssystems.net/api/v2/alerts/net/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://analyticssystems.net/api/v2/alerts/net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:251b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://www.staradvertiser.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Thu, 22 Sep 2022 18:31:19 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zab1hd48jZtWUYdvfD10bIeXvVsLLZA0myTXM09xefcddTpM%2FwLrTV61Kz7C6iBBXOmH26c%2Fxc0RDBTJUL1Ql2DFDHxA8HYt8nyjd%2B1Fxp5P4XOdZA0KXlTZR7sEJ6lI93pVi4Pu3Fvx7iiBBMhKQoUo9g%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
cf-ray
74ed1de84a169c12-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-request-id
FxdCS3KyEEsLWg4Bgnhh
www-player.css
www.youtube.com/s/player/64947e15/ Frame 19D2 		358 KB
49 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/64947e15/www-player.css
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/videoseries?list=PL4hYTOAQ-Qk4ksml-4NKgz3JafpO-tfY-
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
331577f2dea34be78e04f38773004d3e39c3370628d5233108397358a621dc51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/videoseries?list=PL4hYTOAQ-Qk4ksml-4NKgz3JafpO-tfY-
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 14:48:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
99781
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49662
x-xss-protection
0
last-modified
Wed, 21 Sep 2022 00:22:17 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 21 Sep 2023 14:48:18 GMT
www-embed-player.js
www.youtube.com/s/player/64947e15/www-embed-player.vflset/ Frame 19D2 		309 KB
96 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/64947e15/www-embed-player.vflset/www-embed-player.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/videoseries?list=PL4hYTOAQ-Qk4ksml-4NKgz3JafpO-tfY-
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
41ab731b25c3f7e4f6cc350774a28353c667e79774622a915f8b16b7897ecc4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/videoseries?list=PL4hYTOAQ-Qk4ksml-4NKgz3JafpO-tfY-
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 14:48:31 GMT
content-encoding
br
x-content-type-options
nosniff
age
99768
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
97978
x-xss-protection
0
last-modified
Wed, 21 Sep 2022 00:22:17 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 21 Sep 2023 14:48:31 GMT
base.js
www.youtube.com/s/player/64947e15/player_ias.vflset/de_DE/ Frame 19D2 		2 MB
577 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/64947e15/player_ias.vflset/de_DE/base.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/videoseries?list=PL4hYTOAQ-Qk4ksml-4NKgz3JafpO-tfY-
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bcfcc890d38af598070d6334e94089f8884f4c5ebb4a400d1f4ac303b503c8c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/videoseries?list=PL4hYTOAQ-Qk4ksml-4NKgz3JafpO-tfY-
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 14:48:46 GMT
content-encoding
br
x-content-type-options
nosniff
age
99753
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
591011
x-xss-protection
0
last-modified
Wed, 21 Sep 2022 00:22:17 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 21 Sep 2023 14:48:46 GMT
fetch-polyfill.js
www.youtube.com/s/player/64947e15/fetch-polyfill.vflset/ Frame 19D2 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/64947e15/fetch-polyfill.vflset/fetch-polyfill.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/videoseries?list=PL4hYTOAQ-Qk4ksml-4NKgz3JafpO-tfY-
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/videoseries?list=PL4hYTOAQ-Qk4ksml-4NKgz3JafpO-tfY-
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 14:48:31 GMT
content-encoding
br
x-content-type-options
nosniff
age
99768
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2786
x-xss-protection
0
last-modified
Wed, 21 Sep 2022 00:22:17 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 21 Sep 2023 14:48:31 GMT
index.html
origami.secure.ownlocal.com/origami_unit/ 		13 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://origami.secure.ownlocal.com/origami_unit/index.html
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.77.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.77.96.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
5270155ff4a7e8b5f899599bed68fd18e6bc5a609ca7a451371f3ae24e2380a1

Request headers

Accept
text/html
Referer
https://www.staradvertiser.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:05:19 GMT
age
1560
x-guploader-uploadid
ADPycduqYpw6Gi5wiczbyJT5t3gor2DoVfNLTvlfdY-7ZOJWk1wfxFMQg9bSEiuK8aZPkQfgGcIyWkTcTZ6-oYCQp0IeAJB-V3Qb
x-goog-storage-class
MULTI_REGIONAL
x-goog-meta-surrogate-key
ares-unit-html-production
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13741
accept-ranges
bytes
last-modified
Thu, 19 May 2022 15:08:55 GMT
server
UploadServer
etag
"934d8a06422590627aef7e7ceaab66b9"
x-goog-hash
crc32c=v7vAnw==, md5=k02KBkIlkGJ673586qtmuQ==
x-goog-generation
1652972935532544
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400
x-goog-stored-content-length
13741
x-goog-meta-surrogate-key-control
max-age=31536000
content-type
text/html
expires
Fri, 23 Sep 2022 18:05:19 GMT
index.html
origami.secure.ownlocal.com/origami_unit/ 		13 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://origami.secure.ownlocal.com/origami_unit/index.html
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.77.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.77.96.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
5270155ff4a7e8b5f899599bed68fd18e6bc5a609ca7a451371f3ae24e2380a1

Request headers

Accept
text/html
Referer
https://www.staradvertiser.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:05:19 GMT
age
1560
x-guploader-uploadid
ADPycduqYpw6Gi5wiczbyJT5t3gor2DoVfNLTvlfdY-7ZOJWk1wfxFMQg9bSEiuK8aZPkQfgGcIyWkTcTZ6-oYCQp0IeAJB-V3Qb
x-goog-storage-class
MULTI_REGIONAL
x-goog-meta-surrogate-key
ares-unit-html-production
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13741
accept-ranges
bytes
last-modified
Thu, 19 May 2022 15:08:55 GMT
server
UploadServer
etag
"934d8a06422590627aef7e7ceaab66b9"
x-goog-hash
crc32c=v7vAnw==, md5=k02KBkIlkGJ673586qtmuQ==
x-goog-generation
1652972935532544
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400
x-goog-stored-content-length
13741
x-goog-meta-surrogate-key-control
max-age=31536000
content-type
text/html
expires
Fri, 23 Sep 2022 18:05:19 GMT
config
c.amazon-adsystem.com/cdn/prod/ 		0
314 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.staradvertiser.com&pubid=ced4075c-e9ce-4f68-a498-b8a3cd48cc57
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.64.114.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-64-114-85.txl50.r.cloudfront.net
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 16:32:47 GMT
via
1.1 1a620bb236f3df5588fc787c47ccfafa.cloudfront.net (CloudFront)
server
Server
age
7111
x-cache
Hit from cloudfront
access-control-allow-origin
https://www.staradvertiser.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-pop
TXL50-P4
x-amz-cf-id
0yOYkE7yeH5JgUkjVxtNvOu4s2Mn7Zbrf2LOeU8zevM4sutovt-pGw==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.64.114.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-64-114-85.txl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id
I95TjGhhrR3O7F99m0mjPLrSrnJRj9o4
content-encoding
gzip
etag
W/"a4d296427fc806b21335359e398c025c"
age
31709
x-cache
Hit from cloudfront
access-control-max-age
3000
access-control-allow-origin
*
last-modified
Mon, 19 Sep 2022 09:37:07 GMT
server
AmazonS3
date
Thu, 22 Sep 2022 09:42:50 GMT
vary
Accept-Encoding,Origin
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 d58f8ae27ab00bbbe1dc072976204492.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
TXL50-P4
x-amz-cf-id
sRruo9jLEni1kI_GIv6-_AiDkAQHUbRRpIIC96GBGafqbTOWl3b_Kw==
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 19D2 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/videoseries?list=PL4hYTOAQ-Qk4ksml-4NKgz3JafpO-tfY-
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 11:18:05 GMT
x-content-type-options
nosniff
age
198794
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 20 Sep 2023 11:18:05 GMT
/
geoip.insticator.com/json/ 		243 B
434 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://geoip.insticator.com/json/
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.44.229.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-44-229-202.compute-1.amazonaws.com
Software
/
Resource Hash
9338b2f2bf36668c9ecb49cda4459b8d8227c5f031abbe917891f213b1991863

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-origin
https://www.staradvertiser.com
date
Thu, 22 Sep 2022 18:31:19 GMT
access-control-allow-credentials
true
x-database-date
Wed, 21 Sep 2022 23:35:47 GMT
content-length
243
vary
Origin
content-type
application/json
1329b7a3-57e0-4a4c-8c42-3fec8b79e7d3
h99w9l39sa.execute-api.us-east-1.amazonaws.com/prod/commonid/ 		2 B
212 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://h99w9l39sa.execute-api.us-east-1.amazonaws.com/prod/commonid/1329b7a3-57e0-4a4c-8c42-3fec8b79e7d3
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.214.111.9 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-214-111-9.compute-1.amazonaws.com
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 22 Sep 2022 18:31:19 GMT
x-amzn-requestid
40f6a51b-0acf-4bd3-91ab-c15f56310f59
x-amz-apigw-id
Y39-rEexIAMF4AA=
x-amzn-trace-id
Root=1-632ca9f7-49a7d4f42ed64af47ca5a68d;Sampled=0
content-length
2
content-type
application/json
134cd2a0-7eab-4f89-ad56-f416cc5743c6.js
df80k0z3fi8zg.cloudfront.net/files/instibid/ 		353 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://df80k0z3fi8zg.cloudfront.net/files/instibid/134cd2a0-7eab-4f89-ad56-f416cc5743c6.js
Requested by
Host: d2na2p72vtqyok.cloudfront.net
URL: https://d2na2p72vtqyok.cloudfront.net/client-embed/134cd2a0-7eab-4f89-ad56-f416cc5743c6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2251:6400:10:3422:3f00:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
535f71877713ee932cb8d5803d4130c058e2e5c75cc06cb42e4464e8950f542e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id
jeE1LiIwGrjDwvDGjmdWpF3qPmQFvHmZ
content-encoding
br
last-modified
Thu, 01 Sep 2022 16:52:33 GMT
server
AmazonS3
age
2202
etag
W/"5610ae8d909c7f9c9a83cdab2b46c719"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 231be1c97cc722fa08b64d21072ebfac.cloudfront.net (CloudFront)
date
Thu, 22 Sep 2022 17:54:38 GMT
x-amz-cf-pop
FRA60-P3
x-amz-cf-id
hYTzVOwETLY7oS9dvXyFHh91WF52MbTJmr8csDZWuu7xCJ-oaMOhgA==
tag.min.js
get.s-onetag.com/42a30fdd-c1da-4d85-ab06-c212412bd9ab/ 		23 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://get.s-onetag.com/42a30fdd-c1da-4d85-ab06-c212412bd9ab/tag.min.js
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.64.79.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-64-79-103.txl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cbff952e8c47bf976906662ac210c3ae9aaf8e10820d404e8f760bc273bcb4fb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id
MzFJp_hCplumN12v7na.JL4ToSqQ7M.M
content-encoding
gzip
last-modified
Mon, 30 May 2022 15:16:46 GMT
server
AmazonS3
age
60299
etag
W/"32357f1c0de69779f4fedf3aeb29d83e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
via
1.1 e8b7a57aa46fb1a9d8006f334bd5efd0.cloudfront.net (CloudFront)
cache-control
max-age=86400
date
Thu, 22 Sep 2022 01:46:38 GMT
x-amz-cf-pop
TXL50-P2
x-amz-cf-id
8g3EL_9o75RKE938OL8VYl42gQEeCxpnBrCJ3U-SeNah0fm4k6AM6g==
config.js
confiant-integrations.global.ssl.fastly.net/Fseez_-nDyWQXIJsbnoKkKTHXC4/gpt_and_prebid/ 		97 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://confiant-integrations.global.ssl.fastly.net/Fseez_-nDyWQXIJsbnoKkKTHXC4/gpt_and_prebid/config.js
Requested by
Host: d2na2p72vtqyok.cloudfront.net
URL: https://d2na2p72vtqyok.cloudfront.net/client-embed/134cd2a0-7eab-4f89-ad56-f416cc5743c6.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5f7a1d5a6ba781ef51870c2e484f8a77f7b5c0aa94366f5fcc4bc290246a05ae

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Thu, 22 Sep 2022 18:31:19 GMT
Content-Encoding
gzip
Age
583
X-Cache
HIT
Connection
keep-alive
Content-Length
23126
x-amz-id-2
Y7pl1/SQAvAMEdMPCD+Nb+dDvnktzyEISbZPAaQBe2VdI5nnU4eSvYRqMynh7siTcp2bsOZZFKGOze/79M2nkw==
X-Served-By
cache-hhn4067-HHN
Last-Modified
Thu, 22 Sep 2022 18:01:15 GMT
Server
AmazonS3
X-Timer
S1663871479.481091,VS0,VE0
ETag
"d292b53da1384d3fa2cfd4cb618122ac"
x-amz-request-id
ZQ0EVPET8P254347
Via
1.1 varnish
Cache-Control
public, max-age=900, stale-while-revalidate=3600
Accept-Ranges
bytes
Content-Type
text/javascript
X-Cache-Hits
26
index.html
auth.instiengage.com/auth/ Frame 526E 		75 B
476 B 		Document
General
Check archive.org
Download Go to
Full URL
https://auth.instiengage.com/auth/index.html
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206e:7000:9:78a:e540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
32dcb7b5d0e79583353a56225e4d8097e004103102d584e245d1b96547f9948d

Request headers

Referer
https://www.staradvertiser.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
42
cache-control
max-age=300
content-length
75
content-type
text/html
date
Thu, 22 Sep 2022 18:31:19 GMT
etag
"2e3d17ce9023be2c1313c02113f5c568"
last-modified
Tue, 16 Aug 2022 12:46:45 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 d3e698ff6aa93657f45eda478b9496e0.cloudfront.net (CloudFront)
x-amz-cf-id
GrPdHlbTkk9OSJZ-nCsF1R673mh1btGR1s4q5c9ExMmMTBK-TIVXLA==
x-amz-cf-pop
VIE50-C1
x-amz-version-id
wwuA1teHfpxnNE1op.J6Ishi5Ug48nVr
x-cache
Hit from cloudfront
pubads_impl_2022092101.js
securepubads.g.doubleclick.net/gpt/ 		379 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092101.js?cb=31069793
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
09af6caefeb671f4527e8bf54659bb482eea031fe6899bafc12f149bb14155d0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 15:38:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
10367
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131360
x-xss-protection
0
last-modified
Wed, 21 Sep 2022 08:34:49 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 22 Sep 2023 15:38:32 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		531 B
853 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.staradvertiser.com
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7feb35802dcde87fc102cc93bbf632931166012b837cf24ec881724537a0b489
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 22 Sep 2022 18:31:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
217
x-xss-protection
0
expires
Thu, 22 Sep 2022 18:31:19 GMT
ares-unit.css.gz
origami.secure.ownlocal.com/origami_unit/production/ Frame 1468 		46 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://origami.secure.ownlocal.com/origami_unit/production/ares-unit.css.gz
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.77.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.77.96.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
801c9f9f43b0ac567b2a38344b4208c9d38a337d2ef534c3b588a603350f78f6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:15:52 GMT
content-encoding
gzip
x-goog-meta-goog-reserved-file-mtime
1652972837
age
927
x-guploader-uploadid
ADPycdtN2MPOOr8p9PZgKTWtwmHEHBEnYZBgxcYYQ9vMJ6yzyQoW_9l3Bh8icQEBJEAnli6UX_XqGqfJUe7qOdoYCFau5A
x-goog-storage-class
MULTI_REGIONAL
x-goog-meta-surrogate-key
ares-unit-bundle-production
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7832
accept-ranges
bytes
last-modified
Thu, 19 May 2022 15:08:57 GMT
server
UploadServer
etag
"237a4ebe61241032e24155753e2473f0"
vary
Accept-Encoding
x-goog-hash
crc32c=3+hD/Q==, md5=I3pOvmEkEDLiQVV1PiRz8A==
x-goog-generation
1652972937602469
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=86400
x-goog-stored-content-length
7832
x-goog-meta-surrogate-key-control
max-age=31536000
content-type
text/css
expires
Fri, 23 Sep 2022 18:15:52 GMT
rollbar.min.js
cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.4.1/ Frame 1468 		59 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.4.1/rollbar.min.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bc611cd3f2e427b4b4c098b3cd5ccbf6e46754bcaa2bf3e2445b0d2f83e78b65
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.staradvertiser.com/
Origin
https://www.staradvertiser.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:19 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
5524617
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
16344
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:16:01 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03fc1-ea52"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lBlWN3PPL89xNIm%2B2oi67CpPcPU6zzsbTCGgRpu1AKdhUT2pBoGzTdLbxIld%2FsPVEbL3dScVss%2B4HEYC%2FBLXC5u%2FwwBltAH7wgd%2F9KiYe%2FK40ARI5KeCOhiHgX2t1EzF3Hxhm%2Fap4p6HjC5DQvlrrJr3"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
74ed1de8a9c09966-FRA
expires
Tue, 12 Sep 2023 18:31:19 GMT
sp.js.gz
snowplow.ownlocal.com/ Frame 1468 		96 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snowplow.ownlocal.com/sp.js.gz
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.184.131 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
131.184.244.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
9cf71774f1f1f6c394e18096287cb46b53cc4ba8e2f17af4625b2dde339f4776

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:22:41 GMT
content-encoding
gzip
age
518
x-guploader-uploadid
ADPycdvOjvEuhODBWuUUkYJ7k8y0_6AKFcnmQIdwKCfx3S1X0x6c1VloGjOp5cuHulyQJzve9C4KrCsPZxpAkumdpg-k-g
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
4
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29912
last-modified
Mon, 09 May 2022 19:34:21 GMT
server
UploadServer
etag
"e523a607826b707d5b388f1157cf0db7"
vary
Accept-Encoding
x-goog-hash
crc32c=yl0zPw==, md5=5SOmB4JrcH1bOI8RV88Ntw==
x-goog-generation
1652124861687069
cache-control
public, max-age=3600
x-goog-stored-content-length
29912
accept-ranges
bytes
content-type
application/x-javascript
expires
Thu, 22 Sep 2022 19:22:41 GMT
polyfill.min.js
cdn.polyfill.io/v2/ Frame 1468 		222 B
450 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.polyfill.io/v2/polyfill.min.js?features=Promise,fetch,Set,requestAnimationFrame,Map
Requested by
Host: origami.secure.ownlocal.com
URL: https://origami.secure.ownlocal.com/origami-widget.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::282 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
cae897bdde94867960ad284a56b1631296eaceddf5710a2857127ca0aa2777d3

Request headers

Referer
https://www.staradvertiser.com/
Origin
https://www.staradvertiser.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:19 GMT
content-encoding
br
last-modified
Wed, 21 Sep 2022 18:47:56 GMT
age
0
vary
User-Agent, Accept-Encoding
access-control-allow-methods
GET,HEAD,OPTIONS
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
useragent_normaliser
chrome/105.0.0
server-timing
cache-hhn4064, PASS, fastly;desc="Edge time";dur=19
accept-ranges
bytes
content-length
126
react.production.min.js
unpkg.com/react@16.5.2/umd/ Frame 1468 		10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/react@16.5.2/umd/react.production.min.js
Requested by
Host: origami.secure.ownlocal.com
URL: https://origami.secure.ownlocal.com/origami-widget.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7daf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6a526700a518d11ba17f9e4afc2fac0b2cfacda8a91a1975931bb30d6de3b479
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.staradvertiser.com/
Origin
https://www.staradvertiser.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:19 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
age
834999
content-encoding
br
vary
Accept-Encoding
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
server
cloudflare
etag
W/"28a2-zTTTPNEOyiQBmfjucbRapR63Ixw"
fly-request-id
01FFEFSJ4HR2CJMBEDH10TW1KC
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
74ed1de8f8a39b52-FRA
react-dom.production.min.js
unpkg.com/react-dom@16.5.2/umd/ Frame 1468 		92 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/react-dom@16.5.2/umd/react-dom.production.min.js
Requested by
Host: origami.secure.ownlocal.com
URL: https://origami.secure.ownlocal.com/origami-widget.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7daf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf12ee84c417cbb401083f27253d0541a64dd8605c7442f8ce8a22fe3026bbad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.staradvertiser.com/
Origin
https://www.staradvertiser.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:19 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
age
18158472
content-encoding
br
vary
Accept-Encoding
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
server
cloudflare
etag
W/"170da-IPAwmE0kwddBAKa0tilJJFl1MZg"
fly-request-id
01FWP2785GXS2RD1JETRPESBHP-fra
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
74ed1de8f8a59b52-FRA
i
aamcf.aamsitecertifier.com/ 		43 B
461 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aamcf.aamsitecertifier.com/i?stm=1663871479191&e=pv&url=https%3A%2F%2Fwww.staradvertiser.com%2F&page=Hawaii%20News%20%7C%20Honolulu%20Star-Advertiser&tv=js-2.9.2-SNAPSHOT&tna=cf&aid=206&p=web&tz=UTC&lang=en-US&cs=UTF-8&f_pdf=1&f_qt=0&f_realp=0&f_wma=0&f_dir=0&f_fla=0&f_java=0&f_gears=0&f_ag=0&f_inpriv=0&f_abd=0&res=1600x1200&cd=24&cookie=1&eid=ecccf657-fd7c-4dc5-bd19-81cac3815738&dtm=1663871479182&vp=1600x1200&ds=1600x11673&vid=1&sid=51cd5962-f142-48d1-aef6-79604a2de72f&duid=faa66c70-4df7-480a-a53d-1cfb1baf9dd9&fp=611842882&cx=eyJzY2hlbWEiOiJpZ2x1OmNvbS5zbm93cGxvd2FuYWx5dGljcy5zbm93cGxvdy9jb250ZXh0cy9qc29uc2NoZW1hLzEtMC0wIiwiZGF0YSI6W3sic2NoZW1hIjoiaWdsdTpjb20uZ29vZ2xlLmFuYWx5dGljcy9jb29raWVzL2pzb25zY2hlbWEvMS0wLTAiLCJkYXRhIjp7fX1dfQ
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.89.126.190 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-89-126-190.us-west-2.compute.amazonaws.com
Software
Apache/2.4.51 () OpenSSL/1.0.2k-fips /
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Thu, 22 Sep 2022 18:31:20 GMT
Server
Apache/2.4.51 () OpenSSL/1.0.2k-fips
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
event
event.insticator.com/v1/ 		0
125 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://event.insticator.com/v1/event?event_name=event_pageview
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.44.229.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-44-229-202.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Allow-Origin
*
Referer
https://www.staradvertiser.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-type
application/json

Response headers

access-control-allow-origin
https://www.staradvertiser.com
date
Thu, 22 Sep 2022 18:31:19 GMT
access-control-allow-credentials
true
content-length
0
vary
Origin
event
event.insticator.com/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://event.insticator.com/v1/event?event_name=event_pageview
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.44.229.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-44-229-202.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
access-control-allow-origin,content-type
Access-Control-Request-Method
POST
Origin
https://www.staradvertiser.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
access-control-allow-origin,content-type
access-control-allow-methods
POST
access-control-allow-origin
https://www.staradvertiser.com
access-control-max-age
3600
content-length
0
date
Thu, 22 Sep 2022 18:31:19 GMT
vary
Origin
provider.hlsjs.js
ssl.p.jwpcdn.com/player/v/8.26.0/ 		364 KB
106 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.p.jwpcdn.com/player/v/8.26.0/provider.hlsjs.js
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
74dc3a5a84ec8332a42ce30e371a4439fd26251b41bb92c837a70518f599d6e8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:19 GMT
content-encoding
gzip
age
840487
x-cache
HIT
content-length
108381
via
1.1 varnish
x-served-by
cache-hhn4065-HHN
last-modified
Wed, 31 Aug 2022 18:45:19 GMT
server
AmazonS3
x-timer
S1663871479.206136,VS0,VE0
etag
"129292c069c9008bfac5188b18ec0ca9"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000, immutable
accept-ranges
bytes
x-cache-hits
389717
collect
www.google-analytics.com/j/ 		4 B
24 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j97&a=1388760453&t=pageview&_s=1&dl=https%3A%2F%2Fwww.staradvertiser.com%2F&ul=en-us&de=UTF-8&dt=Hawaii%20News%20%7C%20Honolulu%20Star-Advertiser&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=1676257826&gjid=1543326677&cid=1040327165.1663871479&tid=UA-16272709-1&_gid=773932396.1663871479&_r=1&_slc=1&z=655883227
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.staradvertiser.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 22 Sep 2022 18:31:19 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.staradvertiser.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
materialdesignicons.min.css
cdn.jsdelivr.net/npm/@mdi/font@4.5.95/css/ Frame 1468
Redirect Chain
  • https://cdn.materialdesignicons.com/4.5.95/css/materialdesignicons.min.css
  • https://cdn.jsdelivr.net/mdi/4.5.95/css/materialdesignicons.min.css
  • https://cdn.jsdelivr.net/npm/@mdi/font@4.5.95/css/materialdesignicons.min.css
200 KB
34 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/@mdi/font@4.5.95/css/materialdesignicons.min.css
Requested by
Host: origami.secure.ownlocal.com
URL: https://origami.secure.ownlocal.com/origami_unit/production/ares-unit.css.gz
Protocol
H3
Server
2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f10134f63012891e9e259c48919da02a150be23f97892cae445acec7c1e8e00f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://origami.secure.ownlocal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
827427
x-jsd-version
4.5.95
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
34466
etag
W/"31f6f-BYur28y59QOryer8RIiplddE6Sc"
x-served-by
cache-fra19146-FRA, cache-hhn4049-HHN
x-jsd-version-type
version
date
Thu, 22 Sep 2022 18:31:19 GMT
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*

Redirect headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
age
2054383
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
111
x-served-by
cache-fra19132-FRA, cache-hhn4049-HHN
location
https://cdn.jsdelivr.net/npm/@mdi/font@4.5.95/css/materialdesignicons.min.css
date
Thu, 22 Sep 2022 18:31:19 GMT
vary
Accept-Encoding, Accept
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
inter.css
rsms.me/inter/ Frame 1468 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://rsms.me/inter/inter.css
Requested by
Host: origami.secure.ownlocal.com
URL: https://origami.secure.ownlocal.com/origami_unit/production/ares-unit.css.gz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:4ea2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c14569b287795db20f175729c90108f5e756049018e48f45d6f92c11c31be884

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://origami.secure.ownlocal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-fastly-request-id
39c8815bc29719ae41ba3e1158243d32e2fcb895
date
Thu, 22 Sep 2022 18:31:19 GMT
via
1.1 varnish
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2
x-cache
HIT
x-cache-hits
1
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19126-FRA
last-modified
Sun, 18 Sep 2022 23:00:38 GMT
server
cloudflare
x-github-request-id
D642:CE98:894AC8:8E7E4B:6327A346
x-timer
S1663542129.166656,VS0,VE104
etag
W/"6327a316-1490"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=azhLzqitE4dX7W9EPpZetTcnKFUDF87QplV3XBYgodcZWbuq4HJdihLCua9JYQe6kY73oAMiuDdpo1VPVMEn3zuViDlZqsMZIGcEXSKlLmFpjDvewh7g7zy7Qx7TQ5H6uQxCAFI7"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=14400
x-proxy-cache
MISS
cf-ray
74ed1de9bc0f9042-FRA
x-origin-cache
HIT
expires
Thu, 22 Sep 2022 17:16:31 GMT
css2
fonts.googleapis.com/ Frame 1468 		1 KB
446 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Frank+Ruhl+Libre:wght@500&display=swap
Requested by
Host: origami.secure.ownlocal.com
URL: https://origami.secure.ownlocal.com/origami_unit/production/ares-unit.css.gz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400a:800::200a Zurich, Switzerland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
33edcc8df004f4ddd374961d453e0bd40a66f741500ffb2a6f0574a8a116cb76
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://origami.secure.ownlocal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 22 Sep 2022 18:31:19 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 22 Sep 2022 18:31:19 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 22 Sep 2022 18:31:19 GMT
ares-unit.css.gz
origami.secure.ownlocal.com/origami_unit/production/ Frame 232F 		46 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://origami.secure.ownlocal.com/origami_unit/production/ares-unit.css.gz
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.77.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.77.96.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
801c9f9f43b0ac567b2a38344b4208c9d38a337d2ef534c3b588a603350f78f6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:15:52 GMT
content-encoding
gzip
x-goog-meta-goog-reserved-file-mtime
1652972837
age
927
x-guploader-uploadid
ADPycdtN2MPOOr8p9PZgKTWtwmHEHBEnYZBgxcYYQ9vMJ6yzyQoW_9l3Bh8icQEBJEAnli6UX_XqGqfJUe7qOdoYCFau5A
x-goog-storage-class
MULTI_REGIONAL
x-goog-meta-surrogate-key
ares-unit-bundle-production
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7832
accept-ranges
bytes
last-modified
Thu, 19 May 2022 15:08:57 GMT
server
UploadServer
etag
"237a4ebe61241032e24155753e2473f0"
vary
Accept-Encoding
x-goog-hash
crc32c=3+hD/Q==, md5=I3pOvmEkEDLiQVV1PiRz8A==
x-goog-generation
1652972937602469
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=86400
x-goog-stored-content-length
7832
x-goog-meta-surrogate-key-control
max-age=31536000
content-type
text/css
expires
Fri, 23 Sep 2022 18:15:52 GMT
rollbar.min.js
cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.4.1/ Frame 232F 		59 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.4.1/rollbar.min.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bc611cd3f2e427b4b4c098b3cd5ccbf6e46754bcaa2bf3e2445b0d2f83e78b65
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.staradvertiser.com/
Origin
https://www.staradvertiser.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:19 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
5524617
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
16344
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:16:01 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03fc1-ea52"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hlKgdiblDsN6MIfwci%2F1BoQwqWbGOpQd6xtL86zPd8D2sd9sduqhtFY4i402TvnJ7XZlt1TQbipHcBJR%2F05vXWf6vjeVXitoZkt4oHnIP9hAO%2FUcCE9gOvlcVzUll809mQbvNPcVj7pNZkVzjz6hoFY0"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
74ed1de97ba29966-FRA
expires
Tue, 12 Sep 2023 18:31:19 GMT
sp.js.gz
snowplow.ownlocal.com/ Frame 232F 		96 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snowplow.ownlocal.com/sp.js.gz
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.184.131 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
131.184.244.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
9cf71774f1f1f6c394e18096287cb46b53cc4ba8e2f17af4625b2dde339f4776

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:22:41 GMT
content-encoding
gzip
age
518
x-guploader-uploadid
ADPycdvOjvEuhODBWuUUkYJ7k8y0_6AKFcnmQIdwKCfx3S1X0x6c1VloGjOp5cuHulyQJzve9C4KrCsPZxpAkumdpg-k-g
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
4
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29912
last-modified
Mon, 09 May 2022 19:34:21 GMT
server
UploadServer
etag
"e523a607826b707d5b388f1157cf0db7"
vary
Accept-Encoding
x-goog-hash
crc32c=yl0zPw==, md5=5SOmB4JrcH1bOI8RV88Ntw==
x-goog-generation
1652124861687069
cache-control
public, max-age=3600
x-goog-stored-content-length
29912
accept-ranges
bytes
content-type
application/x-javascript
expires
Thu, 22 Sep 2022 19:22:41 GMT
polyfill.min.js
cdn.polyfill.io/v2/ Frame 232F 		222 B
193 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.polyfill.io/v2/polyfill.min.js?features=Promise,fetch,Set,requestAnimationFrame,Map
Requested by
Host: origami.secure.ownlocal.com
URL: https://origami.secure.ownlocal.com/origami-widget.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::282 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
cae897bdde94867960ad284a56b1631296eaceddf5710a2857127ca0aa2777d3

Request headers

Referer
https://www.staradvertiser.com/
Origin
https://www.staradvertiser.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:19 GMT
content-encoding
br
last-modified
Wed, 21 Sep 2022 18:47:56 GMT
age
0
vary
User-Agent, Accept-Encoding
access-control-allow-methods
GET,HEAD,OPTIONS
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
useragent_normaliser
chrome/105.0.0
server-timing
cache-hhn4064, PASS, fastly;desc="Edge time";dur=15
accept-ranges
bytes
content-length
126
react.production.min.js
unpkg.com/react@16.5.2/umd/ Frame 232F 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/react@16.5.2/umd/react.production.min.js
Requested by
Host: origami.secure.ownlocal.com
URL: https://origami.secure.ownlocal.com/origami-widget.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7daf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6a526700a518d11ba17f9e4afc2fac0b2cfacda8a91a1975931bb30d6de3b479
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.staradvertiser.com/
Origin
https://www.staradvertiser.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:19 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
age
834999
content-encoding
br
vary
Accept-Encoding
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
server
cloudflare
etag
W/"28a2-zTTTPNEOyiQBmfjucbRapR63Ixw"
fly-request-id
01FFEFSJ4HR2CJMBEDH10TW1KC
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
74ed1de979e09b52-FRA
react-dom.production.min.js
unpkg.com/react-dom@16.5.2/umd/ Frame 232F 		92 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/react-dom@16.5.2/umd/react-dom.production.min.js
Requested by
Host: origami.secure.ownlocal.com
URL: https://origami.secure.ownlocal.com/origami-widget.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7daf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf12ee84c417cbb401083f27253d0541a64dd8605c7442f8ce8a22fe3026bbad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.staradvertiser.com/
Origin
https://www.staradvertiser.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:19 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
age
18158472
content-encoding
br
vary
Accept-Encoding
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
server
cloudflare
etag
W/"170da-IPAwmE0kwddBAKa0tilJJFl1MZg"
fly-request-id
01FWP2785GXS2RD1JETRPESBHP-fra
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
74ed1de979e29b52-FRA
b
sb.scorecardresearch.com/ 		0
190 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b?c1=2&c2=6035032&cs_it=b3&cv=3.8.0.210223&ns__t=1663871479269&ns_c=UTF-8&c7=https%3A%2F%2Fwww.staradvertiser.com%2F&c8=Hawaii%20News%20%7C%20Honolulu%20Star-Advertiser&c9=
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-90.fra60.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:19 GMT
via
1.1 372875ad1ec20daf24f3f29f14a73cd0.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
x-amz-cf-id
wJhDNv-bUjjgm4rXOftmVJJlG0XaHtg4rqVoTwybhv5Ap5FGlhv8sA==
x-cache
Miss from cloudfront
309252323293891
connect.facebook.net/signals/config/ 		293 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/309252323293891?v=2.9.83&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
4c9b04f6e58c0930a81da587b66e4c0cf5b4cfb0fa627c6457c1c806eced7a36
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection
0
pragma
public
x-fb-debug
VpbyiwMSaXnlFCiDKoCw7Fm50rHUkVDB7ClJxRvqPxcQq2W0iLaozjUGat4sX2Z94QsdieEF5c0ujhhoW38JCQ==
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Thu, 22 Sep 2022 18:31:19 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
materialdesignicons.min.css
cdn.jsdelivr.net/npm/@mdi/font@4.5.95/css/ Frame 232F
Redirect Chain
  • https://cdn.materialdesignicons.com/4.5.95/css/materialdesignicons.min.css
  • https://cdn.jsdelivr.net/mdi/4.5.95/css/materialdesignicons.min.css
  • https://cdn.jsdelivr.net/npm/@mdi/font@4.5.95/css/materialdesignicons.min.css
200 KB
34 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/@mdi/font@4.5.95/css/materialdesignicons.min.css
Requested by
Host: origami.secure.ownlocal.com
URL: https://origami.secure.ownlocal.com/origami_unit/production/ares-unit.css.gz
Protocol
H3
Server
2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f10134f63012891e9e259c48919da02a150be23f97892cae445acec7c1e8e00f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://origami.secure.ownlocal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
827427
x-jsd-version
4.5.95
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
34466
etag
W/"31f6f-BYur28y59QOryer8RIiplddE6Sc"
x-served-by
cache-fra19146-FRA, cache-hhn4049-HHN
x-jsd-version-type
version
date
Thu, 22 Sep 2022 18:31:19 GMT
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*

Redirect headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
age
2054383
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
111
x-served-by
cache-fra19132-FRA, cache-hhn4049-HHN
location
https://cdn.jsdelivr.net/npm/@mdi/font@4.5.95/css/materialdesignicons.min.css
date
Thu, 22 Sep 2022 18:31:19 GMT
vary
Accept-Encoding, Accept
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
inter.css
rsms.me/inter/ Frame 232F 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://rsms.me/inter/inter.css
Requested by
Host: origami.secure.ownlocal.com
URL: https://origami.secure.ownlocal.com/origami_unit/production/ares-unit.css.gz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:4ea2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c14569b287795db20f175729c90108f5e756049018e48f45d6f92c11c31be884

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://origami.secure.ownlocal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-fastly-request-id
39c8815bc29719ae41ba3e1158243d32e2fcb895
date
Thu, 22 Sep 2022 18:31:19 GMT
via
1.1 varnish
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2
x-cache
HIT
x-cache-hits
1
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19126-FRA
last-modified
Sun, 18 Sep 2022 23:00:38 GMT
server
cloudflare
x-github-request-id
D642:CE98:894AC8:8E7E4B:6327A346
x-timer
S1663542129.166656,VS0,VE104
etag
W/"6327a316-1490"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T60UXRj0rFOhBUPYiJsJMtsSUDE%2FNza7sMKbtyjGfofPkb%2FW81YdkmtJq4NPuRZMGAkyoLMoM6JUjbRD30%2F8uShckQssZf0fF1RwzJWFsqvoLh0T%2Fbj%2FChU5n91hSKEXoJvAEHhw"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=14400
x-proxy-cache
MISS
cf-ray
74ed1de9cc189042-FRA
x-origin-cache
HIT
expires
Thu, 22 Sep 2022 17:16:31 GMT
css2
fonts.googleapis.com/ Frame 232F 		1 KB
446 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Frank+Ruhl+Libre:wght@500&display=swap
Requested by
Host: origami.secure.ownlocal.com
URL: https://origami.secure.ownlocal.com/origami_unit/production/ares-unit.css.gz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400a:800::200a Zurich, Switzerland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
33edcc8df004f4ddd374961d453e0bd40a66f741500ffb2a6f0574a8a116cb76
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://origami.secure.ownlocal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 22 Sep 2022 18:31:19 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 22 Sep 2022 18:31:19 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 22 Sep 2022 18:31:19 GMT
trk.gif
jadserve.postrelease.com/ 		43 B
426 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/trk.gif?ntv_at=394&ntv_usid=2800155&ntv_pl=1102376
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.34.160.33 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-34-160-33.eu-west-1.compute.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Sep 2022 18:31:19 GMT
server
nginx/1.12.1
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
trk.gif
jadserve.postrelease.com/ 		43 B
426 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/trk.gif?ntv_ui=c24d9d84-b1f9-43b3-993e-83d477dbb7e1&ntv_fl=83gbnyebGkBgwy34a7XM8Kb9Hj1wJHWBPh78sH2m1dsNGqVgZ-7l4gGJRVmTx3O4gilVXZIVj5y0FB4zRMvxlBCb9wqmseKsYoD3qCZ7Fz0Niw-APO3YNVTV8Oym2egi45iIM698jN-3ug89mjjoXAJ2__hMlM0d5IkjVpIc90IxJ9nxXyZWUBxWw7xmnEWt&ntv_ht=96ksYwA&ntv_at=303,302&ntv_a=AAAAAAAAAAKNIQA&ord=1663871479338&ntv_it
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.34.160.33 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-34-160-33.eu-west-1.compute.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Sep 2022 18:31:19 GMT
server
nginx/1.12.1
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
gdprConsent
jadserve.postrelease.com/ 		43 B
426 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/gdprConsent?ntv_pl=1102376&ntv_gdpr_consent=&ntv_it
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.34.160.33 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-34-160-33.eu-west-1.compute.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Sep 2022 18:31:19 GMT
server
nginx/1.12.1
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.staradvertiser.com%2F&domain=www.staradvertiser.com&cw=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.staradvertiser.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://www.staradvertiser.com
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Thu, 22 Sep 2022 18:31:18 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
518938
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
sid
mug.criteo.com/
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.staradvertiser.com%2F&domain=www.staradvertiser.com&cw=1&lsw=1
  • https://mug.criteo.com/sid?cpp=vmCrK3xRdU1sYjhXYmFmVE9paUxkWW03OXA1UmR4RU1qYjlZbS93YlZiZFZWbXMxOWdCSEhkYTJIOTg5Y1FSK2NiSU5xVzhYbUtZSHNaTS9Ib2REdkgvL3EyT0Z1N2NpaDkyYkpMWjVwWW9XcnBHRjRDdmhTOWxndXh3NW...
352 B
645 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=vmCrK3xRdU1sYjhXYmFmVE9paUxkWW03OXA1UmR4RU1qYjlZbS93YlZiZFZWbXMxOWdCSEhkYTJIOTg5Y1FSK2NiSU5xVzhYbUtZSHNaTS9Ib2REdkgvL3EyT0Z1N2NpaDkyYkpMWjVwWW9XcnBHRjRDdmhTOWxndXh3NWpldE53UFBTcXY2ajVmOUg2RG0rTlhqTjkzZkhHR0NmdGtUT3B2dzZRSUN1WU5RS1ZoOHpLbE9FdVd6SW9EZmRZY2daazh0Tk1rRnJsTXlKb1oyb1locUNLTGZ2WVlJN1cwUXdVWlJISGFhWmFLeEJOTHJCbFlFamhkSHp2YUFueFlNUlhjL2QvfA&cppv=2
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
6b1b8ad0a5a19ce775a74f4e5d7b62b8599c48fefb0c8b5e3593df4e13db634c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Sep 2022 18:31:19 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1113481
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Thu, 22 Sep 2022 18:31:18 GMT
server
Kestrel
location
https://mug.criteo.com/sid?cpp=vmCrK3xRdU1sYjhXYmFmVE9paUxkWW03OXA1UmR4RU1qYjlZbS93YlZiZFZWbXMxOWdCSEhkYTJIOTg5Y1FSK2NiSU5xVzhYbUtZSHNaTS9Ib2REdkgvL3EyT0Z1N2NpaDkyYkpMWjVwWW9XcnBHRjRDdmhTOWxndXh3NWpldE53UFBTcXY2ajVmOUg2RG0rTlhqTjkzZkhHR0NmdGtUT3B2dzZRSUN1WU5RS1ZoOHpLbE9FdVd6SW9EZmRZY2daazh0Tk1rRnJsTXlKb1oyb1locUNLTGZ2WVlJN1cwUXdVWlJISGFhWmFLeEJOTHJCbFlFamhkSHp2YUFueFlNUlhjL2QvfA&cppv=2
strict-transport-security
max-age=31536000; preload;
access-control-allow-methods
GET
access-control-allow-origin
https://www.staradvertiser.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
715729
content-length
0
expires
0
187621-164323601241456.js
js-sec.indexww.com/ht/p/ 		39 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/ht/p/187621-164323601241456.js
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
f82f6cf1599100b7836d8b8aa4bd5394e997849487dd6110d70908440c97fa64

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Thu, 22 Sep 2022 18:31:19 GMT
Content-Encoding
gzip
Last-Modified
Thu, 22 Sep 2022 18:16:50 GMT
Server
Apache
ETag
"da4d60-9a4f-5e94810ab049c"
Vary
Accept-Encoding
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=2926
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
text/javascript
Content-Length
13270
Expires
Thu, 22 Sep 2022 19:20:05 GMT
css
fonts.googleapis.com/ 		3 KB
631 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:600
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20220901/easy-stn-player.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400a:800::200a Zurich, Switzerland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3262c2bd70d868ed379b89eb25e964bf826721f17189a5170c352d20a7563f94
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 22 Sep 2022 18:08:49 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 22 Sep 2022 18:31:19 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 22 Sep 2022 18:31:19 GMT
icon
fonts.googleapis.com/ 		569 B
367 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/icon?family=Material+Icons
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20220901/easy-stn-player.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400a:800::200a Zurich, Switzerland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e2f2597386660b972fe84faa90af129a353e7e8f9990df6f3b14d0165468350f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 22 Sep 2022 18:31:19 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 22 Sep 2022 18:31:19 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 22 Sep 2022 18:31:19 GMT
OverlayScrollbars.min.css
cdnjs.cloudflare.com/ajax/libs/overlayscrollbars/1.13.1/css/ 		20 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/overlayscrollbars/1.13.1/css/OverlayScrollbars.min.css
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20220901/easy-stn-player.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
58a8a37fc288ebcb1babc66777ac8c7a922e145d307567c8b7a824dc959c41f9
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:19 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
3804029
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4023
timing-allow-origin
*
last-modified
Wed, 16 Dec 2020 13:04:39 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5fda05e7-4e34"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hIcxwMXoSCSYAWdqUdhZhBp0ffR3we7nmWhfmMEyp1uKu82HlRHznsB9%2FgtPxS2jXpLR65UiYyeDGLqR35UnxbIqJqri1QE%2BQDlGScj88GmhuTwb%2B0xbvWFxkhKj18WoyNZA%2BxrgHV9OsRZQL%2B3ukX6%2F"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
74ed1deaeb639c0d-FRA
expires
Tue, 12 Sep 2023 18:31:19 GMT
OverlayScrollbars.min.js
cdnjs.cloudflare.com/ajax/libs/overlayscrollbars/1.13.1/js/ Frame 52B2 		53 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/overlayscrollbars/1.13.1/js/OverlayScrollbars.min.js
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20220901/easy-stn-player.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ee61ec65bd3bc8cc949991393cfd5aca248620bc53e8ac94f9afe44c30961c0f
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:19 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
4755631
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
20502
timing-allow-origin
*
last-modified
Wed, 16 Dec 2020 13:04:39 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5fda05e7-d208"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8yKUIw2J%2BuNV13eQTNsctrjbjYLTcj7aMTJdWufiyjcwFT4TjpYQqgMGUoqv131d5cPxiiSFlJlBBg2lDQ1DFaLopCcSck9r4TchGGm2Em4eFMXQ8enPjQy787liKY7mgDO9usM7fnL%2FVg0EAxSDRI%2B0"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
74ed1deafb7f9c0d-FRA
expires
Tue, 12 Sep 2023 18:31:19 GMT
prebid.js
d29xw9s9x32j3w.cloudfront.net/players/library/prebid/6.12.0/ Frame 52B2 		334 KB
101 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d29xw9s9x32j3w.cloudfront.net/players/library/prebid/6.12.0/prebid.js
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20220901/easy-stn-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.145.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-145-10.cdg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c9fcabd6766d79a49d07a82461fed0b6e2a9bde6bd066d5107c4aabc9a7cbf36

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:20 GMT
content-encoding
gzip
last-modified
Wed, 16 Feb 2022 23:36:58 GMT
server
AmazonS3
x-amz-cf-pop
CDG50-C2
etag
W/"1c7777ec3f15f66750ea282b9545a85d"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 35fb5634bb95f448906ffae36e04b158.cloudfront.net (CloudFront)
cache-control
no-cache
x-amz-cf-id
yQIxnFs-DQ6R1y7moY8cLpjVruQAimber4nYl9m0DUrhtvmVi5ojKQ==
comScore.gt.min.js
d29xw9s9x32j3w.cloudfront.net/players/library/streamsense/6.3.4.190424/ Frame 52B2 		335 KB
335 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d29xw9s9x32j3w.cloudfront.net/players/library/streamsense/6.3.4.190424/comScore.gt.min.js
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20220901/easy-stn-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.145.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-145-10.cdg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
37da4f4e9645bcde259d1669db9d2548d9ff4f80e72bbe405232924129ae4db7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 15:09:45 GMT
via
1.1 35fb5634bb95f448906ffae36e04b158.cloudfront.net (CloudFront)
last-modified
Thu, 16 Jan 2020 23:25:25 GMT
server
AmazonS3
age
12095
etag
"4a51b8991a6b67323936c2eb62e3518e"
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
x-amz-cf-pop
CDG50-C2
accept-ranges
bytes
content-length
342796
x-amz-cf-id
7iCv6rFoquBgDLRl_GujuUWuh73PcfyX9LPgQSPu_f_T_7DwWgIUTw==
ima3.js
imasdk.googleapis.com/js/sdkloader/ 		378 KB
127 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:807::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5b318376c54a718bcb2422a99b9a38435b3021e0871d7a0c1c4ad6a9f017b3d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
128888
x-xss-protection
0
expires
Thu, 22 Sep 2022 18:31:19 GMT
reddit.png
d29xw9s9x32j3w.cloudfront.net/images/social/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d29xw9s9x32j3w.cloudfront.net/images/social/reddit.png
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.145.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-145-10.cdg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9861f51d1896f195c45f603bdc6b7f1455817966f5da945371c922a6f8797711

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 18:54:36 GMT
via
1.1 35fb5634bb95f448906ffae36e04b158.cloudfront.net (CloudFront)
last-modified
Fri, 24 Apr 2020 20:07:21 GMT
server
AmazonS3
age
85004
etag
"cb93bb50e5d021cc38de445a672c18a2"
x-cache
Hit from cloudfront
content-type
image/png
x-amz-cf-pop
CDG50-C2
accept-ranges
bytes
content-length
1094
x-amz-cf-id
2ayNv-zMWjA7J2nbrYnR_dD1trAVLF8H6sAVknJODzrXyk8ewXviKQ==
facebook.png
d29xw9s9x32j3w.cloudfront.net/images/social/ 		322 B
656 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d29xw9s9x32j3w.cloudfront.net/images/social/facebook.png
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.145.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-145-10.cdg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0597ab745938c4a2cc0818fc2447beb211629e484fed0b4143bdd6fa5724be61

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 18:51:52 GMT
via
1.1 35fb5634bb95f448906ffae36e04b158.cloudfront.net (CloudFront)
last-modified
Fri, 24 Apr 2020 20:07:21 GMT
server
AmazonS3
age
85168
etag
"311cf2edc46e82f2a6911332b7db54e1"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
x-amz-cf-pop
CDG50-C2
accept-ranges
bytes
content-length
322
x-amz-cf-id
i7E1zOWBneaBkHteItO1drkc3n8BCQpfToJuGBUp8U6i04U4IO39TQ==
twitter.png
d29xw9s9x32j3w.cloudfront.net/images/social/ 		832 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d29xw9s9x32j3w.cloudfront.net/images/social/twitter.png
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.145.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-145-10.cdg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
94a557b756089fc7dde1c857bb1a2f776dff6aeec3ceead5c2fa2304433b88ee

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 18:54:36 GMT
via
1.1 35fb5634bb95f448906ffae36e04b158.cloudfront.net (CloudFront)
last-modified
Fri, 24 Apr 2020 20:07:21 GMT
server
AmazonS3
age
85004
etag
"8be584e844dabfe22970a0cb943c047e"
x-cache
Hit from cloudfront
content-type
image/png
x-amz-cf-pop
CDG50-C2
accept-ranges
bytes
content-length
832
x-amz-cf-id
iGmf9maW1HH2sbAqSnB2wMmZSPhMZtwWiFYYkPvGA3PVMoUkCi-ifA==
email.png
d29xw9s9x32j3w.cloudfront.net/images/social/ 		773 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d29xw9s9x32j3w.cloudfront.net/images/social/email.png
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.145.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-145-10.cdg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3b7f1a6aeceeb60c709478e55147a48f4031ac6617b3ab089210f1f1f59b7204

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 18:54:36 GMT
via
1.1 35fb5634bb95f448906ffae36e04b158.cloudfront.net (CloudFront)
last-modified
Fri, 24 Apr 2020 20:07:21 GMT
server
AmazonS3
age
85004
etag
"4bd445ddc3f9d6101690e15cfc1a04f0"
x-cache
Hit from cloudfront
content-type
image/png
x-amz-cf-pop
CDG50-C2
accept-ranges
bytes
content-length
773
x-amz-cf-id
T3c4O4SDq6b0uVsgrpZeTq4Aoqkcf_31V40EFgZiUPFao2-TAZ8yJA==
stn_trk.gif
s2l.sendtonews.com/ 		26 B
187 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://s2l.sendtonews.com/stn_trk.gif?session=Kqg2J0vzlYL6FDsn&instance=988373&version=7.8.0&age=220922&cmd=PRE_INIT&key=NxulL6Ef&seq=1&order=1&absoluteTime=2623.8&relativeTime=0.2&canonical=https://www.staradvertiser.com/&EXTREF=https://www.staradvertiser.com/&REF=https://www.staradvertiser.com/&serverHost=embed.sendtonews.com
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.206.60.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-206-60-169.compute-1.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:20 GMT
last-modified
Wed, 23 Dec 2020 21:38:39 GMT
server
Apache/2.4.41 (Ubuntu)
accept-ranges
bytes
etag
"1a-5b72883b37f80"
content-length
26
content-type
image/gif
data_read.php
embed.sendtonews.com/player4/ 		33 KB
6 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://embed.sendtonews.com/player4/data_read.php?cmd=loadInitial&session=Kqg2J0vzlYL6FDsn&instance=988373&version=7.8.0&age=220922&ESG_key=NxulL6Ef&type=FULL&EXTREF=https://www.staradvertiser.com/&REF=https://www.staradvertiser.com/&ogSet=1
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.209.43.118 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-209-43-118.compute-1.amazonaws.com
Software
Apache /
Resource Hash
5808b9c4fd0b04e7bc4a4c2611b79b217369b5b200abc8b707c0a2f5fef20c76

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:19 GMT
content-encoding
gzip
server
Apache
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=1
content-length
5434
expires
Thu, 22 Sep 2022 18:31:20 GMT
analytics.min.js
cdn.resonate.com/analytics.js/v1/200302733/ Frame 52B2 		0
96 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.resonate.com/analytics.js/v1/200302733/analytics.min.js
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20220901/easy-stn-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.12.242 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
server
cloudflare
cf-ray
74ed1dec3a539960-FRA
date
Thu, 22 Sep 2022 18:31:19 GMT
vary
Accept-Encoding
apstag.js
c.amazon-adsystem.com/aax2/ Frame 52B2 		167 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20220901/easy-stn-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.64.114.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-64-114-85.txl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d420ee64cb607d68e208a3105b39934807ed2e4d43ced2542f7b6b0cd153ca43

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Thu, 22 Sep 2022 17:57:15 GMT
via
1.1 814952d19d560b49ff15ad2f71e400d2.cloudfront.net (CloudFront), 1.1 1a620bb236f3df5588fc787c47ccfafa.cloudfront.net (CloudFront)
last-modified
Thu, 15 Sep 2022 20:15:31 GMT
server
AmazonS3
age
2045
etag
W/"da0e8e1151d3ebb7a34f07d19a6e05d0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-pop
FRA60-P1, TXL50-P4
content-encoding
gzip
x-amz-cf-id
Othsku1sOKYQ3CWbmWTpvyWSJssDTkpw_UoxzzuGYeEQpLzACn1BeQ==
authIframe.js
auth.instiengage.com/auth/ Frame 526E 		65 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://auth.instiengage.com/auth/authIframe.js?v=1
Requested by
Host: auth.instiengage.com
URL: https://auth.instiengage.com/auth/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206e:7000:9:78a:e540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d1d05642e23866a6d7fb1b165615355e7c01fffaf89c61e9c14c0beecb96ae23

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://auth.instiengage.com/auth/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id
bjKlbjl1idrb07_BYuQLp8gSlZzXUS_r
content-encoding
br
last-modified
Tue, 16 Aug 2022 12:46:41 GMT
server
AmazonS3
age
21
etag
W/"e0bffec4a3929b23d4347f914449f5cb"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
via
1.1 d3e698ff6aa93657f45eda478b9496e0.cloudfront.net (CloudFront)
cache-control
max-age=300
date
Thu, 22 Sep 2022 18:30:59 GMT
x-amz-cf-pop
VIE50-C1
x-amz-cf-id
QC0NerXqRqo7i7Ix37Gc8Rl7JM-DG2D71BCkzn4rN3AhQ1GZiyhZDQ==
conversion_async.js
www.googleadservices.com/pagead/ 		41 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WTV5NMZ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
7bcbe327243628310e84027b85bca98a20d208f66f64685d979c6ccfa587d2d2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15697
x-xss-protection
0
server
cafe
etag
1764007376392519731
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 22 Sep 2022 18:31:19 GMT
platform.js
insiderdata360online.com/service/ 		0
0
ares_assets.json
origami.secure.ownlocal.com/origami_unit/production/ Frame 1468 		168 B
200 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://origami.secure.ownlocal.com/origami_unit/production/ares_assets.json
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.4.1/rollbar.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.77.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.77.96.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
496db6d47cb7396e6e92ea0d527d26f700d1719a5e993a26379d927da5fd9b20

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:05:21 GMT
x-goog-meta-goog-reserved-file-mtime
1652972837
age
1558
x-guploader-uploadid
ADPycdvrmnv7mh-eiM5JM6krUPZYtBU65CQkXcsSy0AtIDkpp4ZEn2-jNe4R6xursEEjvPFZePtwoxSgmI4M8lnIUzGioV7kaz0L
x-goog-storage-class
MULTI_REGIONAL
x-goog-meta-surrogate-key
ares-unit-bundle-production
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
168
accept-ranges
bytes
last-modified
Thu, 19 May 2022 15:08:57 GMT
server
UploadServer
etag
"71690f93d8fcaf07c33c4d217bd2d1be"
x-goog-hash
crc32c=nuzGdQ==, md5=cWkPk9j8rwfDPE0he9LRvg==
x-goog-generation
1652972937647965
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400
x-goog-stored-content-length
168
x-goog-meta-surrogate-key-control
max-age=31536000
content-type
application/json
expires
Fri, 23 Sep 2022 18:05:21 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
447 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-16272709-1&cid=1040327165.1663871479&jid=1676257826&gjid=1543326677&_gid=773932396.1663871479&_u=IEBAAEAAAAAAAC~&z=556068914
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4025:402::9a Den Helder, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.staradvertiser.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Thu, 22 Sep 2022 18:31:19 GMT
content-type
text/plain
access-control-allow-origin
https://www.staradvertiser.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=vmCrK3xRdU1sYjhXYmFmVE9paUxkWW03OXA1UmR4RU1qYjlZbS93YlZiZFZWbXMxOWdCSEhkYTJIOTg5Y1FSK2NiSU5xVzhYbUtZSHNaTS9Ib2REdkgvL3EyT0Z1N2NpaDkyYkpMWjVwWW9XcnBHRjRDdmhTOWxndXh3NWpldE53UFBTcXY2ajVmOUg2RG0rTlhqTjkzZkhHR0NmdGtUT3B2dzZRSUN1WU5RS1ZoOHpLbE9FdVd6SW9EZmRZY2daazh0Tk1rRnJsTXlKb1oyb1locUNLTGZ2WVlJN1cwUXdVWlJISGFhWmFLeEJOTHJCbFlFamhkSHp2YUFueFlNUlhjL2QvfA&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Thu, 22 Sep 2022 18:31:18 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
474212
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
clarity.js
www.clarity.ms/eus2-d/s/0.6.41/ 		54 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/eus2-d/s/0.6.41/clarity.js
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/tag/c13p8ejhds
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::60 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
61b9926e5d52c52c383c00d7e52f2c491b15e7cfd715373b53571632a7459517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:18 GMT
content-encoding
br
etag
"1d8ccdebe9ad570"
last-modified
Wed, 01 Jun 2022 12:22:22 GMT
x-powered-by
ASP.NET
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript;charset=utf-8
cache-control
public,max-age=86400
x-azure-ref
096ksYwAAAADfefR+VUD9Tq1JWdRz2JXlTE9OMjFFREdFMTYwOAA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
accept-ranges
bytes
request-context
appId=cid-v1:3f60b293-70d6-4805-b0bb-3484f0a73bf0
favicon.ico
ad.doubleclick.net/ 		1 KB
663 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.134 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f6.1e100.net
Software
sffe /
Resource Hash
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:04:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1618
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
last-modified
Tue, 08 May 2012 13:08:06 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/x-icon
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 23 Sep 2022 18:04:21 GMT
achoice.svg
widgets.outbrain.com/images/widgetIcons/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widgets.outbrain.com/images/widgetIcons/achoice.svg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.237.86 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-86.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:19 GMT
last-modified
Mon, 12 Sep 2022 07:37:47 GMT
server
AkamaiNetStorage
etag
"9d26fa4e7238ed94f1d0d92afb453b3e:1662969032.874716"
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
2735
expires
Sat, 22 Oct 2022 18:31:19 GMT
bbSa3LzB.png
assets-jpcust.jwpsrv.com/watermarks/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets-jpcust.jwpsrv.com/watermarks/bbSa3LzB.png
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
ea61548e9d5031954bac5839724821f0aa82d3a6ad15440cd592c551f21fa3b9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:19 GMT
content-encoding
gzip
age
444
x-cache
HIT, HIT
content-length
4826
x-served-by
cache-iad-kjyo7100117-IAD, cache-hhn4065-HHN
access-control-allow-origin
*
last-modified
Mon, 19 Feb 2018 23:04:18 GMT
server
nginx
x-timer
S1663871480.705231,VS0,VE89
etag
"ebbad5ad378aa3799d2487401ff2298a"
vary
Accept-Encoding
content-type
image/png
via
1.1 varnish, 1.1 varnish
cache-control
max-age=900
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits
1, 1
XmpMMLRv-120.vtt
assets-jpcust.jwpsrv.com/strips/
Redirect Chain
  • https://cdn.jwplayer.com/strips/XmpMMLRv-120.vtt
  • https://assets-jpcust.jwpsrv.com/strips/XmpMMLRv-120.vtt
918 B
571 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://assets-jpcust.jwpsrv.com/strips/XmpMMLRv-120.vtt
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Server
2a04:4e42:200::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
c58c36c98447d189b8bdd65f5c404698bbd42b671a98e47473695c2b04328ccb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:20 GMT
content-encoding
gzip
age
303
x-amz-server-side-encryption
AES256
x-cache
MISS, HIT
content-length
205
x-served-by
cache-iad-kjyo7100152-IAD, cache-hhn4044-HHN
access-control-allow-origin
*
last-modified
Wed, 14 Sep 2022 20:28:43 GMT
server
nginx
x-timer
S1663871480.026836,VS0,VE92
etag
"9c33b17d2824fcd7b8344759ec1e61d5"
vary
Accept-Encoding
content-type
text/vtt
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits
0, 1

Redirect headers

date
Thu, 22 Sep 2022 18:31:19 GMT
via
1.1 77517a7f5d9094d359ba5186c3bda1e6.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
FRA60-P4
location
https://assets-jpcust.jwpsrv.com/strips/XmpMMLRv-120.vtt
x-cache
Miss from cloudfront
content-type
text/html
access-control-allow-origin
*
content-length
166
x-amz-cf-id
DTszk3DJP-g_5Zl0DROl8YBCb-0-Tk4uVK7FuYYpOe-Hak6793vWZQ==
related.js
ssl.p.jwpcdn.com/player/v/8.26.0/ 		106 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.p.jwpcdn.com/player/v/8.26.0/related.js
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8418a2741bd3a9983a9ddb2fb6b1565b48b601292ccb98aedeefc0516920a80f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:19 GMT
content-encoding
gzip
age
1891341
x-cache
HIT
content-length
25400
via
1.1 varnish
x-served-by
cache-hhn4065-HHN
last-modified
Wed, 31 Aug 2022 18:45:21 GMT
server
AmazonS3
x-timer
S1663871480.707709,VS0,VE0
etag
"c369576cc253af1a83457a4d9b52c916"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000, immutable
accept-ranges
bytes
x-cache-hits
500326
wc3pgjt9-720.jpg
assets-jpcust.jwpsrv.com/thumbnails/
Redirect Chain
  • https://cdn.jwplayer.com/v2/media/XmpMMLRv/poster.jpg?width=720
  • https://assets-jpcust.jwpsrv.com/thumbnails/wc3pgjt9-720.jpg
130 KB
130 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets-jpcust.jwpsrv.com/thumbnails/wc3pgjt9-720.jpg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Server
2a04:4e42:600::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
f495ac1e9a9cebad6450c7aa75f1091520cba8e8b812708477bc8a077d53b2a9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:20 GMT
content-encoding
gzip
age
458
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
132551
x-served-by
cache-iad-kcgs7200084-IAD, cache-hhn4065-HHN
access-control-allow-origin
*
last-modified
Wed, 14 Sep 2022 20:28:41 GMT
server
nginx
x-timer
S1663871480.092176,VS0,VE89
etag
"183d93f44f4de0ab295d69c09baddd06"
vary
Accept-Encoding
content-type
image/jpeg
via
1.1 varnish, 1.1 varnish
cache-control
max-age=900
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits
1, 1

Redirect headers

date
Thu, 22 Sep 2022 18:31:19 GMT
via
1.1 19dbc4cbbe0be3dca8e57283a83b57c6.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
FRA60-P4
location
https://assets-jpcust.jwpsrv.com/thumbnails/wc3pgjt9-720.jpg
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=180, max-stale=180
x-cache
Miss from cloudfront
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
content-length
0
x-amz-cf-id
fC747nX6Iln_42xAWNHQjdBKbkjQEsUOEebTbQ4JDxqYvJK36zsVyw==
9q2qzyae-720.jpg
assets-jpcust.jwpsrv.com/thumbnails/
Redirect Chain
  • https://cdn.jwplayer.com/v2/media/v7puK1SS/poster.jpg?width=720
  • https://assets-jpcust.jwpsrv.com/thumbnails/9q2qzyae-720.jpg
81 KB
82 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets-jpcust.jwpsrv.com/thumbnails/9q2qzyae-720.jpg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Server
2a04:4e42:600::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
0ad9548daef7d5a5123934afebf88c25adbf010517d80f292818b2d19fbb9046

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:20 GMT
content-encoding
gzip
age
554
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
83339
x-served-by
cache-iad-kjyo7100033-IAD, cache-hhn4065-HHN
access-control-allow-origin
*
last-modified
Thu, 01 Sep 2022 00:50:24 GMT
server
nginx
x-timer
S1663871480.092212,VS0,VE92
etag
"c98ac8b98a7227f5ec025d13fa3df3fa"
vary
Accept-Encoding
content-type
image/jpeg
via
1.1 varnish, 1.1 varnish
cache-control
max-age=900
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits
1, 1

Redirect headers

date
Thu, 22 Sep 2022 18:31:19 GMT
via
1.1 19dbc4cbbe0be3dca8e57283a83b57c6.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
FRA60-P4
location
https://assets-jpcust.jwpsrv.com/thumbnails/9q2qzyae-720.jpg
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=180, max-stale=180
x-cache
Miss from cloudfront
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
content-length
0
x-amz-cf-id
G34lanysc767vOz1sf5GBJDtFRO11gZudqKXYe-OG9ZEwVXVPAXpxQ==
v7puK1SS-120.vtt
assets-jpcust.jwpsrv.com/strips/
Redirect Chain
  • https://cdn.jwplayer.com/strips/v7puK1SS-120.vtt
  • https://assets-jpcust.jwpsrv.com/strips/v7puK1SS-120.vtt
427 B
310 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://assets-jpcust.jwpsrv.com/strips/v7puK1SS-120.vtt
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Server
2a04:4e42:200::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
575a1ddab506fe53ed332fd2b02df023cd604fde865c90b927d7894f07d5165a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:20 GMT
content-encoding
gzip
age
0
x-amz-server-side-encryption
AES256
x-cache
HIT, MISS
content-length
145
x-served-by
cache-iad-kcgs7200120-IAD, cache-hhn4044-HHN
access-control-allow-origin
*
last-modified
Thu, 01 Sep 2022 00:50:24 GMT
server
nginx
x-timer
S1663871480.086303,VS0,VE98
etag
"509c5c0fb4c9cdeae418ce41d718178b"
vary
Accept-Encoding
content-type
text/vtt
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits
1, 0

Redirect headers

date
Thu, 22 Sep 2022 18:31:19 GMT
via
1.1 77517a7f5d9094d359ba5186c3bda1e6.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
FRA60-P4
location
https://assets-jpcust.jwpsrv.com/strips/v7puK1SS-120.vtt
x-cache
Miss from cloudfront
content-type
text/html
access-control-allow-origin
*
content-length
166
x-amz-cf-id
osnVFssjUEsDv4HrcsUCNdYpT-mUkMnl2subyPqOLjq5LgCC0j9FGw==
ares_assets.json
origami.secure.ownlocal.com/origami_unit/production/ Frame 232F 		168 B
200 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://origami.secure.ownlocal.com/origami_unit/production/ares_assets.json
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.4.1/rollbar.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.77.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.77.96.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
496db6d47cb7396e6e92ea0d527d26f700d1719a5e993a26379d927da5fd9b20

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:05:21 GMT
x-goog-meta-goog-reserved-file-mtime
1652972837
age
1558
x-guploader-uploadid
ADPycdvrmnv7mh-eiM5JM6krUPZYtBU65CQkXcsSy0AtIDkpp4ZEn2-jNe4R6xursEEjvPFZePtwoxSgmI4M8lnIUzGioV7kaz0L
x-goog-storage-class
MULTI_REGIONAL
x-goog-meta-surrogate-key
ares-unit-bundle-production
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
168
accept-ranges
bytes
last-modified
Thu, 19 May 2022 15:08:57 GMT
server
UploadServer
etag
"71690f93d8fcaf07c33c4d217bd2d1be"
x-goog-hash
crc32c=nuzGdQ==, md5=cWkPk9j8rwfDPE0he9LRvg==
x-goog-generation
1652972937647965
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400
x-goog-stored-content-length
168
x-goog-meta-surrogate-key-control
max-age=31536000
content-type
application/json
expires
Fri, 23 Sep 2022 18:05:21 GMT
id
googleads.g.doubleclick.net/pagead/ Frame 19D2
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/id
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
100 B
146 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/videoseries?list=PL4hYTOAQ-Qk4ksml-4NKgz3JafpO-tfY-
Protocol
H3
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6d233c5aa995bf9183725f76a032e297d11d5c7dfe7e1afd2d9a6c4eea16d64b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
120
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Thu, 22 Sep 2022 18:31:19 GMT
x-content-type-options
nosniff
access-control-allow-origin
https://www.youtube.com
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad_status.js
static.doubleclick.net/instream/ Frame 19D2 		29 B
588 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.doubleclick.net/instream/ad_status.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/64947e15/www-embed-player.vflset/www-embed-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:19:42 GMT
x-content-type-options
nosniff
age
697
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29
x-xss-protection
0
last-modified
Thu, 12 Dec 2013 23:40:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 22 Sep 2022 18:34:42 GMT
anchor
www.google.com/recaptcha/api2/ Frame 390F 		42 KB
22 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdAlLwUAAAAABkgsamHb8lqNqVqvZQKWYXKl57b&co=aHR0cHM6Ly93d3cuc3RhcmFkdmVydGlzZXIuY29tOjQ0Mw..&hl=de&v=zmiYzsHi8INTJBWt2QZC9aM5&size=invisible&cb=pim0lxr6s77v
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
a00043be538626b75543972155118579940fb8843f8f6028039e39440c9fcc80
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-0li3jJc54eLuCh5BtWIWMg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.staradvertiser.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-length
22311
content-security-policy
script-src 'report-sample' 'nonce-0li3jJc54eLuCh5BtWIWMg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 22 Sep 2022 18:31:19 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
ga-audiences
www.google.com/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-16272709-1&cid=1040327165.1663871479&jid=1676257826&_u=IEBAAEAAAAAAAC~&z=1135534450
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Sep 2022 18:31:19 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-16272709-1&cid=1040327165.1663871479&jid=1676257826&_u=IEBAAEAAAAAAAC~&z=1135534450
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Sep 2022 18:31:19 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
geo.privacymanager.io/ 		30 B
593 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://geo.privacymanager.io/
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-107.dus51.r.cloudfront.net
Software
/
Resource Hash
e257df7266563e157bb7df93fd09c6d13afb1c9554468b21c7378e09a94d3250

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 00:52:45 GMT
via
1.1 e026b2802d48048e9935caadbecf124e.cloudfront.net (CloudFront), 1.1 5297df6326448099cefed6e96fd7b00a.cloudfront.net (CloudFront)
age
63514
x-amzn-requestid
86dcb24c-f9db-42df-a601-6d36a5f51da5
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type
application/json
access-control-allow-origin
*
x-amzn-trace-id
Root=1-632bb1dd-4af3047c574887231b1acfa7;Sampled=0
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA56-P3, DUS51-P1
x-amz-apigw-id
Y1i6rG52joEFchg=
content-length
30
x-amz-cf-id
1OLXVGl7pHpqXP6trnoTch-d1W70GgUitI1aHh4HFD7GlcFBIUpyDA==
access-control-allow-headers
Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method
POST
Origin
https://www.youtube.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-goog-api-key,x-user-agent
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://www.youtube.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
content-type
text/html
date
Thu, 22 Sep 2022 18:31:20 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 19D2 		65 KB
30 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/64947e15/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
616cc06d3da590a6ef76c03aa705a5a1fa8a5cf4a4cd7c4e5e7bb3e484dfb4fa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-User-Agent
grpc-web-javascript/0.1
Referer
https://www.youtube.com/
X-Goog-Api-Key
AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
application/json+protobuf

Response headers

date
Thu, 22 Sep 2022 18:31:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/json+protobuf; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
vary
Origin, X-Origin, Referer
content-length
30546
x-xss-protection
0
remote.js
www.youtube.com/s/player/64947e15/player_ias.vflset/de_DE/ Frame 19D2 		118 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/64947e15/player_ias.vflset/de_DE/remote.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/64947e15/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e18c273d7ef0826878f4159bf2b9809263e0765ca2d28c6955e9f62726ca1da1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/videoseries?list=PL4hYTOAQ-Qk4ksml-4NKgz3JafpO-tfY-
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 14:51:59 GMT
content-encoding
br
x-content-type-options
nosniff
age
99560
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37182
x-xss-protection
0
last-modified
Wed, 21 Sep 2022 00:22:17 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 21 Sep 2023 14:51:59 GMT
A6NiJ4FpWdYb46YkL14Gb7YSsd_Y0OEDYbyMmxwlYE4.js
www.google.com/js/th/ Frame 19D2 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/js/th/A6NiJ4FpWdYb46YkL14Gb7YSsd_Y0OEDYbyMmxwlYE4.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/64947e15/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
03a36227816959d61be3a6242f5e066fb612b1dfd8d0e10361bc8c9b1c25604e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 05:12:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
134315
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14106
x-xss-protection
0
last-modified
Tue, 13 Sep 2022 11:00:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 21 Sep 2023 05:12:44 GMT
embed.js
www.youtube.com/s/player/64947e15/player_ias.vflset/de_DE/ Frame 19D2 		30 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/64947e15/player_ias.vflset/de_DE/embed.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/64947e15/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
516eadac5b177c303c3f7f4d4c67a5584125ec3050906d4707ccabc2a32bddfc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/videoseries?list=PL4hYTOAQ-Qk4ksml-4NKgz3JafpO-tfY-
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 14:48:46 GMT
content-encoding
br
x-content-type-options
nosniff
age
99753
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9374
x-xss-protection
0
last-modified
Wed, 21 Sep 2022 00:22:17 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 21 Sep 2023 14:48:46 GMT
truncated
/ Frame 19D2 		175 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type
image/png
AMLnZu8Zp7IhXCNHdKPAIcktoaOccWbiDJllwyxtgAmtlg=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame 19D2 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yt3.ggpht.com/ytc/AMLnZu8Zp7IhXCNHdKPAIcktoaOccWbiDJllwyxtgAmtlg=s68-c-k-c0x00ffffff-no-rj
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/videoseries?list=PL4hYTOAQ-Qk4ksml-4NKgz3JafpO-tfY-
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
144af7bafe02560b9d2ef48a35c13844873b533d84db56b03b0f19263cb7437f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 17:00:59 GMT
x-content-type-options
nosniff
age
5421
content-disposition
inline;filename="unnamed.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5310
x-xss-protection
0
server
fife
etag
"v2f6f"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Sat, 30 Jul 2022 01:06:25 GMT
hqdefault.jpg
i.ytimg.com/vi/TpHgkHT1Ols/ Frame 19D2 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi/TpHgkHT1Ols/hqdefault.jpg
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/videoseries?list=PL4hYTOAQ-Qk4ksml-4NKgz3JafpO-tfY-
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
70992ab75a72e14a70226c3c04954f233d37af25383a561300aa3e4f00a5a910
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:20 GMT
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28028
x-xss-protection
0
server
sffe
etag
"1663808436"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/jpeg
cache-control
public, max-age=300
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 22 Sep 2022 18:36:20 GMT
wrap.js
confiant-integrations.global.ssl.fastly.net/gptprebidnative/202209061116/ 		202 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://confiant-integrations.global.ssl.fastly.net/gptprebidnative/202209061116/wrap.js
Requested by
Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/Fseez_-nDyWQXIJsbnoKkKTHXC4/gpt_and_prebid/config.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4dd9a0a89a6f744f971d703a692ba46ac458994d236cff82a8f79a0d1980d4d6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Thu, 22 Sep 2022 18:31:20 GMT
Content-Encoding
gzip
Age
842640
X-Cache
HIT
Connection
keep-alive
Content-Length
65932
x-amz-id-2
ngZ6pxjjczHY0u7YqE1bIxYw0LWZvYegA9szd02uJZFuzAIryNjj7UaegkzpKukqNXuC3nV8vcFuAa1eap3XTw==
X-Served-By
cache-hhn4067-HHN
Last-Modified
Tue, 06 Sep 2022 17:14:03 GMT
Server
AmazonS3
X-Timer
S1663871480.014126,VS0,VE0
ETag
"ff03fa033abd214ac10b94ea9d102f86"
x-amz-request-id
AYGP566NEH6T1319
Via
1.1 varnish
Cache-Control
public, max-age=864000
Accept-Ranges
bytes
Content-Type
application/javascript; charset=utf-8
X-Cache-Hits
409066
event
event.insticator.com/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://event.insticator.com/v1/event?event_name=event_adunit-load
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.44.229.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-44-229-202.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.staradvertiser.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://www.staradvertiser.com
access-control-max-age
3600
content-length
0
date
Thu, 22 Sep 2022 18:31:20 GMT
vary
Origin
bid
aax-dtb-cf.amazon-adsystem.com/e/dtb/ 		23 B
467 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.staradvertiser.com%2F&pid=pYiTKdKYY93Ba&cb=0&ws=1600x1200&v=22.9.81452&t=3000&slots=%5B%7B%22sd%22%3A%22div-insticator-ad-1%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F2507246%2Fstaradvertiser.com_Web_300x250_1%22%2C%22kv%22%3A%7B%22gpid%22%3A%22staradvertiser.com-div-insticator-ad-1%22%7D%7D%2C%7B%22sd%22%3A%22div-insticator-ad-2%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F2507246%2Fstaradvertiser.com_Web_300x250_2%22%2C%22kv%22%3A%7B%22gpid%22%3A%22staradvertiser.com-div-insticator-ad-2%22%7D%7D%2C%7B%22sd%22%3A%22div-insticator-ad-4%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F2507246%2Fstaradvertiser.com_Web_728x90_1%22%2C%22kv%22%3A%7B%22gpid%22%3A%22staradvertiser.com-div-insticator-ad-4%22%7D%7D%5D&pubid=ced4075c-e9ce-4f68-a498-b8a3cd48cc57&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.87.188 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-87-188.fra2.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:20 GMT
via
1.1 2b2e2811e641703aebf776da39317b9c.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA2-C2
x-amz-rid
EX1FDDENNPW19GZNE5YR
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.staradvertiser.com
access-control-allow-credentials
true
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
23
x-amz-cf-id
dVjqv7V1KQBmpE9aVPHw0N2M15_9bjm0m-aW6fjYuJpzCVMTDFrLbA==
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: d2na2p72vtqyok.cloudfront.net
URL: https://d2na2p72vtqyok.cloudfront.net/client-embed/134cd2a0-7eab-4f89-ad56-f416cc5743c6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
44ee3510bf8c6172582ab45bdb1928288db7599f21bf696a9464eb181a91fbe2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27809
x-xss-protection
0
server
sffe
etag
"1342 / 444 of 1000 / last-modified: 1663845016"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 22 Sep 2022 18:31:20 GMT
event
event.insticator.com/v1/ 		0
125 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://event.insticator.com/v1/event?event_name=event_adunit-load
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.44.229.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-44-229-202.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.staradvertiser.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-type
application/json

Response headers

access-control-allow-origin
https://www.staradvertiser.com
date
Thu, 22 Sep 2022 18:31:20 GMT
access-control-allow-credentials
true
content-length
0
vary
Origin
/
onetag-geo.s-onetag.com/ 		555 B
971 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://onetag-geo.s-onetag.com/
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-48.fra56.r.cloudfront.net
Software
/
Resource Hash
f51938710e179807bbf1be9a1e9d7e3441fa74e7dfe9f46841914fb12ca7de3c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 05:37:26 GMT
via
1.1 dc85053069397a282d87170bb1bcab4a.cloudfront.net (CloudFront), 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
age
46434
x-amzn-requestid
84db7705-af32-446d-8d80-2f5970ff5de0
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=86400
x-amz-cf-pop
FRA56-P6, FRA56-P5
x-amz-apigw-id
Y2MnmEolCYcFbrQ=
content-length
555
x-amz-cf-id
x9j49PSJVgsVGrDOeVoH9AMWgNDwq4KQYVhvJYiGAm5zRXBBa9BFLw==
beacon.min.js
signal-beacon.s-onetag.com/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://signal-beacon.s-onetag.com/beacon.min.js
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.89.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-89-60.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
93975ae1d8cef7cb7a8c05ef392abe1b4d080b570b19cab279a208afe7d36cf9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id
SQDb2i9Q5YZSPn9JZMj9axyuCi9GAOZD
content-encoding
gzip
etag
W/"588a5c88fba4ca02dace48040384e257"
last-modified
Wed, 10 Aug 2022 09:56:11 GMT
server
AmazonS3
age
47683
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 baaf38f0a0d54e4834bf934fa5189cea.cloudfront.net (CloudFront)
cache-control
max-age=86400
date
Thu, 22 Sep 2022 05:16:38 GMT
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
6hj3nRJ75YfMKaW1q8NX1Ps-rp3Iy-ZAwsKcuuY2-ZDsFRj7aczJ_w==
%2F
signal-segments.s-onetag.com/desktop/www.staradvertiser.com/ 		4 KB
775 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://signal-segments.s-onetag.com/desktop/www.staradvertiser.com/%2F
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.2.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-2-51.txl50.r.cloudfront.net
Software
/
Resource Hash
ffe1e5759238cc893baf9e9b81c6be58868c8babf130a4e35ae6c2965ce132c1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 12:08:40 GMT
content-encoding
gzip
age
22960
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/json
via
1.1 a966c6e25db0d10ed8111bf0f786dbc6.cloudfront.net (CloudFront)
cache-control
max-age=86400, public
x-amz-cf-pop
TXL50-P1
access-control-allow-origin
*
x-amz-cf-id
pS9ZvUKKPnW64vDFTc-640FiJo--RwoUSCLQSEPf6YA94WlF_szvCQ==
apigw-requestid
Y3F7TjqciYcEMMw=
www.staradvertiser.com
signal-segments.s-onetag.com/desktop/ 		18 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://signal-segments.s-onetag.com/desktop/www.staradvertiser.com
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.2.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-2-51.txl50.r.cloudfront.net
Software
/
Resource Hash
3e8b68b3f9f841b2d071c9102cde5e561142871ae2570f20c8c0e4046da32f2b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 01:09:58 GMT
content-encoding
gzip
age
62482
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/json
via
1.1 a966c6e25db0d10ed8111bf0f786dbc6.cloudfront.net (CloudFront)
cache-control
max-age=86400, public
x-amz-cf-pop
TXL50-P1
access-control-allow-origin
*
x-amz-cf-id
-PX8qIKxxJ034jhZSwrBUBBV1PCuH5x5w1MNmcCTMkb4rJ67bognIg==
apigw-requestid
Y1lcEi7jiYcEJBw=
ares-unit.js.gz
origami.secure.ownlocal.com/origami_unit/production/ Frame 1468 		115 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://origami.secure.ownlocal.com/origami_unit/production/ares-unit.js.gz
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.77.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.77.96.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
a15d10ee6ae48395020b55338c0384cc95c1baa147d27f4d0fe05520beb75ff1

Request headers

Referer
https://www.staradvertiser.com/
Origin
https://www.staradvertiser.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:05:24 GMT
content-encoding
gzip
x-goog-meta-goog-reserved-file-mtime
1652972837
age
1556
x-guploader-uploadid
ADPycdvnQhG-hY-WRF7zBHc45Qp0vPeYCJsng-mpwNuQPpZbDqpInHnTdVHSLjlfkOKnwmRWLqDXyQCBiQSMIm-eXxoKKw
x-goog-storage-class
MULTI_REGIONAL
x-goog-meta-surrogate-key
ares-unit-bundle-production
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32473
accept-ranges
bytes
last-modified
Thu, 19 May 2022 15:08:57 GMT
server
UploadServer
etag
"0447f5ed525529565dc5e920e8d77e31"
vary
Accept-Encoding
x-goog-hash
crc32c=HUbaKQ==, md5=BEf17VJVKVZdxekg6Nd+MQ==
x-goog-generation
1652972937548329
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400
x-goog-stored-content-length
32473
x-goog-meta-surrogate-key-control
max-age=31536000
content-type
application/javascript
expires
Fri, 23 Sep 2022 18:05:24 GMT
bid
aax-dtb-cf.amazon-adsystem.com/e/dtb/ 		23 B
465 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.staradvertiser.com%2F&pid=pYiTKdKYY93Ba&cb=1&ws=1600x1200&v=22.9.81452&t=2000&slots=%5B%7B%22sd%22%3A%22div-gpt-ad-1443757323385-3%22%2C%22s%22%3A%5B%22300x100%22%5D%2C%22sn%22%3A%22%2F5136785%2FSA_Tile1_HomePage%22%2C%22kv%22%3A%7B%22pubcid.org%22%3A%5B%221329b7a3-57e0-4a4c-8c42-3fec8b79e7d3%22%5D%7D%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1449255182659-3%22%2C%22s%22%3A%5B%22300x100%22%5D%2C%22sn%22%3A%22%2F5136785%2FSA_Tile2_HomePage%22%2C%22kv%22%3A%7B%22pubcid.org%22%3A%5B%221329b7a3-57e0-4a4c-8c42-3fec8b79e7d3%22%5D%7D%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1444028495459-18%22%2C%22s%22%3A%5B%22982x30%22%5D%2C%22sn%22%3A%22%2F5136785%2FSA_x15_HomePage%22%2C%22kv%22%3A%7B%22pubcid.org%22%3A%5B%221329b7a3-57e0-4a4c-8c42-3fec8b79e7d3%22%5D%7D%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1444028495459-33%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%2C%22970x250%22%5D%2C%22sn%22%3A%22%2F5136785%2FSA_Top_HomePage%22%2C%22kv%22%3A%7B%22pubcid.org%22%3A%5B%221329b7a3-57e0-4a4c-8c42-3fec8b79e7d3%22%5D%7D%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1444028495459-79%22%2C%22s%22%3A%5B%22320x50%22%2C%22728x90%22%5D%2C%22sn%22%3A%22%2F5136785%2FSA_Bottom_HomePage%22%2C%22kv%22%3A%7B%22pubcid.org%22%3A%5B%221329b7a3-57e0-4a4c-8c42-3fec8b79e7d3%22%5D%7D%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1444028495459-45%22%2C%22s%22%3A%5B%22320x50%22%2C%22728x90%22%5D%2C%22sn%22%3A%22%2F5136785%2FSA_Banner1_HomePage%22%2C%22kv%22%3A%7B%22pubcid.org%22%3A%5B%221329b7a3-57e0-4a4c-8c42-3fec8b79e7d3%22%5D%7D%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1444028495459-46%22%2C%22s%22%3A%5B%22320x50%22%2C%22728x90%22%5D%2C%22sn%22%3A%22%2F5136785%2FSA_Banner2_HomePage%22%2C%22kv%22%3A%7B%22pubcid.org%22%3A%5B%221329b7a3-57e0-4a4c-8c42-3fec8b79e7d3%22%5D%7D%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1444028495459-47%22%2C%22s%22%3A%5B%22320x50%22%2C%22728x90%22%5D%2C%22sn%22%3A%22%2F5136785%2FSA_Banner3_HomePage%22%2C%22kv%22%3A%7B%22pubcid.org%22%3A%5B%221329b7a3-57e0-4a4c-8c42-3fec8b79e7d3%22%5D%7D%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1483134122312-0%22%2C%22s%22%3A%5B%22300x100%22%5D%2C%22sn%22%3A%22%2F5136785%2FSA_Sponsor-MostRead_HomePage%22%2C%22kv%22%3A%7B%22pubcid.org%22%3A%5B%221329b7a3-57e0-4a4c-8c42-3fec8b79e7d3%22%5D%7D%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1444028495459-51%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F5136785%2FSA_Box1_HomePage%22%2C%22kv%22%3A%7B%22pubcid.org%22%3A%5B%221329b7a3-57e0-4a4c-8c42-3fec8b79e7d3%22%5D%7D%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1444028495459-65%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F5136785%2FSA_Box2_HomePage%22%2C%22kv%22%3A%7B%22pubcid.org%22%3A%5B%221329b7a3-57e0-4a4c-8c42-3fec8b79e7d3%22%5D%7D%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1444788445358-0%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F5136785%2FSA_Box3_HomePage%22%2C%22kv%22%3A%7B%22pubcid.org%22%3A%5B%221329b7a3-57e0-4a4c-8c42-3fec8b79e7d3%22%5D%7D%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1482886799060-0%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F5136785%2FSA_Box-Top_HomePage%22%2C%22kv%22%3A%7B%22pubcid.org%22%3A%5B%221329b7a3-57e0-4a4c-8c42-3fec8b79e7d3%22%5D%7D%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1521079920643-0%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F5136785%2FSA_Box-Top-2_HomePage%22%2C%22kv%22%3A%7B%22pubcid.org%22%3A%5B%221329b7a3-57e0-4a4c-8c42-3fec8b79e7d3%22%5D%7D%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1444965704525-0%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F5136785%2FSA_MenuBox%22%2C%22kv%22%3A%7B%22pubcid.org%22%3A%5B%221329b7a3-57e0-4a4c-8c42-3fec8b79e7d3%22%5D%7D%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1445920181141-0%22%2C%22s%22%3A%5B%22300x100%22%5D%2C%22sn%22%3A%22%2F5136785%2FSA_MenuTile%22%2C%22kv%22%3A%7B%22pubcid.org%22%3A%5B%221329b7a3-57e0-4a4c-8c42-3fec8b79e7d3%22%5D%7D%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1465867295375-0%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F5136785%2FSA_Box-events_TGIF%22%2C%22kv%22%3A%7B%22pubcid.org%22%3A%5B%221329b7a3-57e0-4a4c-8c42-3fec8b79e7d3%22%5D%7D%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1564775939722-0%22%2C%22s%22%3A%5B%221x1%22%5D%2C%22sn%22%3A%22%2F5136785%2FSA_Footer_Homepage%22%2C%22kv%22%3A%7B%22pubcid.org%22%3A%5B%221329b7a3-57e0-4a4c-8c42-3fec8b79e7d3%22%5D%7D%7D%5D&pubid=ced4075c-e9ce-4f68-a498-b8a3cd48cc57&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.87.188 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-87-188.fra2.r.cloudfront.net
Software
Server /
Resource Hash
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:20 GMT
via
1.1 2b2e2811e641703aebf776da39317b9c.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA2-C2
x-amz-rid
W2H49N0AYE7KC1E0EKVT
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.staradvertiser.com
access-control-allow-credentials
true
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
23
x-amz-cf-id
KTZhjap9XzHfiJcshiEUJHf5CtHcLE07SNFDc6d2M4uCcMECyXR1jg==
translator
hbopenbid.pubmatic.com/ 		0
121 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.22 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.staradvertiser.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.staradvertiser.com
date
Thu, 22 Sep 2022 18:31:20 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.staradvertiser.com
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 22 Sep 2022 18:31:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
442 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=gpt_paw&pvsid=329596970703887&vrg=2022092101&nw_id=5136785%2C2507246%5C%2C5136785&nslots=38&eid=31060439%2C31069635%2C31069793&pub_url=https%3A%2F%2Fwww.staradvertiser.com%2F&sig=0&req=1&req_cnt=3&dm=8
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Sep 2022 18:31:20 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		48 KB
19 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=329596970703887&correlator=4018275835298213&eid=31060439%2C31069635%2C31069793&output=ldjh&gdfp_req=1&vrg=2022092101&ptt=17&impl=fifs&iu_parts=2507246%3A5136785%2Cstaradvertiser.com_Web_300x250_1&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=1&adks=1231134253&sfv=1-0-38&fsapi=false&prev_scp=h%3D18%26shb%3D1%26tg%3D0%26p%3DBTF%26at%3D1%26hostname%3Dwww.staradvertiser.com%26consent%3D0%26Exclude_Adx%3DN%26ib%3Dnofill%26iba%3D0%26iaid%3Dnofill%26it%3Dil&eri=1&cust_params=ip%3D0%26he%3D0%26amznbid%3D1%26amznp%3D1&ppid=1329b7a3-57e0-4a4c-8c42-3fec8b79e7d3&sc=1&cookie_enabled=1&abxe=1&dt=1663871480221&lmt=1663871480&dlt=1663871477769&idt=2351&adxs=1162&adys=9581&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.staradvertiser.com%2F&frm=20&vis=1&psz=300x574&msz=300x-1&fws=0&ohw=0&ga_vid=1040327165.1663871479&ga_sid=1663871480&ga_hid=1388760453&ga_fc=true
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fdf1766dfc28991ac8e4fb5acc48cabe1e6c8905dfb69a5f4b033cb58c1d62c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:20 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19129
x-xss-protection
0
google-lineitem-id
5747548770
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138357539009
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.staradvertiser.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		48 KB
19 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=329596970703887&correlator=1449086710006104&eid=31060439%2C31069635%2C31069793&output=ldjh&gdfp_req=1&vrg=2022092101&ptt=17&impl=fifs&iu_parts=2507246%3A5136785%2Cstaradvertiser.com_Web_300x250_2&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=2&adks=2233527209&sfv=1-0-38&fsapi=false&prev_scp=h%3D18%26shb%3D1%26tg%3D0%26p%3DBTF%26at%3D1%26hostname%3Dwww.staradvertiser.com%26consent%3D0%26Exclude_Adx%3DN%26ib%3Dnofill%26iba%3D0%26iaid%3Dnofill%26it%3Dil&eri=1&cust_params=ip%3D0%26he%3D0%26amznbid%3D1%26amznp%3D1&ppid=1329b7a3-57e0-4a4c-8c42-3fec8b79e7d3&sc=1&cookie_enabled=1&abxe=1&dt=1663871480230&lmt=1663871480&dlt=1663871477769&idt=2351&adxs=1162&adys=9861&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=2&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.staradvertiser.com%2F&frm=20&vis=1&psz=300x574&msz=300x-1&fws=0&ohw=0&ga_vid=1040327165.1663871479&ga_sid=1663871480&ga_hid=1388760453&ga_fc=true
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4f0fb0ccba6278d94ffcacd417bce27eb63efd7b378bee5ae80853782b12bc1d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:20 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19053
x-xss-protection
0
google-lineitem-id
5747548770
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138357538991
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.staradvertiser.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		48 KB
19 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=329596970703887&correlator=4476692345776601&eid=31060439%2C31069635%2C31069793&output=ldjh&gdfp_req=1&vrg=2022092101&ptt=17&impl=fifs&iu_parts=2507246%3A5136785%2Cstaradvertiser.com_Web_728x90_1&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ifi=3&adks=613459873&sfv=1-0-38&fsapi=false&prev_scp=h%3D18%26shb%3D1%26tg%3D0%26p%3DBTF%26at%3D1%26hostname%3Dwww.staradvertiser.com%26consent%3D0%26Exclude_Adx%3DN%26ib%3Dnofill%26iba%3D0%26iaid%3Dnofill%26it%3Dil&eri=1&cust_params=ip%3D0%26he%3D0%26amznbid%3D1%26amznp%3D1&ppid=1329b7a3-57e0-4a4c-8c42-3fec8b79e7d3&sc=1&cookie_enabled=1&abxe=1&dt=1663871480234&lmt=1663871480&dlt=1663871477769&idt=2351&adxs=436&adys=11491&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=3&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.staradvertiser.com%2F&frm=20&vis=1&psz=1350x142&msz=1320x-1&fws=0&ohw=0&ga_vid=1040327165.1663871479&ga_sid=1663871480&ga_hid=1388760453&ga_fc=true
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a3b294f2bccbcca32fedd36c537356903ddea7e33fc3eec97f774669a02db79c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:20 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19385
x-xss-protection
0
google-lineitem-id
5747548770
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138383872571
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.staradvertiser.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
d728ad254c91b2c39129194f45466e21.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 27D5 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://d728ad254c91b2c39129194f45466e21.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092101.js?cb=31069793
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.staradvertiser.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 22 Sep 2022 18:31:20 GMT
expires
Fri, 22 Sep 2023 18:31:20 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
1401480206566122
connect.facebook.net/signals/config/ 		297 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1401480206566122?v=2.9.83&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
470c08fa28fca932e3fcdc61dcb83ce51358958be3ef38909846174969db5681
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
87812
x-xss-protection
0
pragma
public
x-fb-debug
zAAirZbel5hnrP69M5WIUIJgs0IUE3p70fNTanmYrDQHMw3vGQu7PCyoDFedlyyq2NLUIzoRXN4ugfLTAG1CIQ==
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Thu, 22 Sep 2022 18:31:20 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
297 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=309252323293891&ev=PageView&dl=https%3A%2F%2Fwww.staradvertiser.com%2F&rl=&if=false&ts=1663871480284&sw=1600&sh=1200&v=2.9.83&r=stable&ec=0&o=30&par[0]=%7B%22extractorID%22%3A%22456843294878480%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%22priceCurrency%22%3A%22USD%22%7D%7D%7D&par[1]=%7B%22extractorID%22%3A%222346298978947266%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%7D%7D%7D&fbp=fb.1.1663871480282.1052396613&it=1663871479303&coo=false&rqm=GET
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:20 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44
expires
Thu, 22 Sep 2022 18:31:20 GMT
stn_trk.gif
s2l.sendtonews.com/ 		26 B
186 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://s2l.sendtonews.com/stn_trk.gif?session=Kqg2J0vzlYL6FDsn&instance=214988373&version=7.8.0&age=220922&cmd=GET&key=NxulL6Ef&c_id=13479&seq=1&order=2&absoluteTime=3431.4&relativeTime=807.8&canonical=https://www.staradvertiser.com/&EXTREF=https://www.staradvertiser.com/&REF=https://www.staradvertiser.com/&playerCfg=BR
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.206.60.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-206-60-169.compute-1.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:20 GMT
last-modified
Wed, 23 Dec 2020 21:38:39 GMT
server
Apache/2.4.41 (Ubuntu)
accept-ranges
bytes
etag
"1a-5b72883b37f80"
content-length
26
content-type
image/gif
data_stn_l.php
timber.sendtonews.com/timber/ 		0
142 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://timber.sendtonews.com/timber/data_stn_l.php?CMD=GET&ESG_key=NxulL6Ef&ES_key=NxulL6Ef&ES_ID=34893&S_RKEY=kmnhGKQYEz&USR_ID=214988373&ST_usrKey=Kqg2J0vzlYL6FDsn&SM_ID=2254305&C_ID=13479&C_companyName=Oahu%20Publications%20Inc&version=70080000&sC_ID=4735&AC_ID=2008&TYPE=BARKER&EXTREF=https://www.staradvertiser.com/&REF=https://www.staradvertiser.com/&PLAYERCODE=LVFNLN&OGSET=1&REFONLY=0&STRIPQUERY=1&serverHost=embed.sendtonews.com
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.170.30.54 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-170-30-54.compute-1.amazonaws.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 22 Sep 2022 18:31:30 GMT
cache-control
max-age=1
server
Apache
content-type
text/html; charset=UTF-8
content-length
0
expires
Thu, 22 Sep 2022 18:31:21 GMT
0.js
player.sendtonews.com/bidderFiles/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.sendtonews.com/bidderFiles/0.js
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20220901/easy-stn-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-44.fra60.r.cloudfront.net
Software
Apache /
Resource Hash
7f1d279703b902aee3682bf47afc04d7d9a4417e08a137638cd8dcce1141c450

Request headers

Referer
https://www.staradvertiser.com/
Origin
https://www.staradvertiser.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:20:43 GMT
content-encoding
gzip
age
639
x-cache
Hit from cloudfront
content-length
1394
access-control-allow-origin
*
last-modified
Thu, 03 Mar 2022 21:08:40 GMT
server
Apache
etag
"e75-5d956cd664600-gzip"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 760a29e891ec10bba1274911260e1fc8.cloudfront.net (CloudFront)
cache-control
max-age=3600
x-amz-cf-pop
FRA60-P4
accept-ranges
bytes
x-robots-tag
noindex, nofollow
x-amz-cf-id
wGkc02jJYBRlsee4m-o5WXa-KltHN0q048KEFfHraWS4DXFyxNO4uA==
expires
Thu, 22 Sep 2022 19:20:41 GMT
flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v139/ 		125 KB
125 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/materialicons/v139/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/icon?family=Material+Icons
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.staradvertiser.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 20:32:16 GMT
x-content-type-options
nosniff
age
597544
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
128352
x-xss-protection
0
last-modified
Thu, 25 Aug 2022 00:26:06 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 15 Sep 2023 20:32:16 GMT
jju6h64tf1zm0y16apn3b2k32xzmwqz1.jpg
d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/XL/ 		51 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/XL/jju6h64tf1zm0y16apn3b2k32xzmwqz1.jpg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.145.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-145-10.cdg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2a3dbbbb4028712475b2a7cc4a26dab0ca4aedc8ac51c8b9c9b1d699389acf93

Request headers

Referer
https://www.staradvertiser.com/
Origin
https://www.staradvertiser.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 17:50:53 GMT
via
1.1 3a19e7746bbbb8dd91ed586197497ae8.cloudfront.net (CloudFront)
age
2427
x-cache
Hit from cloudfront
x-amz-storage-class
REDUCED_REDUNDANCY
content-disposition
attachment
content-length
51715
last-modified
Thu, 22 Sep 2022 17:30:12 GMT
server
AmazonS3
etag
"252092e5bf03072cd633ed0c98e96dda"
vary
Origin
access-control-allow-methods
GET, HEAD, POST
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin, Access-Control-Allow-Credentials
x-amz-cf-pop
CDG50-C2
accept-ranges
bytes
x-amz-cf-id
acKhwgeaA4Pf8xU8Oxys1J0CXaACnMvnRpM0Ud-BdiE2HyQSA8nTcA==
stn_trk.gif
s2l.sendtonews.com/ 		26 B
186 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://s2l.sendtonews.com/stn_trk.gif?session=Kqg2J0vzlYL6FDsn&instance=214988373&version=7.8.0&age=220922&cmd=RTP&key=NxulL6Ef&c_id=13479&seq=1&order=3&absoluteTime=3453.1&relativeTime=829.5&sC_ID=4735&sm_id=2254305&load=1&status=LVFNLNIY&ac_id=2008&EXTREF=https://www.staradvertiser.com/&REF=https://www.staradvertiser.com/&playerCfg=BR
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.206.60.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-206-60-169.compute-1.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:20 GMT
last-modified
Wed, 23 Dec 2020 21:38:39 GMT
server
Apache/2.4.41 (Ubuntu)
accept-ranges
bytes
etag
"1a-5b72883b37f80"
content-length
26
content-type
image/gif
data_stn_l.php
timber.sendtonews.com/timber/ 		0
143 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://timber.sendtonews.com/timber/data_stn_l.php?CMD=RTP&ESG_key=NxulL6Ef&ES_key=NxulL6Ef&ES_ID=34893&S_RKEY=kmnhGKQYEz&USR_ID=214988373&ST_usrKey=Kqg2J0vzlYL6FDsn&SM_ID=2254305&C_ID=13479&C_companyName=Oahu%20Publications%20Inc&version=70080000&sC_ID=4735&AC_ID=2008&TYPE=BARKER&EXTREF=https://www.staradvertiser.com/&REF=https://www.staradvertiser.com/&PLAYERCODE=LVFNLN&OGSET=1&REFONLY=0&STRIPQUERY=1
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.170.30.54 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-170-30-54.compute-1.amazonaws.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 22 Sep 2022 18:31:20 GMT
cache-control
max-age=1
server
Apache
content-type
text/html; charset=UTF-8
content-length
0
expires
Thu, 22 Sep 2022 18:30:45 GMT
i
www.i.matheranalytics.com/ 		43 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.i.matheranalytics.com/i?e=pv&page=Hawaii%20News%20%7C%20Honolulu%20Star-Advertiser&artpubt=1663869600&artupt=1663869600&ptype=Homepage&tv=js-3.0.153&tna=Mather&aid=v1&p=web&tz=Etc%2FUnknown&tzoff=0&lang=en-US&cs=UTF-8&navt=link&f_pdf=1&res=1600x1200&cd=24&cookie=1&f_jquery=1&f_es6=1&f_gears=2&tvltm=2&tid=ce3a5baf-a429-49c3-9c07-c5bff8315964&pid=cf315973-ef5d-4c71-8053-92a1f035cb7d&dtm=1663871480386&qnm=_matherq&visible=1&tabid=ac167e9d-77c6-4795-bda0-493391475d46&url=https%3A%2F%2Fwww.staradvertiser.com%2F&vp=1600x1200&ds=1600x11673&tofa=1663871480&vid=1&lvidt=1663871480&duid=c052e739a739f0fc&fp=577415770&cid=ma15446&mrk=988352900&cx=eyJwZXJmIjp7InN0YXJ0IjoiMTY2Mzg3MTQ3Njg5NyIsInJlZGlyQ250IjoiMCIsIm5hdlR5cGUiOiJsaW5rIiwiaGVhcFUiOiIxMy40bWIiLCJoZWFwVCI6IjIxLjdtYiIsImZzdFBhaW50IjoiMTM5NCIsImZldGNoUyI6IjI2NCIsImRvbWFpblMiOiIyNjUiLCJkb21haW5FIjoiMjY1IiwiY29ublMiOiIyNjUiLCJjb25uRSI6IjYwOCIsInNzbFMiOiIzNzkiLCJyZXF1UyI6IjYwOCIsInJlc3BTIjoiNzY4IiwicmVzcEUiOiI5MTIiLCJkb21Mb2FkIjoiODcyIiwiZG9tSW50ZXIiOiIxNzM5IiwiZG9tTG9hZFMiOiIxNzM5IiwiZG9tTG9hZEUiOiIxNzUzIn0sImlkZW50aXRpZXMiOlt7InR5cGUiOiJnYSIsImlkIjoiMTA0MDMyNzE2NSIsInJlZlRpbWUiOiIxNjYzODcxNDgwMzg2In1dfQ
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.219.38.131 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-219-38-131.compute-1.amazonaws.com
Software
/
Resource Hash
d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Thu, 22 Sep 2022 18:31:20 GMT
Connection
keep-alive
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Content-Length
43
Content-Type
image/gif
/
id.sv.rkdms.com/identity/ 		2 B
172 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.sv.rkdms.com/identity/?vendor=idsv2&sv_cid=5274_04512&sv_pubid=SENDTONEWS&sv_domain=www.staradvertiser.com
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.234.134.156 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-234-134-156.compute-1.amazonaws.com
Software
nginx/1.20.2 /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://www.staradvertiser.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin
https://www.staradvertiser.com
date
Thu, 22 Sep 2022 18:31:20 GMT
access-control-allow-credentials
true
server
nginx/1.20.2
content-length
2
vary
Origin
content-type
application/json
rid
match.adsrvr.org/track/ 		63 B
395 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=casale&fmt=json&p=187621
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
0f6df50c180f8bf651823d78b3a5ae8f83c99c9387bf93f0c3b57b385380584a

Request headers

Referer
https://www.staradvertiser.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Thu, 22 Sep 2022 18:31:20 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.staradvertiser.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
63
expires
Sat, 22 Oct 2022 18:31:20 GMT
identity
api.rlcdn.com/api/ 		44 B
365 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.rlcdn.com/api/identity?pid=2&rt=envelope
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.133.55 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
55.133.120.34.bc.googleusercontent.com
Software
/
Resource Hash
da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.staradvertiser.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Thu, 22 Sep 2022 18:31:20 GMT
via
1.1 google
x-content-type-options
nosniff
access-control-allow-headers
Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
access-control-allow-methods
GET, OPTIONS
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.staradvertiser.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
44
styles__ltr.css
www.gstatic.com/recaptcha/releases/zmiYzsHi8INTJBWt2QZC9aM5/ Frame 390F 		52 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/zmiYzsHi8INTJBWt2QZC9aM5/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdAlLwUAAAAABkgsamHb8lqNqVqvZQKWYXKl57b&co=aHR0cHM6Ly93d3cuc3RhcmFkdmVydGlzZXIuY29tOjQ0Mw..&hl=de&v=zmiYzsHi8INTJBWt2QZC9aM5&size=invisible&cb=pim0lxr6s77v
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
caf2650aa985d277b2dd131a6261888bc64e6c9bc15e5564bfb9b380bcf82a10
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 14:36:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
14108
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24251
x-xss-protection
0
last-modified
Wed, 14 Sep 2022 00:24:01 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 22 Sep 2023 14:36:12 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/zmiYzsHi8INTJBWt2QZC9aM5/ Frame 390F 		391 KB
156 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/zmiYzsHi8INTJBWt2QZC9aM5/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdAlLwUAAAAABkgsamHb8lqNqVqvZQKWYXKl57b&co=aHR0cHM6Ly93d3cuc3RhcmFkdmVydGlzZXIuY29tOjQ0Mw..&hl=de&v=zmiYzsHi8INTJBWt2QZC9aM5&size=invisible&cb=pim0lxr6s77v
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9337f499c9b0cc63404026b5448c6fd449df6ed57abf148722751a3a4b992c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:30:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
40
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
159646
x-xss-protection
0
last-modified
Wed, 14 Sep 2022 00:24:01 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 22 Sep 2023 18:30:40 GMT
spc_fi.php
cdn.firstimpression.io/delivery/ 		45 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.firstimpression.io/delivery/spc_fi.php?id=7470&url=%2F&charset=UTF-8&ch=18&ref=www.staradvertiser.com&viewerId=null&referer=&_firid=54516852
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.240.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-240-121.vie50.r.cloudfront.net
Software
nginx/1.20.0 / PHP/8.0.14
Resource Hash
40ffdc0909c9960fe45b6bc74f259dc549868fae4b3b7ab273eb1401ba684d76

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.staradvertiser.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:20 GMT
content-encoding
gzip
x-amz-cf-pop
VIE50-C1
x-powered-by
PHP/8.0.14
x-cache
Miss from cloudfront
p3p
CP="CUR ADM OUR NOR STA NID"
pragma
no-cache
access-control-allow-origin
https://www.staradvertiser.com
server
nginx/1.20.0
vary
Accept-Encoding
content-type
application/json; charset=UTF-8
via
1.1 108e63109879954f4e720db50559f788.cloudfront.net (CloudFront)
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-amz-cf-id
kIgziX_Ya2PCCOO7rZI77ZSZoewuwgPJEUVhujWhwD0hQqT0GSUlHQ==
expires
0
ares-unit.js.gz
origami.secure.ownlocal.com/origami_unit/production/ Frame 232F 		115 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://origami.secure.ownlocal.com/origami_unit/production/ares-unit.js.gz
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.77.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.77.96.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
a15d10ee6ae48395020b55338c0384cc95c1baa147d27f4d0fe05520beb75ff1

Request headers

Referer
https://www.staradvertiser.com/
Origin
https://www.staradvertiser.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:05:24 GMT
content-encoding
gzip
x-goog-meta-goog-reserved-file-mtime
1652972837
age
1556
x-guploader-uploadid
ADPycdvnQhG-hY-WRF7zBHc45Qp0vPeYCJsng-mpwNuQPpZbDqpInHnTdVHSLjlfkOKnwmRWLqDXyQCBiQSMIm-eXxoKKw
x-goog-storage-class
MULTI_REGIONAL
x-goog-meta-surrogate-key
ares-unit-bundle-production
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32473
accept-ranges
bytes
last-modified
Thu, 19 May 2022 15:08:57 GMT
server
UploadServer
etag
"0447f5ed525529565dc5e920e8d77e31"
vary
Accept-Encoding
x-goog-hash
crc32c=HUbaKQ==, md5=BEf17VJVKVZdxekg6Nd+MQ==
x-goog-generation
1652972937548329
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400
x-goog-stored-content-length
32473
x-goog-meta-surrogate-key-control
max-age=31536000
content-type
application/javascript
expires
Fri, 23 Sep 2022 18:05:24 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/712386318/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/712386318/?random=1663871480490&cv=9&fst=1663871480490&num=1&label=hqBoCLnO39gBEI7O2NMC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg9l0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.staradvertiser.com%2F&tiba=Hawaii%20News%20%7C%20Honolulu%20Star-Advertiser&hn=www.googleadservices.com&us_privacy=error&async=1&rfmt=3&fmt=4
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2a9dd57a3848214eb38b6767b2a82a70ee7dcfea23350c8a2ef3bbd45d51ad72
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Sep 2022 18:31:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1082
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame 52B2 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.64.114.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-64-114-85.txl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id
I95TjGhhrR3O7F99m0mjPLrSrnJRj9o4
content-encoding
gzip
etag
W/"a4d296427fc806b21335359e398c025c"
age
31710
x-cache
Hit from cloudfront
access-control-max-age
3000
access-control-allow-origin
*
last-modified
Mon, 19 Sep 2022 09:37:07 GMT
server
AmazonS3
date
Thu, 22 Sep 2022 09:42:50 GMT
vary
Accept-Encoding,Origin
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 d58f8ae27ab00bbbe1dc072976204492.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
TXL50-P4
x-amz-cf-id
vQ1TBSxxwLnBrWIpVtRg7tO-zu2xZUjUTAyeA7Jo85cCAlWhM0Zagg==
config
c.amazon-adsystem.com/cdn/prod/ Frame 52B2 		248 B
610 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.staradvertiser.com&pubid=6c3f03cd-6fa8-4477-ac05-2c0f4f8da092
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.64.114.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-64-114-85.txl50.r.cloudfront.net
Software
Server /
Resource Hash
7beb96ef759b267b4159270a64ca009646a2e9a725882896b3dd431198b92058

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 15:47:02 GMT
via
1.1 1a620bb236f3df5588fc787c47ccfafa.cloudfront.net (CloudFront)
server
Server
age
9858
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.staradvertiser.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-pop
TXL50-P4
content-length
248
x-amz-cf-id
ySg2sElUsX0HT01Z8HfWQK5Lclo8ymlNnFrcfFZyPCaOMp44kbfRzA==
bridge3.532.0_en.html
imasdk.googleapis.com/js/core/ Frame 9DAC 		638 KB
207 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.532.0_en.html
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
23091133c2c9c43412cf7ee8e2471a7cba775e981334be7d13b0d78d9babc5a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.staradvertiser.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
202500
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
211807
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Tue, 20 Sep 2022 10:16:20 GMT
expires
Wed, 20 Sep 2023 10:16:20 GMT
last-modified
Tue, 20 Sep 2022 10:12:09 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
client.js
s0.2mdn.net/instream/video/ 		44 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80c::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 22 Sep 2022 18:31:20 GMT
bid
aax-dtb-cf.amazon-adsystem.com/e/dtb/ Frame 52B2 		23 B
467 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.staradvertiser.com%2F&pid=3PxeTyxSU8DQL&cb=0&ws=300x150&v=22.9.81452&t=2000&slots=%5B%7B%22id%22%3A%22standard%22%2C%22mt%22%3A%22v%22%7D%5D&schain=1.0%2C1!sendtonews.com%2CL7r5UMGIQVI6qe1BoRgEAg%2C1%2C%2C%2C&pubid=6c3f03cd-6fa8-4477-ac05-2c0f4f8da092&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.87.188 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-87-188.fra2.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:20 GMT
via
1.1 2b2e2811e641703aebf776da39317b9c.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA2-C2
x-amz-rid
GA4083VMBVRDJCEDG1PV
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.staradvertiser.com
access-control-allow-credentials
true
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
23
x-amz-cf-id
wg0fRq1tC7XyOsCt0CfRcO6dvDBWSZktif2BMhCXvvyAGwXz_FVqlQ==
tiny-slider.css
cdnjs.cloudflare.com/ajax/libs/tiny-slider/2.9.1/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/tiny-slider/2.9.1/tiny-slider.css
Requested by
Host: cdn.cityspark.com
URL: https://cdn.cityspark.com/wid/get.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e9b8906a8b7540b8accfd2a491c0821d6bd6d8ccbd4ab53a56da8906ff028423
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:20 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
254047
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
573
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:17:01 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ffd-882"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E3Fxfr2BcbRYlrUwZvZTy4bjh4PUflue%2FiUJsH5Uoant6DgRMizGlootCJu9d5HaqqrO%2B95Pdue2HmUk2Qtbqt3X27Y3tKlLBtkGC1g6Y%2FPZ%2BuXQ%2Bm%2Fz6iGKGoY88PXPB6EwqbQvsMQHyZF6JPg0RH3R"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
74ed1df1c8d19c0d-FRA
expires
Tue, 12 Sep 2023 18:31:20 GMT
analytics.js
www.google-analytics.com/ 		49 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
9e25469f734732205f33dd80ff8ca12080406c18d2fa99a1f368103e51f7999f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Sun, 11 Sep 2022 13:50:09 GMT
server
Golfe2
age
5360
date
Thu, 22 Sep 2022 17:02:00 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19826
expires
Thu, 22 Sep 2022 19:02:00 GMT
one.js
csp.azureedge.net/cdn/OneCol/ 		138 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://csp.azureedge.net/cdn/OneCol/one.js?v=7
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:dc::6853:521 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
eee64e7a420c5e70f9c636da84110997eb85bf5e55e56a003ff4b448d4889897

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:20 GMT
content-encoding
gzip
last-modified
Fri, 29 Jul 2022 22:43:11 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"1d8a39c948c0162"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
61870
41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
d3plfjw9uod7ab.cloudfront.net/ad/ Frame C162 		97 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3plfjw9uod7ab.cloudfront.net/ad/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092101.js?cb=31069793
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:7000:13:a391:88c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3936ef1c8f1732c0c04810760b747102dd4431bcc37689c27196de5d030ba858

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id
PidISEiOP90R_913dwkQ2_.B_dtaRt0p
content-encoding
br
last-modified
Thu, 14 Jul 2022 18:51:22 GMT
server
AmazonS3
age
4570
etag
W/"988ed904fe9935453a894f009ac11cc0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 89e34e3fd814f1393ef77867b93dd12e.cloudfront.net (CloudFront)
cache-control
max-age=7200, public
date
Thu, 22 Sep 2022 17:15:11 GMT
x-amz-cf-pop
FRA56-P4
x-amz-cf-id
oQXPE_l44uwtFCjXK-1mMa3coLHLFXggx0PYYqqhWjlxy4s-Eao_rw==
view
securepubads.g.doubleclick.net/pcs/ Frame C162 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvPx3Opomqobrvn7P9C9_9fVYmx9zj-s2CNjucteFI92W1YA9gWTYNZ6ngLHUQkyrgDOecFxyko81sCOYiG7-XgM11cyWt1qGPlKQO_k4ZlKSe57UQDtJUutq6o1c-XCgyMa5ZEUr0uyy6QsKdR31ONEjc0lTN-emd6MFU6wDFS3BKWE4zk4xSl5ADCxPhqxCPbV4cwk61hyHyPHGN2oqyd4r1IQYRT3unPOnw7PQj8tPPTlWsTqxMpDUc7j-MMZF-AOe48qiJMV714mcHgJTtwJy9UnyAt9G_t3kn6qLkuyCi7VJhAu6wBcgPmST1IWzVQd-C3HfF-18s--fkQnAqSFwMa1xSvjaH7nA&sai=AMfl-YRuZfz5GBpnqY-h7aTNIkrO-IAYjPbjOH4DOWb8kIkXgWvEXlfcKKKGSkU5wVl7lfsJfsm-HTRjwtW-dCf7prvF8M-kdQuLd6OdzRCDo6mV0GlroSWmrGfUCEuwFAK-I54&sig=Cg0ArKJSzN-dnJ_psnKbEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 22 Sep 2022 18:31:20 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220919/r20110914/ Frame C162 		23 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220919/r20110914/abg_lite_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092101.js?cb=31069793
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0c2d5358c7df05018004b5ff5434f854385d8fe8a64593901d9ae662564592d3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:12:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1123
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9574
x-xss-protection
0
server
cafe
etag
3447265524526809024
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 06 Oct 2022 18:12:37 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220919/r20110914/client/ Frame C162 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220919/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092101.js?cb=31069793
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:27:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
225
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 06 Oct 2022 18:27:35 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame C162 		140 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092101.js?cb=31069793
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0d71b1f9bb2c1439edff9c640fedc7e649eeaa3a1d5b5b08199a6877b3328a71
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44544
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1663587528796173"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 22 Sep 2022 18:31:20 GMT
17244996170414049863
tpc.googlesyndication.com/simgad/ Frame C162 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/17244996170414049863
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092101.js?cb=31069793
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
edf77ee39ae244062a1940991c0782b8d61798908ceb9baeedd81419e63416da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 10:11:19 GMT
x-content-type-options
nosniff
age
30001
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12393
x-xss-protection
0
last-modified
Tue, 27 Jul 2021 18:58:33 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 22 Sep 2023 10:11:19 GMT
41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
d3plfjw9uod7ab.cloudfront.net/ad/ Frame D8E1 		97 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3plfjw9uod7ab.cloudfront.net/ad/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092101.js?cb=31069793
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:7000:13:a391:88c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3936ef1c8f1732c0c04810760b747102dd4431bcc37689c27196de5d030ba858

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id
PidISEiOP90R_913dwkQ2_.B_dtaRt0p
content-encoding
br
last-modified
Thu, 14 Jul 2022 18:51:22 GMT
server
AmazonS3
age
4570
etag
W/"988ed904fe9935453a894f009ac11cc0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 89e34e3fd814f1393ef77867b93dd12e.cloudfront.net (CloudFront)
cache-control
max-age=7200, public
date
Thu, 22 Sep 2022 17:15:11 GMT
x-amz-cf-pop
FRA56-P4
x-amz-cf-id
U7V5YLSI1imH_2DPXyxlzJcJZFjNDhH8Gv2Uk3wKrfufGDZzCljHYQ==
view
securepubads.g.doubleclick.net/pcs/ Frame D8E1 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu7kt6nGYiU-Zlc6N5eL3WxGveHWV5rbQIigUIM5UBDMOlksqNkw_zAHmDTvuweEwKF1OppuhTyDeoV7H-vUSqpB9R5UUTapTYe-pIQXRhGOPkasEasXk2WovPU_-JJf5qz_gfz9pQZpg5qimcPAldigVP99m85UUxxFYeVKKaVpyuUF1ZuPiB_769eeAJyIFTQHhbfcssmsfX-Z9b3gVikp4iVBP2LznOtTMOF9buAO6uPYwz7fMQhpx2zN712O7NmsjNv_t7wNJvGOdq2ddrZo8hB3uRyA4lEbWV9HA0bzWc95y3R3CbAOagOlIsw36rConvA-J2fxjttonfqs2o3xXukPH8Vs3xR4g&sai=AMfl-YS3DAe46OUmkJx-f5lGekr0tLHD5OJnTsDdAOssTK039cjcsOo4h9KojukXkAVPzGiDneHWcysBNkenaZugw1YOvKGUdPSpJ6x9e28K7KQ8BSkOBvFX87ScWVxy_GE3dpY&sig=Cg0ArKJSzEyOk55MWW12EAE&uach_m=[UACH]&adurl=
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 22 Sep 2022 18:31:20 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220919/r20110914/ Frame D8E1 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220919/r20110914/abg_lite_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092101.js?cb=31069793
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0c2d5358c7df05018004b5ff5434f854385d8fe8a64593901d9ae662564592d3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:12:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1123
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9574
x-xss-protection
0
server
cafe
etag
3447265524526809024
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 06 Oct 2022 18:12:37 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220919/r20110914/client/ Frame D8E1 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220919/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092101.js?cb=31069793
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:27:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
225
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 06 Oct 2022 18:27:35 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame D8E1 		140 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092101.js?cb=31069793
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0d71b1f9bb2c1439edff9c640fedc7e649eeaa3a1d5b5b08199a6877b3328a71
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44544
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1663587528796173"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 22 Sep 2022 18:31:20 GMT
9837137720388202531
tpc.googlesyndication.com/simgad/ Frame D8E1 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/9837137720388202531
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092101.js?cb=31069793
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
aa40ab4f89a7c52dd9cb78a8b5a293e16d06595c62ed13db9bacc8e45353b61a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 05:53:23 GMT
x-content-type-options
nosniff
age
131877
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11445
x-xss-protection
0
last-modified
Tue, 27 Jul 2021 18:58:34 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 21 Sep 2023 05:53:23 GMT
41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
d3plfjw9uod7ab.cloudfront.net/ad/ Frame CE8D 		97 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3plfjw9uod7ab.cloudfront.net/ad/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092101.js?cb=31069793
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:7000:13:a391:88c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3936ef1c8f1732c0c04810760b747102dd4431bcc37689c27196de5d030ba858

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id
PidISEiOP90R_913dwkQ2_.B_dtaRt0p
content-encoding
br
last-modified
Thu, 14 Jul 2022 18:51:22 GMT
server
AmazonS3
age
4570
etag
W/"988ed904fe9935453a894f009ac11cc0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 89e34e3fd814f1393ef77867b93dd12e.cloudfront.net (CloudFront)
cache-control
max-age=7200, public
date
Thu, 22 Sep 2022 17:15:11 GMT
x-amz-cf-pop
FRA56-P4
x-amz-cf-id
UyeUEi70GDwOFiiuPl_UKbTrCwN9QjD1UJqnZ9mEu8xmkEDEKmcByw==
view
securepubads.g.doubleclick.net/pcs/ Frame CE8D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssCaV7kvQ2ZAD5gRzWMK6c56c24cnLTTykoRC4JYgqE-1v6Wi6tOwVKaZCFDqzVhtEiD35dI9BIeuqtllCDTBhEc60WIZgQtvgERFeEnV_UGVpF_Xmx-RU2J2xDK3hqD2Wq2w50JCItRfjNq57PqS0mBVdz_u7VHX5BA0njJAMqOiOqsD9DpboxgJSzBM4mWqv8Tn-t4qLd4LyBiRV4qrPdW6XF3q9d53KFMMS3LFyqu7AgTNyZFjtq08Km5w4w3qT10sMMWNlLYT3QFlu2VpX57Ib179nFVhGovW_sT274oMFDHKRa6whFJcYzUvrRgUO3Sv0AnNpY4Vgc8X1UpFFZz7pEHOodH5fr&sai=AMfl-YR07zBNM2ZCBkaSiJy8s1vJMYNTCh6Y8hidR5aK6-wrLn2UOYXL9wCm1ulqjdWXAvuN738WFVfT8ev0ij0Dy_Erf0gvOlUgXvykxWp2UmSobM2XreLbX2QwsA_T7fyc6k4&sig=Cg0ArKJSzH8tmjcKbiCaEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 22 Sep 2022 18:31:20 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220919/r20110914/ Frame CE8D 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220919/r20110914/abg_lite_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092101.js?cb=31069793
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0c2d5358c7df05018004b5ff5434f854385d8fe8a64593901d9ae662564592d3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:12:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1123
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9574
x-xss-protection
0
server
cafe
etag
3447265524526809024
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 06 Oct 2022 18:12:37 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220919/r20110914/client/ Frame CE8D 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220919/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092101.js?cb=31069793
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:24:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
426
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 06 Oct 2022 18:24:14 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame CE8D 		140 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092101.js?cb=31069793
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0d71b1f9bb2c1439edff9c640fedc7e649eeaa3a1d5b5b08199a6877b3328a71
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44544
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1663587528796173"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 22 Sep 2022 18:31:20 GMT
14219748089826616194
tpc.googlesyndication.com/simgad/ Frame CE8D 		77 KB
77 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/14219748089826616194
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092101.js?cb=31069793
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2bb58265c9629d2aaa5df11cc0b419bef12a0d340ed0b1c1c98e0fa4193e523e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 23:07:58 GMT
x-content-type-options
nosniff
age
501802
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
78718
x-xss-protection
0
last-modified
Wed, 04 May 2022 19:51:03 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 16 Sep 2023 23:07:58 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		4 KB
290 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=329596970703887&correlator=1772780867588272&eid=31060439%2C31069635%2C31069793&output=ldjh&gdfp_req=1&vrg=2022092101&ptt=17&impl=fifs&iu_parts=5136785%2CSA_Native_HomePage%2CSA_Native4-frame_HomePage%2CSA_Native4_HomePage-1%2CSA_Native4_HomePage-2%2CSA_Native4_HomePage-3%2CSA_Native4_HomePage-4%2CSA-FootballFever_300x300-1%2CSA-FootballFever_300x300-2%2CSA-FootballFever_300x300-3%2CSA-FootballFever_300x300-4%2CSA_INT_HomePage%2CSA_INT_Gateway-Sponsor&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5%2C%2F0%2F6%2C%2F0%2F7%2C%2F0%2F8%2C%2F0%2F9%2C%2F0%2F10%2C%2F0%2F11%2C%2F0%2F12&prev_iu_szs=1x1%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1&ifi=4&adks=209233742%2C1265839655%2C3828629500%2C2441712459%2C352046981%2C1925805504%2C1601519305%2C122768717%2C2150871482%2C243705689%2C75063581%2C1052146423&sfv=1-0-38&ists=4095&fsapi=false&eri=1&cust_params=ip%3D0%26he%3D0&ppid=1329b7a3-57e0-4a4c-8c42-3fec8b79e7d3&sc=1&cookie=ID%3D6b1163197e313caf%3AT%3D1663871480%3AS%3DALNI_MZN69JqttAfEr_IetFEmKdriJnV6g&abxe=1&dt=1663871480857&lmt=1663871480&dlt=1663871477769&idt=2351&adxs=140%2C140%2C140%2C393%2C646%2C899%2C140%2C478%2C815%2C1153%2C0%2C0&adys=2615%2C2615%2C2615%2C2615%2C2615%2C2615%2C6696%2C6696%2C6696%2C6696%2C0%2C40&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=4%7C5%7C6%7C7%7C8%7C9%7C10%7C11%7C12%7C13%7C0%7C0&ucis=4%7C5%7C6%7C7%7C8%7C9%7Ca%7Cb%7Cc%7Cd%7Ce%7Cf&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.staradvertiser.com%2F&frm=20&vis=1&psz=1012x4714%7C1012x4714%7C1011x1%7C1011x1%7C1011x1%7C1011x1%7C337x14%7C337x14%7C337x14%7C337x14%7C0x-1%7C1600x11672&msz=981x0%7C981x0%7C252x1%7C252x1%7C252x1%7C252x1%7C307x0%7C307x0%7C307x0%7C307x0%7C0x-1%7C1600x0&fws=0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C512%2C0&ohw=0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0&ga_vid=1040327165.1663871479&ga_sid=1663871480&ga_hid=1388760453&ga_fc=true
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3ab602110806e96ecc398e35aaab291d67de527cb18f3fb4cb09d36802e5d050
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:20 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
261
x-xss-protection
0
google-lineitem-id
-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.staradvertiser.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		312 KB
38 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=329596970703887&correlator=3865273686428189&eid=31060439%2C31069635%2C31069793&output=ldjh&gdfp_req=1&vrg=2022092101&ptt=17&impl=fifs&iu_parts=5136785%2CSA_Tile1_HomePage%2CSA_Tile2_HomePage%2CSA_x15_HomePage%2CSA_Top_HomePage%2CSA_Bottom_HomePage%2CSA_Banner1_HomePage%2CSA_Banner2_HomePage%2CSA_Banner3_HomePage%2CSA_Sponsor-MostRead_HomePage%2CSA_Box1_HomePage%2CSA_Box2_HomePage%2CSA_Box3_HomePage%2CSA_Box-Top_HomePage%2CSA_Box-Top-2_HomePage%2CSA_MenuBox%2CSA_MenuTile%2CSA_Box-events_TGIF%2CSA_Footer_Homepage&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5%2C%2F0%2F6%2C%2F0%2F7%2C%2F0%2F8%2C%2F0%2F9%2C%2F0%2F10%2C%2F0%2F11%2C%2F0%2F12%2C%2F0%2F13%2C%2F0%2F14%2C%2F0%2F15%2C%2F0%2F16%2C%2F0%2F17%2C%2F0%2F18&prev_iu_szs=300x100%2C300x100%2C982x30%2C728x90%7C970x90%7C970x250%2C728x90%2C728x90%2C728x90%2C728x90%2C300x100%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x100%2C300x250%2C1x1&ifi=16&adks=323572193%2C415600777%2C1023568893%2C776454535%2C1314924799%2C627532990%2C4244480135%2C3396773607%2C4116631529%2C1735864866%2C4170063637%2C3518020607%2C713581990%2C2869934086%2C3123340506%2C1463211416%2C3217711606%2C1069172642&sfv=1-0-38&fsapi=false&prev_scp=amznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2&eri=1&cust_params=ip%3D0%26he%3D0&ppid=1329b7a3-57e0-4a4c-8c42-3fec8b79e7d3&sc=1&cookie=ID%3D6b1163197e313caf%3AT%3D1663871480%3AS%3DALNI_MZN69JqttAfEr_IetFEmKdriJnV6g&abxe=1&dt=1663871480867&lmt=1663871480&dlt=1663871477769&idt=2351&adxs=1159%2C140%2C309%2C436%2C436%2C436%2C263%2C263%2C1161%2C1161%2C1161%2C1161%2C1161%2C1161%2C-975%2C-975%2C-9%2C-9&adys=102%2C102%2C59%2C295%2C11142%2C1769%2C4322%2C7925%2C704%2C3140%2C4192%2C8383%2C362%2C1142%2C2583%2C93%2C-9%2C-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C0%7C0%7C14%7C15%7C16%7C17%7C0%7C18%7C19%7C20%7C0%7C0%7C21%7C0%7C-1%7C-1&ucis=g%7Ch%7Ci%7Cj%7Ck%7Cl%7Cm%7Cn%7Co%7Cp%7Cq%7Cr%7Cs%7Ct%7Cu%7Cv%7Cw%7Cx&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.staradvertiser.com%2F&frm=20&vis=1&psz=337x100%7C337x100%7C1600x11672%7C1350x64%7C1350x72%7C1350x24%7C1011x24%7C1011x24%7C328x14%7C328x14%7C328x14%7C328x14%7C328x14%7C328x14%7C350x-1%7C350x-1%7C0x-1%7C0x-1&msz=300x-1%7C300x-1%7C1600x24%7C1318x24%7C1318x24%7C1320x24%7C971x24%7C971x24%7C300x14%7C300x14%7C300x14%7C300x14%7C300x14%7C300x14%7C300x-1%7C300x-1%7C0x-1%7C0x-1&fws=0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C516%2C516%2C2%2C2&ohw=0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C350%2C350%2C0%2C0&ga_vid=1040327165.1663871479&ga_sid=1663871480&ga_hid=1388760453&ga_fc=true
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
812b0a1164c9328d06e87b8d7f84642aea30f1b35f28e5eb3429535fb49e63f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:21 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38426
x-xss-protection
0
google-lineitem-id
-1,-1,-2,94601305,5343865161,5334153289,-1,-2,-1,5925587903,4837391996,4901051034,-1,-1,-2,-2,-2,-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-1,-1,-2,138226966839,138374810231,138307053035,-1,-2,-1,138381873433,138307415909,138258016293,-1,-1,-2,-2,-2,-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.staradvertiser.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
latest.json
origami.secure.ownlocal.com/origami_configs/a879cd9c-1043-48fa-9b1e-093b75d7e1d3/ Frame 1468 		2 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://origami.secure.ownlocal.com/origami_configs/a879cd9c-1043-48fa-9b1e-093b75d7e1d3/latest.json
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.4.1/rollbar.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.77.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.77.96.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
8b52e568ae1266fb61d2f9ba1be24b302d4a022844972683e71276cd33f2a888

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 17:46:50 GMT
age
2670
x-guploader-uploadid
ADPycduKr7v_idH85ThE98c1NbhJ4avZu5IvKiezY_kLrtQXgVvKfv-Y_HC_Q30rnSqxKkGS9mptZYILBW3KttvU5-8gS5pdhOtH
x-goog-storage-class
MULTI_REGIONAL
x-goog-meta-surrogate-key
a879cd9c-1043-48fa-9b1e-093b75d7e1d3
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2321
last-modified
Thu, 22 Sep 2022 07:32:22 GMT
server
UploadServer
etag
"f4c304a4b1c7299f77fac84df85cc25e"
x-goog-hash
crc32c=ogBS8w==, md5=9MMEpLHHKZ93+shN+FzCXg==
x-goog-generation
1663745543423449
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public,max-age=0,s-maxage=3600
x-goog-stored-content-length
2321
accept-ranges
bytes
content-type
application/json
expires
Thu, 22 Sep 2022 18:46:50 GMT
collect
j.clarity.ms/ 		0
181 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://j.clarity.ms/collect
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.85.30.134 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://www.staradvertiser.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-origin
https://www.staradvertiser.com
date
Thu, 22 Sep 2022 18:31:20 GMT
access-control-allow-credentials
true
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
request-context
appId=cid-v1:3f60b293-70d6-4805-b0bb-3484f0a73bf0
prebidamp.js
ecdn.firstimpression.io/static/js/ 		312 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ecdn.firstimpression.io/static/js/prebidamp.js
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.240.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-240-121.vie50.r.cloudfront.net
Software
nginx/1.20.0 /
Resource Hash
9180f589b3c6ace89b0d577f9bbc4d136d2fab3e2c19831caa0bd815f0702d83

Request headers

Referer
https://www.staradvertiser.com/
Origin
https://www.staradvertiser.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:00:04 GMT
content-encoding
br
last-modified
Tue, 14 Dec 2021 15:30:51 GMT
server
nginx/1.20.0
age
1877
etag
W/"61b8b8ab-4e128"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
x-amz-cf-pop
VIE50-C1
x-amz-cf-id
l-nI_dCpTc112JMrHo13JRU5Thzhn9O1ILYrC2_2GR9N09_K9qIhHg==
via
1.1 96b3f0ca359697e92cd090a37a2e3bf4.cloudfront.net (CloudFront)
expires
Thu, 22 Sep 2022 19:00:04 GMT
creative.js
cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/ 		26 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e72a4d605e3d5af4047f1f34af4008981be221e0809e57805c6011c451f81c14
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.staradvertiser.com/
Origin
https://www.staradvertiser.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
33671
x-jsd-version
1.13.0
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
8874
etag
W/"682b-2ihEYwqesMldd0dS8BiHEV2ELiA"
x-served-by
cache-fra19140-FRA, cache-hhn4049-HHN
x-jsd-version-type
version
date
Thu, 22 Sep 2022 18:31:20 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
apstag.js
c.amazon-adsystem.com/aax2/ 		167 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.64.114.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-64-114-85.txl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d420ee64cb607d68e208a3105b39934807ed2e4d43ced2542f7b6b0cd153ca43

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Thu, 22 Sep 2022 17:57:15 GMT
via
1.1 814952d19d560b49ff15ad2f71e400d2.cloudfront.net (CloudFront), 1.1 1a620bb236f3df5588fc787c47ccfafa.cloudfront.net (CloudFront)
last-modified
Thu, 15 Sep 2022 20:15:31 GMT
server
AmazonS3
age
2046
etag
W/"da0e8e1151d3ebb7a34f07d19a6e05d0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-pop
FRA60-P1, TXL50-P4
content-encoding
gzip
x-amz-cf-id
iaitBXtJX5txzB94qUo-DBHNcWyVDwaP_PeypfCYR_qYwdmpL4hCcg==
latest.json
origami.secure.ownlocal.com/origami_configs/99f385f2-7933-4d1f-bd10-a560fbbfa419/ Frame 232F 		2 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://origami.secure.ownlocal.com/origami_configs/99f385f2-7933-4d1f-bd10-a560fbbfa419/latest.json
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.4.1/rollbar.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.77.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.77.96.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
a58c76b78fc011b0c4a8f2c509e31957c5cca3a151b04437e1727c1c5ca9cb99

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:21 GMT
age
0
x-guploader-uploadid
ADPycdssg1njconD7WfJ5ek0mtpjnsNvc3V4ZTnOde_-P-AVsKBC8eEXHDHKEDpDm25UYZQ0wl0o7DweMpfY0TqpFGIoRvIzgRfU
x-goog-storage-class
MULTI_REGIONAL
x-goog-meta-surrogate-key
99f385f2-7933-4d1f-bd10-a560fbbfa419
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2187
last-modified
Thu, 22 Sep 2022 07:32:25 GMT
server
UploadServer
etag
"bf0790879eccfd83e7949707db025e7b"
x-goog-hash
crc32c=cX80tw==, md5=vweQh57M/YPnlJcH2wJeew==
x-goog-generation
1663745546216027
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public,max-age=0,s-maxage=3600
x-goog-stored-content-length
2187
accept-ranges
bytes
content-type
application/json
expires
Thu, 22 Sep 2022 19:31:21 GMT
pubcid.min.js
secure.cdn.fastclick.net/js/pubcid/latest/ Frame 52B2 		54 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
92.123.21.200 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-123-21-200.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
d80b9ba4d9ed354519644fd9d90aa446ec818d52a9b98395c80a43159dc0e887

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:21 GMT
content-encoding
gzip
last-modified
Thu, 08 Sep 2022 20:10:31 GMT
server
Apache
etag
"d71e-5e830058020dd-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
17404
expires
Thu, 22 Sep 2022 18:46:21 GMT
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 390F 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/zmiYzsHi8INTJBWt2QZC9aM5/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/zmiYzsHi8INTJBWt2QZC9aM5/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 19:40:09 GMT
x-content-type-options
nosniff
age
600672
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2228
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Thu, 22 Sep 2022 19:40:09 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 390F 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdAlLwUAAAAABkgsamHb8lqNqVqvZQKWYXKl57b&co=aHR0cHM6Ly93d3cuc3RhcmFkdmVydGlzZXIuY29tOjQ0Mw..&hl=de&v=zmiYzsHi8INTJBWt2QZC9aM5&size=invisible&cb=pim0lxr6s77v
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 11:18:05 GMT
x-content-type-options
nosniff
age
198796
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 20 Sep 2023 11:18:05 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 390F 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdAlLwUAAAAABkgsamHb8lqNqVqvZQKWYXKl57b&co=aHR0cHM6Ly93d3cuc3RhcmFkdmVydGlzZXIuY29tOjQ0Mw..&hl=de&v=zmiYzsHi8INTJBWt2QZC9aM5&size=invisible&cb=pim0lxr6s77v
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 18:59:48 GMT
x-content-type-options
nosniff
age
171093
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 20 Sep 2023 18:59:48 GMT
headerstats
as-sec.casalemedia.com/ 		0
510 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://as-sec.casalemedia.com/headerstats?s=340102&u=https%3A%2F%2Fwww.staradvertiser.com%2F&v=3
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.staradvertiser.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 22 Sep 2022 18:31:21 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dkUHXmS%2FtYcy9D3wqTUzJLyre%2FnNBCzSOLeHYnrbjFGBZ%2BtsCptQ0ie6iW2%2FF02W84fP2yteFE3a0JhOp7eMxFszpW%2FMhIRyRyxU%2Fsph0by8nhiY8WjG%2BdNiadpop6Sbv51phIqmP54%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://www.staradvertiser.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
74ed1df4ebf39a1e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
fiamp.js
ecdn.firstimpression.io/static/js/ Frame 954B 		110 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ecdn.firstimpression.io/static/js/fiamp.js
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/fi_client.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.240.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-240-121.vie50.r.cloudfront.net
Software
nginx/1.20.0 /
Resource Hash
3d34b2f2e02c7937501dd51255ee7900c9ec823f07b3d8d0fc19c5e242058cf9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 17:38:54 GMT
content-encoding
gzip
last-modified
Fri, 08 Apr 2022 08:48:22 GMT
server
nginx/1.20.0
age
3148
etag
W/"624ff6d6-1b8e9"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
x-amz-cf-pop
VIE50-C1
x-amz-cf-id
NSUPlF67xkOP5mO7ynnQHrNWwrJXmajnJyGdZf_j8hqz66GsQyY3ng==
via
1.1 108e63109879954f4e720db50559f788.cloudfront.net (CloudFront)
expires
Thu, 22 Sep 2022 18:38:53 GMT
cygnus
htlb.casalemedia.com/ Frame 52B2 		36 B
573 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=438214&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%2211ebf57698e0e4%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Fwww.staradvertiser.com%2F%22%2C%22page%22%3A%22https%3A%2F%2Fwww.staradvertiser.com%2F%22%2C%22domain%22%3A%22staradvertiser.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22staradvertiser.com%22%7D%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A0%2C%22iu%22%3A1%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%226.12.0%22%2C%22userIds%22%3A%5B%5D%2C%22fpd%22%3Atrue%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2221e90e57d4849a%22%2C%22ext%22%3A%7B%22siteID%22%3A%22438214%22%7D%2C%22video%22%3A%7B%22context%22%3A%22instream%22%2C%22mimes%22%3A%5B%22video%2Fx-m4v%22%2C%22video%2Fmpeg%22%2C%22video%2Fmp4%22%2C%22application%2Fjavascript%22%2C%22video%2Fwebm%22%2C%22video%2Fogg%22%5D%2C%22minduration%22%3A5%2C%22maxduration%22%3A30%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%2C7%2C8%5D%2C%22w%22%3A282%2C%22h%22%3A227%2C%22sizes%22%3A%5B%5B282%2C227%5D%5D%2C%22playerSize%22%3A%5B%5B282%2C227%5D%5D%2C%22placement%22%3A1%2C%22linearity%22%3A1%2C%22api%22%3A%5B2%5D%2C%22battr%22%3A%5B9%5D%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22sendtonews.com%22%2C%22sid%22%3A%22L7r5UMGIQVI6qe1BoRgEAg%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%7D%7D
Requested by
Host: d29xw9s9x32j3w.cloudfront.net
URL: https://d29xw9s9x32j3w.cloudfront.net/players/library/prebid/6.12.0/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
765044c52e1c5b4b48bebd8215dba3f64b724fdd8d9795b2cd354a3a83bcba0e

Request headers

Referer
https://www.staradvertiser.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 22 Sep 2022 18:31:21 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TvNe%2BJFgdvMICnPtkNCa3G3YoWHDaJ5RlMpA0ywnJ%2Byc79QPFMoTZFy86gZqeiUudysy68%2F%2FJocauPDrlFS%2FnbNwe7EdxwekqBi%2BamRGbsSu6BBDzt5oFElAHpZnr5wWK564zbGG"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.staradvertiser.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
74ed1df50f009a09-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
36
expires
0
auction
tlx.3lift.com/header/ Frame 52B2 		19 B
512 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=6.12.0&referrer=https%3A%2F%2Fwww.staradvertiser.com%2F&tmax=3000
Requested by
Host: d29xw9s9x32j3w.cloudfront.net
URL: https://d29xw9s9x32j3w.cloudfront.net/players/library/prebid/6.12.0/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.120.106.63 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-120-106-63.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.staradvertiser.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 22 Sep 2022 18:31:21 GMT
accept-ch
sec-ch-save-data,sec-ch-ua-mobile,sec-ch-downlink,user-agent,sec-ch-ect,sec-ch-width,sec-ch-prefers-color-scheme,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-arch,sec-ch-rtt,sec-ch-viewport-height,sec-ch-ua-platform,sec-ch-viewport-width,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-dpr,sec-ch-device-memory
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.staradvertiser.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
auction
prebid-server.rubiconproject.com/openrtb2/ Frame 52B2 		173 B
408 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: d29xw9s9x32j3w.cloudfront.net
URL: https://d29xw9s9x32j3w.cloudfront.net/players/library/prebid/6.12.0/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.158.20.13 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-158-20-13.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
975bbb7e2143e20296d5c81673127c8822340f866a2f14f1853a840f716f7cfd

Request headers

Referer
https://www.staradvertiser.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 22 Sep 2022 18:31:21 GMT
content-encoding
gzip
x-prebid
pbs-java/1.99.0
content-type
application/json
access-control-allow-origin
https://www.staradvertiser.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
168
expires
0
229991
search.spotxchange.com/openrtb/2.3/dados/ Frame 52B2 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/openrtb/2.3/dados/229991?src_sys=prebid
Requested by
Host: d29xw9s9x32j3w.cloudfront.net
URL: https://d29xw9s9x32j3w.cloudfront.net/players/library/prebid/6.12.0/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.94.180.124 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.staradvertiser.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

X-spotx-Exception-RESULT
exception
Date
Thu, 22 Sep 2022 18:31:21 GMT
X-SpotX-Timing-Transform
0.000904
X-spotx-Exception-Message
SpotMarket execution was halted.
X-SpotX-Timing-Page-Mux
0.001211
X-spotx-Exception-0-RESULT
failure
X-SpotX-Timing-Page-Require
0.000453
X-spotx-Exception-0-ID
MARKET_HALTED
Connection
keep-alive
X-spotx-Exception-0-Message
Halting market due to GDPR regulations and DPA not being signed by publisher
X-SpotX-Timing-Page-Cookie
0.000003
X-SpotX-Timing-Page
0.117698
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.006358
X-fe
137
Last-Modified
Thu, 22 Sep 2022 18:31:21 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary
0.103160
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://www.staradvertiser.com
X-SpotX-Timing-Page-Misc
0.005574
X-SpotX-Timing-Page-Exception
0.000018
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-URI
0.000017
X-spotx-Exception-ID
SPOTMARKET.HALTED
Access-Control-Allow-Headers
X-SpotX-Timing-SpotMarket
0.103160
Access-Control-Allow-Credentials
true
Expires
Thu, 01 Jan 1970 00:00:00 GMT
translator
hbopenbid.pubmatic.com/ Frame 52B2 		0
65 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: d29xw9s9x32j3w.cloudfront.net
URL: https://d29xw9s9x32j3w.cloudfront.net/players/library/prebid/6.12.0/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.22 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.staradvertiser.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.staradvertiser.com
date
Thu, 22 Sep 2022 18:31:20 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebid
ib.adnxs.com/ut/v3/ Frame 52B2 		139 B
841 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: d29xw9s9x32j3w.cloudfront.net
URL: https://d29xw9s9x32j3w.cloudfront.net/players/library/prebid/6.12.0/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
85aee76744e58ac196c35cdcc67c46fee65ac29503850310c34d46b4b0040e37
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.staradvertiser.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 22 Sep 2022 18:31:21 GMT
X-Proxy-Origin
185.213.155.166; 185.213.155.166; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
838b812f-4979-4b17-b8b9-36eb5af36ee6
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.staradvertiser.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
139
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
www.facebook.com/tr/ 		44 B
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1401480206566122&ev=PageView&dl=https%3A%2F%2Fwww.staradvertiser.com%2F&rl=&if=false&ts=1663871481168&sw=1600&sh=1200&v=2.9.83&r=stable&ec=0&o=30&fbp=fb.1.1663871480282.1052396613&it=1663871479303&coo=false&rqm=GET
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:21 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority
u=3,i
expires
Thu, 22 Sep 2022 18:31:21 GMT
/
www.facebook.com/tr/ 		44 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=309252323293891&ev=ViewContent&dl=https%3A%2F%2Fwww.staradvertiser.com%2F&rl=&if=false&ts=1663871481169&cd[content_type]=Homepage&sw=1600&sh=1200&v=2.9.83&r=stable&ec=1&o=30&fbp=fb.1.1663871480282.1052396613&it=1663871479303&coo=false&rqm=GET
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:21 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority
u=3,i
expires
Thu, 22 Sep 2022 18:31:21 GMT
/
www.facebook.com/tr/ 		44 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1401480206566122&ev=ViewContent&dl=https%3A%2F%2Fwww.staradvertiser.com%2F&rl=&if=false&ts=1663871481170&cd[content_type]=Homepage&sw=1600&sh=1200&v=2.9.83&r=stable&ec=1&o=30&fbp=fb.1.1663871480282.1052396613&it=1663871479303&coo=false&rqm=GET
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:21 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority
u=3,i
expires
Thu, 22 Sep 2022 18:31:21 GMT
css
fonts.googleapis.com/ 		5 KB
667 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,700
Requested by
Host: client
URL: about:client
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400a:800::200a Zurich, Switzerland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
910612fc65208677f4e2fff60558e0f1949138a3696402a17ed5582efe0d2649
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 22 Sep 2022 17:11:28 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 22 Sep 2022 18:31:21 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 22 Sep 2022 18:31:21 GMT
d0HNlpgQjk-iPAcwj6vLfQ.medium.png
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ 		270 KB
271 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/d0HNlpgQjk-iPAcwj6vLfQ.medium.png
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.60.81.107 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
c18843592eb30c7f4647257a17097d1e7b9e25567d027f6137819ab15ae32ed3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Thu, 22 Sep 2022 18:31:22 GMT
Last-Modified
Thu, 18 Aug 2022 15:28:23 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
Cury4xG2yh1/eJA3Okgyew==
ETag
0x8DA812E4A0EB9CB
Content-Type
application/octet-stream
x-ms-request-id
a64eea7e-d01e-0065-64b1-ce93f5000000
x-ms-version
2009-09-19
Content-Length
276643
ebfde8fe-143a-4153-be2f-0d1fb24bedef.medium.JPG
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/ebfde8fe-143a-4153-be2f-0d1fb24bedef.medium.JPG
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.60.81.107 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
0bfe49b701fd9654d20d7fca23cd7c83371acf5246895526637e4f047450cede

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Thu, 22 Sep 2022 18:31:21 GMT
Last-Modified
Fri, 06 Dec 2019 17:25:14 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
RNKOkEFk3wLvAYYz3ApK4g==
ETag
0x8D77A714150208E
Content-Type
image/jpeg
x-ms-request-id
b5c61718-701e-007c-37b1-ce134e000000
x-ms-version
2009-09-19
Content-Length
11282
om82hWx8iEq40o14OB_Dcg.medium.jpg
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/om82hWx8iEq40o14OB_Dcg.medium.jpg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.60.81.107 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
bec234cee0d2b925aef61b59e119b790f8efd19170f8f55d86fe79a5537db5ec

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Thu, 22 Sep 2022 18:31:21 GMT
Last-Modified
Wed, 24 Nov 2021 09:12:06 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
U2eZ7qy2FtrKWQMCd8RDyw==
ETag
0x8D9AF2A7C6916C5
Content-Type
application/octet-stream
x-ms-request-id
bc0d251e-601e-0012-13b1-ce4661000000
x-ms-version
2009-09-19
Content-Length
38939
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
079720151f8e5a548186737593346110b3534909e074b4de98de5f1923dbb486

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
a5a4471e-345d-4ae3-a07a-6d6b9161ecdb.medium.png
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ 		97 KB
97 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/a5a4471e-345d-4ae3-a07a-6d6b9161ecdb.medium.png
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.60.81.107 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
2893d05b01bf3319c158d69c731113d6e7cee410f3489c7abe9d3e3fde46daa1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Thu, 22 Sep 2022 18:31:21 GMT
Last-Modified
Fri, 18 Oct 2013 01:40:04 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
jGTTD4Ck11wlYTMfi7xNGQ==
ETag
0x8D099BA1A3E027D
Content-Type
image/png
x-ms-request-id
5905d744-d01e-005a-55b1-ce5b56000000
x-ms-version
2009-09-19
Content-Length
98897
f5aa8ddb-81bf-4872-918d-56aa87544084.medium.png
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ 		101 KB
101 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/f5aa8ddb-81bf-4872-918d-56aa87544084.medium.png
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.60.81.107 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
78b8c5ebdcbe9b538d0326396c40f77c5e0f529318a4df6b8cdb6a578527c0a6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Thu, 22 Sep 2022 18:31:21 GMT
Last-Modified
Wed, 17 Aug 2016 21:25:55 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
di8zSgC32wT9Bh8ib+ywgg==
ETag
0x8D3C6E512B6E599
Content-Type
image/png
x-ms-request-id
70bbd959-501e-0054-47b1-ce72e6000000
x-ms-version
2009-09-19
Content-Length
103270
bHUo2qgrgkiva7Lgs6RbNg.medium.jpg
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/bHUo2qgrgkiva7Lgs6RbNg.medium.jpg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.60.81.107 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
9de5ce2255bee94141be64a2b4e435c9f2c9655b3819cef844e605ab2286a34d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Thu, 22 Sep 2022 18:31:21 GMT
Last-Modified
Wed, 06 Apr 2022 18:53:19 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
TLlShO4It24ptj1uHSzcQg==
ETag
0x8DA17FEB77D5311
Content-Type
application/octet-stream
x-ms-request-id
997ba7ef-801e-0035-0fb1-ce51a5000000
x-ms-version
2009-09-19
Content-Length
33850
3cfIcjV7iUW72iBO_R1_2A.medium.jpg
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ 		56 KB
57 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/3cfIcjV7iUW72iBO_R1_2A.medium.jpg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.60.81.107 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e6d7dcb1bdc01c6fd1fd133429882a4a2fb6b2cf9c441ec90a29bb469b0a288a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Thu, 22 Sep 2022 18:31:22 GMT
Last-Modified
Wed, 10 Aug 2022 20:43:34 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
wfLLDbLhZUneaZvLweaD6Q==
ETag
0x8DA7B10FE818AC4
Content-Type
application/octet-stream
x-ms-request-id
b5c6176f-701e-007c-09b1-ce134e000000
x-ms-version
2009-09-19
Content-Length
57779
WTdXWtKfb0CKIWZsSkbpmg.medium.jpg
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ 		33 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/WTdXWtKfb0CKIWZsSkbpmg.medium.jpg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.60.81.107 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
c97324da5ec664861b5e49d4fe8ea58958429cba5f1475de839b15ce4f970146

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Thu, 22 Sep 2022 18:31:22 GMT
Last-Modified
Sun, 14 Aug 2022 23:01:05 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
e5UDEo63o3SSUszF0/M53g==
ETag
0x8DA7E48DE4CCC8A
Content-Type
application/octet-stream
x-ms-request-id
bc0d259f-601e-0012-0eb1-ce4661000000
x-ms-version
2009-09-19
Content-Length
34119
Lp_4orTQKE2628SmEoRN9Q.medium.jpg
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/Lp_4orTQKE2628SmEoRN9Q.medium.jpg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.60.81.107 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
2b2390af9800ff3f211c392f8389c524ecb8c13bd52629737272bc4981543541

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Thu, 22 Sep 2022 18:31:22 GMT
Last-Modified
Fri, 05 Aug 2022 06:06:29 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
ySTORPff6Ir6VlNalWhr0w==
ETag
0x8DA76A8A3939F5B
Content-Type
application/octet-stream
x-ms-request-id
997ba862-801e-0035-79b1-ce51a5000000
x-ms-version
2009-09-19
Content-Length
34343
toZKpGNq3keVcte58FhV3g.medium.jpg
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ 		56 KB
57 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/toZKpGNq3keVcte58FhV3g.medium.jpg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.60.81.107 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
382156963a41cb48ff4a4b628abdbce0f4c33e4e14bb3a594f687723ffded592

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Thu, 22 Sep 2022 18:31:21 GMT
Last-Modified
Wed, 06 Apr 2022 18:53:20 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
kbQBDqO+bSxDIOGjzvYLGA==
ETag
0x8DA17FEB7E8FDC6
Content-Type
application/octet-stream
x-ms-request-id
5905d842-d01e-005a-31b1-ce5b56000000
x-ms-version
2009-09-19
Content-Length
57466
11c72aa0-c134-4488-a073-f92d92311a8f.medium.png
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ 		127 KB
127 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/11c72aa0-c134-4488-a073-f92d92311a8f.medium.png
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.60.81.107 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
073961274e77bad6bb6d27370cc7f5f92d33b4f89423400dd1b5fc26e99bd4d6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Thu, 22 Sep 2022 18:31:21 GMT
Last-Modified
Sat, 10 May 2014 22:37:03 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
xIFbqgK+4KTRxFwgk+t4BQ==
ETag
0x8D13AB77F9FD965
Content-Type
image/png
x-ms-request-id
70bbd9ec-501e-0054-4ab1-ce72e6000000
x-ms-version
2009-09-19
Content-Length
129905
MrN7Z-G7Z0GE7VpD0_UsXg.medium.jpg
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ 		32 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/MrN7Z-G7Z0GE7VpD0_UsXg.medium.jpg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.60.81.107 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
ad8f3bfd8e91301c77d8fa64ee32b41ab06245eb58adeb832f40c71b6ed5da3d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Thu, 22 Sep 2022 18:31:22 GMT
Last-Modified
Mon, 30 Aug 2021 20:22:09 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
zsfegc1e/SzciYlmKlCuUQ==
ETag
0x8D96BF3D826495A
Content-Type
application/octet-stream
x-ms-request-id
b5c617e2-701e-007c-68b1-ce134e000000
x-ms-version
2009-09-19
Content-Length
33254
dff8d9fb-5b82-4619-bbeb-db10f87b79b1.medium.JPG
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/dff8d9fb-5b82-4619-bbeb-db10f87b79b1.medium.JPG
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.60.81.107 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
22c47ffbe21c5caa8e79dfa00fce0665be86891e5ab44a9d762c707ab4eddccc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Thu, 22 Sep 2022 18:31:22 GMT
Last-Modified
Tue, 26 Apr 2022 20:03:17 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
y/xe3iVLrPM306esAueKsg==
ETag
0x8DA27BFCE149731
Content-Type
image/jpeg
x-ms-request-id
bc0d260b-601e-0012-73b1-ce4661000000
x-ms-version
2009-09-19
Content-Length
11139
c714d40d-3b91-4178-aefa-10f65a125e4f.medium.JPG
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/c714d40d-3b91-4178-aefa-10f65a125e4f.medium.JPG
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.60.81.107 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
f69b20025bce19118dc32040133cbdfaaa31b4ec09d91ca885e8fc46d9f4b36d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Thu, 22 Sep 2022 18:31:22 GMT
Last-Modified
Sat, 01 Jan 2022 01:31:28 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
WWd+trqU3vY579ENaOOd3A==
ETag
0x8D9CCC66F12B3A5
Content-Type
image/jpeg
x-ms-request-id
997ba8af-801e-0035-41b1-ce51a5000000
x-ms-version
2009-09-19
Content-Length
23057
ca0ceed7-d8e0-4542-b99d-ee8f7d122867.medium.png
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ 		75 KB
75 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/ca0ceed7-d8e0-4542-b99d-ee8f7d122867.medium.png
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.60.81.107 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
50ca486a6b07d73a0ea275c44ed837c4bbbb30ac0a60cbcde818c2121f0300dc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Thu, 22 Sep 2022 18:31:22 GMT
Last-Modified
Fri, 18 Oct 2013 07:41:37 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
ckKxTuIykMu8YWhCq8S/Dg==
ETag
0x8D099EC9C7049C6
Content-Type
image/png
x-ms-request-id
bc0d2670-601e-0012-52b1-ce4661000000
x-ms-version
2009-09-19
Content-Length
76691
5f11d2db-1421-44c5-957b-59e21f19b5df.medium.png
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ 		110 KB
110 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/5f11d2db-1421-44c5-957b-59e21f19b5df.medium.png
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.60.81.107 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
82ea54e3b5ae0f591a3706c3141a5c81ce5f682a536342f8b7375e0c442562fe

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Thu, 22 Sep 2022 18:31:22 GMT
Last-Modified
Fri, 18 Oct 2013 07:49:42 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
8ZPkRtaVK+Q2MC+F0k5GDQ==
ETag
0x8D099EDBDAC8E9E
Content-Type
image/png
x-ms-request-id
997ba8fe-801e-0035-0ab1-ce51a5000000
x-ms-version
2009-09-19
Content-Length
112244
a236cd9e-3bc6-4b8e-84f0-de9a2c59f767.medium.PNG
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/a236cd9e-3bc6-4b8e-84f0-de9a2c59f767.medium.PNG
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.60.81.107 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e04a56ad7a9b4d9ff57c4ba0203045adbbb08341e6e629a352be098dc54623a4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Thu, 22 Sep 2022 18:31:22 GMT
Last-Modified
Wed, 24 Mar 2021 19:14:29 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
mBqhzCfHVwftrFmq1dXWJQ==
ETag
0x8D8EEF90C247053
Content-Type
image/png
x-ms-request-id
b5c61831-701e-007c-2eb1-ce134e000000
x-ms-version
2009-09-19
Content-Length
20187
JNif4srVSkKOEaLMPZzE6w.medium.jpg
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ 		40 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/JNif4srVSkKOEaLMPZzE6w.medium.jpg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.60.81.107 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
867606dea3b735585df167c32472a766812318bec7b2f5fbad0ee316d22942d6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Thu, 22 Sep 2022 18:31:22 GMT
Last-Modified
Tue, 24 Aug 2021 20:00:54 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
ulz/b7i19I8/OBwZPNPPkA==
ETag
0x8D96739E1874C88
Content-Type
application/octet-stream
x-ms-request-id
5905d8a4-d01e-005a-0db1-ce5b56000000
x-ms-version
2009-09-19
Content-Length
41013
fJ_ZDH0p_065-lTrs0mBzA.medium.jpg
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/fJ_ZDH0p_065-lTrs0mBzA.medium.jpg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.60.81.107 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
604742afebae557cbab93a03115a4b1de7dca866a78b27dc9d424403e60d54bb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Thu, 22 Sep 2022 18:31:22 GMT
Last-Modified
Mon, 30 Aug 2021 20:22:11 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
t+3eB2EzGA0/P3mw+J0vRg==
ETag
0x8D96BF3D905AD07
Content-Type
application/octet-stream
x-ms-request-id
a64eeb99-d01e-0065-5fb1-ce93f5000000
x-ms-version
2009-09-19
Content-Length
33381
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2
fonts.gstatic.com/s/opensans/v34/ 		31 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,600,700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
24c0e724005344165ee0a0ff4c96a914e174bb4caa20c8a533fb194d92853e95
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.staradvertiser.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 19:00:06 GMT
x-content-type-options
nosniff
age
257475
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31320
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 18:11:37 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 19 Sep 2023 19:00:06 GMT
41e899d4-eecb-4906-b3ea-3f7a3f7fae2f
analyticssystems.net/api/v2/ad/impression/ Frame C162 		0
526 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analyticssystems.net/api/v2/ad/impression/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f?rand=835798
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:251b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:21 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PUL8xI1Q0hSiqgbNoH6fk1XIltgkJWEKOxyoZtuqPrv2KGhqfna4hFwLDH7ulVQjVfiHCVoCwmA10GnZYVlI8A%2BCwijdwwFXxTVu7baVx42FvKJAqJ%2F%2ByzTSV6YLHU7pFwg%2B3W9QBEHRb%2BGKadjfWk8IMA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
cf-ray
74ed1df71bfd9957-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-request-id
FxdCTAZhI4Oz1AICI12x
webworker.js
www.google.com/recaptcha/api2/ Frame 390F 		102 B
134 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=zmiYzsHi8INTJBWt2QZC9aM5
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdAlLwUAAAAABkgsamHb8lqNqVqvZQKWYXKl57b&co=aHR0cHM6Ly93d3cuc3RhcmFkdmVydGlzZXIuY29tOjQ0Mw..&hl=de&v=zmiYzsHi8INTJBWt2QZC9aM5&size=invisible&cb=pim0lxr6s77v
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
9430bcc9d39849aac0786a7b4e31c0c508f9cfa27e3165fb67daacc45f0a8975
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdAlLwUAAAAABkgsamHb8lqNqVqvZQKWYXKl57b&co=aHR0cHM6Ly93d3cuc3RhcmFkdmVydGlzZXIuY29tOjQ0Mw..&hl=de&v=zmiYzsHi8INTJBWt2QZC9aM5&size=invisible&cb=pim0lxr6s77v
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
112
x-xss-protection
1; mode=block
expires
Thu, 22 Sep 2022 18:31:21 GMT
41e899d4-eecb-4906-b3ea-3f7a3f7fae2f
analyticssystems.net/api/v2/ad/impression/ Frame D8E1 		0
491 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analyticssystems.net/api/v2/ad/impression/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f?rand=701275
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:251b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:21 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9VbYKANCFkE2vGI%2BuxH7Drg2Z1ya0Lhi9vsxF1zvVoYqRObP%2FNYzNp8axzmVq73%2Bm%2FWyFEde%2Bsz%2FYbifCS4SZJS3T%2Bjw6V17mzi6Hl3B0MWJO%2BukU0jgaijEfoTVBP0ryoaoM611weX9cLLDy99s12Pulw%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
cf-ray
74ed1df72c329957-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-request-id
FxdCTAcD_WzHCZkDH46x
41e899d4-eecb-4906-b3ea-3f7a3f7fae2f
analyticssystems.net/api/v2/ad/impression/ Frame CE8D 		0
494 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analyticssystems.net/api/v2/ad/impression/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f?rand=970288
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:251b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:21 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3X7sCvJLAuj%2FgAGAEn%2BzEaK0bvZPPkmsoNWKYgcGOwiFAmRS8wxvWRU9bG%2BONGgNEmGzEHu8ROppuHZwlpIwOm7qfHRH%2F4AvwbEeLyP6c%2FCHwamFJ%2BebDwBZ6Dk%2BdCwr%2F3p9Ah7Nbkwb1NSY6AVXVpSAdA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
cf-ray
74ed1df73c499957-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-request-id
FxdCTAclcuwiiGwCNrHR
/
www.google.com/pagead/1p-user-list/712386318/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/712386318/?random=1663871480490&cv=9&fst=1663869600000&num=1&label=hqBoCLnO39gBEI7O2NMC&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg9l0&sendb=1&frm=0&url=https%3A%2F%2Fwww.staradvertiser.com%2F&tiba=Hawaii%20News%20%7C%20Honolulu%20Star-Advertiser&async=1&fmt=3&is_vtc=1&random=1060035742&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Sep 2022 18:31:21 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/712386318/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/712386318/?random=1663871480490&cv=9&fst=1663869600000&num=1&label=hqBoCLnO39gBEI7O2NMC&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg9l0&sendb=1&frm=0&url=https%3A%2F%2Fwww.staradvertiser.com%2F&tiba=Hawaii%20News%20%7C%20Honolulu%20Star-Advertiser&async=1&fmt=3&is_vtc=1&random=1060035742&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Sep 2022 18:31:21 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
generate_204
www.youtube.com/ Frame 19D2 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.youtube.com/generate_204?KHi09w
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/videoseries?list=PL4hYTOAQ-Qk4ksml-4NKgz3JafpO-tfY-
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:21 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
cast_sender.js
www.gstatic.com/cv/js/sender/v1/ Frame 19D2 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/64947e15/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2007
x-xss-protection
0
last-modified
Tue, 16 Feb 2021 23:57:06 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview"
vary
Accept-Encoding
report-to
{"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 22 Sep 2022 18:31:21 GMT
/
www.facebook.com/tr/ Frame 1B00 		0
15 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://www.staradvertiser.com
Referer
https://www.staradvertiser.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
https://www.staradvertiser.com
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
content-type
text/plain
cross-origin-resource-policy
cross-origin
date
Thu, 22 Sep 2022 18:31:21 GMT
priority
u=0
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
yh94ie0p-120.jpg
assets-jpcust.jwpsrv.com/thumbnails/
Redirect Chain
  • https://cdn.jwplayer.com/v2/media/nVrGkzGw/poster.jpg?width=120
  • https://assets-jpcust.jwpsrv.com/thumbnails/yh94ie0p-120.jpg
6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets-jpcust.jwpsrv.com/thumbnails/yh94ie0p-120.jpg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Server
2a04:4e42:600::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
7d5b1709b01c32589de685fa1118add1d8a326366e0f50d50b993e4bc8127011

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:22 GMT
content-encoding
gzip
age
367
x-amz-server-side-encryption
AES256
x-cache
HIT, MISS
content-length
5833
x-served-by
cache-iad-kjyo7100070-IAD, cache-hhn4065-HHN
access-control-allow-origin
*
last-modified
Thu, 08 Sep 2022 18:26:29 GMT
server
nginx
x-timer
S1663871482.242488,VS0,VE96
etag
"66eb5e2a63039cbb9b4c6cb289db2205"
vary
Accept-Encoding
content-type
image/jpeg
via
1.1 varnish, 1.1 varnish
cache-control
max-age=900
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits
1, 0

Redirect headers

date
Thu, 22 Sep 2022 18:31:21 GMT
via
1.1 19dbc4cbbe0be3dca8e57283a83b57c6.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
FRA60-P4
location
https://assets-jpcust.jwpsrv.com/thumbnails/yh94ie0p-120.jpg
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=180, max-stale=180
x-cache
Miss from cloudfront
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
content-length
0
x-amz-cf-id
-2Pw18508hlE0FaTZAOHtVix4vqt42ivlF-bYNwxURWcJiAcpnS5xg==
truncated
/ Frame C162 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
96d82e7ded574563b5b6018d4ce1e2e49bcfd9278ba02bb8103c307f5245ffbd

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame C162 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstwFNuNiStmLj0YV_bPtMM9TnNS0ifAFtoWwm_y0IFGzcci1PjcACHyWU3ZxUUnbgio-RArAY9wnVpUL7ExiQ14kf-kPThTLch_RASbCLWmq20IPsPONLPabhf2HTDSue58b0RQof9HQgsvZy-GCGYO6v8Piw0avNfMuYpMPNKFBBlnrTig7pdVDAhgLhMkehfh6qTOuiNj7r2Tnc5Ctq7mC_QHM4lCliToTEl1_ygr6UTRzK2qxvcZ4l5YfrKuLjIUNqW1x2HQk9Moc3qgkwTKPkKi2_CyfB6jPJIEdUpiBm7S3YK-ImaT1LW4RspVXASX73_E648OFja12cHOdmVWcwg6gI_rRxr51Uoh&sai=AMfl-YQODA68uQcCV91oecENOde47PdnMg5sxK3CYFYDiUrg19cSpMcTl5bxmYZLJmwMuoaLyk0drO8-MZw7G0y42xUy5qL6Anqi82xVEP2BtDtTuEA7tMnswruRatTji5T602g&sig=Cg0ArKJSzElXw6fQIlGpEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 22 Sep 2022 18:31:21 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Thu, 22 Sep 2022 18:31:21 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j97&a=1388760453&t=event&ni=1&_s=2&dl=https%3A%2F%2Fwww.staradvertiser.com%2F&ul=en-us&de=UTF-8&dt=Hawaii%20News%20%7C%20Honolulu%20Star-Advertiser&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Clarity&ea=1cvjwqw&_u=aHBAAEABAAAAAC~&jid=&gjid=&cid=1040327165.1663871479&tid=UA-16272709-1&_gid=773932396.1663871479&cd2=https%3A%2F%2Fclarity.microsoft.com%2Fga%2Fc13p8ejhds%2F1ngh4z1%2F1cvjwqw&z=1903099490
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Sep 2022 11:21:56 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
25765
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
934.json
id5-sync.com/g/v2/ 		216 B
632 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/934.json
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.64 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216658.ip-141-95-98.eu
Software
/
Resource Hash
25b66985ea9b8693072d2c2e10fed3a00ed48eedf1f27528c377c420f9773ca8
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.staradvertiser.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.staradvertiser.com
date
Thu, 22 Sep 2022 18:31:21 GMT
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
application/json;charset=UTF-8
id
id.crwdcntrl.net/ 		63 B
342 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.crwdcntrl.net/id
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.216.193.48 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-216-193-48.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
eb1f38d6efa01fc4a32ef0d377de743466e88ed6e38b2e706faca81f2c1d3788

Request headers

Referer
https://www.staradvertiser.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 22 Sep 2022 18:31:21 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://www.staradvertiser.com
cache-control
no-cache
x-server
10.45.17.79
access-control-allow-credentials
true
content-type
application/json;charset=utf-8
content-length
63
expires
0
rid
match.adsrvr.org/track/ 		63 B
394 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
370193142ba1758a2307e56fbea3aefa5ae5a9e7af9d60f1ab604495a76d0a62

Request headers

Referer
https://www.staradvertiser.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 22 Sep 2022 18:31:21 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.staradvertiser.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
63
expires
Sat, 22 Oct 2022 18:31:21 GMT
envelope
api.rlcdn.com/api/identity/ 		0
13 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.rlcdn.com/api/identity/envelope?pid=1273
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.133.55 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
55.133.120.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.staradvertiser.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 22 Sep 2022 18:31:21 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://www.staradvertiser.com
access-control-allow-credentials
true
access-control-allow-headers
Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
content-length
0
394021c6-8546-480d-a986-d86f4581886c.jpeg
storage.googleapis.com/ownlocal-platform-production/public/images/logos/600/ Frame 1468 		36 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://storage.googleapis.com/ownlocal-platform-production/public/images/logos/600/394021c6-8546-480d-a986-d86f4581886c.jpeg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
d5af0c3b61d90e5c62659b628a82afb92e2c02183fa535bf22c04d642e314144

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:21 GMT
age
0
x-guploader-uploadid
ADPycdtzhoXYM2ReRKB2DmdEw7QCLzAYD-cDeKf2_zIqgeq57BYMYYMlIj6Zy8XDLnjyubmxeEmblDoGQljI9CnenwTqgA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37274
last-modified
Sun, 10 Oct 2021 05:49:18 GMT
server
UploadServer
etag
"f329bde50bc07bc1ffe55b353bfcb158"
x-goog-hash
crc32c=zTEhmg==, md5=8ym95QvAe8H/5Vs1O/yxWA==
x-goog-generation
1633844958970144
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=3600
x-goog-stored-content-length
37274
accept-ranges
bytes
content-type
image/jpeg
expires
Thu, 22 Sep 2022 19:31:21 GMT
Inter-roman.var.woff2
rsms.me/inter/font-files/ Frame 1468 		222 KB
223 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://rsms.me/inter/font-files/Inter-roman.var.woff2?v=3.19
Requested by
Host: rsms.me
URL: https://rsms.me/inter/inter.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:4ea2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
17fe38ab302c7e5dbfb5c3d87801092d79be958500db6412ed3bc0f126bd53d3

Request headers

Referer
https://rsms.me/inter/inter.css
Origin
https://www.staradvertiser.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-fastly-request-id
a5a8f128cb6e3115a7851c94d4b010619fad4b2c
date
Thu, 22 Sep 2022 18:31:21 GMT
via
1.1 varnish
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache
HIT
x-cache-hits
5
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
227180
x-served-by
cache-fra19127-FRA
last-modified
Sun, 18 Sep 2022 23:00:33 GMT
server
cloudflare
x-github-request-id
75DA:0A57:1123AA4:11CA73B:6327A353
x-timer
S1663546620.612753,VS0,VE1
etag
"6327a311-3776c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dIiJk6iNKR0UNQx0L%2Bk3ehKaF8AvuF9cq5D%2Fr9nHJs8HdHzrBbEzqTZJ4CQwTCBBtL8aZLRtp89k87jI4JhxpOXLL%2FOkEzqIXFxE8HrG3dbAc12UH0d7RB%2FPbWbT5zDRkxUYd8a9"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=2678400
x-proxy-cache
HIT
accept-ranges
bytes
cf-ray
74ed1df8bfdd9bfb-FRA
x-origin-cache
HIT
expires
Thu, 22 Sep 2022 17:15:18 GMT
materialdesignicons-webfont.woff2
cdn.jsdelivr.net/npm/@mdi/font@4.5.95/fonts/ Frame 1468 		256 KB
257 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/@mdi/font@4.5.95/fonts/materialdesignicons-webfont.woff2?v=4.5.95
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/@mdi/font@4.5.95/css/materialdesignicons.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f824000649b12b68a220a0120c606932d0740bd5332770a244473db773185e4a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://cdn.jsdelivr.net/npm/@mdi/font@4.5.95/css/materialdesignicons.min.css
Origin
https://www.staradvertiser.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
age
2646542
x-jsd-version
4.5.95
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
262440
etag
W/"40128-4s6MGTGrA2fPV5r2GYYmCP/EkkA"
x-served-by
cache-fra19180-FRA, cache-hhn4049-HHN
x-jsd-version-type
version
date
Thu, 22 Sep 2022 18:31:21 GMT
vary
Accept-Encoding
content-type
font/woff2
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
tp-production
us-central1-kube-ownlocal.cloudfunctions.net/ Frame 1468 		26 B
376 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-central1-kube-ownlocal.cloudfunctions.net/tp-production?stm=1663871481676&e=pv&url=https%3A%2F%2Fwww.staradvertiser.com%2F&page=AdForge%20Ad%20Unit&refr=https%3A%2F%2Fwww.staradvertiser.com%2F&tv=js-2.10.2&tna=origami-tracker&aid=origami-unit&p=web&tz=UTC&lang=en-US&cs=UTF-8&f_pdf=1&f_qt=0&f_realp=0&f_wma=0&f_dir=0&f_fla=0&f_java=0&f_gears=0&f_ag=0&res=1600x1200&cd=24&cookie=1&eid=26ed137a-4819-4575-8d4a-7eece7a0d3c6&dtm=1663871481674&vp=300x250&ds=300x250&vid=1&sid=72acb24d-6b0a-4f5b-8a8e-25c13d12bb63&duid=6ff5801c-2ee1-40a9-a569-36b3114c4a92&fp=577415770&cx=eyJzY2hlbWEiOiJpZ2x1OmNvbS5zbm93cGxvd2FuYWx5dGljcy5zbm93cGxvdy9jb250ZXh0cy9qc29uc2NoZW1hLzEtMC0wIiwiZGF0YSI6W3sic2NoZW1hIjoiaWdsdTpjb20ub3dubG9jYWwvb3JpZ2FtaV9jdHgvanNvbnNjaGVtYS8xLTAtMCIsImRhdGEiOnsiYWlkIjoiYTg3OWNkOWMtMTA0My00OGZhLTliMWUtMDkzYjc1ZDdlMWQzIiwiYmlkIjoiOTM1NTAzNjktOGE0Mi00NTE3LTg2Y2QtNGFkNGNlNjdiNDQzIiwicGlkIjoiMTFkOGJmMDEtNGEwZC00MmYxLTljODItMzlmMWI3NzI2MjM0In19XX0
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:36::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend / Express
Resource Hash
09f9f507e1b9603cb213244da6e536b850fc6934a4e28701a53a341562e62c34

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:22 GMT
server
Google Frontend
x-powered-by
Express
etag
W/"1a-Hjpuc/IrHLWXlDT8bmHFqznVniY"
content-type
image/gif; charset=utf-8
access-control-allow-origin
*
x-cloud-trace-context
d2adcb20b50cfcb6bf46dc2ed2d76d33
function-execution-id
yywhpobg9fcd
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26
photo-1580582932707-520aed937b7b
images.unsplash.com/ Frame 1468 		37 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.unsplash.com/photo-1580582932707-520aed937b7b?ixid=Mnw4MTQ0MXwwfDF8c2VhcmNofDE0fHxTY2hvb2x8ZW58MHx8fHwxNjYzMTM4ODk1&ixlib=rb-1.2.1&utm_source=api_app&utm_medium=referral&utm_campaign=api-credit&auto=format&w=600&h=500&fit=crop&crop=entropy
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:41::720 Vienna, Austria, ASN54113 (FASTLY, US),
Reverse DNS
Software
imgix /
Resource Hash
91300a321384409f67ff8b78859154cb77e88ae267c858d5aa797e85d316b7ac
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:22 GMT
x-content-type-options
nosniff
age
732571
x-cache
HIT, HIT
x-imgix-id
b6d01fe7bb6ea42fe515f0987fd12761027ef24b
content-length
38391
x-imgix-render-farm
01.592
last-modified
Wed, 14 Sep 2022 07:01:50 GMT
server
imgix
x-served-by
cache-sjc10023-SJC, cache-vie6367-VIE
vary
Accept, User-Agent
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=315360000
accept-ranges
bytes
cross-origin-resource-policy
cross-origin
truncated
/ Frame D8E1 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8e39fd18d5e9a74f598cacebac92c4d8a976f0387e45aef78e77047e03b8c8d9

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame D8E1 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssXh27k7AIr-z0ujFd_nu0vS93H82r-NcC9zT9Rq_jyIRw3nQL7j_qPIr59KCsjcDphF48PGgmAUANDkjQj9bCLCc-_uKYOdl7hKZUXd4bR2A_CaoulmmdqZJ6qCRMZSPgfqO3Ehw1Gyv2fVFIXrER8Hwr0uvF3QgUruJr6oYbZ-wSfM28cFO_nBpqk9-RWsY3oNX606iDc2iCHylQpT8yADpSR6fkF-lsmmep0kCvkTvHwv2fAjQIAyeNbJEvQYvoqbqFkweE7Zh5cqbx4cG6BTVWCpF44j5cRgYP92BglPNI7hTRJLcdlsbvnkvrqRDAhdtlf-3JmbR_C6-3wPzsBth480MRLnP5ermcv&sai=AMfl-YSfcvAu4ysxVQUNtsCYcVJGIyOQYsQ-hTGzYk9OzeQK-ipJW5extCu8WNjyGGqFHoJ4319epGGIwmS_f4c0OxoP9sF8wfjMGIDOWgBrUc4fDOhFlbrTbGaP1xekVtSKpFQ&sig=Cg0ArKJSzLehtdl-RkHvEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 22 Sep 2022 18:31:21 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Thu, 22 Sep 2022 18:31:21 GMT
0735c6ca-99f9-4a99-9a8e-0b6229e02bea
https://www.staradvertiser.com/ Frame C162 		789 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.staradvertiser.com/0735c6ca-99f9-4a99-9a8e-0b6229e02bea
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6bc4cd5be69f0c87c948ad881f4f72e4414b5e5166ba219b7a6b72f197b775ee

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Length
789
Content-Type
application/javascript
truncated
/ Frame CE8D 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
30ef6247f3bd8a85b920e5d3986ecea1758e1b805a038c482b51704d403c8241

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame CE8D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssO6W19_48-lPNMGsaMhb-nUR9YDjKIBsnMaY7DuAQrZQY4aM6nTIDaEPQIvFvaMobglmKXzGWBD84ZwzrW7mvd0uvcXUllbGX3tJ0NzrV7CL7yB2O5fPsyqF1KlqXGVwwsVsG7iDZH9Zc_1PV-IpDgeMWoPp58CXtozVxAZwwY-lqEctC9LggmP4Is096Xn8JSYYddez6CwpYLzaM8RG4RtXwGxu_YHhCadMZ0l_NlXitIiqNqxthqosQ28HVVyVhsMqywCvWzfGnOPML9-lmqTNVuAraACKMqYjR16oOfVXYmTOZ8t4bhMTn3YDLuYUZBxfDRs3UaMV25QhgkBh0JjhKX8Spaml_zFmw&sai=AMfl-YQPyZF9aIlds7mpkc-6BGenHrGhRCozNXZXUSTRKpbmpv9bdpMns8q-y0DKreULa3tNyqzVGdacS3qtXdWKxXv9DfhK673OwOo8NgbuZATwl-2jhBuCbp7n98lzTvJReqM&sig=Cg0ArKJSzM1jNPnnJRW0EAE&uach_m=[UACH]&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 22 Sep 2022 18:31:21 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Thu, 22 Sep 2022 18:31:21 GMT
b97268ab-63fa-483a-9368-90b722eb561e
https://www.staradvertiser.com/ Frame D8E1 		789 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.staradvertiser.com/b97268ab-63fa-483a-9368-90b722eb561e
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6bc4cd5be69f0c87c948ad881f4f72e4414b5e5166ba219b7a6b72f197b775ee

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Length
789
Content-Type
application/javascript
71c9e7bc-55fb-4938-8a1e-15cde4c6a655
https://www.staradvertiser.com/ Frame CE8D 		789 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.staradvertiser.com/71c9e7bc-55fb-4938-8a1e-15cde4c6a655
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6bc4cd5be69f0c87c948ad881f4f72e4414b5e5166ba219b7a6b72f197b775ee

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Length
789
Content-Type
application/javascript
prebidamp.js
ecdn.firstimpression.io/static/js/ Frame 954B 		312 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ecdn.firstimpression.io/static/js/prebidamp.js
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/fiamp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.240.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-240-121.vie50.r.cloudfront.net
Software
nginx/1.20.0 /
Resource Hash
9180f589b3c6ace89b0d577f9bbc4d136d2fab3e2c19831caa0bd815f0702d83

Request headers

Referer
https://www.staradvertiser.com/
Origin
https://www.staradvertiser.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:00:04 GMT
content-encoding
br
last-modified
Tue, 14 Dec 2021 15:30:51 GMT
server
nginx/1.20.0
age
1877
etag
W/"61b8b8ab-4e128"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
x-amz-cf-pop
VIE50-C1
x-amz-cf-id
Cqtcd3JAdHSF_7MQmqYSTYt9QxZp5ErdM8uCexQuEcglQSDd8HaVoQ==
via
1.1 96b3f0ca359697e92cd090a37a2e3bf4.cloudfront.net (CloudFront)
expires
Thu, 22 Sep 2022 19:00:04 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 954B 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/fiamp.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ded83dfad5386763df9b7180e4df61811351bbdb196a2d8d5f9f255debf59b9d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27807
x-xss-protection
0
server
sffe
etag
"1342 / 188 of 1000 / last-modified: 1663844945"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 22 Sep 2022 18:31:21 GMT
container.html
d728ad254c91b2c39129194f45466e21.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame ED50 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://d728ad254c91b2c39129194f45466e21.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.staradvertiser.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 22 Sep 2022 18:31:20 GMT
expires
Fri, 22 Sep 2023 18:31:20 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
d728ad254c91b2c39129194f45466e21.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 9021 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://d728ad254c91b2c39129194f45466e21.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.staradvertiser.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 22 Sep 2022 18:31:20 GMT
expires
Fri, 22 Sep 2023 18:31:20 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
d3plfjw9uod7ab.cloudfront.net/ad/ Frame EA2D 		97 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3plfjw9uod7ab.cloudfront.net/ad/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:7000:13:a391:88c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3936ef1c8f1732c0c04810760b747102dd4431bcc37689c27196de5d030ba858

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id
PidISEiOP90R_913dwkQ2_.B_dtaRt0p
content-encoding
br
last-modified
Thu, 14 Jul 2022 18:51:22 GMT
server
AmazonS3
age
4571
etag
W/"988ed904fe9935453a894f009ac11cc0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 89e34e3fd814f1393ef77867b93dd12e.cloudfront.net (CloudFront)
cache-control
max-age=7200, public
date
Thu, 22 Sep 2022 17:15:11 GMT
x-amz-cf-pop
FRA56-P4
x-amz-cf-id
WX3L5F4ucOTjGCzrnAm1pIxH4JML8eamMUJoNO5BXWpme9cng1ckwQ==
view
securepubads.g.doubleclick.net/pcs/ Frame EA2D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu8rnpQsY8B7TP88hs64BQWuFnLqUSBEYYjs3tjVYMnGk28vNC-dXkI4hnfQej4t9ZJpxsinirD39-xki7GhX7sojKpQqzk1F57YwZMv_sS6daJWBF61KSAtkCQWpBAKGpi3daHkofDgy7-9oyXn4Q7kANOTRQ6qgP75dQ0yMyvxGNwOOcgDp2Jcmmz7WFuBHO0iAndO-AVWwtEBARDyMIo1wNOSKBXYfMH_2sckEYQ91kZ-e5HHR81Cpz_i4b7lKVGDA-kZtPsXgwXwQ_ucdo-cgKCvuEcslvgVmGIxjesVXxziNoEOwYImPSC-_TA6TYuCLdb7M8y&sai=AMfl-YQ6wWKUgFZZMkEAZf6oht-y3bT16mk55A6Ua3wNcxFsj9_NgFbpICNykt5aE8_6I0W43uO0pJ00ev9Iu4LkAsDcT-8aUvbUlaqPLaOoIvD0NptODUdNo0nd8Mrmcg&sig=Cg0ArKJSzEZa6tKI6WgxEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 22 Sep 2022 18:31:22 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220919/r20110914/ Frame EA2D 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220919/r20110914/abg_lite_fy2021.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0c2d5358c7df05018004b5ff5434f854385d8fe8a64593901d9ae662564592d3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:12:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1124
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9574
x-xss-protection
0
server
cafe
etag
3447265524526809024
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 06 Oct 2022 18:12:37 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220919/r20110914/client/ Frame EA2D 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220919/r20110914/client/window_focus_fy2021.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:24:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
427
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 06 Oct 2022 18:24:14 GMT
l
www.google.com/ads/measurement/ Frame EA2D 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSFds1wZjreI-1psv0OulmUggaF7muc6Xr7nHgxAmeCOaNAmOH2r1vpbzj3ZrMGEaSwpGwg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame EA2D 		140 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d862ec0d2b72e9f1575615db28f4196cbf0f586adb2208c605c691d6e06ee6ed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44525
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1663760195623328"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 22 Sep 2022 18:31:21 GMT
2084787703115141555
tpc.googlesyndication.com/simgad/ Frame EA2D 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/2084787703115141555
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ac29fc9498dc56fbda4da6ea6700fc20349649b9f4c1addfd2b6c04ed144ee5d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 01:17:53 GMT
x-content-type-options
nosniff
age
321208
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32799
x-xss-protection
0
last-modified
Tue, 06 Mar 2018 02:40:34 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 19 Sep 2023 01:17:53 GMT
41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
d3plfjw9uod7ab.cloudfront.net/ad/ Frame 457F 		97 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3plfjw9uod7ab.cloudfront.net/ad/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:7000:13:a391:88c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3936ef1c8f1732c0c04810760b747102dd4431bcc37689c27196de5d030ba858

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id
PidISEiOP90R_913dwkQ2_.B_dtaRt0p
content-encoding
br
last-modified
Thu, 14 Jul 2022 18:51:22 GMT
server
AmazonS3
age
4572
etag
W/"988ed904fe9935453a894f009ac11cc0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 89e34e3fd814f1393ef77867b93dd12e.cloudfront.net (CloudFront)
cache-control
max-age=7200, public
date
Thu, 22 Sep 2022 17:15:11 GMT
x-amz-cf-pop
FRA56-P4
x-amz-cf-id
OzODs5KDBVMHwQyN35QC8YXf75klpqkKzu8sjk0KGya72ykLkuqLiA==
view
securepubads.g.doubleclick.net/pcs/ Frame 457F 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvZrM0ESLWNvJzSwZ5-pOH2_NA0tLfVA2XZQDsoKvCKEaLp1tyKQ1XBsfhcHJZouMFMVboD3EG0WFHfVy2rGO1Ob1_P0r6jPDQOLsO6VgJ59ooPmCVa4S2w8SUnOcKd_0YidZGKWSmRWjNseMnePg2FzfDB0c8rsVlfqzwVNh2jXPXRJoXIS3lAi7s8AXREkqEPR3uM_mspZYwlFa3FuEI5_v3SOuaBvDVzZ6dOOZ_hbyNzWCpYP7OVOcLBbyXgjW6QmCO3wEbePo5DnTeKc89OK2iHaqjqIQwk_RCC7cyQ50kQ2qSLx_KgSLNhXMJH575Zn6swuMluzFQhDeyruw&sai=AMfl-YRVKrkhg1GabTZqMuJm_cDdUg6QmE6kYOyKkx_Zpvp5ot6YQu94gbwUNpWh-NKZnIA7Sl2gu3AdS5P44auqEmDISwilR6SSaXubYbUumyJw5nO5O_xKdrU6aDdhog&sig=Cg0ArKJSzHo4hlMknXF7EAE&uach_m=[UACH]&adurl=
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 22 Sep 2022 18:31:22 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220919/r20110914/ Frame 457F 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220919/r20110914/abg_lite_fy2021.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0c2d5358c7df05018004b5ff5434f854385d8fe8a64593901d9ae662564592d3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:12:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1125
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9574
x-xss-protection
0
server
cafe
etag
3447265524526809024
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 06 Oct 2022 18:12:37 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220919/r20110914/client/ Frame 457F 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220919/r20110914/client/window_focus_fy2021.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:24:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
428
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 06 Oct 2022 18:24:14 GMT
l
www.google.com/ads/measurement/ Frame 457F 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSq1dNZXZcDWRsIPJWVH3UMwDLtA_kn_9Y3CsnJ1Gz6FKR5MRhW4gd1H_VrgXI_hVjDkJvI
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 457F 		140 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0d71b1f9bb2c1439edff9c640fedc7e649eeaa3a1d5b5b08199a6877b3328a71
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44544
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1663587528796173"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 22 Sep 2022 18:31:22 GMT
9814994249834746083
tpc.googlesyndication.com/simgad/ Frame 457F 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/9814994249834746083
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f77f406f01df46ee189f24c29a2fa6221bb29100ae2ce1eea3d69f8c4c2bf8bf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sun, 18 Sep 2022 16:36:57 GMT
x-content-type-options
nosniff
age
352465
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39096
x-xss-protection
0
last-modified
Sat, 11 Dec 2021 00:59:01 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Mon, 18 Sep 2023 16:36:57 GMT
41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
d3plfjw9uod7ab.cloudfront.net/ad/ Frame 79CB 		97 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3plfjw9uod7ab.cloudfront.net/ad/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:7000:13:a391:88c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3936ef1c8f1732c0c04810760b747102dd4431bcc37689c27196de5d030ba858

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id
PidISEiOP90R_913dwkQ2_.B_dtaRt0p
content-encoding
br
last-modified
Thu, 14 Jul 2022 18:51:22 GMT
server
AmazonS3
age
4572
etag
W/"988ed904fe9935453a894f009ac11cc0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 89e34e3fd814f1393ef77867b93dd12e.cloudfront.net (CloudFront)
cache-control
max-age=7200, public
date
Thu, 22 Sep 2022 17:15:11 GMT
x-amz-cf-pop
FRA56-P4
x-amz-cf-id
nlfrz_CK9HQl4mUF45JuVZN9v-lheM-g-KIXu15sF6L85PIi6jei7Q==
view
securepubads.g.doubleclick.net/pcs/ Frame 79CB 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst4fPOfVj85NsU7UHXccyfYdY7lCmgFq88rzEYn12TMQZoFiVCxTUGZMiR8DFa71hivOKZXKdiWNjoDX84JfuW1kVPmj_wowG1Ponccu86od8ULwTbbKdsyDCHZBs4AnwuZnGW0-dzOBGWyQpisXUjqULKIifn_CZenDBEZPzq5E2fNTFOxz2sMwSo-927sOhkr-zvAHDi1YrNeHdC33yKHz7MncrWjXHUAmfC3T7_dktQaXE5VkFIsAForjAatBifRUELee4xnFocVnl5-1phRemFS13wZ4LSy52IFDB4ddMrMAOUcndm-rCTThtVYjXv0vAQUS9V3EC9LmvM&sai=AMfl-YSmyDvBqRlTE4zWulOECgwGkoas2VbUymfqzWxi64kMVjZ4oMCFz80MKupZub8t4yOApnoGHIUC8gKElHIBMTe1TaWBpU5EpbZGMCTzl4tA40fx9ybcbKc9GuY2ug&sig=Cg0ArKJSzJdVsKAebSLREAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 22 Sep 2022 18:31:22 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
134cd2a0-7eab-4f89-ad56-f416cc5743c6.js
d3lcz8vpax4lo2.cloudfront.net/ads-code/ Frame 79CB 		197 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3lcz8vpax4lo2.cloudfront.net/ads-code/134cd2a0-7eab-4f89-ad56-f416cc5743c6.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2491:d000:1c:386f:ec80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
21366c3c33ff44793eef95d72777f5208600cdf01fcc7276ef1b10f16971b324

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id
kYmk9EMRbGR5H3wVywfrfZtApZliT_PM
content-encoding
gzip
last-modified
Thu, 01 Sep 2022 16:52:48 GMT
server
AmazonS3
age
15
etag
W/"006b57646e2d0d43de8a62774551d5e7"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 fa87f2173bfe5d35fd73cec71ab12a32.cloudfront.net (CloudFront)
cache-control
max-age=60
date
Thu, 22 Sep 2022 18:31:22 GMT
x-amz-cf-pop
FRA56-P7
x-amz-cf-id
7etHjM1CNBTXsC0jNuiwwflZ31D4KWwAIT-abjg-oM1Pdv5OA37r1Q==
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 79CB 		140 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0d71b1f9bb2c1439edff9c640fedc7e649eeaa3a1d5b5b08199a6877b3328a71
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44544
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1663587528796173"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 22 Sep 2022 18:31:22 GMT
container.html
d728ad254c91b2c39129194f45466e21.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 2938 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://d728ad254c91b2c39129194f45466e21.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.staradvertiser.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 22 Sep 2022 18:31:20 GMT
expires
Fri, 22 Sep 2023 18:31:20 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
d728ad254c91b2c39129194f45466e21.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame C871 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://d728ad254c91b2c39129194f45466e21.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.staradvertiser.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 22 Sep 2022 18:31:20 GMT
expires
Fri, 22 Sep 2023 18:31:20 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
d3plfjw9uod7ab.cloudfront.net/ad/ Frame 03FE 		97 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3plfjw9uod7ab.cloudfront.net/ad/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:7000:13:a391:88c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3936ef1c8f1732c0c04810760b747102dd4431bcc37689c27196de5d030ba858

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id
PidISEiOP90R_913dwkQ2_.B_dtaRt0p
content-encoding
br
last-modified
Thu, 14 Jul 2022 18:51:22 GMT
server
AmazonS3
age
4572
etag
W/"988ed904fe9935453a894f009ac11cc0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 89e34e3fd814f1393ef77867b93dd12e.cloudfront.net (CloudFront)
cache-control
max-age=7200, public
date
Thu, 22 Sep 2022 17:15:11 GMT
x-amz-cf-pop
FRA56-P4
x-amz-cf-id
36Hi72ryC9x4g9zS_rvscUElGu7a78TGHOpfa1OV7hqIRb_v1H9tjA==
view
securepubads.g.doubleclick.net/pcs/ Frame 03FE 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstcW3UW38977vVEJioxgAedTwaTr147U4pd0RWAA4-jsZ2Y-vHfISpiMHSQ_LgwnFA3UKOCJf1AxkG9F_1asSXvW3oJk7cZ3VUviNRS39nLp0XP4ne4UWkGK6AwAQUUaBH-aMsAS5R1CiGU-ZGnZGUGIyPxsCQ895BU2arcweMDPOKaLogKVmDEqpJ4_r5bf72kcYeJKB8jKpUj7fVtrPGwS46AsKaLtgmctjp944EHYn3gxztWFC7ygMnj6_A4Skphd3XMYEZB7U5yNMADMVUh1iQppLDToGh6hx4ldrtlyrMUOd-FkAd7molZO5pRfP-g-TesPuWQBLdIfO-4&sai=AMfl-YQ3CLnukZM4RivyTdT3ocsTYvERZIywDqEwzhEJiU-3UtBlu2ht66G5E5MEEClxi73msZ_LgQSD-z28mCwpYVATyEDAF3eA8EUy56gY8ld5iUUedvonCqLXsuYO4Q&sig=Cg0ArKJSzKILVkkpuM8oEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 22 Sep 2022 18:31:22 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 03FE
Redirect Chain
  • https://adclick.g.doubleclick.net/pcs/click%253Fxai%253DAKAOjstojREte-DmwtlM19ePB_LpLypVmNU6Ul0nYG2G-uuj1hH2tpBVHVH-ll9XvXewDKT2DxWWsQECD_o4Nhy3u9oo8CL31whzoZIWhRPcBdLUi_SlmSz_B7652e3RtHEXvEWx_zJrg...
  • https://securepubads.g.doubleclick.net/tag/js/gpt.js
80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c1895630dd470cf7cec36822c5d6367191d530ee9979fc72f0bb96a79da4122c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27800
x-xss-protection
0
server
sffe
etag
"1342 / 657 of 1000 / last-modified: 1663845016"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 22 Sep 2022 18:31:22 GMT

Redirect headers

timing-allow-origin
*
date
Thu, 22 Sep 2022 18:31:22 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://securepubads.g.doubleclick.net/tag/js/gpt.js
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 03FE 		140 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0d71b1f9bb2c1439edff9c640fedc7e649eeaa3a1d5b5b08199a6877b3328a71
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44544
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1663587528796173"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 22 Sep 2022 18:31:22 GMT
41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
d3plfjw9uod7ab.cloudfront.net/ad/ Frame C656 		97 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3plfjw9uod7ab.cloudfront.net/ad/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:7000:13:a391:88c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3936ef1c8f1732c0c04810760b747102dd4431bcc37689c27196de5d030ba858

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id
PidISEiOP90R_913dwkQ2_.B_dtaRt0p
content-encoding
br
last-modified
Thu, 14 Jul 2022 18:51:22 GMT
server
AmazonS3
age
4572
etag
W/"988ed904fe9935453a894f009ac11cc0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 89e34e3fd814f1393ef77867b93dd12e.cloudfront.net (CloudFront)
cache-control
max-age=7200, public
date
Thu, 22 Sep 2022 17:15:11 GMT
x-amz-cf-pop
FRA56-P4
x-amz-cf-id
vSuVxAtb_19SW9pdi_lJU6cZuRayNyDeVcep7UoSiWqB5Ytq8Ss4Gw==
view
securepubads.g.doubleclick.net/pcs/ Frame C656 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssJdUd9UC64vA5qtbkX-b3m4w0QNB4P8vpDrVX_PWhhBz_WVnRzumG3IugBvSu7lbxvTPeaTUEs7DcWtT5hWj5AKs2wDie9oJfS_lmkZfmRnJPGsJ4BxIC2eL_WD8JUuhhYtiZTtSS7MQ_CPjVZkFE28nrGhBmjeBzN_jZ3OlSfrWJ35yoR1rrHqqKuXeV9W6gbABbcwWeCiijm7_2MIhq5c4xhpOenBf2XX9sJ1-3I7UeuqVyk3unlzldTHMGsrzcFa1zRTBM0XCX0MD7dJRCJKJ0r8piuU7z2o2dyhsB8BOiGjzH8hvb-SIUsqLuHLdvA2V2MVAlrEHzC-W3M&sai=AMfl-YRtaMMXxnUPJHBEGAL3ho4NpMhvIPBtqdn7UHOsH1L3ad3DfXa5TQ_HuCcyP_PMAqWYpqphzA18xp-m_O93Ew5jn8uAH1RRS_YMcLhj25eXnszzUJQRex6ggx-scw&sig=Cg0ArKJSzEVWDu5IGou0EAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 22 Sep 2022 18:31:22 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
134cd2a0-7eab-4f89-ad56-f416cc5743c6.js
d3lcz8vpax4lo2.cloudfront.net/ads-code/ Frame C656 		197 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3lcz8vpax4lo2.cloudfront.net/ads-code/134cd2a0-7eab-4f89-ad56-f416cc5743c6.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2491:d000:1c:386f:ec80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
21366c3c33ff44793eef95d72777f5208600cdf01fcc7276ef1b10f16971b324

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id
kYmk9EMRbGR5H3wVywfrfZtApZliT_PM
content-encoding
gzip
last-modified
Thu, 01 Sep 2022 16:52:48 GMT
server
AmazonS3
age
15
etag
W/"006b57646e2d0d43de8a62774551d5e7"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 fa87f2173bfe5d35fd73cec71ab12a32.cloudfront.net (CloudFront)
cache-control
max-age=60
date
Thu, 22 Sep 2022 18:31:22 GMT
x-amz-cf-pop
FRA56-P7
x-amz-cf-id
fFlGP6Tp4Geh3kf3zw5fHWhxDzqbp9rgLeRCeQyM5t0ExJ1lW7QvYA==
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame C656 		140 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0d71b1f9bb2c1439edff9c640fedc7e649eeaa3a1d5b5b08199a6877b3328a71
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44544
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1663587528796173"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 22 Sep 2022 18:31:22 GMT
41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
d3plfjw9uod7ab.cloudfront.net/ad/ Frame 71C1 		97 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3plfjw9uod7ab.cloudfront.net/ad/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:7000:13:a391:88c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3936ef1c8f1732c0c04810760b747102dd4431bcc37689c27196de5d030ba858

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id
PidISEiOP90R_913dwkQ2_.B_dtaRt0p
content-encoding
br
last-modified
Thu, 14 Jul 2022 18:51:22 GMT
server
AmazonS3
age
4572
etag
W/"988ed904fe9935453a894f009ac11cc0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 89e34e3fd814f1393ef77867b93dd12e.cloudfront.net (CloudFront)
cache-control
max-age=7200, public
date
Thu, 22 Sep 2022 17:15:11 GMT
x-amz-cf-pop
FRA56-P4
x-amz-cf-id
vbyotAqPxtK8UQEWXsnZl1gPyRdG-bZteXHCYDd74ldoa-v-WhKvDA==
view
securepubads.g.doubleclick.net/pcs/ Frame 71C1 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstGmJKX9HbwMJAegSrPqC6Xr5c-XbXhXzUmQZnEOATsHNWHSG23R6ptLA14DnPzNoChU6dllZLQZkx4usiVqq2ynrpWq1wEBh134Q5RFE_Lsm66AT4dKpesgQ1PJcVgwvHHqaKHFQ0Z6qvdU3lnDrImW4DDbovQ7QyZX0-yxxY5R96qkvFY_9vBnHtY1dD98Pw2fE3GDcgP1H-3YBSAuSlzN98rz2yVf-NqCdqtYkcMpmWrHh8AYgP-pGSNuRvX7PtcTDG0Ej5RzuDXRgW2PbmOdMouMmRrEb133F8zagnWaGCEcrFnoTCNcCb5BxC-pqxHh-udoBeO8uk3mW79&sai=AMfl-YTSubCMkbJXf3gD5L0a1ndZYdZMbFm_Ma3HuGMgdc3H5Wm7rZ4w_gS6U2AP0R925uUai8yZJEoFUDBkJMUuMFrjcYBi6rHlYLOJsq0odfUc6-Cbyur-M-jyNMbXMw&sig=Cg0ArKJSzG52gw719GBkEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 22 Sep 2022 18:31:22 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
zone
tradehouse.advertserve.com/servlet/view/banner/javascript/ Frame 71C1 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://tradehouse.advertserve.com/servlet/view/banner/javascript/zone?zid=382&friendly=friendly_811281484&pid=0&fr=400&frlm=1&random=811281484&encode=1&origin=https%3A%2F%2Fwww.staradvertiser.com&referrer=https://www.staradvertiser.com/&cturl=https://adclick.g.doubleclick.net/pcs/click?xai=AKAOjsuceWQbKl9JmRPycKf-_Eiy11_l8YOndSWFmz8guSrFxZ8sBclLJ-xiAt4z4S4FBeY24vf1lffW9ld29uUde-g0bMqApdq7MN9-BBetM-yqgWEeJ3vB4TI8gyvEPC7U-4mFKATeVU7SMEMYmLpvSKg87DElh__BQWffp2T_fFUYXBH4aqZAptWvXzyjbi-O9nFpmrmXDAOdEb6oSSWMGjhxK2LBSA2JIspQBd8CKvN2vOVHv1GvLE3cZ47aFk9sYYXiAK0m3Md5oxmq55Yl6zNtUBklmctDSZRgy7TIaJlxHaC-rtTmme7Uy1-WMTu2hAx5S-k7ioFYnNXh&sai=AMfl-YTMlmzarS2NaD27_69bEptXnDOl7yd1gOPa9bobFsiAv8D_juOUzdSNxTDWi3zBPpF7ble_8v9B3hpi9etdDOXqDuxJIN2ZNC8bYVDTxKpKc2VQYPpwN6sbAgYd8w&sig=Cg0ArKJSzObeqr6uFfVTEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
172.255.62.200 London, United Kingdom, ASN36483 (GOSSAMERTHREADS, CA),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 71C1 		140 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0d71b1f9bb2c1439edff9c640fedc7e649eeaa3a1d5b5b08199a6877b3328a71
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44544
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1663587528796173"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 22 Sep 2022 18:31:22 GMT
container.html
d728ad254c91b2c39129194f45466e21.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 4BE6 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://d728ad254c91b2c39129194f45466e21.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.staradvertiser.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 22 Sep 2022 18:31:20 GMT
expires
Fri, 22 Sep 2023 18:31:20 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
d728ad254c91b2c39129194f45466e21.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 4B86 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://d728ad254c91b2c39129194f45466e21.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.staradvertiser.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 22 Sep 2022 18:31:20 GMT
expires
Fri, 22 Sep 2023 18:31:20 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
1710p4s4p868n18sn0pqps224o506381playlist.m3u8
d29xw9s9x32j3w.cloudfront.net/videos/m3u8/ 		291 B
841 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://d29xw9s9x32j3w.cloudfront.net/videos/m3u8/1710p4s4p868n18sn0pqps224o506381playlist.m3u8
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.145.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-145-10.cdg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
aaf8f12803b4ad271150052907885cc4ebe5d439479344e63ddde9818c0de7ef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 17:50:57 GMT
via
1.1 3a19e7746bbbb8dd91ed586197497ae8.cloudfront.net (CloudFront)
age
2426
x-cache
Hit from cloudfront
x-amz-storage-class
REDUCED_REDUNDANCY
content-disposition
attachment
content-length
291
last-modified
Thu, 22 Sep 2022 17:33:29 GMT
server
AmazonS3
etag
"e2e19d6283aa3991244b8bf397260182"
vary
Origin
access-control-allow-methods
GET, HEAD, POST
content-type
application/x-mpegURL
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin, Access-Control-Allow-Credentials
cache-control
max-age=86400
x-amz-cf-pop
CDG50-C2
accept-ranges
bytes
x-amz-cf-id
gTJCkcXsLAQATjgYoQLdauyS4X2RpRJg3YNNQNUjHjOpcLSiHrGipw==
stn_trk.gif
s2l.sendtonews.com/ 		26 B
186 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://s2l.sendtonews.com/stn_trk.gif?session=Kqg2J0vzlYL6FDsn&instance=214988373&version=7.8.0&age=220922&cmd=IMA&key=NxulL6Ef&c_id=13479&seq=1&order=4&absoluteTime=5389.9&relativeTime=2766.3&EXTREF=https://www.staradvertiser.com/&REF=https://www.staradvertiser.com/&playerCfg=BR&recoveryMethod=SSAI&imaVersion=3.532.0&blocked=false&recovered=false&hasAdParams=true
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.206.60.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-206-60-169.compute-1.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:22 GMT
last-modified
Wed, 23 Dec 2020 21:38:39 GMT
server
Apache/2.4.41 (Ubuntu)
accept-ranges
bytes
etag
"1a-5b72883b37f80"
content-length
26
content-type
image/gif
stn_trk.gif
s2l.sendtonews.com/ 		26 B
186 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://s2l.sendtonews.com/stn_trk.gif?session=Kqg2J0vzlYL6FDsn&instance=214988373&version=7.8.0&age=220922&ldt=BIDS&key=NxulL6Ef&c_id=13479&seq=1&order=5&absoluteTime=5390.6&relativeTime=2767&sm_id=2254305&visiblestatecd=I&soundcd=OFF&alt=0&sC_ID=4735&load=1&status=LVFNSNIY&ac_id=2008&prebid.cid=0&prebid.bidders.ix.time=1187.8&prebid.bidders.triplelift.time=1185.2&prebid.bidders.rubicon.time=1184.8&prebid.bidders.spotx.time=1183.3&prebid.bidders.pubmatic.time=1183.1&prebid.bidders.appnexus.time=1182.1&prebid.start=4184.9&prebid.time=1194&prebid.timeout=3000
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.206.60.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-206-60-169.compute-1.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:22 GMT
last-modified
Wed, 23 Dec 2020 21:38:39 GMT
server
Apache/2.4.41 (Ubuntu)
accept-ranges
bytes
etag
"1a-5b72883b37f80"
content-length
26
content-type
image/gif
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.staradvertiser.com
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 22 Sep 2022 18:31:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 19D2 		90 B
134 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/64947e15/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
28046ddcb2fdf4957605e9ec2ce9969e03cc043986f9af8cadda905f87fcb8f8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-User-Agent
grpc-web-javascript/0.1
Referer
https://www.youtube.com/
X-Goog-Api-Key
AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
application/json+protobuf

Response headers

date
Thu, 22 Sep 2022 18:31:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/json+protobuf; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
vary
Origin, X-Origin, Referer
content-length
110
x-xss-protection
0
GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method
POST
Origin
https://www.youtube.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-goog-api-key,x-user-agent
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://www.youtube.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
content-type
text/html
date
Thu, 22 Sep 2022 18:31:22 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
0aaee50d-8d2a-4f98-9e5e-d5adf287756e.jpeg
storage.googleapis.com/ownlocal-platform-production/public/images/logos/600/ Frame 232F 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://storage.googleapis.com/ownlocal-platform-production/public/images/logos/600/0aaee50d-8d2a-4f98-9e5e-d5adf287756e.jpeg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
0e5876173a8f57713e246920bf4f8208f9df85eab7beb95193ff9bccab26c533

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:22 GMT
age
0
x-guploader-uploadid
ADPycdueb7VG-D6G_m8tBjllQEnGgm7MlcqKOZdI6z1GFxPx-gtMRSyT9oplQe2O7TZi5_IZuJKgASMBKJmL-B7K0zW6BA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28946
last-modified
Thu, 15 Sep 2022 06:19:07 GMT
server
UploadServer
etag
"a39bd23ebe0a6a1bbfb069af40e49164"
x-goog-hash
crc32c=Eqt6hA==, md5=o5vSPr4Kahu/sGmvQOSRZA==
x-goog-generation
1663222747267411
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=3600
x-goog-stored-content-length
28946
accept-ranges
bytes
content-type
image/jpeg
expires
Thu, 22 Sep 2022 19:31:22 GMT
Inter-roman.var.woff2
rsms.me/inter/font-files/ Frame 232F 		222 KB
223 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://rsms.me/inter/font-files/Inter-roman.var.woff2?v=3.19
Requested by
Host: rsms.me
URL: https://rsms.me/inter/inter.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:4ea2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
17fe38ab302c7e5dbfb5c3d87801092d79be958500db6412ed3bc0f126bd53d3

Request headers

Referer
https://rsms.me/inter/inter.css
Origin
https://www.staradvertiser.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-fastly-request-id
a5a8f128cb6e3115a7851c94d4b010619fad4b2c
date
Thu, 22 Sep 2022 18:31:22 GMT
via
1.1 varnish
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1
x-cache
HIT
x-cache-hits
5
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
227180
x-served-by
cache-fra19127-FRA
last-modified
Sun, 18 Sep 2022 23:00:33 GMT
server
cloudflare
x-github-request-id
75DA:0A57:1123AA4:11CA73B:6327A353
x-timer
S1663546620.612753,VS0,VE1
etag
"6327a311-3776c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lugurhgHLU033XtOSFyUc1YtNao9RI2pVV0J7I6PQuzcLPClRd%2BiV4ADeHV0lar2z41L8mStR4H5umSTj7RH4ZfbEt86VUoaAsEigDdkTQ070fsT0UNyj1PMh0stMbwZESVxwAPW"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=2678400
x-proxy-cache
HIT
accept-ranges
bytes
cf-ray
74ed1dfcd9729bfb-FRA
x-origin-cache
HIT
expires
Thu, 22 Sep 2022 17:15:18 GMT
materialdesignicons-webfont.woff2
cdn.jsdelivr.net/npm/@mdi/font@4.5.95/fonts/ Frame 232F 		256 KB
257 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/@mdi/font@4.5.95/fonts/materialdesignicons-webfont.woff2?v=4.5.95
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/@mdi/font@4.5.95/css/materialdesignicons.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f824000649b12b68a220a0120c606932d0740bd5332770a244473db773185e4a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://cdn.jsdelivr.net/npm/@mdi/font@4.5.95/css/materialdesignicons.min.css
Origin
https://www.staradvertiser.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
age
2646543
x-jsd-version
4.5.95
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
262440
etag
W/"40128-4s6MGTGrA2fPV5r2GYYmCP/EkkA"
x-served-by
cache-fra19180-FRA, cache-hhn4049-HHN
x-jsd-version-type
version
date
Thu, 22 Sep 2022 18:31:22 GMT
vary
Accept-Encoding
content-type
font/woff2
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
tp-production
us-central1-kube-ownlocal.cloudfunctions.net/ Frame 232F 		26 B
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-central1-kube-ownlocal.cloudfunctions.net/tp-production?stm=1663871482367&e=pv&url=https%3A%2F%2Fwww.staradvertiser.com%2F&page=AdForge%20Ad%20Unit&refr=https%3A%2F%2Fwww.staradvertiser.com%2F&tv=js-2.10.2&tna=origami-tracker&aid=origami-unit&p=web&tz=UTC&lang=en-US&cs=UTF-8&f_pdf=1&f_qt=0&f_realp=0&f_wma=0&f_dir=0&f_fla=0&f_java=0&f_gears=0&f_ag=0&res=1600x1200&cd=24&cookie=1&eid=26ed137a-4819-4575-8d4a-7eece7a0d3c6&dtm=1663871481674&vp=300x250&ds=300x250&vid=1&sid=72acb24d-6b0a-4f5b-8a8e-25c13d12bb63&duid=6ff5801c-2ee1-40a9-a569-36b3114c4a92&fp=577415770&cx=eyJzY2hlbWEiOiJpZ2x1OmNvbS5zbm93cGxvd2FuYWx5dGljcy5zbm93cGxvdy9jb250ZXh0cy9qc29uc2NoZW1hLzEtMC0wIiwiZGF0YSI6W3sic2NoZW1hIjoiaWdsdTpjb20ub3dubG9jYWwvb3JpZ2FtaV9jdHgvanNvbnNjaGVtYS8xLTAtMCIsImRhdGEiOnsiYWlkIjoiYTg3OWNkOWMtMTA0My00OGZhLTliMWUtMDkzYjc1ZDdlMWQzIiwiYmlkIjoiOTM1NTAzNjktOGE0Mi00NTE3LTg2Y2QtNGFkNGNlNjdiNDQzIiwicGlkIjoiMTFkOGJmMDEtNGEwZC00MmYxLTljODItMzlmMWI3NzI2MjM0In19XX0
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:36::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend / Express
Resource Hash
09f9f507e1b9603cb213244da6e536b850fc6934a4e28701a53a341562e62c34

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:22 GMT
server
Google Frontend
x-powered-by
Express
etag
W/"1a-Hjpuc/IrHLWXlDT8bmHFqznVniY"
content-type
image/gif; charset=utf-8
access-control-allow-origin
*
x-cloud-trace-context
453d70991c49d2d3e82a111bdbdbecde
function-execution-id
l4qnkx5be0lz
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26
f6f3db87-13a2-4523-82bf-eebb764818ef.jpeg
storage.googleapis.com/ownlocal-platform-production/public/images/categories/300/ Frame 232F 		43 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://storage.googleapis.com/ownlocal-platform-production/public/images/categories/300/f6f3db87-13a2-4523-82bf-eebb764818ef.jpeg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
092c53b50ef01631c3b6a171fa30257a1461bfae98689d17d1b9b0b085daff04

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:22 GMT
age
0
x-guploader-uploadid
ADPycdv6TkpH2mjbLlzeWvloTgmG87t7ntsg5fj6q1H4p6CzdqME3JPjivbIjlNT4Por4JJOzHxaSJl82ymShvVCXxeK8w
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43652
last-modified
Thu, 15 Sep 2022 06:04:09 GMT
server
UploadServer
etag
"5bac1119edad18c5fb779e53f2a0f06c"
x-goog-hash
crc32c=yA3vCA==, md5=W6wRGe2tGMX7d55T8qDwbA==
x-goog-generation
1663221849373580
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=3600
x-goog-stored-content-length
43652
accept-ranges
bytes
content-type
image/jpeg
expires
Thu, 22 Sep 2022 19:31:22 GMT
collect
j.clarity.ms/ 		0
48 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://j.clarity.ms/collect
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.85.30.134 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://www.staradvertiser.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-origin
https://www.staradvertiser.com
date
Thu, 22 Sep 2022 18:31:21 GMT
access-control-allow-credentials
true
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
request-context
appId=cid-v1:3f60b293-70d6-4805-b0bb-3484f0a73bf0
/
www.facebook.com/tr/ Frame 2DAF 		0
15 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://www.staradvertiser.com
Referer
https://www.staradvertiser.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
https://www.staradvertiser.com
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
content-type
text/plain
cross-origin-resource-policy
cross-origin
date
Thu, 22 Sep 2022 18:31:22 GMT
priority
u=0
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
cast_sender.js
www.gstatic.com/eureka/clank/105/ Frame 19D2 		52 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/eureka/clank/105/cast_sender.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c12337c132fc5b05766adf8806c16a2950c0591708c0c45263bc1496979c1870
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 12:56:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
20118
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15116
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 15:05:52 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview-release"
vary
Accept-Encoding
report-to
{"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type
text/javascript
cache-control
public, max-age=86400
accept-ranges
bytes
expires
Fri, 23 Sep 2022 12:56:04 GMT
gtm.js
www.googletagmanager.com/ 		110 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TV3WXZ5
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
19017cdc601aa34cf014ee43bbe16a2e8c888e46335946dd24253c1380d46888
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:22 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43567
x-xss-protection
0
last-modified
Thu, 22 Sep 2022 18:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 22 Sep 2022 18:31:22 GMT
photo-1580582932707-520aed937b7b
images.unsplash.com/ Frame 1468 		37 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.unsplash.com/photo-1580582932707-520aed937b7b?ixid=Mnw4MTQ0MXwwfDF8c2VhcmNofDE0fHxTY2hvb2x8ZW58MHx8fHwxNjYzMTM4ODk1&ixlib=rb-1.2.1&utm_source=api_app&utm_medium=referral&utm_campaign=api-credit&auto=format&w=600&h=500&fit=crop&crop=entropy
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:41::720 Vienna, Austria, ASN54113 (FASTLY, US),
Reverse DNS
Software
imgix /
Resource Hash
91300a321384409f67ff8b78859154cb77e88ae267c858d5aa797e85d316b7ac
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:22 GMT
x-content-type-options
nosniff
age
732571
x-cache
HIT, HIT
x-imgix-id
b6d01fe7bb6ea42fe515f0987fd12761027ef24b
content-length
38391
x-imgix-render-farm
01.592
last-modified
Wed, 14 Sep 2022 07:01:50 GMT
server
imgix
x-served-by
cache-sjc10023-SJC, cache-vie6367-VIE
vary
Accept, User-Agent
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=315360000
accept-ranges
bytes
cross-origin-resource-policy
cross-origin
1710p4s4p868n18sn0pqps224o506381.m3u8
d29xw9s9x32j3w.cloudfront.net/videos/m3u8/300k/ 		3 KB
876 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://d29xw9s9x32j3w.cloudfront.net/videos/m3u8/300k/1710p4s4p868n18sn0pqps224o506381.m3u8
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.145.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-145-10.cdg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
78de156bd0e5d06b4b8776af15d929962969e7323e898d1f564d658be60fbe52

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 17:51:13 GMT
content-encoding
gzip
age
2410
x-cache
Hit from cloudfront
x-amz-storage-class
REDUCED_REDUNDANCY
content-disposition
attachment
access-control-allow-origin
*
last-modified
Thu, 22 Sep 2022 17:34:55 GMT
server
AmazonS3
etag
W/"b73d6c2f60c4c9e40daecdc014b56685"
vary
Accept-Encoding,Origin
access-control-allow-methods
GET, HEAD, POST
content-type
application/x-mpegURL
via
1.1 3a19e7746bbbb8dd91ed586197497ae8.cloudfront.net (CloudFront)
access-control-expose-headers
Access-Control-Allow-Origin, Access-Control-Allow-Credentials
cache-control
max-age=86400
x-amz-cf-pop
CDG50-C2
x-amz-cf-id
QYCSlPf8W_s4lE0o60bfKEIpqFzV9U7XOsFQlon9TrLYDiCMyrNdqw==
41e899d4-eecb-4906-b3ea-3f7a3f7fae2f
analyticssystems.net/api/v2/ad/impression/ Frame EA2D 		0
485 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analyticssystems.net/api/v2/ad/impression/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f?rand=138007
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:251b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:22 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mexIlOh%2BH0dakEBxuRGjeSbessxSEcekYcopQJJbnjIR9y1t%2FGSB4dP6Yyv4o78N6hxx7kO9UK6D8nwaF5uTwezy5F5q6wLY4JJtKcfeTMUyry28MwregI5HqbOuihu2rxOdHjXJd4y%2Fm09pW5fRXmMBVw%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
cf-ray
74ed1dfe7b189957-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-request-id
FxdCTEZCs34Aky0BlLox
41e899d4-eecb-4906-b3ea-3f7a3f7fae2f
analyticssystems.net/api/v2/ad/impression/ Frame 457F 		0
492 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analyticssystems.net/api/v2/ad/impression/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f?rand=122655
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:251b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:22 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UPgTjZwKRcVcfWyoNaB%2BDXKjeS%2B8j8uKLZlLk0MnJav1qrE%2BRk%2B6tWZS5T9NdFSddktztA%2BsbpXLt5q7ymTyexEe%2Bb5KdTRvQTIGp%2BOOKXliGlXIRpsm1j9dgBjcvJhHvofGnAk4V6BfE8EoFbp73Rly9Q%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
cf-ray
74ed1dfe8b2d9957-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-request-id
FxdCTEa3WMhhXrMBxaEB
41e899d4-eecb-4906-b3ea-3f7a3f7fae2f
analyticssystems.net/api/v2/ad/impression/ Frame 79CB 		0
490 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analyticssystems.net/api/v2/ad/impression/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f?rand=997789
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:251b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:22 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pPYskdw%2BpxCGEnRW3hhBX2rGQmA3%2FrRwgt8jmblotCwZVXANvs9XXLaE%2FuLLBaI3QVj62vMLbooaqQII93BbYBaK%2Fk0GRl%2BPMmI1oOEbL2oQHDFm8p4sPUH3t459LfjyZ8%2BqzWDexAIBh6yQHkPR2521Iw%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
cf-ray
74ed1dfe9b449957-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-request-id
FxdCTEdJzuFWNI8By0Yh
lg.php
cdn.firstimpression.io/delivery/ Frame 954B 		1 B
456 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://cdn.firstimpression.io/delivery/lg.php?bannerid=67473%7C67474%7C67475%7C68125%7C68321%7C68413%7C68422%7C76814%7C77576%7C83342%7C93650%7C103210&campaignid=43%7C15%7C9%7C13%7C16%7C18%7C11%7C22%7C7%7C44%7C6%7C34&zoneid=110722%7C110722%7C110722%7C110722%7C110722%7C110722%7C110722%7C110722%7C110722%7C110722%7C110722%7C110722
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/fiamp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.240.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-240-121.vie50.r.cloudfront.net
Software
nginx/1.20.0 / PHP/8.0.14
Resource Hash
cdb4ee2aea69cc6a83331bbe96dc2caa9a299d21329efb0336fc02a82e1839a8

Request headers

Referer
https://www.staradvertiser.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 22 Sep 2022 18:31:22 GMT
content-encoding
gzip
server
nginx/1.20.0
x-amz-cf-pop
VIE50-C1
x-powered-by
PHP/8.0.14
vary
Accept-Encoding
x-cache
Miss from cloudfront
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.staradvertiser.com
cache-control
no-cache, no-store, must-revalidate
content-type
text/html; charset=UTF-8
x-amz-cf-id
59GySr3r_rL9tSoPA1gxabbSyNDOx4l6zlsPrqRCJS4zxdS0XHEYuA==
via
1.1 108e63109879954f4e720db50559f788.cloudfront.net (CloudFront)
expires
0
/
hb.emxdgt.com/ Frame 954B 		0
164 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.emxdgt.com/?t=2000&ts=1663871482672&src=pbjs
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/prebidamp.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.158.236.126 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-158-236-126.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.staradvertiser.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.staradvertiser.com
date
Thu, 22 Sep 2022 18:31:22 GMT
cache-control
no-cache
access-control-allow-credentials
true
access-control-allow-headers
security, Content-Type
prebid
ib.adnxs.com/ut/v3/ Frame 954B 		138 B
840 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/prebidamp.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
fc358de901e4d8771d27fff7a31da2e98ff5e4a0cd71a955bb698dbbe09f4e39
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.staradvertiser.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 22 Sep 2022 18:31:22 GMT
X-Proxy-Origin
185.213.155.166; 185.213.155.166; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
dc4d2346-df16-47e5-8c56-04578a2b8cde
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.staradvertiser.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
138
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cygnus
htlb.casalemedia.com/ Frame 954B 		36 B
545 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=505551&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%225bb0afdfec3261%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Fwww.staradvertiser.com%2F%22%2C%22page%22%3A%22https%3A%2F%2Fwww.staradvertiser.com%2F%22%2C%22domain%22%3A%22staradvertiser.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22staradvertiser.com%22%7D%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%226.2.0%22%2C%22userIds%22%3A%5B%5D%2C%22fpd%22%3Atrue%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2266668c477d9e0b%22%2C%22banner%22%3A%7B%22topframe%22%3A0%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22505551%22%2C%22sid%22%3A%22728x90%22%7D%7D%5D%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22firstimpression.io%22%2C%22sid%22%3A%227470%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%7D%7D
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/prebidamp.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fbb27e565552558c3ac390c844df239fb6e649cad97fa1877472e53eb91f6dd2

Request headers

Referer
https://www.staradvertiser.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 22 Sep 2022 18:31:22 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B0eAHfxImD7B9YQ7%2FclZsPNJi4JL3DbrJtk0ErMw0EP1OMaobuUYMIEV7SG1SKPBSEua3V%2FZhqXRe2PYG5AyjG2Da8Mdvax9Y%2FpU7uclvQo5oQ0WQGjovUu6PyQWEKDp3bqCrZEq"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.staradvertiser.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
74ed1dfeeb339c12-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
36
expires
0
mvo
tag.1rx.io/rmp/212956/0/ Frame 954B 		0
170 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.1rx.io/rmp/212956/0/mvo?z=1r&hbv=6.2,2.1
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/prebidamp.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.43 Amsterdam, Netherlands, ASN3356 (LEVEL3, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.staradvertiser.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.staradvertiser.com
pragma
no-cache
date
Thu, 22 Sep 2022 18:31:22 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
bid
ap.lijit.com/rtb/ Frame 954B 		24 B
654 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_6.2.0
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/prebidamp.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
209.191.163.209 , United States, ASN14744 (INTERNAP-BLOCK-4, US),
Reverse DNS
Software
/
Resource Hash
f7280b9d3162438ba4d6b613c36aa57e97c55667542c9013412a91130c84dea8

Request headers

Referer
https://www.staradvertiser.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

Date
Thu, 22 Sep 2022 18:31:23 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.staradvertiser.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap3sfo1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
24
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 954B 		371 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=18438&site_id=202928&zone_id=1486010&size_id=2&rp_schain=1.0,1!firstimpression.io,7470,1,,,&rf=https%3A%2F%2Fwww.staradvertiser.com%2F&tg_i.ref=https%3A%2F%2Fwww.staradvertiser.com%2F&tg_i.page=https%3A%2F%2Fwww.staradvertiser.com%2F&tg_i.domain=staradvertiser.com&tg_i.figroup=a3&tk_flint=pbjs_lite_v6.2.0&x_source.tid=7d629046-6379-493f-9ff4-d51df3167a24&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&rp_maxbids=1&slots=1&rand=0.9310769768400085
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/prebidamp.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
99a3f66de1863ba8d98263cb5dee8f8f4ed9ff5d081ae0a84fbcdc1437e177fb

Request headers

Referer
https://www.staradvertiser.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 22 Sep 2022 18:31:22 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.staradvertiser.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
371
Expires
Wed, 17 Sep 1975 21:32:10 GMT
translator
hbopenbid.pubmatic.com/ Frame 954B 		0
65 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/prebidamp.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.22 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.staradvertiser.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.staradvertiser.com
date
Thu, 22 Sep 2022 18:31:21 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cdb
bidder.criteo.com/ Frame 954B 		0
224 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.2.0&cb=68288806685
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/prebidamp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.staradvertiser.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 22 Sep 2022 18:31:22 GMT
server
Finatra
vary
Origin
access-control-allow-origin
https://www.staradvertiser.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
prebid
ib.adnxs.com/ut/v3/ Frame 954B 		139 B
841 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/prebidamp.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4bc1ecce260e7dda741c29ee094d34765e9af0d3796ba86f2dd2c0fa58026cc8
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.staradvertiser.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 22 Sep 2022 18:31:22 GMT
X-Proxy-Origin
185.213.155.166; 185.213.155.166; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
6e5af044-d0de-44ef-a298-722367e299cf
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.staradvertiser.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
139
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
arj
firstimpression-d.openx.net/w/1.0/ Frame 954B 		73 B
382 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://firstimpression-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.staradvertiser.com%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=7d629046-6379-493f-9ff4-d51df3167a24&nocache=1663871482687&schain=1.0%2C1!firstimpression.io%2C7470%2C1%2C%2C%2C&aus=728x90&divids=fiInstance_110722_0_4127479355153943_unit&aucs=&auid=540910482&aumfs=10
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/prebidamp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
c98566cf4501541514c7cabaf8b654bea066d820793e6496791d1f6913415001

Request headers

Referer
https://www.staradvertiser.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 22 Sep 2022 18:31:22 GMT
content-encoding
gzip
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.staradvertiser.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
78
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
apstag.js
c.amazon-adsystem.com/aax2/ Frame 954B 		167 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/fiamp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.64.114.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-64-114-85.txl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d420ee64cb607d68e208a3105b39934807ed2e4d43ced2542f7b6b0cd153ca43

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Thu, 22 Sep 2022 17:57:15 GMT
via
1.1 814952d19d560b49ff15ad2f71e400d2.cloudfront.net (CloudFront), 1.1 1a620bb236f3df5588fc787c47ccfafa.cloudfront.net (CloudFront)
last-modified
Thu, 15 Sep 2022 20:15:31 GMT
server
AmazonS3
age
2048
etag
W/"da0e8e1151d3ebb7a34f07d19a6e05d0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-pop
FRA60-P1, TXL50-P4
content-encoding
gzip
x-amz-cf-id
ZncEVkIaZ4JDndKqrpqZUyBFzJxoBFACf-CWCMjZ9tS03xiSfmi12w==
41e899d4-eecb-4906-b3ea-3f7a3f7fae2f
analyticssystems.net/api/v2/ad/impression/ Frame 03FE 		0
489 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analyticssystems.net/api/v2/ad/impression/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f?rand=183364
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:251b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:22 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F%2BS7c%2BGZoC244DvAQm9TbfrN%2FoFIAi43Q%2BhDMOnPWdWeh1AZssTqqsjHj10VNUW6s0UgJJJ6gkY9OqvwjM4EIFXpkNb7kTgKw63NR89HrZ3saYCWsj33dk3mW6y725u%2F%2BikixxYJKcqynyInoWLfBFNtiA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
cf-ray
74ed1dfedbb39957-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-request-id
FxdCTFAKrzV7PAYAxIdi
41e899d4-eecb-4906-b3ea-3f7a3f7fae2f
analyticssystems.net/api/v2/ad/impression/ Frame C656 		0
491 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analyticssystems.net/api/v2/ad/impression/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f?rand=903742
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:251b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:22 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XHHgLyGNHuUG9E4k6%2BDWHmCuxM7QwvkLTBP4vCXRC2QlP9SEcSzBtIO%2FMzZsbY0yuWs6ZI94FgxGObXTu9b7Wp5rs%2BGxZqwlz2Klf6SKVbPgsCI%2BPuJO3shXeJWTJfTNb%2Be0RP6nawyrqPtlwe3oWCrQXQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
cf-ray
74ed1dfefbf89957-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-request-id
FxdCTFFCTR-bQCkDH5bh
41e899d4-eecb-4906-b3ea-3f7a3f7fae2f
analyticssystems.net/api/v2/ad/impression/ Frame 71C1 		0
488 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analyticssystems.net/api/v2/ad/impression/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f?rand=946020
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:251b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:22 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5e6MWigJRM9WqUe5VNfOhE%2B6PoDad8e6mRAqrwVwY%2BGlE84Sxk0MyPdQPjCA44CI57JmP2uOsHd%2BvvBpEJ97x5raQ%2FVNt5I9XfIKsB2%2BCaBGAkDdanBuGLlPkmOupO5ZnxCvBgD8MJmXLflCbiJQ71KvpA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
cf-ray
74ed1dff0c189957-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-request-id
FxdCTFG1toIfpIUCKiAB
ads
pubads.g.doubleclick.net/gampad/ Frame 9DAC 		45 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F92056281%2C5136785%2Fhonolulustar-advertiser-premium&env=vp&gdfp_req=1&unviewed_position_start=1&ad_rule=1&output=xml_vmap1&sz=480x270&ciu_szs=300x60&description_url=https%3A%2F%2Fwww.staradvertiser.com%2F&hl=en&vpa=auto&vpmute=1&vconp=2&cmsid=2460952&vid=2254305&us_privacy=false&cust_params=sessionKey%3D214988373-Kqg2J0vzlYL6FDsn%26schain%3Dsendtonews.com%2CL7r5UMGIQVI6qe1BoRgEAg%26content%3D4735%26placementType%3DPremium%26embed%3DNxulL6Ef%26domain%3Dstaradvertiser.com%26player_size%3Dlarge%26player_width%3D282%26player_height%3D227%26player_type%3Dbarker%26version%3D7.8.0%26player_status%3DLVFNLNIY%26play_code%3D2008%26view100%3D1%26excl_cat%3Dstl_id00014%26rand%3D6%26us_privacy%3Dfalse&sdkv=h.3.532.0&osd=2&frm=0&vis=1&sdr=1&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&u_so=l&ctv=0&mpt=stnvideo%2Fplayer&sdki=445&ptt=20&adk=2458199627&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.532.0&sid=04DED731-241B-4DE8-8805-A72C0C060352&nel=0&eid=44748969%2C44754420%2C44760950%2C44765701&url=https%3A%2F%2Fwww.staradvertiser.com%2F&dlt=1663871477769&idt=3803&dt=1663871482731&cookie=ID%3D6b1163197e313caf%3AT%3D1663871480%3AS%3DALNI_MZN69JqttAfEr_IetFEmKdriJnV6g&cookie_enabled=1&correlator=2546722349721125&scor=1085602343736678&ged=ve4_td5_tt2_pd5_la5000_er0.0.0.0_vi0.0.1200.1600_vp0_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.532.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4aa5b6229cd6273d34e11a5b7e4190461995418cdea37e600713735d33cccbb8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:22 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1590
x-xss-protection
0
google-lineitem-id
0
pragma
no-cache
server
cafe
google-creative-id
0
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
d3plfjw9uod7ab.cloudfront.net/ad/ Frame ED50 		97 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3plfjw9uod7ab.cloudfront.net/ad/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Requested by
Host: d728ad254c91b2c39129194f45466e21.safeframe.googlesyndication.com
URL: https://d728ad254c91b2c39129194f45466e21.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:7000:13:a391:88c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3936ef1c8f1732c0c04810760b747102dd4431bcc37689c27196de5d030ba858

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d728ad254c91b2c39129194f45466e21.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id
PidISEiOP90R_913dwkQ2_.B_dtaRt0p
content-encoding
br
last-modified
Thu, 14 Jul 2022 18:51:22 GMT
server
AmazonS3
age
4572
etag
W/"988ed904fe9935453a894f009ac11cc0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 89e34e3fd814f1393ef77867b93dd12e.cloudfront.net (CloudFront)
cache-control
max-age=7200, public
date
Thu, 22 Sep 2022 17:15:11 GMT
x-amz-cf-pop
FRA56-P4
x-amz-cf-id
rRv0HLj99AgYVbjHwnsCDOEje5WC3hoROmIecWxwm71haDS3pwZdxw==
adview
securepubads.g.doubleclick.net/pagead/ Frame ED50 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CDM0_-KksY-TZPLDK7_UPu7eUqArJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTMyMzg1NTUyMTg1ODg0MzmgAdW20uoDyAEJqQJRkiwkv3iwPuACAKgDAaoEjAJP0BQWJUFwle9V2J5_nSXkGxeQ0xxITrODZatVfDrtmnz-S0nmjk9vH1hZcHBvUMaAIVglImsb8dvAtyRNXBDYMU0s0A4BCP79eD7G81qQwuZdKx6rfIvQk32vE26O7tH3OBbaLr96QO0dFTcqKyi6uN8XmgeUYbnCOT-ZWvdugNvn5uDZGG4g5pOXLORMIZFUcNQad6tiyVOLaL1kuIQC54FeyJPxJF26OEzndVFhzT1GitqFYvbSvejD78ayJ7TWBJXt5JfPw9UWt19tirIOmBlTHkFuBRFVsTqPJJp6CY14e_dVCosLGcSVWx1_FAAvTENTIiAE6rKjp7eC8rV-D652pUjBNsV6X6hI4AQBgAaWmt3Y0N-Y5osBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YBwEAEyAusCOgKAQIAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi0zMjM4NTU1MjE4NTg4NDM5GLGzDA&sigh=H02IVfO9-Gs&uach_m=[UACH]&cid=CAQSOwCsnQUxDtU3dJXiZ_PS1kdyhLwxIxCuCh1UjgbqBZbX5D9xaqe-WqGQJFtL_kmg7AJjryIBr8_N0L0rGAE
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d728ad254c91b2c39129194f45466e21.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers
notify
rtb.nl.eu.criteo.com/google/auction/ Frame ED50 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=k5C6Eu-UWKwCZJ2DYgICAAAADAsh5-b0ABezYYIJ0TkUqBD5qSxj-kikSQsUBREAmWMAEgAA&wp=Yyyp-AAPLOQIu-UwAAUbuw6LzDfe00S78k6aZg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d728ad254c91b2c39129194f45466e21.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:22 GMT
server
Kestrel
server-processing-duration-in-ticks
154619
content-length
0
strict-transport-security
max-age=31536000; preload;
afr.php
ads.eu.criteo.com/delivery/r/ Frame E1BA 		127 KB
43 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=Yyyp-AAPLOQIu-UwAAUbuw6LzDfe00S78k6aZg&u=%7ChIUXIrGDpJLB33NFN%2B3rCXe2AtJekpDZuvl0gFCv2bk%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNy44cDHK1QYNdJ71gdyCWvylMYxXMLCj4fODidRdwMR55tQ-B9hy0g4MQ3Y2uLD3JJ7lEKfzn4aFBSnAzQtPDFlUCNVr5sGfcUGLidg4S-JIc8fkmU7t_3lDQ-7uQxz5KC1LVpZy0lTa47_eeDpJKgFIqyafXhv162gFLR43EChItsYynTLOrVYw7Xvntv1WZxGmwZA1EiEi2zVPGXSbK9GhrMGiMwJURESq7rVw--kcOCp7nieQq5XY1ZIpbKSVjSYozomh1w65iM4eXCeJp7G7V4FRP88_JQnm5cNer5kQaUNtQbVLysjqCDWd4GLZt6HIFEhmm8nIeSK6hGQgfU1oZ2-MfYrKAq4WWH_m9HYby1rekhU_OJXaYhFKP3DRpqYfQem3JtNGI3cvBXqg7sh1d8l7Jk7mlCT4BGh-Bkg_lmQ0IOCDdCCRpasPsxBL0-bCARgZ-Grtr32oZ9UMlssSMisy958bc-MCRG4d8elEigRpLbUZiebWfBMEjyiUqyyUyBCIthKQHlfnh85NMDMQCISVJSN3BD4oOt8T1UHUiEGwTJnQ-hNa56F65jt-tHGtnoDsdEURWYIc9zriXgjwdc1LIWe16WpZuQxQDnfg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCVk0s-KksY-TZPLDK7_UPu7eUqArJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTMyMzg1NTUyMTg1ODg0MzmgAdW20uoDyAEJqQJRkiwkv3iwPuACAKgDAaoEjwJP0BQWJUFwle9V2J5_nSXkGxeQ0xxITrODZatVfDrtmnz-S0nmjk9vH1hZcHBvUMaAIVglImsb8dvAtyRNXBDYMU0s0A4BCP79eD7G81qQwuZdKx6rfIvQk32vE26O7tH3OBbaLr96QO0dFTcqKyi6uN8XmgeUYbnCOT-ZWvdugNvn5uDZGG4g5pOXLORMIZFUcNQad6tiyVOLaL1kuIQC54FeyJPxJF26OEzndVFhzT1GitqFYvbSvejD78ayJ7TWBJXt5JfPw9UWt19tirIOmBlTHkFuBRFVsTqPJJp6CY14e_dVCskJOFYS1IFsq5w775NuhNgN_rgVrZmacAG2MgiEGlbtLkDQ27v3nDGP4AQBgAaWmt3Y0N-Y5osBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YBwEAEyAusCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3uVn_vXnUP5W6OXrQ1iFPoN9D3NQ%26client%3Dca-pub-3238555218588439%26adurl%3D
Requested by
Host: d728ad254c91b2c39129194f45466e21.safeframe.googlesyndication.com
URL: https://d728ad254c91b2c39129194f45466e21.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::b , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
3c274720d3ba6d9da9a6a1feb5e9edabff5c73b23bcf552b70cd105f18baa432
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://d728ad254c91b2c39129194f45466e21.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Thu, 22 Sep 2022 18:31:22 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=ZXNQZ9sDNmC2JH9r_jjzsLLVBR4sd5u67ruVnJI_ZUzQpB0ep8X8LLRENd_mfY-BM8B9DNsZtREcjwQaNirZkrwUJKQh4oPEBBW47Dn8H3uB25SaJaRNbQIDfjb3axnvaxwRzwScOr64YNgf2d59-WNdEFGyiv1vp4EX1chGGCJvX6WPAL3HmPjOI3Z42GMs1HJ-4dPCAy3E7TmFgzM0poACXiE3rXdcs91GXYrfNI4WeOj2j-zuRfD3anisNI_VScQ2Xw"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
78664364
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220919/r20110914/client/ Frame ED50 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220919/r20110914/client/window_focus_fy2021.js
Requested by
Host: d728ad254c91b2c39129194f45466e21.safeframe.googlesyndication.com
URL: https://d728ad254c91b2c39129194f45466e21.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d728ad254c91b2c39129194f45466e21.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:24:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
428
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 06 Oct 2022 18:24:14 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220919/r20110914/client/ Frame ED50 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220919/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: d728ad254c91b2c39129194f45466e21.safeframe.googlesyndication.com
URL: https://d728ad254c91b2c39129194f45466e21.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
343e8bb1ac79eaf674b71ae9b5da8696724016649576600cdeaf11b69704ea40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d728ad254c91b2c39129194f45466e21.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:26:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
308
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7568
x-xss-protection
0
server
cafe
etag
16266204680973569043
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 06 Oct 2022 18:26:14 GMT
l
www.google.com/ads/measurement/ Frame ED50 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTUk5deaom90wpgjDe9zYilryhT027zWHd8ebWPRWf9-nu4A3Mj891KWZzjYwCq89C8Ukbk
Requested by
Host: d728ad254c91b2c39129194f45466e21.safeframe.googlesyndication.com
URL: https://d728ad254c91b2c39129194f45466e21.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d728ad254c91b2c39129194f45466e21.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame ED50 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: d728ad254c91b2c39129194f45466e21.safeframe.googlesyndication.com
URL: https://d728ad254c91b2c39129194f45466e21.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d728ad254c91b2c39129194f45466e21.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 07:13:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
127088
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 21 Sep 2023 07:13:14 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame ED50 		140 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: d728ad254c91b2c39129194f45466e21.safeframe.googlesyndication.com
URL: https://d728ad254c91b2c39129194f45466e21.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0d71b1f9bb2c1439edff9c640fedc7e649eeaa3a1d5b5b08199a6877b3328a71
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d728ad254c91b2c39129194f45466e21.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44544
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1663587528796173"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 22 Sep 2022 18:31:25 GMT
41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
d3plfjw9uod7ab.cloudfront.net/ad/ Frame 9021 		97 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3plfjw9uod7ab.cloudfront.net/ad/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Requested by
Host: d728ad254c91b2c39129194f45466e21.safeframe.googlesyndication.com
URL: https://d728ad254c91b2c39129194f45466e21.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:7000:13:a391:88c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3936ef1c8f1732c0c04810760b747102dd4431bcc37689c27196de5d030ba858

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d728ad254c91b2c39129194f45466e21.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id
PidISEiOP90R_913dwkQ2_.B_dtaRt0p
content-encoding
br
last-modified
Thu, 14 Jul 2022 18:51:22 GMT
server
AmazonS3
age
4572
etag
W/"988ed904fe9935453a894f009ac11cc0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 89e34e3fd814f1393ef77867b93dd12e.cloudfront.net (CloudFront)
cache-control
max-age=7200, public
date
Thu, 22 Sep 2022 17:15:11 GMT
x-amz-cf-pop
FRA56-P4
x-amz-cf-id
u3HEETEjal6EtPTLqJhO7fLdZaNKuHOBP2b1bNnNRcnc9u5nS7flDQ==
adview
securepubads.g.doubleclick.net/pagead/ Frame 9021 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=Cq3fi-KksY-XZPLDK7_UPu7eUqArJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTMyMzg1NTUyMTg1ODg0MzmgAdW20uoDyAEJqQJRkiwkv3iwPuACAKgDAaoEjAJP0Mofhcty9SdKssCL--yyKdEEj07NcYmeTiMNaDF8KIlSN45dcYgbb8oo7GbkW-5o2cDA6R8f-bpIAdjAcy4PypA0GdKnhcEa6uO-R8ck951VHojpHAR4BUcuyy3R2gQdy8n8SSTH-qwsYUdcnKUeuXlbvy96hmbTl0XdZxYFUXv9LVQDGerg304JhaDHZOjil4o-eOpJR0NH8u0qLSZtf-cCffFmmvGdgXASr9gf6ciQTG69A8m5nXP03TQqjxRFHwihpRjkFOvNSJGXZaJOe2GKugYLbM4bWMowFRCe0kkkT1sUFnFI5QDazBdGXBlUTXeMbKvelSVTS-xUI6rtESbqdo0C6wsDtm1H4AQBgAaWmt3Y0N-Y5osBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YBwEAEyAusCOgKAQIAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi0zMjM4NTU1MjE4NTg4NDM5GLGzDA&sigh=-IGJ8U-9ubI&uach_m=[UACH]&cid=CAQSOwCsnQUxDtU3dJXiZ_PS1kdyhLwxIxCuCh1UjgbqBZbX5D9xaqe-WqGQJFtL_kmg7AJjryIBr8_N0L0rGAE
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d728ad254c91b2c39129194f45466e21.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers
notify
rtb.nl.eu.criteo.com/google/auction/ Frame 9021 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=k5C6Eu-UWKwCZJ2DYgICAAAADAsh5-b0ABezYYIJ0TkUqBD5qSxjnRr9TzsOQZZChtMAEgAA&wp=Yyyp-AAPLOUIu-UwAAUbuxe_kjS-X3qD5Pr_xQ
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d728ad254c91b2c39129194f45466e21.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:22 GMT
server
Kestrel
server-processing-duration-in-ticks
153398
content-length
0
strict-transport-security
max-age=31536000; preload;
afr.php
ads.eu.criteo.com/delivery/r/ Frame 6E1E 		123 KB
42 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=Yyyp-AAPLOUIu-UwAAUbuxe_kjS-X3qD5Pr_xQ&u=%7ChIUXIrGDpJK759hFcJIrfPzCzTrExvh6vYUvpezIPF0%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNy44cDHK1QYNdJ71gdyCWvylMYxXMLCj4fODidRdwMR55tQ-B9hy0g4MQ3Y2uLD3JJ7lEKfzn4aGxZFJgNB2TpNcNBw4A1xZ6hsv-V10fUCPEi72bbOVQPHldwVW2uHxuCq4e4SNc2fb-DRN3AaoZ3PFtmUBb1kM79_wXOVk_cQc8ypAxD1Qv-jcaGvgyYe7flx0YZ7PFy5sHXBjw4zHU8jjmfgHAGfFlq0_eyR1Ln5PnpOt1-gog_Y7efWSSEAW82QmtxSFvyIcgpTHMcqqX9FI60hyHP8fXPxib_s4coQ-SmlYTtxG3t6gKs-swQyhBBEUql04uvN1p2xmq66EnPlkmcSa0QEXwcZjcejqt3NxUD9I1LYt9J9Nv-uT5caTYeLczIGXGeKhTLxb5ujisZqW7X-YDmA3npTW6ewAKP8ktrCQBc71UgBzNEgqBKS9LS1UIPs2QsxOuu_EtiHsu3nKbGiPMxiNFSnMPUNpIusmw_-S9pH5KCrdbAVYQzHykxHH-iGKz8sEAangpklUbp5n5XzAhB2E4KApbU8SJhFvSzz5aqsVC11ANz6IDFNOr3RD-BCn7cAiFhf6ZfDVq3IglhWwx37exlo2n1S4bE3o7LJpZhWhZdQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCLlUY-KksY-XZPLDK7_UPu7eUqArJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTMyMzg1NTUyMTg1ODg0MzmgAdW20uoDyAEJqQJRkiwkv3iwPuACAKgDAaoEjwJP0Mofhcty9SdKssCL--yyKdEEj07NcYmeTiMNaDF8KIlSN45dcYgbb8oo7GbkW-5o2cDA6R8f-bpIAdjAcy4PypA0GdKnhcEa6uO-R8ck951VHojpHAR4BUcuyy3R2gQdy8n8SSTH-qwsYUdcnKUeuXlbvy96hmbTl0XdZxYFUXv9LVQDGerg304JhaDHZOjil4o-eOpJR0NH8u0qLSZtf-cCffFmmvGdgXASr9gf6ciQTG69A8m5nXP03TQqjxRFHwihpRjkFOvNSJGXZaJOe2GKugYLbM4bWMowFRCe0kkkT1sUFjNKxJJdQ4tV44VA7qexylPXgS_lQcJMoR4lLIAYyZMu846pMn74Zjh24AQBgAaWmt3Y0N-Y5osBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YBwEAEyAusCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0q2SxgFUiv9khkeoSN-tKeMIVBVw%26client%3Dca-pub-3238555218588439%26adurl%3D
Requested by
Host: d728ad254c91b2c39129194f45466e21.safeframe.googlesyndication.com
URL: https://d728ad254c91b2c39129194f45466e21.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::b , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
5ab1e1aa0c56753c21741b385ad4ceea5e19afff3298fb0a98d17eb60cff7e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://d728ad254c91b2c39129194f45466e21.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Thu, 22 Sep 2022 18:31:22 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=CpjZ3NsDNmC2JH9rFX7NDz55zDmQUcZtLU4z9xWoYeDbIcuURKtU_bqYgUxKTnbe7RaZtVkZgQMcGUThddSRm-wKXARUzcT_60klW4bNty_iFnfIF7x6ikZbjyMXo039y3Fi8hgqQtKnOnjvC7TQNnWITXrNk73sSyZAIn4znGeSl85ZcCcefCnT33AwmgLlWi68-AoapIyxaHENXnwGvTN3YO1eE2VdWmzlVUBZ1GhlFnYfLkz6c3PonfcfFm8znpyRTlN8NjktkEbe"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
112962358
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220919/r20110914/client/ Frame 9021 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220919/r20110914/client/window_focus_fy2021.js
Requested by
Host: d728ad254c91b2c39129194f45466e21.safeframe.googlesyndication.com
URL: https://d728ad254c91b2c39129194f45466e21.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d728ad254c91b2c39129194f45466e21.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:24:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
428
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 06 Oct 2022 18:24:14 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220919/r20110914/client/ Frame 9021 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220919/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: d728ad254c91b2c39129194f45466e21.safeframe.googlesyndication.com
URL: https://d728ad254c91b2c39129194f45466e21.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
343e8bb1ac79eaf674b71ae9b5da8696724016649576600cdeaf11b69704ea40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d728ad254c91b2c39129194f45466e21.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:26:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
308
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7568
x-xss-protection
0
server
cafe
etag
16266204680973569043
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 06 Oct 2022 18:26:14 GMT
l
www.google.com/ads/measurement/ Frame 9021 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQjFMNDlrHCoO2AOjxxgJOh9QA-2f2qnm8Kg4XZk6HHKLy92EAU6pcgOWIWYhHnliF8CNCP
Requested by
Host: d728ad254c91b2c39129194f45466e21.safeframe.googlesyndication.com
URL: https://d728ad254c91b2c39129194f45466e21.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d728ad254c91b2c39129194f45466e21.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 9021 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: d728ad254c91b2c39129194f45466e21.safeframe.googlesyndication.com
URL: https://d728ad254c91b2c39129194f45466e21.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d728ad254c91b2c39129194f45466e21.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 07:13:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
127088
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 21 Sep 2023 07:13:14 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 9021 		140 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: d728ad254c91b2c39129194f45466e21.safeframe.googlesyndication.com
URL: https://d728ad254c91b2c39129194f45466e21.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0d71b1f9bb2c1439edff9c640fedc7e649eeaa3a1d5b5b08199a6877b3328a71
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d728ad254c91b2c39129194f45466e21.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44544
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1663587528796173"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 22 Sep 2022 18:31:25 GMT
41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
d3plfjw9uod7ab.cloudfront.net/ad/ Frame 2938 		97 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3plfjw9uod7ab.cloudfront.net/ad/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Requested by
Host: d728ad254c91b2c39129194f45466e21.safeframe.googlesyndication.com
URL: https://d728ad254c91b2c39129194f45466e21.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:7000:13:a391:88c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3936ef1c8f1732c0c04810760b747102dd4431bcc37689c27196de5d030ba858

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d728ad254c91b2c39129194f45466e21.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id
PidISEiOP90R_913dwkQ2_.B_dtaRt0p
content-encoding
br
last-modified
Thu, 14 Jul 2022 18:51:22 GMT
server
AmazonS3
age
4572
etag
W/"988ed904fe9935453a894f009ac11cc0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 89e34e3fd814f1393ef77867b93dd12e.cloudfront.net (CloudFront)
cache-control
max-age=7200, public
date
Thu, 22 Sep 2022 17:15:11 GMT
x-amz-cf-pop
FRA56-P4
x-amz-cf-id
ESA7ksXDwFysTxqlg572avPE4XJNWV1-U-K5W3w9ZWxf7BO8Kg4Cnw==
adview
securepubads.g.doubleclick.net/pagead/ Frame 2938 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C5xyv-KksY-nZPLDK7_UPu7eUqArJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTMyMzg1NTUyMTg1ODg0MzmgAdW20uoDyAEJqQJRkiwkv3iwPuACAKgDAaoEkwJP0C6ySL7s-LjAmx1VXuYarmCKyi83AH_FGEmZ-4PVCRf1G_bJvPeeAMXpbc_TycCpFZzV1lUEDnCSe5Zef5NXIYQ254EpqWCMWHmrGw0kS0ixYw5W5lNI9gzrO4EAJe9N9Hza1BZLUhO4IbuLZ8DI-WbdBWpzfbDmDVmf5KodQh-KGNfsutxa2ITg5d8YLSGi2pX7pQX3aY1PDwKCnDmkpALHnuV_kcSrUae_9CmkbtWIA08rf3PK317-22E3wcHAQgl3T3XAVwvklEiLYsrhbRV7mDI7gkxyajh3wVonas8rg0U5DuzXD-IdLrK6FiQf7TFOMhWNfhX3wGzYiXzkx0Oc-tQ8NRrbrCTZx6bShmX0--AEAYAGj_aIluyviaSkAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAcBABMgLrAjoCgECACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItMzIzODU1NTIxODU4ODQzORixsww&sigh=V5jFbHLZPvw&uach_m=[UACH]&cid=CAQSOwCsnQUxDtU3dJXiZ_PS1kdyhLwxIxCuCh1UjgbqBZbX5D9xaqe-WqGQJFtL_kmg7AJjryIBr8_N0L0rGAE
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d728ad254c91b2c39129194f45466e21.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers
notify
rtb.nl.eu.criteo.com/google/auction/ Frame 2938 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=k9LMCfiUWNgFWp2DYgICAAAAF5jnr6Ma0i2zYYIJ0TkUqBD4qSxjLYBEhaMNPoV-pt0AEgAA&wp=Yyyp-AAPLOkIu-UwAAUbu3KcBS0Ool-dONwgjQ
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d728ad254c91b2c39129194f45466e21.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:22 GMT
server
Kestrel
server-processing-duration-in-ticks
311717
content-length
0
strict-transport-security
max-age=31536000; preload;
afr.php
ads.eu.criteo.com/delivery/r/ Frame 9781 		156 KB
49 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=Yyyp-AAPLOkIu-UwAAUbu3KcBS0Ool-dONwgjQ&u=%7ChIUXIrGDpJIglTT91dladBEXYD9pJZ8Qq6ERhbBffsg%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNy44cDHK1QYNdJ71gdyCWvylMYxXMLCj4fODidRdwMR55tQ-B9hy0g1QCKGju0TMFrgLV7AJgRHBH_AV6w0tnRtraPfdmSHY4VtN0I-eUNMs4nmiqSNt0Ts_20On4dI7aNaxYBPLA60J-6UxxkNxuhC38fb3U0ZCgJ0I0lHbkVJmerFFOwRPGKj2DC9iI2OuMncSNa0RkdE9lg1H4-4LSHFfJodqv7ikBsyJVJNvN7ASwCYgQSBlRti6kuaBc_SXWrpK3TGJnSx2HqthwaHqXkqZr8RcTVeGGL0AMWqxUmceE0TDDDz7jTnLaMa7SWSI1_x0ENiGdp53cFyATf44fQQCpnRxVvL4J6CDI2JWCOGZtbOjIsiBL3CBMA-wr2iIeDPvGnHpd5hoVXAtr4sWayze4JKvxHxdzFhvdri-dDbNS-vXLfGuircLDmvUcU3_Dths2MS3qp1syIk4N41T8U2RoanX40iS7uUovmDK3p6ZsjiM8t0fKPotZs-ekcy3ZrEMRP5mtwWoiukwzVdwd0Ytql7kAdbph9Q91kaUwH1vsE9iyx7F96qdOOdNhG6P2Ps85fCzoZxBuOf6VVaq-A8ehIrGgm_Xz9Ltfgx5_S_GD13liMl1IgQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCGRhB-KksY-nZPLDK7_UPu7eUqArJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTMyMzg1NTUyMTg1ODg0MzmgAdW20uoDyAEJqQJRkiwkv3iwPuACAKgDAaoElgJP0C6ySL7s-LjAmx1VXuYarmCKyi83AH_FGEmZ-4PVCRf1G_bJvPeeAMXpbc_TycCpFZzV1lUEDnCSe5Zef5NXIYQ254EpqWCMWHmrGw0kS0ixYw5W5lNI9gzrO4EAJe9N9Hza1BZLUhO4IbuLZ8DI-WbdBWpzfbDmDVmf5KodQh-KGNfsutxa2ITg5d8YLSGi2pX7pQX3aY1PDwKCnDmkpALHnuV_kcSrUae_9CmkbtWIA08rf3PK317-22E3wcHAQgl3T3XAVwvklEiLYsrhbRV7mDI7gkxyajh3wVonas8rg0U5DuzXD-IdLrL4FAWNar7SIaoRarYn_coggGjucUmy4laI_Sd9XpvH675XLOHnRB4_ReAEAYAGj_aIluyviaSkAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAcBABMgLrAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0Ntpq278oR3lEOV3kZoJmoTG-uBA%26client%3Dca-pub-3238555218588439%26adurl%3D
Requested by
Host: d728ad254c91b2c39129194f45466e21.safeframe.googlesyndication.com
URL: https://d728ad254c91b2c39129194f45466e21.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::b , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
2dbf38d330768f22c5cd332207d1b4e646662477392c812aec3c253520a89b80
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://d728ad254c91b2c39129194f45466e21.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Thu, 22 Sep 2022 18:31:22 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=HpH__NsDNmC2JH9rCFkitnK7G9zTjIxgJeYxvDCe3NikEf-HXh_9YKqTLiuItYVFKgJTJDte9MOy7UnAtAFpDFN5AJQj-neLXeqEpM5RRmSkq-F3FiBhVpC_tf2d7pJbzluQe9aX3SfQls0-SjSWiUtDtHTO9hknOx7k8s7c6R5Bg11xfYLT-HAq1ySTEtCWy3RtUH2bakEEGF3ZCB0JJTR56_TICXwHud9etP_X97527Xln2D8UE-ETdCntUuxAKrypsw"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
133177407
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220919/r20110914/client/ Frame 2938 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220919/r20110914/client/window_focus_fy2021.js
Requested by
Host: d728ad254c91b2c39129194f45466e21.safeframe.googlesyndication.com
URL: https://d728ad254c91b2c39129194f45466e21.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d728ad254c91b2c39129194f45466e21.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:24:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
428
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 06 Oct 2022 18:24:14 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220919/r20110914/client/ Frame 2938 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220919/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: d728ad254c91b2c39129194f45466e21.safeframe.googlesyndication.com
URL: https://d728ad254c91b2c39129194f45466e21.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
343e8bb1ac79eaf674b71ae9b5da8696724016649576600cdeaf11b69704ea40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d728ad254c91b2c39129194f45466e21.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:26:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
308
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7568
x-xss-protection
0
server
cafe
etag
16266204680973569043
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 06 Oct 2022 18:26:14 GMT
l
www.google.com/ads/measurement/ Frame 2938 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRkLuj7Gby8jeqoLm5Q2rbPKHJi9K6IIHu9ZC64M2w-3VtGfcdi7PJDSvjkbys59FKsJUWp
Requested by
Host: d728ad254c91b2c39129194f45466e21.safeframe.googlesyndication.com
URL: https://d728ad254c91b2c39129194f45466e21.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d728ad254c91b2c39129194f45466e21.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 2938 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: d728ad254c91b2c39129194f45466e21.safeframe.googlesyndication.com
URL: https://d728ad254c91b2c39129194f45466e21.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d728ad254c91b2c39129194f45466e21.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 07:13:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
127088
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 21 Sep 2023 07:13:14 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 2938 		140 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: d728ad254c91b2c39129194f45466e21.safeframe.googlesyndication.com
URL: https://d728ad254c91b2c39129194f45466e21.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0d71b1f9bb2c1439edff9c640fedc7e649eeaa3a1d5b5b08199a6877b3328a71
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d728ad254c91b2c39129194f45466e21.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44544
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1663587528796173"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 22 Sep 2022 18:31:25 GMT
41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
d3plfjw9uod7ab.cloudfront.net/ad/ Frame C871 		97 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3plfjw9uod7ab.cloudfront.net/ad/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Requested by
Host: d728ad254c91b2c39129194f45466e21.safeframe.googlesyndication.com
URL: https://d728ad254c91b2c39129194f45466e21.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:7000:13:a391:88c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3936ef1c8f1732c0c04810760b747102dd4431bcc37689c27196de5d030ba858

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d728ad254c91b2c39129194f45466e21.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id
PidISEiOP90R_913dwkQ2_.B_dtaRt0p
content-encoding
br
last-modified
Thu, 14 Jul 2022 18:51:22 GMT
server
AmazonS3
age
4572
etag
W/"988ed904fe9935453a894f009ac11cc0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 89e34e3fd814f1393ef77867b93dd12e.cloudfront.net (CloudFront)
cache-control
max-age=7200, public
date
Thu, 22 Sep 2022 17:15:11 GMT
x-amz-cf-pop
FRA56-P4
x-amz-cf-id
-qIg40ZSpSzelQTMdVJCOUalKlPymzI0NdFe21w06DJGgMUsE_qzzA==
adview
securepubads.g.doubleclick.net/pagead/ Frame C871 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CvvGX-KksY-vZPLDK7_UPu7eUqArJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTMyMzg1NTUyMTg1ODg0MzmgAdW20uoDyAEJqQJRkiwkv3iwPuACAKgDAaoElwJP0GMtPfwPFcfwgrcF14hVtttrdBm4ayu5gghJueZFX9_KOV8XuEEsUSR5U9IeKAizuJzRjA2JAJvmITiNDutMvFEeKOUhyUlm7J9Ptkb270A9UnEyBrqWNZt42_DTls1VJQ436PXJmXQV9M2_x1QFtNwyUzyPpwaGxKy1OoCh4j4tLZ9MbmWVZlg10xCkMVbbg1f_8vWsukW2_rSsjNX0d0Xdar1Pe6IgjW_dsO2Ny2ivgWX7YlpZ-lOHlB8Vgf-1dpGB6iRPslOJOxtWRAL9B6EzD5bzkcMhLdtf3WeF-JX8KJn8eABjPdojp3NPcvJUqWYy8XJ30msGhF1BzXB_GVxTQlBnQ0FkN4KoVx4J2O4AlQmIPtLgBAGABuv1oOjThojk4QGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgHAQATIC6wI6AoBAgAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTMyMzg1NTUyMTg1ODg0MzkYsbMM&sigh=vPpb2Y_hXQk&uach_m=[UACH]&cid=CAQSOwCsnQUxDtU3dJXiZ_PS1kdyhLwxIxCuCh1UjgbqBZbX5D9xaqe-WqGQJFtL_kmg7AJjryIBr8_N0L0rGAE
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d728ad254c91b2c39129194f45466e21.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers
notify
rtb.fr.eu.criteo.com/google/auction/ Frame C871 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.fr.eu.criteo.com/google/auction/notify?profile=14&payload=k7WUEu-UWKwCZJ2DYgICAAAAQd8daMt4uRKzYYIJ0TkUqBD4qSxjyPB2GtkOu7IYznMAEgAA&wp=Yyyp-AAPLOsIu-UwAAUbuzfaEK0lLx-rdBQm-w
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d728ad254c91b2c39129194f45466e21.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:22 GMT
server
Kestrel
server-processing-duration-in-ticks
280054
content-length
0
strict-transport-security
max-age=31536000; preload;
afr.php
ads.eu.criteo.com/delivery/r/ Frame 2AC4 		117 KB
42 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=Yyyp-AAPLOsIu-UwAAUbuzfaEK0lLx-rdBQm-w&u=%7ChIUXIrGDpJKs%2BNQhCogTOVXt6NMGZn2MLqy7hzamzrA%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrGxHd21mMpxNh6ptbvoFGr5-taiijmDVNfEog-pHxa6wvg-tUOFnI36QG0DZhqQiWFLzK9PeXkRUnRcJnQGiAJN1oUKXq_0FiTwIkyB5pawzTsYyrVn4RaACGKq-geHHNBGwUeH42rbtlPUycZCimCT4WrjS_nVwovPqf-iMMZzU6kUYCdOTqtTvbFFQlxGXW-RoNdmKRIy_YWCcgNzIKbBUp0Br_k1CuvilQJ2gWk88N1lz-3TcnzkAMF6A6Tg0Crnu1dFcVaCfIIOncAIm-H5BN2h9qdMHiE7-0_x-1lU2v7HgXPizZPO61sDpdSq8QvSKo0z4Tz0Mxip6UfJCOomN0tMaLH0NaND0mETmaHrbpTnGLpuFSCarUhywpv-C8vKHNt1wpOoIocV6zmPp-QPfkue6YU6dDTW-6F48TKA71R8SBZo_2cFVi2Mnp2oyrFBRhbGXitC7T1e963VNEP4lxtli_GfeCFlYbR2P3XiE5RizYasXEgzJ9AY6qbL6Fnggr9OTQFOU6rY-Xlb5mK8tT2GzWxDivHNUUIoENXQFRi9xDx_8pEoD2noMFIsxddScxQyzotCyIVMNa0prenBtUbtfGYMnQqoD771xYSDQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9evf-KksY-vZPLDK7_UPu7eUqArJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTMyMzg1NTUyMTg1ODg0MzmgAdW20uoDyAEJqQJRkiwkv3iwPuACAKgDAaoEmgJP0GMtPfwPFcfwgrcF14hVtttrdBm4ayu5gghJueZFX9_KOV8XuEEsUSR5U9IeKAizuJzRjA2JAJvmITiNDutMvFEeKOUhyUlm7J9Ptkb270A9UnEyBrqWNZt42_DTls1VJQ436PXJmXQV9M2_x1QFtNwyUzyPpwaGxKy1OoCh4j4tLZ9MbmWVZlg10xCkMVbbg1f_8vWsukW2_rSsjNX0d0Xdar1Pe6IgjW_dsO2Ny2ivgWX7YlpZ-lOHlB8Vgf-1dpGB6iRPslOJOxtWRAL9B6EzD5bzkcMhLdtf3WeF-JX8KJn8eABjPdojp3NPcvJU62QTY_X4Tni5GEniHU3Z4VVHSOZtbVnmg0qV8ey2xsIYEKMMLW2rs5jgBAGABuv1oOjThojk4QGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgHAQATIC6wI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0QiN2AxmuZc7TwqL_FL7RXFI5oEQ%26client%3Dca-pub-3238555218588439%26adurl%3D
Requested by
Host: d728ad254c91b2c39129194f45466e21.safeframe.googlesyndication.com
URL: https://d728ad254c91b2c39129194f45466e21.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::b , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
934d098f24bdcb143e9f4e6d9e4e354510ed399f2bdceeae1d65c77feaafeaaa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://d728ad254c91b2c39129194f45466e21.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Thu, 22 Sep 2022 18:31:22 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=7RQccNsDNmC2JH9r3XHahfMgtrpe9WGr9gHclvnrzOMsHkhyGCnECHRbrmw9wQXz8FuAAR7SSzFnwRRc7QUhk8VWiWxOJiJJilBKtOCB2HEH8NnYKPCMRtkNbcCBDZJhjS-WvnwtnA0lyosWFJz5ct3qFJKkObWwMSC6L8m3pumfxk2Vs9OdyrvZOd-qKo2shq-521Z7qT1VRKpnctPoanA28kRsz1mVdQBDxbimxtZlyFNJBuCPiGNnpifrLHincMWQhg"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
80278612
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220919/r20110914/client/ Frame C871 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220919/r20110914/client/window_focus_fy2021.js
Requested by
Host: d728ad254c91b2c39129194f45466e21.safeframe.googlesyndication.com
URL: https://d728ad254c91b2c39129194f45466e21.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d728ad254c91b2c39129194f45466e21.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:24:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
428
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 06 Oct 2022 18:24:14 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220919/r20110914/client/ Frame C871 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220919/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: d728ad254c91b2c39129194f45466e21.safeframe.googlesyndication.com
URL: https://d728ad254c91b2c39129194f45466e21.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
343e8bb1ac79eaf674b71ae9b5da8696724016649576600cdeaf11b69704ea40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d728ad254c91b2c39129194f45466e21.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:26:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
308
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7568
x-xss-protection
0
server
cafe
etag
16266204680973569043
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 06 Oct 2022 18:26:14 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame C871 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: d728ad254c91b2c39129194f45466e21.safeframe.googlesyndication.com
URL: https://d728ad254c91b2c39129194f45466e21.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d728ad254c91b2c39129194f45466e21.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 07:13:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
127088
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 21 Sep 2023 07:13:14 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame C871 		140 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: d728ad254c91b2c39129194f45466e21.safeframe.googlesyndication.com
URL: https://d728ad254c91b2c39129194f45466e21.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0d71b1f9bb2c1439edff9c640fedc7e649eeaa3a1d5b5b08199a6877b3328a71
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d728ad254c91b2c39129194f45466e21.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44544
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1663587528796173"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 22 Sep 2022 18:31:25 GMT
41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
d3plfjw9uod7ab.cloudfront.net/ad/ Frame 4BE6 		97 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3plfjw9uod7ab.cloudfront.net/ad/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Requested by
Host: d728ad254c91b2c39129194f45466e21.safeframe.googlesyndication.com
URL: https://d728ad254c91b2c39129194f45466e21.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:7000:13:a391:88c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3936ef1c8f1732c0c04810760b747102dd4431bcc37689c27196de5d030ba858

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d728ad254c91b2c39129194f45466e21.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id
PidISEiOP90R_913dwkQ2_.B_dtaRt0p
content-encoding
br
last-modified
Thu, 14 Jul 2022 18:51:22 GMT
server
AmazonS3
age
4572
etag
W/"988ed904fe9935453a894f009ac11cc0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 89e34e3fd814f1393ef77867b93dd12e.cloudfront.net (CloudFront)
cache-control
max-age=7200, public
date
Thu, 22 Sep 2022 17:15:11 GMT
x-amz-cf-pop
FRA56-P4
x-amz-cf-id
gTiztpWmiN6oU954TZBuMzHPDBqM1U5J9JqX3-CF_kLBYzLW3m6Nlg==
adview
securepubads.g.doubleclick.net/pagead/ Frame 4BE6 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=Ce2pe-KksY-_ZPLDK7_UPu7eUqArJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTMyMzg1NTUyMTg1ODg0MzmgAdW20uoDyAEJqQJRkiwkv3iwPuACAKgDAaoEkQJP0IGe1f1aPfJuwKhBjEX4nlbcW60HbisKyMx0oJhOJsuTH0MuvTLCh6uS5cNmHXhSsgw3CX4ccRZFvQoRJT1t5FehBmHnfcyg1Czv7lpMXtghgn8rlXwZ6aUWLRKk94nRRjn2apw0SI98kOtvu7HcqtLMilbiXmEuVRqLMKbHWTPc6_Yl0gTSzCxV3dvqqFglnBMPDDjv_L1AZN1H_C6PJ58aTOyi-F368GCRffTa5NYexW_Z1CG0lA3UI9KBdAxaxIfZ7bn1o9l1AfL_XCTvCJc3W2-knBT49vvg5RO1W9LK90sAe0oPF3080yvokLpofs6EDYcq2rIBiJ5TeWcyaVb-c8DumLtB643yTCJLW-XgBAGABpaa3djQ35jmiwGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgHAQATIC6wI6AoBAgAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTMyMzg1NTUyMTg1ODg0MzkYsbMM&sigh=LrPimsx5bHw&uach_m=[UACH]&cid=CAQSOwCsnQUxDtU3dJXiZ_PS1kdyhLwxIxCuCh1UjgbqBZbX5D9xaqe-WqGQJFtL_kmg7AJjryIBr8_N0L0rGAE
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d728ad254c91b2c39129194f45466e21.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers
notify
rtb.fr.eu.criteo.com/google/auction/ Frame 4BE6 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.fr.eu.criteo.com/google/auction/notify?profile=14&payload=k5C6EvKUWKwC-gGdg2ICAgAAABuxxSJwI6pJs2GCCdE5FKgQ-KksY_vLUIAFCoRqFY6lABIAAA&wp=Yyyp-AAPLO8Iu-UwAAUbu6ATRCWZyvoag5SHug
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d728ad254c91b2c39129194f45466e21.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:22 GMT
server
Kestrel
server-processing-duration-in-ticks
254949
content-length
0
strict-transport-security
max-age=31536000; preload;
afr.php
ads.eu.criteo.com/delivery/r/ Frame FF42 		160 KB
50 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=Yyyp-AAPLO8Iu-UwAAUbu6ATRCWZyvoag5SHug&u=%7ChIUXIrGDpJLE91T41VdP1QqeHXE1ueDWpukZm9DeKWM%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANZE5PA-gwcExOc4fDdBFkrmfhkfAt6HIWmOd02SfG27iABCa-gZ4QnmR2GsviQVGam_af1ScQc3kOMOAwYRqJLyqucb5imnzI7qjQPWBQiJCzleM1PQX7_dq6Q5chDkCeP7nYFqajOQnv_oXgGArTbmN_HIyopxe2oW2gANA4IU1SxJscmLbdPuClTnoFFM5SjEVK9IwKEW5d9N2kIH0ZmDcvOChObf4HU0nOauCBlUZRppf2ihM3wTk3KEFo363oyoA3YHLL06ew-unYFH2iDSOw_0KlvUWGf89OgUdTGgjCv5rwG28GetA6aS5oRMjhBDy9TUgAgl6hXAXo6mB44Pt9vaR6QhFOGOHLSD_5YrrQBQuNQtbsqiQgrnancVjuTTVRcJwRAv3zPpUopyWu14YcwWOghBj5T-3MlhZjg69m3jd8DQB4Ch9s6TmRH4yJhEXLBMjIV13CGGmxMCQATfF4Vs4FitmXei9SpuO1SVD6U_cmbo3CIcOPtTS45ehtuRlSNcbgFPOS0G08FWtm1jciFrjHZ3tzllApI55K-Yz9_AbZdeJKHE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCSzQ2-KksY-_ZPLDK7_UPu7eUqArJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTMyMzg1NTUyMTg1ODg0MzmgAdW20uoDyAEJqQJRkiwkv3iwPuACAKgDAaoElAJP0IGe1f1aPfJuwKhBjEX4nlbcW60HbisKyMx0oJhOJsuTH0MuvTLCh6uS5cNmHXhSsgw3CX4ccRZFvQoRJT1t5FehBmHnfcyg1Czv7lpMXtghgn8rlXwZ6aUWLRKk94nRRjn2apw0SI98kOtvu7HcqtLMilbiXmEuVRqLMKbHWTPc6_Yl0gTSzCxV3dvqqFglnBMPDDjv_L1AZN1H_C6PJ58aTOyi-F368GCRffTa5NYexW_Z1CG0lA3UI9KBdAxaxIfZ7bn1o9l1AfL_XCTvCJc3W2-knBT49vvg5RO1W9LK90sAe0oPF308kSnJAj3n4t07kZOJCo-ncJdHc9E4R058xwjTPkn-9aHqyYjPSFq8FqPgBAGABpaa3djQ35jmiwGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgHAQATIC6wI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2S_66pDEEever9jLoLHtRIWF3m6A%26client%3Dca-pub-3238555218588439%26adurl%3D
Requested by
Host: d728ad254c91b2c39129194f45466e21.safeframe.googlesyndication.com
URL: https://d728ad254c91b2c39129194f45466e21.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::b , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
2e169f8349d7514970d4991a8b1fcd050f58a1a1d7fa04c9f1bdf6e33eca03e1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://d728ad254c91b2c39129194f45466e21.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Thu, 22 Sep 2022 18:31:22 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=JPqa1tsDNmC2JH9r_48Qnt2Cwk8lfpEEU1uuwevgowCqw1Tv8lR-MwTTt91p3JfOqpg1XWrcGO2udQCP7-33s82wOovGKC9XEqohFlwX1QDKW1uzuNHOsWu0JSUQTAo9BESxovgdXy4JnFyw1d40evDSukPEie7LB5l6mM2twEPIAxwUC8x_FSqT5hRU-V8-wI03Fcodp6aUUWjmwu72cracPNyP6IqVeDp2BiXC4ExGnnu_GD6V4HKzeY1YMOQ7afGO1g"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
125675055
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220919/r20110914/client/ Frame 4BE6 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220919/r20110914/client/window_focus_fy2021.js
Requested by
Host: d728ad254c91b2c39129194f45466e21.safeframe.googlesyndication.com
URL: https://d728ad254c91b2c39129194f45466e21.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d728ad254c91b2c39129194f45466e21.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:24:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
428
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 06 Oct 2022 18:24:14 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220919/r20110914/client/ Frame 4BE6 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220919/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: d728ad254c91b2c39129194f45466e21.safeframe.googlesyndication.com
URL: https://d728ad254c91b2c39129194f45466e21.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
343e8bb1ac79eaf674b71ae9b5da8696724016649576600cdeaf11b69704ea40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d728ad254c91b2c39129194f45466e21.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:26:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
308
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7568
x-xss-protection
0
server
cafe
etag
16266204680973569043
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 06 Oct 2022 18:26:14 GMT
l
www.google.com/ads/measurement/ Frame 4BE6 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaStSWgpjYjpm4iA6utrVybxe7EVF_SvGK-BGYoSUCyFUIFxZQQpZj2lWe_FVvvh5adFIIda
Requested by
Host: d728ad254c91b2c39129194f45466e21.safeframe.googlesyndication.com
URL: https://d728ad254c91b2c39129194f45466e21.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d728ad254c91b2c39129194f45466e21.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 4BE6 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: d728ad254c91b2c39129194f45466e21.safeframe.googlesyndication.com
URL: https://d728ad254c91b2c39129194f45466e21.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d728ad254c91b2c39129194f45466e21.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 07:13:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
127088
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 21 Sep 2023 07:13:14 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 4BE6 		140 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: d728ad254c91b2c39129194f45466e21.safeframe.googlesyndication.com
URL: https://d728ad254c91b2c39129194f45466e21.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0d71b1f9bb2c1439edff9c640fedc7e649eeaa3a1d5b5b08199a6877b3328a71
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d728ad254c91b2c39129194f45466e21.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44544
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1663587528796173"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 22 Sep 2022 18:31:25 GMT
41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
d3plfjw9uod7ab.cloudfront.net/ad/ Frame 4B86 		97 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3plfjw9uod7ab.cloudfront.net/ad/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Requested by
Host: d728ad254c91b2c39129194f45466e21.safeframe.googlesyndication.com
URL: https://d728ad254c91b2c39129194f45466e21.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:7000:13:a391:88c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3936ef1c8f1732c0c04810760b747102dd4431bcc37689c27196de5d030ba858

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d728ad254c91b2c39129194f45466e21.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id
PidISEiOP90R_913dwkQ2_.B_dtaRt0p
content-encoding
br
last-modified
Thu, 14 Jul 2022 18:51:22 GMT
server
AmazonS3
age
4572
etag
W/"988ed904fe9935453a894f009ac11cc0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 89e34e3fd814f1393ef77867b93dd12e.cloudfront.net (CloudFront)
cache-control
max-age=7200, public
date
Thu, 22 Sep 2022 17:15:11 GMT
x-amz-cf-pop
FRA56-P4
x-amz-cf-id
OE56wT7uUA37nj5pMy3Sk7QtQ264IlQpPBQobA-ZK5-oHSTaVCaEGg==
adview
securepubads.g.doubleclick.net/pagead/ Frame 4B86 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CTz25-KksY_DZPLDK7_UPu7eUqArJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTMyMzg1NTUyMTg1ODg0MzmgAdW20uoDyAEJqQJRkiwkv3iwPuACAKgDAaoEmQJP0HWI8UnqOGOv6n0_lc5AWvQHEOep17No4x2EuW89V39r-QhwPiqlz-Tldp0wyrXVAGrnrRTwkvvrAuYO0izMctkucGZPP3DcqE13QhJTOk9PZE9PW_py7nGlEWCof5HeJQYOML9qNMwqbgv3XoECuCrJNz-3PnUouWfGG_FRJrUdvlQm1TeWFohE5px04ewNVEMXTxAMOvXVjj1FWh1pYiFTGYTpbvgd3fIRSRUNA09bZLBlMhqTgIkDSxXZdxueKrY9EJ-SXuRwUL0Lf4fdO4LNVffs4c5cbIVv1c1GWtiO5cJSYu5kizVZLjtFCWxBBptBBg2RvwlyQpmojHu5odU4wLKKZr_-o1pPkkCTR49FMLbgR7UPYeAEAYAG6_Wg6NOGiOThAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAcBABMgLrAjoCgECACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItMzIzODU1NTIxODU4ODQzORixsww&sigh=VNhZ516KXQw&uach_m=[UACH]&cid=CAQSOwCsnQUxDtU3dJXiZ_PS1kdyhLwxIxCuCh1UjgbqBZbX5D9xaqe-WqGQJFtL_kmg7AJjryIBr8_N0L0rGAE
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d728ad254c91b2c39129194f45466e21.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers
notify
rtb.nl.eu.criteo.com/google/auction/ Frame 4B86 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=k7WUEvKUWKwC-gGdg2ICAgAAABuxxSJwI6pJs2GCCdE5FKgQ-KksY_k80BmDKwdmgjAnABIAAA&wp=Yyyp-AAPLPAIu-UwAAUbu4IGuQ-NwO_ih8iFfQ
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d728ad254c91b2c39129194f45466e21.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:22 GMT
server
Kestrel
server-processing-duration-in-ticks
219396
content-length
0
strict-transport-security
max-age=31536000; preload;
afr.php
ads.eu.criteo.com/delivery/r/ Frame 5CF7 		132 KB
46 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=Yyyp-AAPLPAIu-UwAAUbu4IGuQ-NwO_ih8iFfQ&u=%7ChIUXIrGDpJL6ACliD7asN7bF%2FtPdfLs3BxdlWUEBWhU%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy3nBR3pkar3jW9x1qp97j4VxsJ0frS2_wLdRBXhALqgDilxRAFHEEdI_JvtZc4hgvnhPqIP-IQMXIpmr0QWwpQTLcqY2ARHL-jzZ_VofujCAGeYp6ibKVLCjhxz68EIja199XyVD29nh9P2AlXuvysrnDpb2k0ErKNEpWr8lK7-XCv4kVcixdVFlNgWk2quHhEf2sUIi-0WWu58WPEPeWwWca29UwhQ2EG7msLe-cPckpeIF_1ky2sw9u2idVAqrOhuklMzLvG8PW7uz_3YxN0r-6WKHIPNEL2bugxhuD-OraOuFjRJRLQd1BmQ7Mm3g3fmMWpckUvIdeOxA8bd_DJIZi1MIHtICVwkxKTsDC3D6bFAkqpN0mYFoMElbs5KlGPfA-X-evXJCRflnm8zZerELqwQ-lpqEKtk6Bpef0Qnje1D2xmHi7J5DEVMvu6f4-EvAzYsgHCVEwwvx_1rLTpZZJffFi5VpBDDmavkDkonfKO2Z1XHT6sWIHfMGK4-WpYdjIPplipR0su_qss9fKKR7KVuWcKmvA3KzxA4mGaRzEHnqhSEeFIRxzNOtYlSMQTKj7Pg6YuJ9N77JhOnTmjY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCglD4-KksY_DZPLDK7_UPu7eUqArJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTMyMzg1NTUyMTg1ODg0MzmgAdW20uoDyAEJqQJRkiwkv3iwPuACAKgDAaoEnAJP0HWI8UnqOGOv6n0_lc5AWvQHEOep17No4x2EuW89V39r-QhwPiqlz-Tldp0wyrXVAGrnrRTwkvvrAuYO0izMctkucGZPP3DcqE13QhJTOk9PZE9PW_py7nGlEWCof5HeJQYOML9qNMwqbgv3XoECuCrJNz-3PnUouWfGG_FRJrUdvlQm1TeWFohE5px04ewNVEMXTxAMOvXVjj1FWh1pYiFTGYTpbvgd3fIRSRUNA09bZLBlMhqTgIkDSxXZdxueKrY9EJ-SXuRwUL0Lf4fdO4LNVffs4c5cbIVv1c1GWtiO5cJSYu5kizVZLjtFCWxBBpsDBCwDOIbuUSY0mNhpnHPAyaaA0LXQu9j7Wn01tTBbHK5l7TEc3sTb3uAEAYAG6_Wg6NOGiOThAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAcBABMgLrAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1s8A8x-l3C2aW9Kzq0nlvzaS2pTw%26client%3Dca-pub-3238555218588439%26adurl%3D
Requested by
Host: d728ad254c91b2c39129194f45466e21.safeframe.googlesyndication.com
URL: https://d728ad254c91b2c39129194f45466e21.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::b , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
6d3682f29a884e775dcaf87788e1e0c1677a70ef977542cc5729f3c5198a039d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://d728ad254c91b2c39129194f45466e21.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Thu, 22 Sep 2022 18:31:21 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=CadzB9sDNmC2JH9rQz-bjo7EgXlJU0Tsrf-dSoBPXXLCg7If8N4lsZsek-Ak6YC0bGwMYPQdf-pEE4G3Ps7HjLh8OWHcKtL2gNdaIz_Bcmc8d_8sRlK-R59eNQcIfUZcjahG9D5oSTxV-sGb-5zQflHPxli4yhymB2kxrfJVNzhDG0xpmOA5pFzt2coiuEoHAS2c2-eJODQnv2uxxjLsb0XN6D5C-78qXbXhppiX_mx-w1bDNOP_i7CkHJe7GDtj3kV73A"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
91535430
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220919/r20110914/client/ Frame 4B86 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220919/r20110914/client/window_focus_fy2021.js
Requested by
Host: d728ad254c91b2c39129194f45466e21.safeframe.googlesyndication.com
URL: https://d728ad254c91b2c39129194f45466e21.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d728ad254c91b2c39129194f45466e21.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:24:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
428
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 06 Oct 2022 18:24:14 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220919/r20110914/client/ Frame 4B86 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220919/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: d728ad254c91b2c39129194f45466e21.safeframe.googlesyndication.com
URL: https://d728ad254c91b2c39129194f45466e21.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
343e8bb1ac79eaf674b71ae9b5da8696724016649576600cdeaf11b69704ea40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d728ad254c91b2c39129194f45466e21.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:26:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
308
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7568
x-xss-protection
0
server
cafe
etag
16266204680973569043
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 06 Oct 2022 18:26:14 GMT
l
www.google.com/ads/measurement/ Frame 4B86 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSYA4CamK_ghjHJJQTXMJz4244nFzP9HJ-ELwH0rzx1WojdZDquQVMW264D6A2Ol1V_BHAB
Requested by
Host: d728ad254c91b2c39129194f45466e21.safeframe.googlesyndication.com
URL: https://d728ad254c91b2c39129194f45466e21.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d728ad254c91b2c39129194f45466e21.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 4B86 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: d728ad254c91b2c39129194f45466e21.safeframe.googlesyndication.com
URL: https://d728ad254c91b2c39129194f45466e21.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d728ad254c91b2c39129194f45466e21.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 07:13:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
127088
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 21 Sep 2023 07:13:14 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 4B86 		140 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: d728ad254c91b2c39129194f45466e21.safeframe.googlesyndication.com
URL: https://d728ad254c91b2c39129194f45466e21.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0d71b1f9bb2c1439edff9c640fedc7e649eeaa3a1d5b5b08199a6877b3328a71
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d728ad254c91b2c39129194f45466e21.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44544
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1663587528796173"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 22 Sep 2022 18:31:25 GMT
truncated
/ Frame 457F 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c67f294f5ae43267fd9ab4bfed7346b69c9581dcfb51d058d64a3ba202339780

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame 457F 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuoCwEBPEoGJw-tmqGe7qRucJUynx9ZvK8nfo5NKSXM1NSPoqiFwho4Fdn5Jz5d_tR273U5uckjO7ySHlwuXY6AuSbD6Ib0PpFi3VYlebb1iQTQ27uTl2Pe56A243NMVf2XVF_xyEmBGZPhgVxp4q99G3ymS40007hTUXHH-miVCt9iJOiGxDpfn8OaaFgJ26DlCz1G9aCeDAnSwsaqYg29lV0JSMZzdM0tpRJW25mxP-ywZBxNLng4hSTOknad-9AV_EGPsId241wShHjS93KVco4nmuC4OWguJHBz8_Yd6g2Yq8MCH7JCJMg16ognjDXKYZkX1hOmXLDZmd50N3Mx&sai=AMfl-YSl9fUdxUMbAFaGQSRrXGU2yVZwgUhGcjict-hLw7vxRPHG2-ZROnVWGVBvQHTNc-9wC5zutLxVUMF9bm4RTek4XosTEyiSn0uVE8juBVXJQaspib4FnQpa4IMjQA&sig=Cg0ArKJSzJAc6COZnNT-EAE&uach_m=[UACH]&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 22 Sep 2022 18:31:22 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Thu, 22 Sep 2022 18:31:22 GMT
truncated
/ Frame EA2D 		221 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ce0ec241bc51412fbaf5169a514f991cacf1a11d3860fe123cdeea422035f9ca

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame EA2D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstPYUOewCuN-ba0Qczpc0CDm1JG4_UlUZRrEWQMYtOD-OBEmeKLGro6ef9i4zUK8fw4WMfdBU3DvxI3zr_Ig7c3sV2V8OYD2589FhTKAFrSNc71Ru4uUa-hE2qqHR9-DNXR8120Meapc3tDuUSdXvv3oXHsRZ7-Cd10KPdZI5Rax7t0zyVT72HcpQ_uuB2HSdBDWSWVHnbit7kRF4ODj6yzZ3qSZKM5b7e5MGwR2wN2KSY_OvPXZoaP_mcQpHoWIKnH_TwpGpSqB238tiqoJUMr6hBkDCMPFe5DR5IWYux9N2oPVU3EYMGAHRVVmjvuY_HI54dQ5Nh5ZzU&sai=AMfl-YQ_--IXtqXu3UpJQx6mgEepfMFLe_O6-R2B2vM34FeXD4tBu02WlFnHljssxhYVppqxpW2OobE5BkibOhV8AsM9IFjwy80l_UkiFge_YbMV6n2hyfz6bWD6AeF99A&sig=Cg0ArKJSzF619t4vvl7qEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 22 Sep 2022 18:31:22 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Thu, 22 Sep 2022 18:31:22 GMT
822451e4-e028-4e2e-84ba-91b57095a3c3
https://www.staradvertiser.com/ Frame EA2D 		789 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.staradvertiser.com/822451e4-e028-4e2e-84ba-91b57095a3c3
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6bc4cd5be69f0c87c948ad881f4f72e4414b5e5166ba219b7a6b72f197b775ee

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Length
789
Content-Type
application/javascript
truncated
/ Frame 79CB 		218 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fc8b0df18d9f40b3999fe8e1343c2fbd3c2e1ec95220e8cb9c86b9adc347af7d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type
image/png
c86e9426-5eb5-48e3-833e-6eec96eb830c
https://www.staradvertiser.com/ Frame 457F 		789 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.staradvertiser.com/c86e9426-5eb5-48e3-833e-6eec96eb830c
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6bc4cd5be69f0c87c948ad881f4f72e4414b5e5166ba219b7a6b72f197b775ee

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Length
789
Content-Type
application/javascript
2fce373f-bb4d-4fc8-9b0e-ff71330dad03
https://www.staradvertiser.com/ Frame 79CB 		789 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.staradvertiser.com/2fce373f-bb4d-4fc8-9b0e-ff71330dad03
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6bc4cd5be69f0c87c948ad881f4f72e4414b5e5166ba219b7a6b72f197b775ee

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Length
789
Content-Type
application/javascript
1710p4s4p868n18sn0pqps224o506381-00001.ts
d29xw9s9x32j3w.cloudfront.net/videos/m3u8/300k/ 		463 KB
465 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://d29xw9s9x32j3w.cloudfront.net/videos/m3u8/300k/1710p4s4p868n18sn0pqps224o506381-00001.ts
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.145.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-145-10.cdg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fbdd4d922e6965b09f7cbea19f448b49623e79845e757f095e97a8aac72524e8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:24 GMT
via
1.1 3a19e7746bbbb8dd91ed586197497ae8.cloudfront.net (CloudFront)
x-amz-cf-pop
CDG50-C2
x-cache
Miss from cloudfront
x-amz-storage-class
REDUCED_REDUNDANCY
content-disposition
attachment
content-length
474512
last-modified
Thu, 22 Sep 2022 17:34:47 GMT
server
AmazonS3
etag
"f997cf20bf1fab6abbd1f32217427ffc"
vary
Origin
access-control-allow-methods
GET, HEAD, POST
content-type
video/mp2t
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin, Access-Control-Allow-Credentials
cache-control
max-age=86400
accept-ranges
bytes
x-amz-cf-id
bPtFsDpstUluNljErMJF9xjmgN6XFo7VU9xEl7AfYJbrfphyeQG4wQ==
truncated
/ Frame 03FE 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
941992c31d8925f9974df5c3982132ca2e44fba1c15833ca99291ccd68a69d2d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame C656 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0ae4c07a445aa90ad9f25db7265607c6eaf2654323e5693fd8be2b7e463d7dfe

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type
image/png
b0abf301-b1a6-4f3d-bdff-373cfa6c84ac
https://www.staradvertiser.com/ Frame 03FE 		789 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.staradvertiser.com/b0abf301-b1a6-4f3d-bdff-373cfa6c84ac
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6bc4cd5be69f0c87c948ad881f4f72e4414b5e5166ba219b7a6b72f197b775ee

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Length
789
Content-Type
application/javascript
5f72a382-ad4e-452c-b1a8-788b9f88b012
https://www.staradvertiser.com/ Frame C656 		789 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.staradvertiser.com/5f72a382-ad4e-452c-b1a8-788b9f88b012
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6bc4cd5be69f0c87c948ad881f4f72e4414b5e5166ba219b7a6b72f197b775ee

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Length
789
Content-Type
application/javascript
truncated
/ Frame 71C1 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7b9b6adaccf0249565da328b6d6f7b533c08d914757dd0a635193c33a7f183ce

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type
image/png
cace9377-c0a5-4041-a433-463a171b0a1f
https://www.staradvertiser.com/ Frame 71C1 		789 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.staradvertiser.com/cace9377-c0a5-4041-a433-463a171b0a1f
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6bc4cd5be69f0c87c948ad881f4f72e4414b5e5166ba219b7a6b72f197b775ee

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Length
789
Content-Type
application/javascript
pubads_impl_2022091901.js
securepubads.g.doubleclick.net/gpt/ Frame 954B 		379 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091901.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b64c070e33c73628d39ab223f17487bc8efb2944794231186aeef2c3e32f5288
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 10:32:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
287913
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131339
x-xss-protection
0
last-modified
Mon, 19 Sep 2022 08:34:51 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 19 Sep 2023 10:32:50 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ Frame 954B 		531 B
242 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.staradvertiser.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7feb35802dcde87fc102cc93bbf632931166012b837cf24ec881724537a0b489
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 22 Sep 2022 18:31:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
217
x-xss-protection
0
expires
Thu, 22 Sep 2022 18:31:23 GMT
134cd2a0-7eab-4f89-ad56-f416cc5743c6.js
df80k0z3fi8zg.cloudfront.net/files/instibid/ Frame 79CB 		353 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://df80k0z3fi8zg.cloudfront.net/files/instibid/134cd2a0-7eab-4f89-ad56-f416cc5743c6.js
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/ads-code/134cd2a0-7eab-4f89-ad56-f416cc5743c6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2251:6400:10:3422:3f00:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
535f71877713ee932cb8d5803d4130c058e2e5c75cc06cb42e4464e8950f542e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id
jeE1LiIwGrjDwvDGjmdWpF3qPmQFvHmZ
content-encoding
br
last-modified
Thu, 01 Sep 2022 16:52:33 GMT
server
AmazonS3
age
2206
etag
W/"5610ae8d909c7f9c9a83cdab2b46c719"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 231be1c97cc722fa08b64d21072ebfac.cloudfront.net (CloudFront)
date
Thu, 22 Sep 2022 17:54:38 GMT
x-amz-cf-pop
FRA60-P3
x-amz-cf-id
3H5o8dvSj1sbJx1BV_0gJ_ykYaJ6nh2upPsR99B1oEaHGEViNd8P5g==
tag.min.js
get.s-onetag.com/42a30fdd-c1da-4d85-ab06-c212412bd9ab/ Frame 79CB 		23 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://get.s-onetag.com/42a30fdd-c1da-4d85-ab06-c212412bd9ab/tag.min.js
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/ads-code/134cd2a0-7eab-4f89-ad56-f416cc5743c6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.64.79.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-64-79-103.txl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cbff952e8c47bf976906662ac210c3ae9aaf8e10820d404e8f760bc273bcb4fb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id
MzFJp_hCplumN12v7na.JL4ToSqQ7M.M
content-encoding
gzip
last-modified
Mon, 30 May 2022 15:16:46 GMT
server
AmazonS3
age
60303
etag
W/"32357f1c0de69779f4fedf3aeb29d83e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
via
1.1 e8b7a57aa46fb1a9d8006f334bd5efd0.cloudfront.net (CloudFront)
cache-control
max-age=86400
date
Thu, 22 Sep 2022 01:46:38 GMT
x-amz-cf-pop
TXL50-P2
x-amz-cf-id
qFdXsVWwpHaQ9NjYqN0DZn_93DqERjlL9CfQYj4QoW3MfxiLVTHCaQ==
config.js
confiant-integrations.global.ssl.fastly.net/Fseez_-nDyWQXIJsbnoKkKTHXC4/gpt_and_prebid/ Frame 79CB 		97 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://confiant-integrations.global.ssl.fastly.net/Fseez_-nDyWQXIJsbnoKkKTHXC4/gpt_and_prebid/config.js
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/ads-code/134cd2a0-7eab-4f89-ad56-f416cc5743c6.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5f7a1d5a6ba781ef51870c2e484f8a77f7b5c0aa94366f5fcc4bc290246a05ae

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Thu, 22 Sep 2022 18:31:23 GMT
Content-Encoding
gzip
Age
587
X-Cache
HIT
Connection
keep-alive
Content-Length
23126
x-amz-id-2
Y7pl1/SQAvAMEdMPCD+Nb+dDvnktzyEISbZPAaQBe2VdI5nnU4eSvYRqMynh7siTcp2bsOZZFKGOze/79M2nkw==
X-Served-By
cache-hhn4067-HHN
Last-Modified
Thu, 22 Sep 2022 18:01:15 GMT
Server
AmazonS3
X-Timer
S1663871483.223454,VS0,VE0
ETag
"d292b53da1384d3fa2cfd4cb618122ac"
x-amz-request-id
ZQ0EVPET8P254347
Via
1.1 varnish
Cache-Control
public, max-age=900, stale-while-revalidate=3600
Accept-Ranges
bytes
Content-Type
text/javascript
X-Cache-Hits
27
index.html
auth.instiengage.com/auth/ Frame 1AF7 		75 B
466 B 		Document
General
Check archive.org
Download Go to
Full URL
https://auth.instiengage.com/auth/index.html
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/ads-code/134cd2a0-7eab-4f89-ad56-f416cc5743c6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206e:7000:9:78a:e540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
32dcb7b5d0e79583353a56225e4d8097e004103102d584e245d1b96547f9948d

Request headers

Referer
https://www.staradvertiser.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
46
cache-control
max-age=300
content-length
75
content-type
text/html
date
Thu, 22 Sep 2022 18:31:19 GMT
etag
"2e3d17ce9023be2c1313c02113f5c568"
last-modified
Tue, 16 Aug 2022 12:46:45 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 d3e698ff6aa93657f45eda478b9496e0.cloudfront.net (CloudFront)
x-amz-cf-id
D4xWYkNohJlMrKVXImDWskH9Ifv4b5cGdNfgndeMdCWlY-oN0wp5WQ==
x-amz-cf-pop
VIE50-C1
x-amz-version-id
wwuA1teHfpxnNE1op.J6Ishi5Ug48nVr
x-cache
Hit from cloudfront
f6f3db87-13a2-4523-82bf-eebb764818ef.jpeg
storage.googleapis.com/ownlocal-platform-production/public/images/categories/300/ Frame 232F 		43 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://storage.googleapis.com/ownlocal-platform-production/public/images/categories/300/f6f3db87-13a2-4523-82bf-eebb764818ef.jpeg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
092c53b50ef01631c3b6a171fa30257a1461bfae98689d17d1b9b0b085daff04

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:22 GMT
age
1
x-guploader-uploadid
ADPycdv6TkpH2mjbLlzeWvloTgmG87t7ntsg5fj6q1H4p6CzdqME3JPjivbIjlNT4Por4JJOzHxaSJl82ymShvVCXxeK8w
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43652
last-modified
Thu, 15 Sep 2022 06:04:09 GMT
server
UploadServer
etag
"5bac1119edad18c5fb779e53f2a0f06c"
x-goog-hash
crc32c=yA3vCA==, md5=W6wRGe2tGMX7d55T8qDwbA==
x-goog-generation
1663221849373580
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=3600
x-goog-stored-content-length
43652
accept-ranges
bytes
content-type
image/jpeg
expires
Thu, 22 Sep 2022 19:31:22 GMT
134cd2a0-7eab-4f89-ad56-f416cc5743c6.js
df80k0z3fi8zg.cloudfront.net/files/instibid/ Frame C656 		353 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://df80k0z3fi8zg.cloudfront.net/files/instibid/134cd2a0-7eab-4f89-ad56-f416cc5743c6.js
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/ads-code/134cd2a0-7eab-4f89-ad56-f416cc5743c6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2251:6400:10:3422:3f00:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
535f71877713ee932cb8d5803d4130c058e2e5c75cc06cb42e4464e8950f542e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id
jeE1LiIwGrjDwvDGjmdWpF3qPmQFvHmZ
content-encoding
br
last-modified
Thu, 01 Sep 2022 16:52:33 GMT
server
AmazonS3
age
2206
etag
W/"5610ae8d909c7f9c9a83cdab2b46c719"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 231be1c97cc722fa08b64d21072ebfac.cloudfront.net (CloudFront)
date
Thu, 22 Sep 2022 17:54:38 GMT
x-amz-cf-pop
FRA60-P3
x-amz-cf-id
HVheLfJnaLmkAqfx0WGOI7JebcvkCSGwBbOrLnh6yGboXMET2kdV9Q==
tag.min.js
get.s-onetag.com/42a30fdd-c1da-4d85-ab06-c212412bd9ab/ Frame C656 		23 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://get.s-onetag.com/42a30fdd-c1da-4d85-ab06-c212412bd9ab/tag.min.js
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/ads-code/134cd2a0-7eab-4f89-ad56-f416cc5743c6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.64.79.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-64-79-103.txl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cbff952e8c47bf976906662ac210c3ae9aaf8e10820d404e8f760bc273bcb4fb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id
MzFJp_hCplumN12v7na.JL4ToSqQ7M.M
content-encoding
gzip
last-modified
Mon, 30 May 2022 15:16:46 GMT
server
AmazonS3
age
60303
etag
W/"32357f1c0de69779f4fedf3aeb29d83e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
via
1.1 e8b7a57aa46fb1a9d8006f334bd5efd0.cloudfront.net (CloudFront)
cache-control
max-age=86400
date
Thu, 22 Sep 2022 01:46:38 GMT
x-amz-cf-pop
TXL50-P2
x-amz-cf-id
S5O46VxnNjMiNS2LLW0v4429msuXAintr5W8dHkzuon0u3fI-Afo0Q==
config.js
confiant-integrations.global.ssl.fastly.net/Fseez_-nDyWQXIJsbnoKkKTHXC4/gpt_and_prebid/ Frame C656 		97 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://confiant-integrations.global.ssl.fastly.net/Fseez_-nDyWQXIJsbnoKkKTHXC4/gpt_and_prebid/config.js
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/ads-code/134cd2a0-7eab-4f89-ad56-f416cc5743c6.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5f7a1d5a6ba781ef51870c2e484f8a77f7b5c0aa94366f5fcc4bc290246a05ae

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Thu, 22 Sep 2022 18:31:23 GMT
Content-Encoding
gzip
Age
587
X-Cache
HIT
Connection
keep-alive
Content-Length
23126
x-amz-id-2
Y7pl1/SQAvAMEdMPCD+Nb+dDvnktzyEISbZPAaQBe2VdI5nnU4eSvYRqMynh7siTcp2bsOZZFKGOze/79M2nkw==
X-Served-By
cache-hhn4067-HHN
Last-Modified
Thu, 22 Sep 2022 18:01:15 GMT
Server
AmazonS3
X-Timer
S1663871483.307706,VS0,VE0
ETag
"d292b53da1384d3fa2cfd4cb618122ac"
x-amz-request-id
ZQ0EVPET8P254347
Via
1.1 varnish
Cache-Control
public, max-age=900, stale-while-revalidate=3600
Accept-Ranges
bytes
Content-Type
text/javascript
X-Cache-Hits
28
index.html
auth.instiengage.com/auth/ Frame A22C 		75 B
466 B 		Document
General
Check archive.org
Download Go to
Full URL
https://auth.instiengage.com/auth/index.html
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/ads-code/134cd2a0-7eab-4f89-ad56-f416cc5743c6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206e:7000:9:78a:e540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
32dcb7b5d0e79583353a56225e4d8097e004103102d584e245d1b96547f9948d

Request headers

Referer
https://www.staradvertiser.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
46
cache-control
max-age=300
content-length
75
content-type
text/html
date
Thu, 22 Sep 2022 18:31:19 GMT
etag
"2e3d17ce9023be2c1313c02113f5c568"
last-modified
Tue, 16 Aug 2022 12:46:45 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 d3e698ff6aa93657f45eda478b9496e0.cloudfront.net (CloudFront)
x-amz-cf-id
k5sAk1EanGG-DTUqwgBmBivG2X5MwfRm11GbqRr5KdsrDsB5bbnMcw==
x-amz-cf-pop
VIE50-C1
x-amz-version-id
wwuA1teHfpxnNE1op.J6Ishi5Ug48nVr
x-cache
Hit from cloudfront
log_event
www.youtube.com/youtubei/v1/ Frame 19D2 		28 B
54 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/64947e15/www-embed-player.vflset/www-embed-player.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
X-Goog-Request-Time
1663871483339
Content-Type
application/json
X-YouTube-Utc-Offset
0
X-YouTube-Client-Name
56
Referer
https://www.youtube.com/embed/videoseries?list=PL4hYTOAQ-Qk4ksml-4NKgz3JafpO-tfY-
X-YouTube-Client-Version
1.20220920.01.00
X-YouTube-Time-Zone
Etc/Unknown
X-Goog-Visitor-Id
CgtHaDFqdGZ0MFBIUSj207KZBg%3D%3D
X-YouTube-Ad-Signals
dt=1663871479386&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C299%2C181&vis=1&wgl=true&ca_type=image

Response headers

date
Thu, 22 Sep 2022 18:31:23 GMT
content-encoding
br
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
x-frame-options
SAMEORIGIN
vary
Origin, X-Origin, Referer
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31
x-xss-protection
0
expires
Thu, 22 Sep 2022 18:31:23 GMT
privacy_small.svg
static.criteo.net/flash/icon/ Frame E1BA 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yyyp-AAPLOQIu-UwAAUbuw6LzDfe00S78k6aZg&u=%7ChIUXIrGDpJLB33NFN%2B3rCXe2AtJekpDZuvl0gFCv2bk%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNy44cDHK1QYNdJ71gdyCWvylMYxXMLCj4fODidRdwMR55tQ-B9hy0g4MQ3Y2uLD3JJ7lEKfzn4aFBSnAzQtPDFlUCNVr5sGfcUGLidg4S-JIc8fkmU7t_3lDQ-7uQxz5KC1LVpZy0lTa47_eeDpJKgFIqyafXhv162gFLR43EChItsYynTLOrVYw7Xvntv1WZxGmwZA1EiEi2zVPGXSbK9GhrMGiMwJURESq7rVw--kcOCp7nieQq5XY1ZIpbKSVjSYozomh1w65iM4eXCeJp7G7V4FRP88_JQnm5cNer5kQaUNtQbVLysjqCDWd4GLZt6HIFEhmm8nIeSK6hGQgfU1oZ2-MfYrKAq4WWH_m9HYby1rekhU_OJXaYhFKP3DRpqYfQem3JtNGI3cvBXqg7sh1d8l7Jk7mlCT4BGh-Bkg_lmQ0IOCDdCCRpasPsxBL0-bCARgZ-Grtr32oZ9UMlssSMisy958bc-MCRG4d8elEigRpLbUZiebWfBMEjyiUqyyUyBCIthKQHlfnh85NMDMQCISVJSN3BD4oOt8T1UHUiEGwTJnQ-hNa56F65jt-tHGtnoDsdEURWYIc9zriXgjwdc1LIWe16WpZuQxQDnfg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCVk0s-KksY-TZPLDK7_UPu7eUqArJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTMyMzg1NTUyMTg1ODg0MzmgAdW20uoDyAEJqQJRkiwkv3iwPuACAKgDAaoEjwJP0BQWJUFwle9V2J5_nSXkGxeQ0xxITrODZatVfDrtmnz-S0nmjk9vH1hZcHBvUMaAIVglImsb8dvAtyRNXBDYMU0s0A4BCP79eD7G81qQwuZdKx6rfIvQk32vE26O7tH3OBbaLr96QO0dFTcqKyi6uN8XmgeUYbnCOT-ZWvdugNvn5uDZGG4g5pOXLORMIZFUcNQad6tiyVOLaL1kuIQC54FeyJPxJF26OEzndVFhzT1GitqFYvbSvejD78ayJ7TWBJXt5JfPw9UWt19tirIOmBlTHkFuBRFVsTqPJJp6CY14e_dVCskJOFYS1IFsq5w775NuhNgN_rgVrZmacAG2MgiEGlbtLkDQ27v3nDGP4AQBgAaWmt3Y0N-Y5osBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YBwEAEyAusCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3uVn_vXnUP5W6OXrQ1iFPoN9D3NQ%26client%3Dca-pub-3238555218588439%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:23 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 17 Sep 2023 18:31:23 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame E1BA 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yyyp-AAPLOQIu-UwAAUbuw6LzDfe00S78k6aZg&u=%7ChIUXIrGDpJLB33NFN%2B3rCXe2AtJekpDZuvl0gFCv2bk%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNy44cDHK1QYNdJ71gdyCWvylMYxXMLCj4fODidRdwMR55tQ-B9hy0g4MQ3Y2uLD3JJ7lEKfzn4aFBSnAzQtPDFlUCNVr5sGfcUGLidg4S-JIc8fkmU7t_3lDQ-7uQxz5KC1LVpZy0lTa47_eeDpJKgFIqyafXhv162gFLR43EChItsYynTLOrVYw7Xvntv1WZxGmwZA1EiEi2zVPGXSbK9GhrMGiMwJURESq7rVw--kcOCp7nieQq5XY1ZIpbKSVjSYozomh1w65iM4eXCeJp7G7V4FRP88_JQnm5cNer5kQaUNtQbVLysjqCDWd4GLZt6HIFEhmm8nIeSK6hGQgfU1oZ2-MfYrKAq4WWH_m9HYby1rekhU_OJXaYhFKP3DRpqYfQem3JtNGI3cvBXqg7sh1d8l7Jk7mlCT4BGh-Bkg_lmQ0IOCDdCCRpasPsxBL0-bCARgZ-Grtr32oZ9UMlssSMisy958bc-MCRG4d8elEigRpLbUZiebWfBMEjyiUqyyUyBCIthKQHlfnh85NMDMQCISVJSN3BD4oOt8T1UHUiEGwTJnQ-hNa56F65jt-tHGtnoDsdEURWYIc9zriXgjwdc1LIWe16WpZuQxQDnfg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCVk0s-KksY-TZPLDK7_UPu7eUqArJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTMyMzg1NTUyMTg1ODg0MzmgAdW20uoDyAEJqQJRkiwkv3iwPuACAKgDAaoEjwJP0BQWJUFwle9V2J5_nSXkGxeQ0xxITrODZatVfDrtmnz-S0nmjk9vH1hZcHBvUMaAIVglImsb8dvAtyRNXBDYMU0s0A4BCP79eD7G81qQwuZdKx6rfIvQk32vE26O7tH3OBbaLr96QO0dFTcqKyi6uN8XmgeUYbnCOT-ZWvdugNvn5uDZGG4g5pOXLORMIZFUcNQad6tiyVOLaL1kuIQC54FeyJPxJF26OEzndVFhzT1GitqFYvbSvejD78ayJ7TWBJXt5JfPw9UWt19tirIOmBlTHkFuBRFVsTqPJJp6CY14e_dVCskJOFYS1IFsq5w775NuhNgN_rgVrZmacAG2MgiEGlbtLkDQ27v3nDGP4AQBgAaWmt3Y0N-Y5osBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YBwEAEyAusCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3uVn_vXnUP5W6OXrQ1iFPoN9D3NQ%26client%3Dca-pub-3238555218588439%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:23 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 17 Sep 2023 18:31:23 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame E1BA 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yyyp-AAPLOQIu-UwAAUbuw6LzDfe00S78k6aZg&u=%7ChIUXIrGDpJLB33NFN%2B3rCXe2AtJekpDZuvl0gFCv2bk%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNy44cDHK1QYNdJ71gdyCWvylMYxXMLCj4fODidRdwMR55tQ-B9hy0g4MQ3Y2uLD3JJ7lEKfzn4aFBSnAzQtPDFlUCNVr5sGfcUGLidg4S-JIc8fkmU7t_3lDQ-7uQxz5KC1LVpZy0lTa47_eeDpJKgFIqyafXhv162gFLR43EChItsYynTLOrVYw7Xvntv1WZxGmwZA1EiEi2zVPGXSbK9GhrMGiMwJURESq7rVw--kcOCp7nieQq5XY1ZIpbKSVjSYozomh1w65iM4eXCeJp7G7V4FRP88_JQnm5cNer5kQaUNtQbVLysjqCDWd4GLZt6HIFEhmm8nIeSK6hGQgfU1oZ2-MfYrKAq4WWH_m9HYby1rekhU_OJXaYhFKP3DRpqYfQem3JtNGI3cvBXqg7sh1d8l7Jk7mlCT4BGh-Bkg_lmQ0IOCDdCCRpasPsxBL0-bCARgZ-Grtr32oZ9UMlssSMisy958bc-MCRG4d8elEigRpLbUZiebWfBMEjyiUqyyUyBCIthKQHlfnh85NMDMQCISVJSN3BD4oOt8T1UHUiEGwTJnQ-hNa56F65jt-tHGtnoDsdEURWYIc9zriXgjwdc1LIWe16WpZuQxQDnfg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCVk0s-KksY-TZPLDK7_UPu7eUqArJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTMyMzg1NTUyMTg1ODg0MzmgAdW20uoDyAEJqQJRkiwkv3iwPuACAKgDAaoEjwJP0BQWJUFwle9V2J5_nSXkGxeQ0xxITrODZatVfDrtmnz-S0nmjk9vH1hZcHBvUMaAIVglImsb8dvAtyRNXBDYMU0s0A4BCP79eD7G81qQwuZdKx6rfIvQk32vE26O7tH3OBbaLr96QO0dFTcqKyi6uN8XmgeUYbnCOT-ZWvdugNvn5uDZGG4g5pOXLORMIZFUcNQad6tiyVOLaL1kuIQC54FeyJPxJF26OEzndVFhzT1GitqFYvbSvejD78ayJ7TWBJXt5JfPw9UWt19tirIOmBlTHkFuBRFVsTqPJJp6CY14e_dVCskJOFYS1IFsq5w775NuhNgN_rgVrZmacAG2MgiEGlbtLkDQ27v3nDGP4AQBgAaWmt3Y0N-Y5osBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YBwEAEyAusCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3uVn_vXnUP5W6OXrQ1iFPoN9D3NQ%26client%3Dca-pub-3238555218588439%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:23 GMT
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Sun, 17 Sep 2023 18:31:23 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame E1BA 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yyyp-AAPLOQIu-UwAAUbuw6LzDfe00S78k6aZg&u=%7ChIUXIrGDpJLB33NFN%2B3rCXe2AtJekpDZuvl0gFCv2bk%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNy44cDHK1QYNdJ71gdyCWvylMYxXMLCj4fODidRdwMR55tQ-B9hy0g4MQ3Y2uLD3JJ7lEKfzn4aFBSnAzQtPDFlUCNVr5sGfcUGLidg4S-JIc8fkmU7t_3lDQ-7uQxz5KC1LVpZy0lTa47_eeDpJKgFIqyafXhv162gFLR43EChItsYynTLOrVYw7Xvntv1WZxGmwZA1EiEi2zVPGXSbK9GhrMGiMwJURESq7rVw--kcOCp7nieQq5XY1ZIpbKSVjSYozomh1w65iM4eXCeJp7G7V4FRP88_JQnm5cNer5kQaUNtQbVLysjqCDWd4GLZt6HIFEhmm8nIeSK6hGQgfU1oZ2-MfYrKAq4WWH_m9HYby1rekhU_OJXaYhFKP3DRpqYfQem3JtNGI3cvBXqg7sh1d8l7Jk7mlCT4BGh-Bkg_lmQ0IOCDdCCRpasPsxBL0-bCARgZ-Grtr32oZ9UMlssSMisy958bc-MCRG4d8elEigRpLbUZiebWfBMEjyiUqyyUyBCIthKQHlfnh85NMDMQCISVJSN3BD4oOt8T1UHUiEGwTJnQ-hNa56F65jt-tHGtnoDsdEURWYIc9zriXgjwdc1LIWe16WpZuQxQDnfg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCVk0s-KksY-TZPLDK7_UPu7eUqArJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTMyMzg1NTUyMTg1ODg0MzmgAdW20uoDyAEJqQJRkiwkv3iwPuACAKgDAaoEjwJP0BQWJUFwle9V2J5_nSXkGxeQ0xxITrODZatVfDrtmnz-S0nmjk9vH1hZcHBvUMaAIVglImsb8dvAtyRNXBDYMU0s0A4BCP79eD7G81qQwuZdKx6rfIvQk32vE26O7tH3OBbaLr96QO0dFTcqKyi6uN8XmgeUYbnCOT-ZWvdugNvn5uDZGG4g5pOXLORMIZFUcNQad6tiyVOLaL1kuIQC54FeyJPxJF26OEzndVFhzT1GitqFYvbSvejD78ayJ7TWBJXt5JfPw9UWt19tirIOmBlTHkFuBRFVsTqPJJp6CY14e_dVCskJOFYS1IFsq5w775NuhNgN_rgVrZmacAG2MgiEGlbtLkDQ27v3nDGP4AQBgAaWmt3Y0N-Y5osBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YBwEAEyAusCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3uVn_vXnUP5W6OXrQ1iFPoN9D3NQ%26client%3Dca-pub-3238555218588439%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:23 GMT
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Sun, 17 Sep 2023 18:31:23 GMT
lg.php
cat.fr.eu.criteo.com/delivery/ Frame E1BA 		43 B
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.fr.eu.criteo.com/delivery/lg.php?cppv=3&cpp=T8ZmQl2BjRQRrY6XY8YwGgkS0P4ALTdYXnx7mhX63L6wzr802kkeFx2wRw02CGAhfk0yfcuF6NzShso-_FlseQh98_xiE0FoB_yIzQU6rHUFdfqreniSKTL17ZQl5_rbs4ChIyhEnmK3OW4GUGAvNkgr2SKpZyMgpPNKn81hu7Fbi46A76S5jJluFuJK4gxKvOq91sgfeVwuKwQYu-CebD1rfmgsAUKktoO3dG_oM2eYZV-9IANnyqSX7SP01eIpbyKX0UbQSSI_orgMZaMA2VCvgp69_m318EhvoZLrBi47U0Nv16GdxRtaBvjCnJNiCPs4lCOjgVIWiwprJ8S7WCx8Je4yHIW8pt0scoEQoinVS5Eu1FpQx94SNnxvrt_K4fWAzLyMkhgpbjvg4aWMyoaRdnja-tO--rGgjWkoZBNAA-y6
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yyyp-AAPLOQIu-UwAAUbuw6LzDfe00S78k6aZg&u=%7ChIUXIrGDpJLB33NFN%2B3rCXe2AtJekpDZuvl0gFCv2bk%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNy44cDHK1QYNdJ71gdyCWvylMYxXMLCj4fODidRdwMR55tQ-B9hy0g4MQ3Y2uLD3JJ7lEKfzn4aFBSnAzQtPDFlUCNVr5sGfcUGLidg4S-JIc8fkmU7t_3lDQ-7uQxz5KC1LVpZy0lTa47_eeDpJKgFIqyafXhv162gFLR43EChItsYynTLOrVYw7Xvntv1WZxGmwZA1EiEi2zVPGXSbK9GhrMGiMwJURESq7rVw--kcOCp7nieQq5XY1ZIpbKSVjSYozomh1w65iM4eXCeJp7G7V4FRP88_JQnm5cNer5kQaUNtQbVLysjqCDWd4GLZt6HIFEhmm8nIeSK6hGQgfU1oZ2-MfYrKAq4WWH_m9HYby1rekhU_OJXaYhFKP3DRpqYfQem3JtNGI3cvBXqg7sh1d8l7Jk7mlCT4BGh-Bkg_lmQ0IOCDdCCRpasPsxBL0-bCARgZ-Grtr32oZ9UMlssSMisy958bc-MCRG4d8elEigRpLbUZiebWfBMEjyiUqyyUyBCIthKQHlfnh85NMDMQCISVJSN3BD4oOt8T1UHUiEGwTJnQ-hNa56F65jt-tHGtnoDsdEURWYIc9zriXgjwdc1LIWe16WpZuQxQDnfg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCVk0s-KksY-TZPLDK7_UPu7eUqArJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTMyMzg1NTUyMTg1ODg0MzmgAdW20uoDyAEJqQJRkiwkv3iwPuACAKgDAaoEjwJP0BQWJUFwle9V2J5_nSXkGxeQ0xxITrODZatVfDrtmnz-S0nmjk9vH1hZcHBvUMaAIVglImsb8dvAtyRNXBDYMU0s0A4BCP79eD7G81qQwuZdKx6rfIvQk32vE26O7tH3OBbaLr96QO0dFTcqKyi6uN8XmgeUYbnCOT-ZWvdugNvn5uDZGG4g5pOXLORMIZFUcNQad6tiyVOLaL1kuIQC54FeyJPxJF26OEzndVFhzT1GitqFYvbSvejD78ayJ7TWBJXt5JfPw9UWt19tirIOmBlTHkFuBRFVsTqPJJp6CY14e_dVCskJOFYS1IFsq5w775NuhNgN_rgVrZmacAG2MgiEGlbtLkDQ27v3nDGP4AQBgAaWmt3Y0N-Y5osBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YBwEAEyAusCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3uVn_vXnUP5W6OXrQ1iFPoN9D3NQ%26client%3Dca-pub-3238555218588439%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.160 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Sep 2022 18:31:23 GMT
server
Kestrel
strict-transport-security
max-age=31536000; preload;
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
3743280
content-type
image/gif
expires
Mon, 26 Jul 1997 05:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 71C1 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssxbYd9JwSBdYv_Y7I5ymsBwNVnOiDl_WAlzucs75xJ7AU9wGxM6p3pggfzFC4_Thj1jUTZfJjwWfdqgEqfahJpFXI8djNTAooUx4nCdtz5Icsb-VbHI4Qq7rcTd0EQCKtW2gw5T4_ysZHh-F6fvRM5nuJle7Fg44IpCOVl5Z3IGDg5LhyQ3zCZcF0NSWXh6s2nmb7-I3Tn7-gk1ZS7RiSZK4fqDRO48YU9eU2uvrxr5EsmZFV8DR4PD3R_FcAvxFLApB8VSdtCX7ZSI0_r6wWHaht57InuJQyjZWrkzgWNGBiMIsLnWWzRFXbXIKgfEbZoozhsYgViT57_Hz6kdqw&sai=AMfl-YQjZgA2qVLddTQanbCxRcrssAFUi9bFyhC2khaeYu8jClY_yXM6WsEW8QmFjyT7116u_evTKx55ybp7cPOIT3pHOjY_Rw_sOzjeUltVrtA27tQtRZua_Gz75-uR-w&sig=Cg0ArKJSzPF9_3k7q3w0EAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 22 Sep 2022 18:31:23 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Thu, 22 Sep 2022 18:31:23 GMT
tp-production
us-central1-kube-ownlocal.cloudfunctions.net/ Frame 232F 		26 B
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-central1-kube-ownlocal.cloudfunctions.net/tp-production?stm=1663871483401&e=pv&url=https%3A%2F%2Fwww.staradvertiser.com%2F&page=AdForge%20Ad%20Unit&refr=https%3A%2F%2Fwww.staradvertiser.com%2F&tv=js-2.10.2&tna=origami-tracker&aid=origami-unit&p=web&tz=UTC&lang=en-US&cs=UTF-8&f_pdf=1&f_qt=0&f_realp=0&f_wma=0&f_dir=0&f_fla=0&f_java=0&f_gears=0&f_ag=0&res=1600x1200&cd=24&cookie=1&eid=30d9a9fb-fc17-4e80-8a82-b4b22e56a8dd&dtm=1663871482366&vp=300x250&ds=300x250&vid=1&sid=72acb24d-6b0a-4f5b-8a8e-25c13d12bb63&duid=6ff5801c-2ee1-40a9-a569-36b3114c4a92&fp=577415770&cx=eyJzY2hlbWEiOiJpZ2x1OmNvbS5zbm93cGxvd2FuYWx5dGljcy5zbm93cGxvdy9jb250ZXh0cy9qc29uc2NoZW1hLzEtMC0wIiwiZGF0YSI6W3sic2NoZW1hIjoiaWdsdTpjb20ub3dubG9jYWwvb3JpZ2FtaV9jdHgvanNvbnNjaGVtYS8xLTAtMCIsImRhdGEiOnsiYWlkIjoiOTlmMzg1ZjItNzkzMy00ZDFmLWJkMTAtYTU2MGZiYmZhNDE5IiwiYmlkIjoiZWMxYWVlMDMtN2E2Ny00MWE2LTliZDktZjdjNjNmZjRhYWQ0IiwicGlkIjoiYzQ2Y2YxNWQtMTYyMi00MTU3LThmM2YtMThiOWE2MTk0NmRlIn19XX0
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:36::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend / Express
Resource Hash
09f9f507e1b9603cb213244da6e536b850fc6934a4e28701a53a341562e62c34

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:24 GMT
server
Google Frontend
x-powered-by
Express
etag
W/"1a-Hjpuc/IrHLWXlDT8bmHFqznVniY"
content-type
image/gif; charset=utf-8
access-control-allow-origin
*
x-cloud-trace-context
838c7e39d9305bce6b4ae28df9678436
function-execution-id
yywhab65lqw9
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26
privacy_small.svg
static.criteo.net/flash/icon/ Frame 2AC4 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yyyp-AAPLOsIu-UwAAUbuzfaEK0lLx-rdBQm-w&u=%7ChIUXIrGDpJKs%2BNQhCogTOVXt6NMGZn2MLqy7hzamzrA%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrGxHd21mMpxNh6ptbvoFGr5-taiijmDVNfEog-pHxa6wvg-tUOFnI36QG0DZhqQiWFLzK9PeXkRUnRcJnQGiAJN1oUKXq_0FiTwIkyB5pawzTsYyrVn4RaACGKq-geHHNBGwUeH42rbtlPUycZCimCT4WrjS_nVwovPqf-iMMZzU6kUYCdOTqtTvbFFQlxGXW-RoNdmKRIy_YWCcgNzIKbBUp0Br_k1CuvilQJ2gWk88N1lz-3TcnzkAMF6A6Tg0Crnu1dFcVaCfIIOncAIm-H5BN2h9qdMHiE7-0_x-1lU2v7HgXPizZPO61sDpdSq8QvSKo0z4Tz0Mxip6UfJCOomN0tMaLH0NaND0mETmaHrbpTnGLpuFSCarUhywpv-C8vKHNt1wpOoIocV6zmPp-QPfkue6YU6dDTW-6F48TKA71R8SBZo_2cFVi2Mnp2oyrFBRhbGXitC7T1e963VNEP4lxtli_GfeCFlYbR2P3XiE5RizYasXEgzJ9AY6qbL6Fnggr9OTQFOU6rY-Xlb5mK8tT2GzWxDivHNUUIoENXQFRi9xDx_8pEoD2noMFIsxddScxQyzotCyIVMNa0prenBtUbtfGYMnQqoD771xYSDQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9evf-KksY-vZPLDK7_UPu7eUqArJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTMyMzg1NTUyMTg1ODg0MzmgAdW20uoDyAEJqQJRkiwkv3iwPuACAKgDAaoEmgJP0GMtPfwPFcfwgrcF14hVtttrdBm4ayu5gghJueZFX9_KOV8XuEEsUSR5U9IeKAizuJzRjA2JAJvmITiNDutMvFEeKOUhyUlm7J9Ptkb270A9UnEyBrqWNZt42_DTls1VJQ436PXJmXQV9M2_x1QFtNwyUzyPpwaGxKy1OoCh4j4tLZ9MbmWVZlg10xCkMVbbg1f_8vWsukW2_rSsjNX0d0Xdar1Pe6IgjW_dsO2Ny2ivgWX7YlpZ-lOHlB8Vgf-1dpGB6iRPslOJOxtWRAL9B6EzD5bzkcMhLdtf3WeF-JX8KJn8eABjPdojp3NPcvJU62QTY_X4Tni5GEniHU3Z4VVHSOZtbVnmg0qV8ey2xsIYEKMMLW2rs5jgBAGABuv1oOjThojk4QGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgHAQATIC6wI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0QiN2AxmuZc7TwqL_FL7RXFI5oEQ%26client%3Dca-pub-3238555218588439%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:23 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 17 Sep 2023 18:31:23 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame 2AC4 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yyyp-AAPLOsIu-UwAAUbuzfaEK0lLx-rdBQm-w&u=%7ChIUXIrGDpJKs%2BNQhCogTOVXt6NMGZn2MLqy7hzamzrA%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrGxHd21mMpxNh6ptbvoFGr5-taiijmDVNfEog-pHxa6wvg-tUOFnI36QG0DZhqQiWFLzK9PeXkRUnRcJnQGiAJN1oUKXq_0FiTwIkyB5pawzTsYyrVn4RaACGKq-geHHNBGwUeH42rbtlPUycZCimCT4WrjS_nVwovPqf-iMMZzU6kUYCdOTqtTvbFFQlxGXW-RoNdmKRIy_YWCcgNzIKbBUp0Br_k1CuvilQJ2gWk88N1lz-3TcnzkAMF6A6Tg0Crnu1dFcVaCfIIOncAIm-H5BN2h9qdMHiE7-0_x-1lU2v7HgXPizZPO61sDpdSq8QvSKo0z4Tz0Mxip6UfJCOomN0tMaLH0NaND0mETmaHrbpTnGLpuFSCarUhywpv-C8vKHNt1wpOoIocV6zmPp-QPfkue6YU6dDTW-6F48TKA71R8SBZo_2cFVi2Mnp2oyrFBRhbGXitC7T1e963VNEP4lxtli_GfeCFlYbR2P3XiE5RizYasXEgzJ9AY6qbL6Fnggr9OTQFOU6rY-Xlb5mK8tT2GzWxDivHNUUIoENXQFRi9xDx_8pEoD2noMFIsxddScxQyzotCyIVMNa0prenBtUbtfGYMnQqoD771xYSDQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9evf-KksY-vZPLDK7_UPu7eUqArJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTMyMzg1NTUyMTg1ODg0MzmgAdW20uoDyAEJqQJRkiwkv3iwPuACAKgDAaoEmgJP0GMtPfwPFcfwgrcF14hVtttrdBm4ayu5gghJueZFX9_KOV8XuEEsUSR5U9IeKAizuJzRjA2JAJvmITiNDutMvFEeKOUhyUlm7J9Ptkb270A9UnEyBrqWNZt42_DTls1VJQ436PXJmXQV9M2_x1QFtNwyUzyPpwaGxKy1OoCh4j4tLZ9MbmWVZlg10xCkMVbbg1f_8vWsukW2_rSsjNX0d0Xdar1Pe6IgjW_dsO2Ny2ivgWX7YlpZ-lOHlB8Vgf-1dpGB6iRPslOJOxtWRAL9B6EzD5bzkcMhLdtf3WeF-JX8KJn8eABjPdojp3NPcvJU62QTY_X4Tni5GEniHU3Z4VVHSOZtbVnmg0qV8ey2xsIYEKMMLW2rs5jgBAGABuv1oOjThojk4QGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgHAQATIC6wI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0QiN2AxmuZc7TwqL_FL7RXFI5oEQ%26client%3Dca-pub-3238555218588439%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:23 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 17 Sep 2023 18:31:23 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 2AC4 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yyyp-AAPLOsIu-UwAAUbuzfaEK0lLx-rdBQm-w&u=%7ChIUXIrGDpJKs%2BNQhCogTOVXt6NMGZn2MLqy7hzamzrA%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrGxHd21mMpxNh6ptbvoFGr5-taiijmDVNfEog-pHxa6wvg-tUOFnI36QG0DZhqQiWFLzK9PeXkRUnRcJnQGiAJN1oUKXq_0FiTwIkyB5pawzTsYyrVn4RaACGKq-geHHNBGwUeH42rbtlPUycZCimCT4WrjS_nVwovPqf-iMMZzU6kUYCdOTqtTvbFFQlxGXW-RoNdmKRIy_YWCcgNzIKbBUp0Br_k1CuvilQJ2gWk88N1lz-3TcnzkAMF6A6Tg0Crnu1dFcVaCfIIOncAIm-H5BN2h9qdMHiE7-0_x-1lU2v7HgXPizZPO61sDpdSq8QvSKo0z4Tz0Mxip6UfJCOomN0tMaLH0NaND0mETmaHrbpTnGLpuFSCarUhywpv-C8vKHNt1wpOoIocV6zmPp-QPfkue6YU6dDTW-6F48TKA71R8SBZo_2cFVi2Mnp2oyrFBRhbGXitC7T1e963VNEP4lxtli_GfeCFlYbR2P3XiE5RizYasXEgzJ9AY6qbL6Fnggr9OTQFOU6rY-Xlb5mK8tT2GzWxDivHNUUIoENXQFRi9xDx_8pEoD2noMFIsxddScxQyzotCyIVMNa0prenBtUbtfGYMnQqoD771xYSDQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9evf-KksY-vZPLDK7_UPu7eUqArJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTMyMzg1NTUyMTg1ODg0MzmgAdW20uoDyAEJqQJRkiwkv3iwPuACAKgDAaoEmgJP0GMtPfwPFcfwgrcF14hVtttrdBm4ayu5gghJueZFX9_KOV8XuEEsUSR5U9IeKAizuJzRjA2JAJvmITiNDutMvFEeKOUhyUlm7J9Ptkb270A9UnEyBrqWNZt42_DTls1VJQ436PXJmXQV9M2_x1QFtNwyUzyPpwaGxKy1OoCh4j4tLZ9MbmWVZlg10xCkMVbbg1f_8vWsukW2_rSsjNX0d0Xdar1Pe6IgjW_dsO2Ny2ivgWX7YlpZ-lOHlB8Vgf-1dpGB6iRPslOJOxtWRAL9B6EzD5bzkcMhLdtf3WeF-JX8KJn8eABjPdojp3NPcvJU62QTY_X4Tni5GEniHU3Z4VVHSOZtbVnmg0qV8ey2xsIYEKMMLW2rs5jgBAGABuv1oOjThojk4QGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgHAQATIC6wI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0QiN2AxmuZc7TwqL_FL7RXFI5oEQ%26client%3Dca-pub-3238555218588439%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:23 GMT
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Sun, 17 Sep 2023 18:31:23 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame 2AC4 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yyyp-AAPLOsIu-UwAAUbuzfaEK0lLx-rdBQm-w&u=%7ChIUXIrGDpJKs%2BNQhCogTOVXt6NMGZn2MLqy7hzamzrA%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrGxHd21mMpxNh6ptbvoFGr5-taiijmDVNfEog-pHxa6wvg-tUOFnI36QG0DZhqQiWFLzK9PeXkRUnRcJnQGiAJN1oUKXq_0FiTwIkyB5pawzTsYyrVn4RaACGKq-geHHNBGwUeH42rbtlPUycZCimCT4WrjS_nVwovPqf-iMMZzU6kUYCdOTqtTvbFFQlxGXW-RoNdmKRIy_YWCcgNzIKbBUp0Br_k1CuvilQJ2gWk88N1lz-3TcnzkAMF6A6Tg0Crnu1dFcVaCfIIOncAIm-H5BN2h9qdMHiE7-0_x-1lU2v7HgXPizZPO61sDpdSq8QvSKo0z4Tz0Mxip6UfJCOomN0tMaLH0NaND0mETmaHrbpTnGLpuFSCarUhywpv-C8vKHNt1wpOoIocV6zmPp-QPfkue6YU6dDTW-6F48TKA71R8SBZo_2cFVi2Mnp2oyrFBRhbGXitC7T1e963VNEP4lxtli_GfeCFlYbR2P3XiE5RizYasXEgzJ9AY6qbL6Fnggr9OTQFOU6rY-Xlb5mK8tT2GzWxDivHNUUIoENXQFRi9xDx_8pEoD2noMFIsxddScxQyzotCyIVMNa0prenBtUbtfGYMnQqoD771xYSDQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9evf-KksY-vZPLDK7_UPu7eUqArJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTMyMzg1NTUyMTg1ODg0MzmgAdW20uoDyAEJqQJRkiwkv3iwPuACAKgDAaoEmgJP0GMtPfwPFcfwgrcF14hVtttrdBm4ayu5gghJueZFX9_KOV8XuEEsUSR5U9IeKAizuJzRjA2JAJvmITiNDutMvFEeKOUhyUlm7J9Ptkb270A9UnEyBrqWNZt42_DTls1VJQ436PXJmXQV9M2_x1QFtNwyUzyPpwaGxKy1OoCh4j4tLZ9MbmWVZlg10xCkMVbbg1f_8vWsukW2_rSsjNX0d0Xdar1Pe6IgjW_dsO2Ny2ivgWX7YlpZ-lOHlB8Vgf-1dpGB6iRPslOJOxtWRAL9B6EzD5bzkcMhLdtf3WeF-JX8KJn8eABjPdojp3NPcvJU62QTY_X4Tni5GEniHU3Z4VVHSOZtbVnmg0qV8ey2xsIYEKMMLW2rs5jgBAGABuv1oOjThojk4QGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgHAQATIC6wI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0QiN2AxmuZc7TwqL_FL7RXFI5oEQ%26client%3Dca-pub-3238555218588439%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:23 GMT
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Sun, 17 Sep 2023 18:31:23 GMT
lg.php
cat.fr.eu.criteo.com/delivery/ Frame 2AC4 		43 B
348 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.fr.eu.criteo.com/delivery/lg.php?cppv=3&cpp=2iKrs4d3yCFRtWEGJBHcOSNfgipLozJRWwtyGEs9v8ySxLkQX7TG7Y1tqFB_Bgx_hSpDqIxRm2UU_b5BGz7lkptp4uH3OnFolBwublL2sAg7T-Ri6AhNsygvaVYZiY5Av-Q5L1HvtObvePa88UO2lUf-IlbM_G4CgiNV-pInyp1QM15DTzegaMPDVMeYRCCW_aXajI7z7IpFWIdg3ZQ9kbxoeQkqc2mCd1Ta23ZlZP_jwcU5yL_Ks8Kf33-UZWgyC-LrFAHiN3CREliUBisdL23GsXAs3zW_BzvXa10F0ndUjruWsWnOKCB0HhHRrgBQOo8K-PMgM7Ri461Qk2cnMU0lYnSFGuIvLdV1ihbhjeetkKsdQmsaAKTsxCRaJobYDQXIFlBa0oartQIopxe7YmiR_-_5cLFggXbsAfX-5eG6F6x3
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yyyp-AAPLOsIu-UwAAUbuzfaEK0lLx-rdBQm-w&u=%7ChIUXIrGDpJKs%2BNQhCogTOVXt6NMGZn2MLqy7hzamzrA%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrGxHd21mMpxNh6ptbvoFGr5-taiijmDVNfEog-pHxa6wvg-tUOFnI36QG0DZhqQiWFLzK9PeXkRUnRcJnQGiAJN1oUKXq_0FiTwIkyB5pawzTsYyrVn4RaACGKq-geHHNBGwUeH42rbtlPUycZCimCT4WrjS_nVwovPqf-iMMZzU6kUYCdOTqtTvbFFQlxGXW-RoNdmKRIy_YWCcgNzIKbBUp0Br_k1CuvilQJ2gWk88N1lz-3TcnzkAMF6A6Tg0Crnu1dFcVaCfIIOncAIm-H5BN2h9qdMHiE7-0_x-1lU2v7HgXPizZPO61sDpdSq8QvSKo0z4Tz0Mxip6UfJCOomN0tMaLH0NaND0mETmaHrbpTnGLpuFSCarUhywpv-C8vKHNt1wpOoIocV6zmPp-QPfkue6YU6dDTW-6F48TKA71R8SBZo_2cFVi2Mnp2oyrFBRhbGXitC7T1e963VNEP4lxtli_GfeCFlYbR2P3XiE5RizYasXEgzJ9AY6qbL6Fnggr9OTQFOU6rY-Xlb5mK8tT2GzWxDivHNUUIoENXQFRi9xDx_8pEoD2noMFIsxddScxQyzotCyIVMNa0prenBtUbtfGYMnQqoD771xYSDQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9evf-KksY-vZPLDK7_UPu7eUqArJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTMyMzg1NTUyMTg1ODg0MzmgAdW20uoDyAEJqQJRkiwkv3iwPuACAKgDAaoEmgJP0GMtPfwPFcfwgrcF14hVtttrdBm4ayu5gghJueZFX9_KOV8XuEEsUSR5U9IeKAizuJzRjA2JAJvmITiNDutMvFEeKOUhyUlm7J9Ptkb270A9UnEyBrqWNZt42_DTls1VJQ436PXJmXQV9M2_x1QFtNwyUzyPpwaGxKy1OoCh4j4tLZ9MbmWVZlg10xCkMVbbg1f_8vWsukW2_rSsjNX0d0Xdar1Pe6IgjW_dsO2Ny2ivgWX7YlpZ-lOHlB8Vgf-1dpGB6iRPslOJOxtWRAL9B6EzD5bzkcMhLdtf3WeF-JX8KJn8eABjPdojp3NPcvJU62QTY_X4Tni5GEniHU3Z4VVHSOZtbVnmg0qV8ey2xsIYEKMMLW2rs5jgBAGABuv1oOjThojk4QGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgHAQATIC6wI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0QiN2AxmuZc7TwqL_FL7RXFI5oEQ%26client%3Dca-pub-3238555218588439%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.160 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Sep 2022 18:31:23 GMT
server
Kestrel
strict-transport-security
max-age=31536000; preload;
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
2883413
content-type
image/gif
expires
Mon, 26 Jul 1997 05:00:00 GMT
privacy_small.svg
static.criteo.net/flash/icon/ Frame 6E1E 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yyyp-AAPLOUIu-UwAAUbuxe_kjS-X3qD5Pr_xQ&u=%7ChIUXIrGDpJK759hFcJIrfPzCzTrExvh6vYUvpezIPF0%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNy44cDHK1QYNdJ71gdyCWvylMYxXMLCj4fODidRdwMR55tQ-B9hy0g4MQ3Y2uLD3JJ7lEKfzn4aGxZFJgNB2TpNcNBw4A1xZ6hsv-V10fUCPEi72bbOVQPHldwVW2uHxuCq4e4SNc2fb-DRN3AaoZ3PFtmUBb1kM79_wXOVk_cQc8ypAxD1Qv-jcaGvgyYe7flx0YZ7PFy5sHXBjw4zHU8jjmfgHAGfFlq0_eyR1Ln5PnpOt1-gog_Y7efWSSEAW82QmtxSFvyIcgpTHMcqqX9FI60hyHP8fXPxib_s4coQ-SmlYTtxG3t6gKs-swQyhBBEUql04uvN1p2xmq66EnPlkmcSa0QEXwcZjcejqt3NxUD9I1LYt9J9Nv-uT5caTYeLczIGXGeKhTLxb5ujisZqW7X-YDmA3npTW6ewAKP8ktrCQBc71UgBzNEgqBKS9LS1UIPs2QsxOuu_EtiHsu3nKbGiPMxiNFSnMPUNpIusmw_-S9pH5KCrdbAVYQzHykxHH-iGKz8sEAangpklUbp5n5XzAhB2E4KApbU8SJhFvSzz5aqsVC11ANz6IDFNOr3RD-BCn7cAiFhf6ZfDVq3IglhWwx37exlo2n1S4bE3o7LJpZhWhZdQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCLlUY-KksY-XZPLDK7_UPu7eUqArJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTMyMzg1NTUyMTg1ODg0MzmgAdW20uoDyAEJqQJRkiwkv3iwPuACAKgDAaoEjwJP0Mofhcty9SdKssCL--yyKdEEj07NcYmeTiMNaDF8KIlSN45dcYgbb8oo7GbkW-5o2cDA6R8f-bpIAdjAcy4PypA0GdKnhcEa6uO-R8ck951VHojpHAR4BUcuyy3R2gQdy8n8SSTH-qwsYUdcnKUeuXlbvy96hmbTl0XdZxYFUXv9LVQDGerg304JhaDHZOjil4o-eOpJR0NH8u0qLSZtf-cCffFmmvGdgXASr9gf6ciQTG69A8m5nXP03TQqjxRFHwihpRjkFOvNSJGXZaJOe2GKugYLbM4bWMowFRCe0kkkT1sUFjNKxJJdQ4tV44VA7qexylPXgS_lQcJMoR4lLIAYyZMu846pMn74Zjh24AQBgAaWmt3Y0N-Y5osBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YBwEAEyAusCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0q2SxgFUiv9khkeoSN-tKeMIVBVw%26client%3Dca-pub-3238555218588439%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:23 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 17 Sep 2023 18:31:23 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame 6E1E 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yyyp-AAPLOUIu-UwAAUbuxe_kjS-X3qD5Pr_xQ&u=%7ChIUXIrGDpJK759hFcJIrfPzCzTrExvh6vYUvpezIPF0%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNy44cDHK1QYNdJ71gdyCWvylMYxXMLCj4fODidRdwMR55tQ-B9hy0g4MQ3Y2uLD3JJ7lEKfzn4aGxZFJgNB2TpNcNBw4A1xZ6hsv-V10fUCPEi72bbOVQPHldwVW2uHxuCq4e4SNc2fb-DRN3AaoZ3PFtmUBb1kM79_wXOVk_cQc8ypAxD1Qv-jcaGvgyYe7flx0YZ7PFy5sHXBjw4zHU8jjmfgHAGfFlq0_eyR1Ln5PnpOt1-gog_Y7efWSSEAW82QmtxSFvyIcgpTHMcqqX9FI60hyHP8fXPxib_s4coQ-SmlYTtxG3t6gKs-swQyhBBEUql04uvN1p2xmq66EnPlkmcSa0QEXwcZjcejqt3NxUD9I1LYt9J9Nv-uT5caTYeLczIGXGeKhTLxb5ujisZqW7X-YDmA3npTW6ewAKP8ktrCQBc71UgBzNEgqBKS9LS1UIPs2QsxOuu_EtiHsu3nKbGiPMxiNFSnMPUNpIusmw_-S9pH5KCrdbAVYQzHykxHH-iGKz8sEAangpklUbp5n5XzAhB2E4KApbU8SJhFvSzz5aqsVC11ANz6IDFNOr3RD-BCn7cAiFhf6ZfDVq3IglhWwx37exlo2n1S4bE3o7LJpZhWhZdQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCLlUY-KksY-XZPLDK7_UPu7eUqArJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTMyMzg1NTUyMTg1ODg0MzmgAdW20uoDyAEJqQJRkiwkv3iwPuACAKgDAaoEjwJP0Mofhcty9SdKssCL--yyKdEEj07NcYmeTiMNaDF8KIlSN45dcYgbb8oo7GbkW-5o2cDA6R8f-bpIAdjAcy4PypA0GdKnhcEa6uO-R8ck951VHojpHAR4BUcuyy3R2gQdy8n8SSTH-qwsYUdcnKUeuXlbvy96hmbTl0XdZxYFUXv9LVQDGerg304JhaDHZOjil4o-eOpJR0NH8u0qLSZtf-cCffFmmvGdgXASr9gf6ciQTG69A8m5nXP03TQqjxRFHwihpRjkFOvNSJGXZaJOe2GKugYLbM4bWMowFRCe0kkkT1sUFjNKxJJdQ4tV44VA7qexylPXgS_lQcJMoR4lLIAYyZMu846pMn74Zjh24AQBgAaWmt3Y0N-Y5osBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YBwEAEyAusCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0q2SxgFUiv9khkeoSN-tKeMIVBVw%26client%3Dca-pub-3238555218588439%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:23 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 17 Sep 2023 18:31:23 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 6E1E 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yyyp-AAPLOUIu-UwAAUbuxe_kjS-X3qD5Pr_xQ&u=%7ChIUXIrGDpJK759hFcJIrfPzCzTrExvh6vYUvpezIPF0%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNy44cDHK1QYNdJ71gdyCWvylMYxXMLCj4fODidRdwMR55tQ-B9hy0g4MQ3Y2uLD3JJ7lEKfzn4aGxZFJgNB2TpNcNBw4A1xZ6hsv-V10fUCPEi72bbOVQPHldwVW2uHxuCq4e4SNc2fb-DRN3AaoZ3PFtmUBb1kM79_wXOVk_cQc8ypAxD1Qv-jcaGvgyYe7flx0YZ7PFy5sHXBjw4zHU8jjmfgHAGfFlq0_eyR1Ln5PnpOt1-gog_Y7efWSSEAW82QmtxSFvyIcgpTHMcqqX9FI60hyHP8fXPxib_s4coQ-SmlYTtxG3t6gKs-swQyhBBEUql04uvN1p2xmq66EnPlkmcSa0QEXwcZjcejqt3NxUD9I1LYt9J9Nv-uT5caTYeLczIGXGeKhTLxb5ujisZqW7X-YDmA3npTW6ewAKP8ktrCQBc71UgBzNEgqBKS9LS1UIPs2QsxOuu_EtiHsu3nKbGiPMxiNFSnMPUNpIusmw_-S9pH5KCrdbAVYQzHykxHH-iGKz8sEAangpklUbp5n5XzAhB2E4KApbU8SJhFvSzz5aqsVC11ANz6IDFNOr3RD-BCn7cAiFhf6ZfDVq3IglhWwx37exlo2n1S4bE3o7LJpZhWhZdQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCLlUY-KksY-XZPLDK7_UPu7eUqArJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTMyMzg1NTUyMTg1ODg0MzmgAdW20uoDyAEJqQJRkiwkv3iwPuACAKgDAaoEjwJP0Mofhcty9SdKssCL--yyKdEEj07NcYmeTiMNaDF8KIlSN45dcYgbb8oo7GbkW-5o2cDA6R8f-bpIAdjAcy4PypA0GdKnhcEa6uO-R8ck951VHojpHAR4BUcuyy3R2gQdy8n8SSTH-qwsYUdcnKUeuXlbvy96hmbTl0XdZxYFUXv9LVQDGerg304JhaDHZOjil4o-eOpJR0NH8u0qLSZtf-cCffFmmvGdgXASr9gf6ciQTG69A8m5nXP03TQqjxRFHwihpRjkFOvNSJGXZaJOe2GKugYLbM4bWMowFRCe0kkkT1sUFjNKxJJdQ4tV44VA7qexylPXgS_lQcJMoR4lLIAYyZMu846pMn74Zjh24AQBgAaWmt3Y0N-Y5osBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YBwEAEyAusCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0q2SxgFUiv9khkeoSN-tKeMIVBVw%26client%3Dca-pub-3238555218588439%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:23 GMT
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Sun, 17 Sep 2023 18:31:23 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame 6E1E 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yyyp-AAPLOUIu-UwAAUbuxe_kjS-X3qD5Pr_xQ&u=%7ChIUXIrGDpJK759hFcJIrfPzCzTrExvh6vYUvpezIPF0%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNy44cDHK1QYNdJ71gdyCWvylMYxXMLCj4fODidRdwMR55tQ-B9hy0g4MQ3Y2uLD3JJ7lEKfzn4aGxZFJgNB2TpNcNBw4A1xZ6hsv-V10fUCPEi72bbOVQPHldwVW2uHxuCq4e4SNc2fb-DRN3AaoZ3PFtmUBb1kM79_wXOVk_cQc8ypAxD1Qv-jcaGvgyYe7flx0YZ7PFy5sHXBjw4zHU8jjmfgHAGfFlq0_eyR1Ln5PnpOt1-gog_Y7efWSSEAW82QmtxSFvyIcgpTHMcqqX9FI60hyHP8fXPxib_s4coQ-SmlYTtxG3t6gKs-swQyhBBEUql04uvN1p2xmq66EnPlkmcSa0QEXwcZjcejqt3NxUD9I1LYt9J9Nv-uT5caTYeLczIGXGeKhTLxb5ujisZqW7X-YDmA3npTW6ewAKP8ktrCQBc71UgBzNEgqBKS9LS1UIPs2QsxOuu_EtiHsu3nKbGiPMxiNFSnMPUNpIusmw_-S9pH5KCrdbAVYQzHykxHH-iGKz8sEAangpklUbp5n5XzAhB2E4KApbU8SJhFvSzz5aqsVC11ANz6IDFNOr3RD-BCn7cAiFhf6ZfDVq3IglhWwx37exlo2n1S4bE3o7LJpZhWhZdQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCLlUY-KksY-XZPLDK7_UPu7eUqArJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTMyMzg1NTUyMTg1ODg0MzmgAdW20uoDyAEJqQJRkiwkv3iwPuACAKgDAaoEjwJP0Mofhcty9SdKssCL--yyKdEEj07NcYmeTiMNaDF8KIlSN45dcYgbb8oo7GbkW-5o2cDA6R8f-bpIAdjAcy4PypA0GdKnhcEa6uO-R8ck951VHojpHAR4BUcuyy3R2gQdy8n8SSTH-qwsYUdcnKUeuXlbvy96hmbTl0XdZxYFUXv9LVQDGerg304JhaDHZOjil4o-eOpJR0NH8u0qLSZtf-cCffFmmvGdgXASr9gf6ciQTG69A8m5nXP03TQqjxRFHwihpRjkFOvNSJGXZaJOe2GKugYLbM4bWMowFRCe0kkkT1sUFjNKxJJdQ4tV44VA7qexylPXgS_lQcJMoR4lLIAYyZMu846pMn74Zjh24AQBgAaWmt3Y0N-Y5osBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YBwEAEyAusCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0q2SxgFUiv9khkeoSN-tKeMIVBVw%26client%3Dca-pub-3238555218588439%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:23 GMT
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Sun, 17 Sep 2023 18:31:23 GMT
lg.php
cat.fr.eu.criteo.com/delivery/ Frame 6E1E 		43 B
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.fr.eu.criteo.com/delivery/lg.php?cppv=3&cpp=sK6iJl2BjRQRrY6XY8YwGgkS0P54p8FcbuUwq87bhfwmUqZTaPZCuvTifT_lcSFVvyz5Ja_YUNtTHeNTjCfa2XVU_mqLOUaGQYCzJ1wmlbldOs6QcnAmE3EQ4LMkuO8MHtyLUSXKUwJDf_bLoaZC7K9bf6zEzLduiBzBqJhPmnN_3JfZQU2WlQreY3f64s8dtqMx_7ANNRTfHiu9ESCMevU3nmtJIPNtopx6OU1uJjOKLH0VOu0fJrRTRADwMNKGAC-lVaP1Jwd3jB3_cSBOBeQu6UX6wwN3NbGsop3FeQrtOUUzOM7JocKg3rrhQxAu_tsRAoCu4MZ9mebg69CuSh68ZVmvnVbAnuiW6pQvpxo9L05zxa3B1RK9lUkQ7C6J7WZZwYAfeBgV5T1HmEqIRh5YA5LoIp-u9BxKtgLPKnEcoicr
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yyyp-AAPLOUIu-UwAAUbuxe_kjS-X3qD5Pr_xQ&u=%7ChIUXIrGDpJK759hFcJIrfPzCzTrExvh6vYUvpezIPF0%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNy44cDHK1QYNdJ71gdyCWvylMYxXMLCj4fODidRdwMR55tQ-B9hy0g4MQ3Y2uLD3JJ7lEKfzn4aGxZFJgNB2TpNcNBw4A1xZ6hsv-V10fUCPEi72bbOVQPHldwVW2uHxuCq4e4SNc2fb-DRN3AaoZ3PFtmUBb1kM79_wXOVk_cQc8ypAxD1Qv-jcaGvgyYe7flx0YZ7PFy5sHXBjw4zHU8jjmfgHAGfFlq0_eyR1Ln5PnpOt1-gog_Y7efWSSEAW82QmtxSFvyIcgpTHMcqqX9FI60hyHP8fXPxib_s4coQ-SmlYTtxG3t6gKs-swQyhBBEUql04uvN1p2xmq66EnPlkmcSa0QEXwcZjcejqt3NxUD9I1LYt9J9Nv-uT5caTYeLczIGXGeKhTLxb5ujisZqW7X-YDmA3npTW6ewAKP8ktrCQBc71UgBzNEgqBKS9LS1UIPs2QsxOuu_EtiHsu3nKbGiPMxiNFSnMPUNpIusmw_-S9pH5KCrdbAVYQzHykxHH-iGKz8sEAangpklUbp5n5XzAhB2E4KApbU8SJhFvSzz5aqsVC11ANz6IDFNOr3RD-BCn7cAiFhf6ZfDVq3IglhWwx37exlo2n1S4bE3o7LJpZhWhZdQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCLlUY-KksY-XZPLDK7_UPu7eUqArJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTMyMzg1NTUyMTg1ODg0MzmgAdW20uoDyAEJqQJRkiwkv3iwPuACAKgDAaoEjwJP0Mofhcty9SdKssCL--yyKdEEj07NcYmeTiMNaDF8KIlSN45dcYgbb8oo7GbkW-5o2cDA6R8f-bpIAdjAcy4PypA0GdKnhcEa6uO-R8ck951VHojpHAR4BUcuyy3R2gQdy8n8SSTH-qwsYUdcnKUeuXlbvy96hmbTl0XdZxYFUXv9LVQDGerg304JhaDHZOjil4o-eOpJR0NH8u0qLSZtf-cCffFmmvGdgXASr9gf6ciQTG69A8m5nXP03TQqjxRFHwihpRjkFOvNSJGXZaJOe2GKugYLbM4bWMowFRCe0kkkT1sUFjNKxJJdQ4tV44VA7qexylPXgS_lQcJMoR4lLIAYyZMu846pMn74Zjh24AQBgAaWmt3Y0N-Y5osBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YBwEAEyAusCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0q2SxgFUiv9khkeoSN-tKeMIVBVw%26client%3Dca-pub-3238555218588439%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.160 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Sep 2022 18:31:23 GMT
server
Kestrel
strict-transport-security
max-age=31536000; preload;
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
3594600
content-type
image/gif
expires
Mon, 26 Jul 1997 05:00:00 GMT
privacy_small.svg
static.criteo.net/flash/icon/ Frame 5CF7 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yyyp-AAPLPAIu-UwAAUbu4IGuQ-NwO_ih8iFfQ&u=%7ChIUXIrGDpJL6ACliD7asN7bF%2FtPdfLs3BxdlWUEBWhU%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy3nBR3pkar3jW9x1qp97j4VxsJ0frS2_wLdRBXhALqgDilxRAFHEEdI_JvtZc4hgvnhPqIP-IQMXIpmr0QWwpQTLcqY2ARHL-jzZ_VofujCAGeYp6ibKVLCjhxz68EIja199XyVD29nh9P2AlXuvysrnDpb2k0ErKNEpWr8lK7-XCv4kVcixdVFlNgWk2quHhEf2sUIi-0WWu58WPEPeWwWca29UwhQ2EG7msLe-cPckpeIF_1ky2sw9u2idVAqrOhuklMzLvG8PW7uz_3YxN0r-6WKHIPNEL2bugxhuD-OraOuFjRJRLQd1BmQ7Mm3g3fmMWpckUvIdeOxA8bd_DJIZi1MIHtICVwkxKTsDC3D6bFAkqpN0mYFoMElbs5KlGPfA-X-evXJCRflnm8zZerELqwQ-lpqEKtk6Bpef0Qnje1D2xmHi7J5DEVMvu6f4-EvAzYsgHCVEwwvx_1rLTpZZJffFi5VpBDDmavkDkonfKO2Z1XHT6sWIHfMGK4-WpYdjIPplipR0su_qss9fKKR7KVuWcKmvA3KzxA4mGaRzEHnqhSEeFIRxzNOtYlSMQTKj7Pg6YuJ9N77JhOnTmjY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCglD4-KksY_DZPLDK7_UPu7eUqArJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTMyMzg1NTUyMTg1ODg0MzmgAdW20uoDyAEJqQJRkiwkv3iwPuACAKgDAaoEnAJP0HWI8UnqOGOv6n0_lc5AWvQHEOep17No4x2EuW89V39r-QhwPiqlz-Tldp0wyrXVAGrnrRTwkvvrAuYO0izMctkucGZPP3DcqE13QhJTOk9PZE9PW_py7nGlEWCof5HeJQYOML9qNMwqbgv3XoECuCrJNz-3PnUouWfGG_FRJrUdvlQm1TeWFohE5px04ewNVEMXTxAMOvXVjj1FWh1pYiFTGYTpbvgd3fIRSRUNA09bZLBlMhqTgIkDSxXZdxueKrY9EJ-SXuRwUL0Lf4fdO4LNVffs4c5cbIVv1c1GWtiO5cJSYu5kizVZLjtFCWxBBpsDBCwDOIbuUSY0mNhpnHPAyaaA0LXQu9j7Wn01tTBbHK5l7TEc3sTb3uAEAYAG6_Wg6NOGiOThAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAcBABMgLrAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1s8A8x-l3C2aW9Kzq0nlvzaS2pTw%26client%3Dca-pub-3238555218588439%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:23 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 17 Sep 2023 18:31:23 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame 5CF7 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yyyp-AAPLPAIu-UwAAUbu4IGuQ-NwO_ih8iFfQ&u=%7ChIUXIrGDpJL6ACliD7asN7bF%2FtPdfLs3BxdlWUEBWhU%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy3nBR3pkar3jW9x1qp97j4VxsJ0frS2_wLdRBXhALqgDilxRAFHEEdI_JvtZc4hgvnhPqIP-IQMXIpmr0QWwpQTLcqY2ARHL-jzZ_VofujCAGeYp6ibKVLCjhxz68EIja199XyVD29nh9P2AlXuvysrnDpb2k0ErKNEpWr8lK7-XCv4kVcixdVFlNgWk2quHhEf2sUIi-0WWu58WPEPeWwWca29UwhQ2EG7msLe-cPckpeIF_1ky2sw9u2idVAqrOhuklMzLvG8PW7uz_3YxN0r-6WKHIPNEL2bugxhuD-OraOuFjRJRLQd1BmQ7Mm3g3fmMWpckUvIdeOxA8bd_DJIZi1MIHtICVwkxKTsDC3D6bFAkqpN0mYFoMElbs5KlGPfA-X-evXJCRflnm8zZerELqwQ-lpqEKtk6Bpef0Qnje1D2xmHi7J5DEVMvu6f4-EvAzYsgHCVEwwvx_1rLTpZZJffFi5VpBDDmavkDkonfKO2Z1XHT6sWIHfMGK4-WpYdjIPplipR0su_qss9fKKR7KVuWcKmvA3KzxA4mGaRzEHnqhSEeFIRxzNOtYlSMQTKj7Pg6YuJ9N77JhOnTmjY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCglD4-KksY_DZPLDK7_UPu7eUqArJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTMyMzg1NTUyMTg1ODg0MzmgAdW20uoDyAEJqQJRkiwkv3iwPuACAKgDAaoEnAJP0HWI8UnqOGOv6n0_lc5AWvQHEOep17No4x2EuW89V39r-QhwPiqlz-Tldp0wyrXVAGrnrRTwkvvrAuYO0izMctkucGZPP3DcqE13QhJTOk9PZE9PW_py7nGlEWCof5HeJQYOML9qNMwqbgv3XoECuCrJNz-3PnUouWfGG_FRJrUdvlQm1TeWFohE5px04ewNVEMXTxAMOvXVjj1FWh1pYiFTGYTpbvgd3fIRSRUNA09bZLBlMhqTgIkDSxXZdxueKrY9EJ-SXuRwUL0Lf4fdO4LNVffs4c5cbIVv1c1GWtiO5cJSYu5kizVZLjtFCWxBBpsDBCwDOIbuUSY0mNhpnHPAyaaA0LXQu9j7Wn01tTBbHK5l7TEc3sTb3uAEAYAG6_Wg6NOGiOThAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAcBABMgLrAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1s8A8x-l3C2aW9Kzq0nlvzaS2pTw%26client%3Dca-pub-3238555218588439%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:23 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 17 Sep 2023 18:31:23 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 5CF7 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yyyp-AAPLPAIu-UwAAUbu4IGuQ-NwO_ih8iFfQ&u=%7ChIUXIrGDpJL6ACliD7asN7bF%2FtPdfLs3BxdlWUEBWhU%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy3nBR3pkar3jW9x1qp97j4VxsJ0frS2_wLdRBXhALqgDilxRAFHEEdI_JvtZc4hgvnhPqIP-IQMXIpmr0QWwpQTLcqY2ARHL-jzZ_VofujCAGeYp6ibKVLCjhxz68EIja199XyVD29nh9P2AlXuvysrnDpb2k0ErKNEpWr8lK7-XCv4kVcixdVFlNgWk2quHhEf2sUIi-0WWu58WPEPeWwWca29UwhQ2EG7msLe-cPckpeIF_1ky2sw9u2idVAqrOhuklMzLvG8PW7uz_3YxN0r-6WKHIPNEL2bugxhuD-OraOuFjRJRLQd1BmQ7Mm3g3fmMWpckUvIdeOxA8bd_DJIZi1MIHtICVwkxKTsDC3D6bFAkqpN0mYFoMElbs5KlGPfA-X-evXJCRflnm8zZerELqwQ-lpqEKtk6Bpef0Qnje1D2xmHi7J5DEVMvu6f4-EvAzYsgHCVEwwvx_1rLTpZZJffFi5VpBDDmavkDkonfKO2Z1XHT6sWIHfMGK4-WpYdjIPplipR0su_qss9fKKR7KVuWcKmvA3KzxA4mGaRzEHnqhSEeFIRxzNOtYlSMQTKj7Pg6YuJ9N77JhOnTmjY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCglD4-KksY_DZPLDK7_UPu7eUqArJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTMyMzg1NTUyMTg1ODg0MzmgAdW20uoDyAEJqQJRkiwkv3iwPuACAKgDAaoEnAJP0HWI8UnqOGOv6n0_lc5AWvQHEOep17No4x2EuW89V39r-QhwPiqlz-Tldp0wyrXVAGrnrRTwkvvrAuYO0izMctkucGZPP3DcqE13QhJTOk9PZE9PW_py7nGlEWCof5HeJQYOML9qNMwqbgv3XoECuCrJNz-3PnUouWfGG_FRJrUdvlQm1TeWFohE5px04ewNVEMXTxAMOvXVjj1FWh1pYiFTGYTpbvgd3fIRSRUNA09bZLBlMhqTgIkDSxXZdxueKrY9EJ-SXuRwUL0Lf4fdO4LNVffs4c5cbIVv1c1GWtiO5cJSYu5kizVZLjtFCWxBBpsDBCwDOIbuUSY0mNhpnHPAyaaA0LXQu9j7Wn01tTBbHK5l7TEc3sTb3uAEAYAG6_Wg6NOGiOThAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAcBABMgLrAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1s8A8x-l3C2aW9Kzq0nlvzaS2pTw%26client%3Dca-pub-3238555218588439%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:23 GMT
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Sun, 17 Sep 2023 18:31:23 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame 5CF7 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yyyp-AAPLPAIu-UwAAUbu4IGuQ-NwO_ih8iFfQ&u=%7ChIUXIrGDpJL6ACliD7asN7bF%2FtPdfLs3BxdlWUEBWhU%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy3nBR3pkar3jW9x1qp97j4VxsJ0frS2_wLdRBXhALqgDilxRAFHEEdI_JvtZc4hgvnhPqIP-IQMXIpmr0QWwpQTLcqY2ARHL-jzZ_VofujCAGeYp6ibKVLCjhxz68EIja199XyVD29nh9P2AlXuvysrnDpb2k0ErKNEpWr8lK7-XCv4kVcixdVFlNgWk2quHhEf2sUIi-0WWu58WPEPeWwWca29UwhQ2EG7msLe-cPckpeIF_1ky2sw9u2idVAqrOhuklMzLvG8PW7uz_3YxN0r-6WKHIPNEL2bugxhuD-OraOuFjRJRLQd1BmQ7Mm3g3fmMWpckUvIdeOxA8bd_DJIZi1MIHtICVwkxKTsDC3D6bFAkqpN0mYFoMElbs5KlGPfA-X-evXJCRflnm8zZerELqwQ-lpqEKtk6Bpef0Qnje1D2xmHi7J5DEVMvu6f4-EvAzYsgHCVEwwvx_1rLTpZZJffFi5VpBDDmavkDkonfKO2Z1XHT6sWIHfMGK4-WpYdjIPplipR0su_qss9fKKR7KVuWcKmvA3KzxA4mGaRzEHnqhSEeFIRxzNOtYlSMQTKj7Pg6YuJ9N77JhOnTmjY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCglD4-KksY_DZPLDK7_UPu7eUqArJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTMyMzg1NTUyMTg1ODg0MzmgAdW20uoDyAEJqQJRkiwkv3iwPuACAKgDAaoEnAJP0HWI8UnqOGOv6n0_lc5AWvQHEOep17No4x2EuW89V39r-QhwPiqlz-Tldp0wyrXVAGrnrRTwkvvrAuYO0izMctkucGZPP3DcqE13QhJTOk9PZE9PW_py7nGlEWCof5HeJQYOML9qNMwqbgv3XoECuCrJNz-3PnUouWfGG_FRJrUdvlQm1TeWFohE5px04ewNVEMXTxAMOvXVjj1FWh1pYiFTGYTpbvgd3fIRSRUNA09bZLBlMhqTgIkDSxXZdxueKrY9EJ-SXuRwUL0Lf4fdO4LNVffs4c5cbIVv1c1GWtiO5cJSYu5kizVZLjtFCWxBBpsDBCwDOIbuUSY0mNhpnHPAyaaA0LXQu9j7Wn01tTBbHK5l7TEc3sTb3uAEAYAG6_Wg6NOGiOThAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAcBABMgLrAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1s8A8x-l3C2aW9Kzq0nlvzaS2pTw%26client%3Dca-pub-3238555218588439%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:23 GMT
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Sun, 17 Sep 2023 18:31:23 GMT
lg.php
cat.fr.eu.criteo.com/delivery/ Frame 5CF7 		43 B
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.fr.eu.criteo.com/delivery/lg.php?cppv=3&cpp=W_UUdxNN58QZkXsklbfD9YSzHbNOPQYoKzToOQ15Glj13mN0Zvc5DdKYw8uZ4e-HA-8-mVLXGI9hJGo7zVfZBxTkxfZqAaEgoolAaDchoxIjQQpeYbzjDXPCRYaD6L9B68t4utkBVX5A2LskNdcaP7DLPNsnFRaCp6RlDiODfAUWwU3R-Hi19b3l0pizCqKPH_c8YEy8lNuACHYRn0zK5aVPff-u3jvJkD0REfVY39YZWVY307eiV9cYO386f67RlQUVtngWIolqchsPy79e4tdw0ref_98usiKfKVC6O2WuGsP2qqV6n9R4lb7UMNl-Zadsr8z5OVTSUnxBp4dguHoL3W5DnHN2zMEVUFcfNUUhFTFLIK84AQKOvmPI2sJx6PUQ02ny1KheAH76tV7KMeLsAqNtioyo--Wv9GDc9I1iaKAP
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yyyp-AAPLPAIu-UwAAUbu4IGuQ-NwO_ih8iFfQ&u=%7ChIUXIrGDpJL6ACliD7asN7bF%2FtPdfLs3BxdlWUEBWhU%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy3nBR3pkar3jW9x1qp97j4VxsJ0frS2_wLdRBXhALqgDilxRAFHEEdI_JvtZc4hgvnhPqIP-IQMXIpmr0QWwpQTLcqY2ARHL-jzZ_VofujCAGeYp6ibKVLCjhxz68EIja199XyVD29nh9P2AlXuvysrnDpb2k0ErKNEpWr8lK7-XCv4kVcixdVFlNgWk2quHhEf2sUIi-0WWu58WPEPeWwWca29UwhQ2EG7msLe-cPckpeIF_1ky2sw9u2idVAqrOhuklMzLvG8PW7uz_3YxN0r-6WKHIPNEL2bugxhuD-OraOuFjRJRLQd1BmQ7Mm3g3fmMWpckUvIdeOxA8bd_DJIZi1MIHtICVwkxKTsDC3D6bFAkqpN0mYFoMElbs5KlGPfA-X-evXJCRflnm8zZerELqwQ-lpqEKtk6Bpef0Qnje1D2xmHi7J5DEVMvu6f4-EvAzYsgHCVEwwvx_1rLTpZZJffFi5VpBDDmavkDkonfKO2Z1XHT6sWIHfMGK4-WpYdjIPplipR0su_qss9fKKR7KVuWcKmvA3KzxA4mGaRzEHnqhSEeFIRxzNOtYlSMQTKj7Pg6YuJ9N77JhOnTmjY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCglD4-KksY_DZPLDK7_UPu7eUqArJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTMyMzg1NTUyMTg1ODg0MzmgAdW20uoDyAEJqQJRkiwkv3iwPuACAKgDAaoEnAJP0HWI8UnqOGOv6n0_lc5AWvQHEOep17No4x2EuW89V39r-QhwPiqlz-Tldp0wyrXVAGrnrRTwkvvrAuYO0izMctkucGZPP3DcqE13QhJTOk9PZE9PW_py7nGlEWCof5HeJQYOML9qNMwqbgv3XoECuCrJNz-3PnUouWfGG_FRJrUdvlQm1TeWFohE5px04ewNVEMXTxAMOvXVjj1FWh1pYiFTGYTpbvgd3fIRSRUNA09bZLBlMhqTgIkDSxXZdxueKrY9EJ-SXuRwUL0Lf4fdO4LNVffs4c5cbIVv1c1GWtiO5cJSYu5kizVZLjtFCWxBBpsDBCwDOIbuUSY0mNhpnHPAyaaA0LXQu9j7Wn01tTBbHK5l7TEc3sTb3uAEAYAG6_Wg6NOGiOThAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAcBABMgLrAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1s8A8x-l3C2aW9Kzq0nlvzaS2pTw%26client%3Dca-pub-3238555218588439%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.160 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Sep 2022 18:31:23 GMT
server
Kestrel
strict-transport-security
max-age=31536000; preload;
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
3130808
content-type
image/gif
expires
Mon, 26 Jul 1997 05:00:00 GMT
privacy_small.svg
static.criteo.net/flash/icon/ Frame 9781 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yyyp-AAPLOkIu-UwAAUbu3KcBS0Ool-dONwgjQ&u=%7ChIUXIrGDpJIglTT91dladBEXYD9pJZ8Qq6ERhbBffsg%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNy44cDHK1QYNdJ71gdyCWvylMYxXMLCj4fODidRdwMR55tQ-B9hy0g1QCKGju0TMFrgLV7AJgRHBH_AV6w0tnRtraPfdmSHY4VtN0I-eUNMs4nmiqSNt0Ts_20On4dI7aNaxYBPLA60J-6UxxkNxuhC38fb3U0ZCgJ0I0lHbkVJmerFFOwRPGKj2DC9iI2OuMncSNa0RkdE9lg1H4-4LSHFfJodqv7ikBsyJVJNvN7ASwCYgQSBlRti6kuaBc_SXWrpK3TGJnSx2HqthwaHqXkqZr8RcTVeGGL0AMWqxUmceE0TDDDz7jTnLaMa7SWSI1_x0ENiGdp53cFyATf44fQQCpnRxVvL4J6CDI2JWCOGZtbOjIsiBL3CBMA-wr2iIeDPvGnHpd5hoVXAtr4sWayze4JKvxHxdzFhvdri-dDbNS-vXLfGuircLDmvUcU3_Dths2MS3qp1syIk4N41T8U2RoanX40iS7uUovmDK3p6ZsjiM8t0fKPotZs-ekcy3ZrEMRP5mtwWoiukwzVdwd0Ytql7kAdbph9Q91kaUwH1vsE9iyx7F96qdOOdNhG6P2Ps85fCzoZxBuOf6VVaq-A8ehIrGgm_Xz9Ltfgx5_S_GD13liMl1IgQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCGRhB-KksY-nZPLDK7_UPu7eUqArJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTMyMzg1NTUyMTg1ODg0MzmgAdW20uoDyAEJqQJRkiwkv3iwPuACAKgDAaoElgJP0C6ySL7s-LjAmx1VXuYarmCKyi83AH_FGEmZ-4PVCRf1G_bJvPeeAMXpbc_TycCpFZzV1lUEDnCSe5Zef5NXIYQ254EpqWCMWHmrGw0kS0ixYw5W5lNI9gzrO4EAJe9N9Hza1BZLUhO4IbuLZ8DI-WbdBWpzfbDmDVmf5KodQh-KGNfsutxa2ITg5d8YLSGi2pX7pQX3aY1PDwKCnDmkpALHnuV_kcSrUae_9CmkbtWIA08rf3PK317-22E3wcHAQgl3T3XAVwvklEiLYsrhbRV7mDI7gkxyajh3wVonas8rg0U5DuzXD-IdLrL4FAWNar7SIaoRarYn_coggGjucUmy4laI_Sd9XpvH675XLOHnRB4_ReAEAYAGj_aIluyviaSkAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAcBABMgLrAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0Ntpq278oR3lEOV3kZoJmoTG-uBA%26client%3Dca-pub-3238555218588439%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:23 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 17 Sep 2023 18:31:23 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame 9781 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yyyp-AAPLOkIu-UwAAUbu3KcBS0Ool-dONwgjQ&u=%7ChIUXIrGDpJIglTT91dladBEXYD9pJZ8Qq6ERhbBffsg%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNy44cDHK1QYNdJ71gdyCWvylMYxXMLCj4fODidRdwMR55tQ-B9hy0g1QCKGju0TMFrgLV7AJgRHBH_AV6w0tnRtraPfdmSHY4VtN0I-eUNMs4nmiqSNt0Ts_20On4dI7aNaxYBPLA60J-6UxxkNxuhC38fb3U0ZCgJ0I0lHbkVJmerFFOwRPGKj2DC9iI2OuMncSNa0RkdE9lg1H4-4LSHFfJodqv7ikBsyJVJNvN7ASwCYgQSBlRti6kuaBc_SXWrpK3TGJnSx2HqthwaHqXkqZr8RcTVeGGL0AMWqxUmceE0TDDDz7jTnLaMa7SWSI1_x0ENiGdp53cFyATf44fQQCpnRxVvL4J6CDI2JWCOGZtbOjIsiBL3CBMA-wr2iIeDPvGnHpd5hoVXAtr4sWayze4JKvxHxdzFhvdri-dDbNS-vXLfGuircLDmvUcU3_Dths2MS3qp1syIk4N41T8U2RoanX40iS7uUovmDK3p6ZsjiM8t0fKPotZs-ekcy3ZrEMRP5mtwWoiukwzVdwd0Ytql7kAdbph9Q91kaUwH1vsE9iyx7F96qdOOdNhG6P2Ps85fCzoZxBuOf6VVaq-A8ehIrGgm_Xz9Ltfgx5_S_GD13liMl1IgQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCGRhB-KksY-nZPLDK7_UPu7eUqArJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTMyMzg1NTUyMTg1ODg0MzmgAdW20uoDyAEJqQJRkiwkv3iwPuACAKgDAaoElgJP0C6ySL7s-LjAmx1VXuYarmCKyi83AH_FGEmZ-4PVCRf1G_bJvPeeAMXpbc_TycCpFZzV1lUEDnCSe5Zef5NXIYQ254EpqWCMWHmrGw0kS0ixYw5W5lNI9gzrO4EAJe9N9Hza1BZLUhO4IbuLZ8DI-WbdBWpzfbDmDVmf5KodQh-KGNfsutxa2ITg5d8YLSGi2pX7pQX3aY1PDwKCnDmkpALHnuV_kcSrUae_9CmkbtWIA08rf3PK317-22E3wcHAQgl3T3XAVwvklEiLYsrhbRV7mDI7gkxyajh3wVonas8rg0U5DuzXD-IdLrL4FAWNar7SIaoRarYn_coggGjucUmy4laI_Sd9XpvH675XLOHnRB4_ReAEAYAGj_aIluyviaSkAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAcBABMgLrAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0Ntpq278oR3lEOV3kZoJmoTG-uBA%26client%3Dca-pub-3238555218588439%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:23 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 17 Sep 2023 18:31:23 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 9781 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yyyp-AAPLOkIu-UwAAUbu3KcBS0Ool-dONwgjQ&u=%7ChIUXIrGDpJIglTT91dladBEXYD9pJZ8Qq6ERhbBffsg%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNy44cDHK1QYNdJ71gdyCWvylMYxXMLCj4fODidRdwMR55tQ-B9hy0g1QCKGju0TMFrgLV7AJgRHBH_AV6w0tnRtraPfdmSHY4VtN0I-eUNMs4nmiqSNt0Ts_20On4dI7aNaxYBPLA60J-6UxxkNxuhC38fb3U0ZCgJ0I0lHbkVJmerFFOwRPGKj2DC9iI2OuMncSNa0RkdE9lg1H4-4LSHFfJodqv7ikBsyJVJNvN7ASwCYgQSBlRti6kuaBc_SXWrpK3TGJnSx2HqthwaHqXkqZr8RcTVeGGL0AMWqxUmceE0TDDDz7jTnLaMa7SWSI1_x0ENiGdp53cFyATf44fQQCpnRxVvL4J6CDI2JWCOGZtbOjIsiBL3CBMA-wr2iIeDPvGnHpd5hoVXAtr4sWayze4JKvxHxdzFhvdri-dDbNS-vXLfGuircLDmvUcU3_Dths2MS3qp1syIk4N41T8U2RoanX40iS7uUovmDK3p6ZsjiM8t0fKPotZs-ekcy3ZrEMRP5mtwWoiukwzVdwd0Ytql7kAdbph9Q91kaUwH1vsE9iyx7F96qdOOdNhG6P2Ps85fCzoZxBuOf6VVaq-A8ehIrGgm_Xz9Ltfgx5_S_GD13liMl1IgQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCGRhB-KksY-nZPLDK7_UPu7eUqArJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTMyMzg1NTUyMTg1ODg0MzmgAdW20uoDyAEJqQJRkiwkv3iwPuACAKgDAaoElgJP0C6ySL7s-LjAmx1VXuYarmCKyi83AH_FGEmZ-4PVCRf1G_bJvPeeAMXpbc_TycCpFZzV1lUEDnCSe5Zef5NXIYQ254EpqWCMWHmrGw0kS0ixYw5W5lNI9gzrO4EAJe9N9Hza1BZLUhO4IbuLZ8DI-WbdBWpzfbDmDVmf5KodQh-KGNfsutxa2ITg5d8YLSGi2pX7pQX3aY1PDwKCnDmkpALHnuV_kcSrUae_9CmkbtWIA08rf3PK317-22E3wcHAQgl3T3XAVwvklEiLYsrhbRV7mDI7gkxyajh3wVonas8rg0U5DuzXD-IdLrL4FAWNar7SIaoRarYn_coggGjucUmy4laI_Sd9XpvH675XLOHnRB4_ReAEAYAGj_aIluyviaSkAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAcBABMgLrAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0Ntpq278oR3lEOV3kZoJmoTG-uBA%26client%3Dca-pub-3238555218588439%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:23 GMT
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Sun, 17 Sep 2023 18:31:23 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame 9781 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yyyp-AAPLOkIu-UwAAUbu3KcBS0Ool-dONwgjQ&u=%7ChIUXIrGDpJIglTT91dladBEXYD9pJZ8Qq6ERhbBffsg%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNy44cDHK1QYNdJ71gdyCWvylMYxXMLCj4fODidRdwMR55tQ-B9hy0g1QCKGju0TMFrgLV7AJgRHBH_AV6w0tnRtraPfdmSHY4VtN0I-eUNMs4nmiqSNt0Ts_20On4dI7aNaxYBPLA60J-6UxxkNxuhC38fb3U0ZCgJ0I0lHbkVJmerFFOwRPGKj2DC9iI2OuMncSNa0RkdE9lg1H4-4LSHFfJodqv7ikBsyJVJNvN7ASwCYgQSBlRti6kuaBc_SXWrpK3TGJnSx2HqthwaHqXkqZr8RcTVeGGL0AMWqxUmceE0TDDDz7jTnLaMa7SWSI1_x0ENiGdp53cFyATf44fQQCpnRxVvL4J6CDI2JWCOGZtbOjIsiBL3CBMA-wr2iIeDPvGnHpd5hoVXAtr4sWayze4JKvxHxdzFhvdri-dDbNS-vXLfGuircLDmvUcU3_Dths2MS3qp1syIk4N41T8U2RoanX40iS7uUovmDK3p6ZsjiM8t0fKPotZs-ekcy3ZrEMRP5mtwWoiukwzVdwd0Ytql7kAdbph9Q91kaUwH1vsE9iyx7F96qdOOdNhG6P2Ps85fCzoZxBuOf6VVaq-A8ehIrGgm_Xz9Ltfgx5_S_GD13liMl1IgQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCGRhB-KksY-nZPLDK7_UPu7eUqArJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTMyMzg1NTUyMTg1ODg0MzmgAdW20uoDyAEJqQJRkiwkv3iwPuACAKgDAaoElgJP0C6ySL7s-LjAmx1VXuYarmCKyi83AH_FGEmZ-4PVCRf1G_bJvPeeAMXpbc_TycCpFZzV1lUEDnCSe5Zef5NXIYQ254EpqWCMWHmrGw0kS0ixYw5W5lNI9gzrO4EAJe9N9Hza1BZLUhO4IbuLZ8DI-WbdBWpzfbDmDVmf5KodQh-KGNfsutxa2ITg5d8YLSGi2pX7pQX3aY1PDwKCnDmkpALHnuV_kcSrUae_9CmkbtWIA08rf3PK317-22E3wcHAQgl3T3XAVwvklEiLYsrhbRV7mDI7gkxyajh3wVonas8rg0U5DuzXD-IdLrL4FAWNar7SIaoRarYn_coggGjucUmy4laI_Sd9XpvH675XLOHnRB4_ReAEAYAGj_aIluyviaSkAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAcBABMgLrAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0Ntpq278oR3lEOV3kZoJmoTG-uBA%26client%3Dca-pub-3238555218588439%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:23 GMT
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Sun, 17 Sep 2023 18:31:23 GMT
lg.php
cat.fr.eu.criteo.com/delivery/ Frame 9781 		43 B
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.fr.eu.criteo.com/delivery/lg.php?cppv=3&cpp=IPNac-a6bjW-cR6zu3MHwahP7PKKQF7RhDg5BnPHvD-zfOq5WpdSEqnebzkGnWu0bzkTCRXwIENY7MJlBO0GgQef76Mr589SsDEHPmuESaVmAdFlHzlzVXZ_ttQ9fUtvFbzL1uCBzu-S8cT1ZuiL2qWfnSjnNiVjFFL8RXWCW1awlZcSOo8BgDrzv74OZ9iOBwNj2T3YIENGYz76d3nNwtLyEOcnSNgJrozVlDZ98rAE_b7RZST2rIVlUifsI8GxDe_8nk5sdtAMnw0MVzXppkkLZKy-9Es8ddPFo7bG79_WPyDl19BuGK6rfapU7WRfbESeLS2A-biwBeRtlWbiV5k2xmWq_sfrcgY2c8TRor30SN6GrH7z-kx-7TbkoCEGkT9rehUPZFiiKSkdTkvKhIbUjbXwJWJ3EOW8Rvflld49UiJU
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yyyp-AAPLOkIu-UwAAUbu3KcBS0Ool-dONwgjQ&u=%7ChIUXIrGDpJIglTT91dladBEXYD9pJZ8Qq6ERhbBffsg%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNy44cDHK1QYNdJ71gdyCWvylMYxXMLCj4fODidRdwMR55tQ-B9hy0g1QCKGju0TMFrgLV7AJgRHBH_AV6w0tnRtraPfdmSHY4VtN0I-eUNMs4nmiqSNt0Ts_20On4dI7aNaxYBPLA60J-6UxxkNxuhC38fb3U0ZCgJ0I0lHbkVJmerFFOwRPGKj2DC9iI2OuMncSNa0RkdE9lg1H4-4LSHFfJodqv7ikBsyJVJNvN7ASwCYgQSBlRti6kuaBc_SXWrpK3TGJnSx2HqthwaHqXkqZr8RcTVeGGL0AMWqxUmceE0TDDDz7jTnLaMa7SWSI1_x0ENiGdp53cFyATf44fQQCpnRxVvL4J6CDI2JWCOGZtbOjIsiBL3CBMA-wr2iIeDPvGnHpd5hoVXAtr4sWayze4JKvxHxdzFhvdri-dDbNS-vXLfGuircLDmvUcU3_Dths2MS3qp1syIk4N41T8U2RoanX40iS7uUovmDK3p6ZsjiM8t0fKPotZs-ekcy3ZrEMRP5mtwWoiukwzVdwd0Ytql7kAdbph9Q91kaUwH1vsE9iyx7F96qdOOdNhG6P2Ps85fCzoZxBuOf6VVaq-A8ehIrGgm_Xz9Ltfgx5_S_GD13liMl1IgQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCGRhB-KksY-nZPLDK7_UPu7eUqArJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTMyMzg1NTUyMTg1ODg0MzmgAdW20uoDyAEJqQJRkiwkv3iwPuACAKgDAaoElgJP0C6ySL7s-LjAmx1VXuYarmCKyi83AH_FGEmZ-4PVCRf1G_bJvPeeAMXpbc_TycCpFZzV1lUEDnCSe5Zef5NXIYQ254EpqWCMWHmrGw0kS0ixYw5W5lNI9gzrO4EAJe9N9Hza1BZLUhO4IbuLZ8DI-WbdBWpzfbDmDVmf5KodQh-KGNfsutxa2ITg5d8YLSGi2pX7pQX3aY1PDwKCnDmkpALHnuV_kcSrUae_9CmkbtWIA08rf3PK317-22E3wcHAQgl3T3XAVwvklEiLYsrhbRV7mDI7gkxyajh3wVonas8rg0U5DuzXD-IdLrL4FAWNar7SIaoRarYn_coggGjucUmy4laI_Sd9XpvH675XLOHnRB4_ReAEAYAGj_aIluyviaSkAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAcBABMgLrAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0Ntpq278oR3lEOV3kZoJmoTG-uBA%26client%3Dca-pub-3238555218588439%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.160 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Sep 2022 18:31:23 GMT
server
Kestrel
strict-transport-security
max-age=31536000; preload;
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
9762980
content-type
image/gif
expires
Mon, 26 Jul 1997 05:00:00 GMT
privacy_small.svg
static.criteo.net/flash/icon/ Frame FF42 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yyyp-AAPLO8Iu-UwAAUbu6ATRCWZyvoag5SHug&u=%7ChIUXIrGDpJLE91T41VdP1QqeHXE1ueDWpukZm9DeKWM%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANZE5PA-gwcExOc4fDdBFkrmfhkfAt6HIWmOd02SfG27iABCa-gZ4QnmR2GsviQVGam_af1ScQc3kOMOAwYRqJLyqucb5imnzI7qjQPWBQiJCzleM1PQX7_dq6Q5chDkCeP7nYFqajOQnv_oXgGArTbmN_HIyopxe2oW2gANA4IU1SxJscmLbdPuClTnoFFM5SjEVK9IwKEW5d9N2kIH0ZmDcvOChObf4HU0nOauCBlUZRppf2ihM3wTk3KEFo363oyoA3YHLL06ew-unYFH2iDSOw_0KlvUWGf89OgUdTGgjCv5rwG28GetA6aS5oRMjhBDy9TUgAgl6hXAXo6mB44Pt9vaR6QhFOGOHLSD_5YrrQBQuNQtbsqiQgrnancVjuTTVRcJwRAv3zPpUopyWu14YcwWOghBj5T-3MlhZjg69m3jd8DQB4Ch9s6TmRH4yJhEXLBMjIV13CGGmxMCQATfF4Vs4FitmXei9SpuO1SVD6U_cmbo3CIcOPtTS45ehtuRlSNcbgFPOS0G08FWtm1jciFrjHZ3tzllApI55K-Yz9_AbZdeJKHE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCSzQ2-KksY-_ZPLDK7_UPu7eUqArJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTMyMzg1NTUyMTg1ODg0MzmgAdW20uoDyAEJqQJRkiwkv3iwPuACAKgDAaoElAJP0IGe1f1aPfJuwKhBjEX4nlbcW60HbisKyMx0oJhOJsuTH0MuvTLCh6uS5cNmHXhSsgw3CX4ccRZFvQoRJT1t5FehBmHnfcyg1Czv7lpMXtghgn8rlXwZ6aUWLRKk94nRRjn2apw0SI98kOtvu7HcqtLMilbiXmEuVRqLMKbHWTPc6_Yl0gTSzCxV3dvqqFglnBMPDDjv_L1AZN1H_C6PJ58aTOyi-F368GCRffTa5NYexW_Z1CG0lA3UI9KBdAxaxIfZ7bn1o9l1AfL_XCTvCJc3W2-knBT49vvg5RO1W9LK90sAe0oPF308kSnJAj3n4t07kZOJCo-ncJdHc9E4R058xwjTPkn-9aHqyYjPSFq8FqPgBAGABpaa3djQ35jmiwGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgHAQATIC6wI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2S_66pDEEever9jLoLHtRIWF3m6A%26client%3Dca-pub-3238555218588439%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:23 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 17 Sep 2023 18:31:23 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame FF42 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yyyp-AAPLO8Iu-UwAAUbu6ATRCWZyvoag5SHug&u=%7ChIUXIrGDpJLE91T41VdP1QqeHXE1ueDWpukZm9DeKWM%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANZE5PA-gwcExOc4fDdBFkrmfhkfAt6HIWmOd02SfG27iABCa-gZ4QnmR2GsviQVGam_af1ScQc3kOMOAwYRqJLyqucb5imnzI7qjQPWBQiJCzleM1PQX7_dq6Q5chDkCeP7nYFqajOQnv_oXgGArTbmN_HIyopxe2oW2gANA4IU1SxJscmLbdPuClTnoFFM5SjEVK9IwKEW5d9N2kIH0ZmDcvOChObf4HU0nOauCBlUZRppf2ihM3wTk3KEFo363oyoA3YHLL06ew-unYFH2iDSOw_0KlvUWGf89OgUdTGgjCv5rwG28GetA6aS5oRMjhBDy9TUgAgl6hXAXo6mB44Pt9vaR6QhFOGOHLSD_5YrrQBQuNQtbsqiQgrnancVjuTTVRcJwRAv3zPpUopyWu14YcwWOghBj5T-3MlhZjg69m3jd8DQB4Ch9s6TmRH4yJhEXLBMjIV13CGGmxMCQATfF4Vs4FitmXei9SpuO1SVD6U_cmbo3CIcOPtTS45ehtuRlSNcbgFPOS0G08FWtm1jciFrjHZ3tzllApI55K-Yz9_AbZdeJKHE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCSzQ2-KksY-_ZPLDK7_UPu7eUqArJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTMyMzg1NTUyMTg1ODg0MzmgAdW20uoDyAEJqQJRkiwkv3iwPuACAKgDAaoElAJP0IGe1f1aPfJuwKhBjEX4nlbcW60HbisKyMx0oJhOJsuTH0MuvTLCh6uS5cNmHXhSsgw3CX4ccRZFvQoRJT1t5FehBmHnfcyg1Czv7lpMXtghgn8rlXwZ6aUWLRKk94nRRjn2apw0SI98kOtvu7HcqtLMilbiXmEuVRqLMKbHWTPc6_Yl0gTSzCxV3dvqqFglnBMPDDjv_L1AZN1H_C6PJ58aTOyi-F368GCRffTa5NYexW_Z1CG0lA3UI9KBdAxaxIfZ7bn1o9l1AfL_XCTvCJc3W2-knBT49vvg5RO1W9LK90sAe0oPF308kSnJAj3n4t07kZOJCo-ncJdHc9E4R058xwjTPkn-9aHqyYjPSFq8FqPgBAGABpaa3djQ35jmiwGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgHAQATIC6wI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2S_66pDEEever9jLoLHtRIWF3m6A%26client%3Dca-pub-3238555218588439%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:23 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 17 Sep 2023 18:31:23 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame FF42 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yyyp-AAPLO8Iu-UwAAUbu6ATRCWZyvoag5SHug&u=%7ChIUXIrGDpJLE91T41VdP1QqeHXE1ueDWpukZm9DeKWM%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANZE5PA-gwcExOc4fDdBFkrmfhkfAt6HIWmOd02SfG27iABCa-gZ4QnmR2GsviQVGam_af1ScQc3kOMOAwYRqJLyqucb5imnzI7qjQPWBQiJCzleM1PQX7_dq6Q5chDkCeP7nYFqajOQnv_oXgGArTbmN_HIyopxe2oW2gANA4IU1SxJscmLbdPuClTnoFFM5SjEVK9IwKEW5d9N2kIH0ZmDcvOChObf4HU0nOauCBlUZRppf2ihM3wTk3KEFo363oyoA3YHLL06ew-unYFH2iDSOw_0KlvUWGf89OgUdTGgjCv5rwG28GetA6aS5oRMjhBDy9TUgAgl6hXAXo6mB44Pt9vaR6QhFOGOHLSD_5YrrQBQuNQtbsqiQgrnancVjuTTVRcJwRAv3zPpUopyWu14YcwWOghBj5T-3MlhZjg69m3jd8DQB4Ch9s6TmRH4yJhEXLBMjIV13CGGmxMCQATfF4Vs4FitmXei9SpuO1SVD6U_cmbo3CIcOPtTS45ehtuRlSNcbgFPOS0G08FWtm1jciFrjHZ3tzllApI55K-Yz9_AbZdeJKHE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCSzQ2-KksY-_ZPLDK7_UPu7eUqArJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTMyMzg1NTUyMTg1ODg0MzmgAdW20uoDyAEJqQJRkiwkv3iwPuACAKgDAaoElAJP0IGe1f1aPfJuwKhBjEX4nlbcW60HbisKyMx0oJhOJsuTH0MuvTLCh6uS5cNmHXhSsgw3CX4ccRZFvQoRJT1t5FehBmHnfcyg1Czv7lpMXtghgn8rlXwZ6aUWLRKk94nRRjn2apw0SI98kOtvu7HcqtLMilbiXmEuVRqLMKbHWTPc6_Yl0gTSzCxV3dvqqFglnBMPDDjv_L1AZN1H_C6PJ58aTOyi-F368GCRffTa5NYexW_Z1CG0lA3UI9KBdAxaxIfZ7bn1o9l1AfL_XCTvCJc3W2-knBT49vvg5RO1W9LK90sAe0oPF308kSnJAj3n4t07kZOJCo-ncJdHc9E4R058xwjTPkn-9aHqyYjPSFq8FqPgBAGABpaa3djQ35jmiwGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgHAQATIC6wI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2S_66pDEEever9jLoLHtRIWF3m6A%26client%3Dca-pub-3238555218588439%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:23 GMT
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Sun, 17 Sep 2023 18:31:23 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame FF42 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yyyp-AAPLO8Iu-UwAAUbu6ATRCWZyvoag5SHug&u=%7ChIUXIrGDpJLE91T41VdP1QqeHXE1ueDWpukZm9DeKWM%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANZE5PA-gwcExOc4fDdBFkrmfhkfAt6HIWmOd02SfG27iABCa-gZ4QnmR2GsviQVGam_af1ScQc3kOMOAwYRqJLyqucb5imnzI7qjQPWBQiJCzleM1PQX7_dq6Q5chDkCeP7nYFqajOQnv_oXgGArTbmN_HIyopxe2oW2gANA4IU1SxJscmLbdPuClTnoFFM5SjEVK9IwKEW5d9N2kIH0ZmDcvOChObf4HU0nOauCBlUZRppf2ihM3wTk3KEFo363oyoA3YHLL06ew-unYFH2iDSOw_0KlvUWGf89OgUdTGgjCv5rwG28GetA6aS5oRMjhBDy9TUgAgl6hXAXo6mB44Pt9vaR6QhFOGOHLSD_5YrrQBQuNQtbsqiQgrnancVjuTTVRcJwRAv3zPpUopyWu14YcwWOghBj5T-3MlhZjg69m3jd8DQB4Ch9s6TmRH4yJhEXLBMjIV13CGGmxMCQATfF4Vs4FitmXei9SpuO1SVD6U_cmbo3CIcOPtTS45ehtuRlSNcbgFPOS0G08FWtm1jciFrjHZ3tzllApI55K-Yz9_AbZdeJKHE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCSzQ2-KksY-_ZPLDK7_UPu7eUqArJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTMyMzg1NTUyMTg1ODg0MzmgAdW20uoDyAEJqQJRkiwkv3iwPuACAKgDAaoElAJP0IGe1f1aPfJuwKhBjEX4nlbcW60HbisKyMx0oJhOJsuTH0MuvTLCh6uS5cNmHXhSsgw3CX4ccRZFvQoRJT1t5FehBmHnfcyg1Czv7lpMXtghgn8rlXwZ6aUWLRKk94nRRjn2apw0SI98kOtvu7HcqtLMilbiXmEuVRqLMKbHWTPc6_Yl0gTSzCxV3dvqqFglnBMPDDjv_L1AZN1H_C6PJ58aTOyi-F368GCRffTa5NYexW_Z1CG0lA3UI9KBdAxaxIfZ7bn1o9l1AfL_XCTvCJc3W2-knBT49vvg5RO1W9LK90sAe0oPF308kSnJAj3n4t07kZOJCo-ncJdHc9E4R058xwjTPkn-9aHqyYjPSFq8FqPgBAGABpaa3djQ35jmiwGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgHAQATIC6wI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2S_66pDEEever9jLoLHtRIWF3m6A%26client%3Dca-pub-3238555218588439%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:23 GMT
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Sun, 17 Sep 2023 18:31:23 GMT
lg.php
cat.fr.eu.criteo.com/delivery/ Frame FF42 		43 B
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.fr.eu.criteo.com/delivery/lg.php?cppv=3&cpp=egTDF6MKtAex7OpTH4ZRQq2-TEwN3o5l9KRjXsFxzZG0hnZvSr2jFozY5ZwHL52BSlra5ZKkPfxOabyY7A1j786OQn8agQ84GLIU0VnIx65j3zThXCYQIaobn-X1o59wTBQ_5EW2DzQGNz1Mb-q36tHzSqlz8rfjbPzssYdd6mQPcrdl4CZAz0EaABFvyO7T_oy5ECwoSTcVc6ulMi3JdSK9htUnGc6hs703MDIXvAwh9jjg2BnAosCp5wNjz1JTEH6-WUZZ3S8q8mOkRQzY5cT82Fk7zRrjtAeGuCGwMJAcGCRpaIqbI8q_jqHXJOHsH1g28ChmlnrxY9ayXWQ7DJAPH1ThIPsheK4vsnn4XyhX8Z8iJ6ne5viB7EctH3aO74yrRgPZr8ImmpzKD7d8-OHr_keN5HuafIvG7rm-Vabk_uIL
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yyyp-AAPLO8Iu-UwAAUbu6ATRCWZyvoag5SHug&u=%7ChIUXIrGDpJLE91T41VdP1QqeHXE1ueDWpukZm9DeKWM%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANZE5PA-gwcExOc4fDdBFkrmfhkfAt6HIWmOd02SfG27iABCa-gZ4QnmR2GsviQVGam_af1ScQc3kOMOAwYRqJLyqucb5imnzI7qjQPWBQiJCzleM1PQX7_dq6Q5chDkCeP7nYFqajOQnv_oXgGArTbmN_HIyopxe2oW2gANA4IU1SxJscmLbdPuClTnoFFM5SjEVK9IwKEW5d9N2kIH0ZmDcvOChObf4HU0nOauCBlUZRppf2ihM3wTk3KEFo363oyoA3YHLL06ew-unYFH2iDSOw_0KlvUWGf89OgUdTGgjCv5rwG28GetA6aS5oRMjhBDy9TUgAgl6hXAXo6mB44Pt9vaR6QhFOGOHLSD_5YrrQBQuNQtbsqiQgrnancVjuTTVRcJwRAv3zPpUopyWu14YcwWOghBj5T-3MlhZjg69m3jd8DQB4Ch9s6TmRH4yJhEXLBMjIV13CGGmxMCQATfF4Vs4FitmXei9SpuO1SVD6U_cmbo3CIcOPtTS45ehtuRlSNcbgFPOS0G08FWtm1jciFrjHZ3tzllApI55K-Yz9_AbZdeJKHE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCSzQ2-KksY-_ZPLDK7_UPu7eUqArJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTMyMzg1NTUyMTg1ODg0MzmgAdW20uoDyAEJqQJRkiwkv3iwPuACAKgDAaoElAJP0IGe1f1aPfJuwKhBjEX4nlbcW60HbisKyMx0oJhOJsuTH0MuvTLCh6uS5cNmHXhSsgw3CX4ccRZFvQoRJT1t5FehBmHnfcyg1Czv7lpMXtghgn8rlXwZ6aUWLRKk94nRRjn2apw0SI98kOtvu7HcqtLMilbiXmEuVRqLMKbHWTPc6_Yl0gTSzCxV3dvqqFglnBMPDDjv_L1AZN1H_C6PJ58aTOyi-F368GCRffTa5NYexW_Z1CG0lA3UI9KBdAxaxIfZ7bn1o9l1AfL_XCTvCJc3W2-knBT49vvg5RO1W9LK90sAe0oPF308kSnJAj3n4t07kZOJCo-ncJdHc9E4R058xwjTPkn-9aHqyYjPSFq8FqPgBAGABpaa3djQ35jmiwGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgHAQATIC6wI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2S_66pDEEever9jLoLHtRIWF3m6A%26client%3Dca-pub-3238555218588439%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.160 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Sep 2022 18:31:23 GMT
server
Kestrel
strict-transport-security
max-age=31536000; preload;
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
4459602
content-type
image/gif
expires
Mon, 26 Jul 1997 05:00:00 GMT
stn_trk.gif
s2l.sendtonews.com/ 		26 B
186 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://s2l.sendtonews.com/stn_trk.gif?session=Kqg2J0vzlYL6FDsn&instance=214988373&version=7.8.0&age=220922&cmd=INV&key=NxulL6Ef&c_id=13479&seq=1&order=6&absoluteTime=6536.9&relativeTime=3913.3&alt=0&sC_ID=4735&sm_id=2254305&load=1&status=LVFNSNIY&ac_id=2008&EXTREF=https://www.staradvertiser.com/&REF=https://www.staradvertiser.com/&playerCfg=BR
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.206.60.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-206-60-169.compute-1.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:23 GMT
last-modified
Wed, 23 Dec 2020 21:38:39 GMT
server
Apache/2.4.41 (Ubuntu)
accept-ranges
bytes
etag
"1a-5b72883b37f80"
content-length
26
content-type
image/gif
data_stn_l.php
timber.sendtonews.com/timber/ 		0
142 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://timber.sendtonews.com/timber/data_stn_l.php?CMD=INV&ESG_key=NxulL6Ef&ES_key=NxulL6Ef&ES_ID=34893&S_RKEY=kmnhGKQYEz&USR_ID=214988373&ST_usrKey=Kqg2J0vzlYL6FDsn&SM_ID=2254305&C_ID=13479&C_companyName=Oahu%20Publications%20Inc&version=70080000&sC_ID=4735&AC_ID=2008&TYPE=BARKER&EXTREF=https://www.staradvertiser.com/&REF=https://www.staradvertiser.com/&PLAYERWIDTH=298.5&PLAYERCODE=LVFNSN&OGSET=1&REFONLY=0&STRIPQUERY=1
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.170.30.54 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-170-30-54.compute-1.amazonaws.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 22 Sep 2022 18:31:23 GMT
cache-control
max-age=1
server
Apache
content-type
text/html; charset=UTF-8
content-length
0
expires
Thu, 22 Sep 2022 18:31:24 GMT
pubads_impl_2022092101.js
securepubads.g.doubleclick.net/gpt/ Frame 03FE 		379 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092101.js
Requested by
Host: adclick.g.doubleclick.net
URL: https://adclick.g.doubleclick.net/pcs/click%253Fxai%253DAKAOjstojREte-DmwtlM19ePB_LpLypVmNU6Ul0nYG2G-uuj1hH2tpBVHVH-ll9XvXewDKT2DxWWsQECD_o4Nhy3u9oo8CL31whzoZIWhRPcBdLUi_SlmSz_B7652e3RtHEXvEWx_zJrg0bYVDSsnE4wP7AnJaLj0gI8zKevVfDlK5ZxApDynEgzLXSdYoMgLmPBxHM-KR16sZVPSUcytidY_hOutCMz_7arAUsEfpgYmPGKiX-U2Wd9Bk1mgOdWoXp0PxE6Od6M6eFeO7A-N1D7yudja_74Gu_xUIioMLVRjSss4fl2tXnecQR08-3vl3d2Ard7P7BVR763GgeN%2526sai%253DAMfl-YTb4nxJ9yu1QCubM19okBR5y8z8KI00bIHUK7hCH9HUKvQTPTIjd-BHhCPF5fTLIspuGyU37nSW1z9XF5avvQ4fQ3r9P1E9qTOHBlDkRHvUns_A0FhnhPjVd27wag%2526sig%253DCg0ArKJSzNi4mZbtiUuWEAE%2526fbs_aeid%253D%255Bgw_fbsaeid%255D%2526urlfix%253D1%2526adurl%253Dhttps://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
09af6caefeb671f4527e8bf54659bb482eea031fe6899bafc12f149bb14155d0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 10:48:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
114152
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131360
x-xss-protection
0
last-modified
Wed, 21 Sep 2022 08:34:49 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 21 Sep 2023 10:48:51 GMT
41e899d4-eecb-4906-b3ea-3f7a3f7fae2f
analyticssystems.net/api/v2/ad/impression/ Frame ED50 		0
488 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analyticssystems.net/api/v2/ad/impression/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f?rand=411605
Requested by
Host: d728ad254c91b2c39129194f45466e21.safeframe.googlesyndication.com
URL: https://d728ad254c91b2c39129194f45466e21.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:251b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d728ad254c91b2c39129194f45466e21.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:23 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fDzBe3crNJGILO8%2Bcj%2Bo%2B2uUsSG%2FEiGB69JehGX15wG0lsvyIjuSz1%2Bu3n9bQCetKwIF4YrmxvRb8403%2F3jO4DsiFYULfAWLEes20tbFFHu1Jl20BFinPIimU%2BEyecbKhFzLQdgz1hU1gmogu5fUOD0IPg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
cf-ray
74ed1e042e789957-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-request-id
FxdCTHxJ85fdKvkA0-sy
41e899d4-eecb-4906-b3ea-3f7a3f7fae2f
analyticssystems.net/api/v2/ad/impression/ Frame 9021 		0
491 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analyticssystems.net/api/v2/ad/impression/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f?rand=110093
Requested by
Host: d728ad254c91b2c39129194f45466e21.safeframe.googlesyndication.com
URL: https://d728ad254c91b2c39129194f45466e21.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:251b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d728ad254c91b2c39129194f45466e21.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:23 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t83Wtlxi9wGisZWePvCSugQX0FpwL%2BN7sL3E%2FmWKXgwkIzwmocPjWR0LWBgHGLmS8AT0c2zUS%2BMmG%2BZRym4suUMe0AOSFEjaQlV3PZ222ak%2Fv7wtHnrRZ4lEC27QX%2FlhPm1%2B3KiAkh0r5%2FOfQT3bzeJdKw%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
cf-ray
74ed1e044ed09957-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-request-id
FxdCTH2oaDw_h5oCNrmx
41e899d4-eecb-4906-b3ea-3f7a3f7fae2f
analyticssystems.net/api/v2/ad/impression/ Frame 2938 		0
489 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analyticssystems.net/api/v2/ad/impression/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f?rand=222581
Requested by
Host: d728ad254c91b2c39129194f45466e21.safeframe.googlesyndication.com
URL: https://d728ad254c91b2c39129194f45466e21.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:251b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d728ad254c91b2c39129194f45466e21.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:23 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xLImLN%2B4xnWDCPcPy7%2FAfAr0rMW1KJp%2FFfCIW%2BhulN7rHQ76hHp3%2FWYagJJu4OtiR3XzRmzkyhffnkNssKmb30yoeZssAXtAFajXJuJXaWrXWJBIUebYQn6mSKGKm4CtJ5rKCKCKNT2IyPYAmQiMQhuWVg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
cf-ray
74ed1e046f0b9957-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-request-id
FxdCTH8uYpkoqWMAF7OB
41e899d4-eecb-4906-b3ea-3f7a3f7fae2f
analyticssystems.net/api/v2/ad/impression/ Frame C871 		0
485 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analyticssystems.net/api/v2/ad/impression/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f?rand=506166
Requested by
Host: d728ad254c91b2c39129194f45466e21.safeframe.googlesyndication.com
URL: https://d728ad254c91b2c39129194f45466e21.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:251b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d728ad254c91b2c39129194f45466e21.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:23 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rAPUd0K%2FGau8NoxmyhQQNYRyJIlLIvz8jffrHFOvjqeVVtiWzWubzVhmnj021I2C7CnNAzFjFlwCUWSOliMs5oceuBe24VkSNBmCwy%2Bdi6jQMGV7Wco4WBTkZzbDNdafh8vmboFaENVCoIe1hnDmq%2FrrWg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
cf-ray
74ed1e049f589957-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-request-id
FxdCTIBlGp_RwFkAF7Oh
41e899d4-eecb-4906-b3ea-3f7a3f7fae2f
analyticssystems.net/api/v2/ad/impression/ Frame 4BE6 		0
487 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analyticssystems.net/api/v2/ad/impression/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f?rand=606894
Requested by
Host: d728ad254c91b2c39129194f45466e21.safeframe.googlesyndication.com
URL: https://d728ad254c91b2c39129194f45466e21.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:251b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d728ad254c91b2c39129194f45466e21.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:23 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hWLaiX8%2BWyTZnS3J9VoOhFeFHDbKEYnyPqq7oiz67ljI6bGy1Vt49g5PvF5BCv8RnfV9KRZHSxPtsll%2F1Zx9qXeg5DMS2A4M9mQQcbq0Q84hWH7WM0x%2FxwdGzUwPPnOtG7%2Ba1gof9OiWHSjFDPeNZ14itQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
cf-ray
74ed1e04af839957-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-request-id
FxdCTIE3RyXEbGsCKiPx
41e899d4-eecb-4906-b3ea-3f7a3f7fae2f
analyticssystems.net/api/v2/ad/impression/ Frame 4B86 		0
484 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analyticssystems.net/api/v2/ad/impression/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f?rand=584463
Requested by
Host: d728ad254c91b2c39129194f45466e21.safeframe.googlesyndication.com
URL: https://d728ad254c91b2c39129194f45466e21.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:251b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d728ad254c91b2c39129194f45466e21.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:23 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7IPV%2BUYbBTb76pttnLz%2Bq1jjORweMgBb1TH75yj3KeFXFk0yDzdR7y2dDHO4JrDrdlhVt1ccEqnK5tQFK7IUfzjKhNnc%2F1AO7kMq0aysowccfEBqry0z2noRe6zkZ3en6lG7d2wvkz9dMmaqWWmstEryYg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
cf-ray
74ed1e04bfa39957-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-request-id
FxdCTIITRMzvSB4CNrpx
webfontloader.js
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame E1BA 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yyyp-AAPLOQIu-UwAAUbuw6LzDfe00S78k6aZg&u=%7ChIUXIrGDpJLB33NFN%2B3rCXe2AtJekpDZuvl0gFCv2bk%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNy44cDHK1QYNdJ71gdyCWvylMYxXMLCj4fODidRdwMR55tQ-B9hy0g4MQ3Y2uLD3JJ7lEKfzn4aFBSnAzQtPDFlUCNVr5sGfcUGLidg4S-JIc8fkmU7t_3lDQ-7uQxz5KC1LVpZy0lTa47_eeDpJKgFIqyafXhv162gFLR43EChItsYynTLOrVYw7Xvntv1WZxGmwZA1EiEi2zVPGXSbK9GhrMGiMwJURESq7rVw--kcOCp7nieQq5XY1ZIpbKSVjSYozomh1w65iM4eXCeJp7G7V4FRP88_JQnm5cNer5kQaUNtQbVLysjqCDWd4GLZt6HIFEhmm8nIeSK6hGQgfU1oZ2-MfYrKAq4WWH_m9HYby1rekhU_OJXaYhFKP3DRpqYfQem3JtNGI3cvBXqg7sh1d8l7Jk7mlCT4BGh-Bkg_lmQ0IOCDdCCRpasPsxBL0-bCARgZ-Grtr32oZ9UMlssSMisy958bc-MCRG4d8elEigRpLbUZiebWfBMEjyiUqyyUyBCIthKQHlfnh85NMDMQCISVJSN3BD4oOt8T1UHUiEGwTJnQ-hNa56F65jt-tHGtnoDsdEURWYIc9zriXgjwdc1LIWe16WpZuQxQDnfg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCVk0s-KksY-TZPLDK7_UPu7eUqArJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTMyMzg1NTUyMTg1ODg0MzmgAdW20uoDyAEJqQJRkiwkv3iwPuACAKgDAaoEjwJP0BQWJUFwle9V2J5_nSXkGxeQ0xxITrODZatVfDrtmnz-S0nmjk9vH1hZcHBvUMaAIVglImsb8dvAtyRNXBDYMU0s0A4BCP79eD7G81qQwuZdKx6rfIvQk32vE26O7tH3OBbaLr96QO0dFTcqKyi6uN8XmgeUYbnCOT-ZWvdugNvn5uDZGG4g5pOXLORMIZFUcNQad6tiyVOLaL1kuIQC54FeyJPxJF26OEzndVFhzT1GitqFYvbSvejD78ayJ7TWBJXt5JfPw9UWt19tirIOmBlTHkFuBRFVsTqPJJp6CY14e_dVCskJOFYS1IFsq5w775NuhNgN_rgVrZmacAG2MgiEGlbtLkDQ27v3nDGP4AQBgAaWmt3Y0N-Y5osBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YBwEAEyAusCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3uVn_vXnUP5W6OXrQ1iFPoN9D3NQ%26client%3Dca-pub-3238555218588439%26adurl%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:23 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
2509826
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4420
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:17:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb04030-30d9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YE2I2E8x2UOHrzmaxTj5vc55f161lCvB9ry3ON3SvFNhOcKnuiSShN4nf1gQJpnl1%2Bwx%2FB6brI3b3LxBC4caAmL5MYAkro4cgnsHFABc34XCRYrFosiejWAnNptXsRmLRLCdOofeZ741o%2Bp3gE%2FLgH8S"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
74ed1e04cf699c0d-FRA
expires
Tue, 12 Sep 2023 18:31:23 GMT
animejs.js
static.criteo.net/animejs/ Frame E1BA 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yyyp-AAPLOQIu-UwAAUbuw6LzDfe00S78k6aZg&u=%7ChIUXIrGDpJLB33NFN%2B3rCXe2AtJekpDZuvl0gFCv2bk%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNy44cDHK1QYNdJ71gdyCWvylMYxXMLCj4fODidRdwMR55tQ-B9hy0g4MQ3Y2uLD3JJ7lEKfzn4aFBSnAzQtPDFlUCNVr5sGfcUGLidg4S-JIc8fkmU7t_3lDQ-7uQxz5KC1LVpZy0lTa47_eeDpJKgFIqyafXhv162gFLR43EChItsYynTLOrVYw7Xvntv1WZxGmwZA1EiEi2zVPGXSbK9GhrMGiMwJURESq7rVw--kcOCp7nieQq5XY1ZIpbKSVjSYozomh1w65iM4eXCeJp7G7V4FRP88_JQnm5cNer5kQaUNtQbVLysjqCDWd4GLZt6HIFEhmm8nIeSK6hGQgfU1oZ2-MfYrKAq4WWH_m9HYby1rekhU_OJXaYhFKP3DRpqYfQem3JtNGI3cvBXqg7sh1d8l7Jk7mlCT4BGh-Bkg_lmQ0IOCDdCCRpasPsxBL0-bCARgZ-Grtr32oZ9UMlssSMisy958bc-MCRG4d8elEigRpLbUZiebWfBMEjyiUqyyUyBCIthKQHlfnh85NMDMQCISVJSN3BD4oOt8T1UHUiEGwTJnQ-hNa56F65jt-tHGtnoDsdEURWYIc9zriXgjwdc1LIWe16WpZuQxQDnfg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCVk0s-KksY-TZPLDK7_UPu7eUqArJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTMyMzg1NTUyMTg1ODg0MzmgAdW20uoDyAEJqQJRkiwkv3iwPuACAKgDAaoEjwJP0BQWJUFwle9V2J5_nSXkGxeQ0xxITrODZatVfDrtmnz-S0nmjk9vH1hZcHBvUMaAIVglImsb8dvAtyRNXBDYMU0s0A4BCP79eD7G81qQwuZdKx6rfIvQk32vE26O7tH3OBbaLr96QO0dFTcqKyi6uN8XmgeUYbnCOT-ZWvdugNvn5uDZGG4g5pOXLORMIZFUcNQad6tiyVOLaL1kuIQC54FeyJPxJF26OEzndVFhzT1GitqFYvbSvejD78ayJ7TWBJXt5JfPw9UWt19tirIOmBlTHkFuBRFVsTqPJJp6CY14e_dVCskJOFYS1IFsq5w775NuhNgN_rgVrZmacAG2MgiEGlbtLkDQ27v3nDGP4AQBgAaWmt3Y0N-Y5osBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YBwEAEyAusCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3uVn_vXnUP5W6OXrQ1iFPoN9D3NQ%26client%3Dca-pub-3238555218588439%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:23 GMT
content-encoding
gzip
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 17 Sep 2023 18:31:23 GMT
authIframe.js
auth.instiengage.com/auth/ Frame 1AF7 		65 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://auth.instiengage.com/auth/authIframe.js?v=1
Requested by
Host: auth.instiengage.com
URL: https://auth.instiengage.com/auth/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206e:7000:9:78a:e540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d1d05642e23866a6d7fb1b165615355e7c01fffaf89c61e9c14c0beecb96ae23

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://auth.instiengage.com/auth/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id
bjKlbjl1idrb07_BYuQLp8gSlZzXUS_r
content-encoding
br
last-modified
Tue, 16 Aug 2022 12:46:41 GMT
server
AmazonS3
age
25
etag
W/"e0bffec4a3929b23d4347f914449f5cb"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
via
1.1 d3e698ff6aa93657f45eda478b9496e0.cloudfront.net (CloudFront)
cache-control
max-age=300
date
Thu, 22 Sep 2022 18:30:59 GMT
x-amz-cf-pop
VIE50-C1
x-amz-cf-id
qzWBZh0Fb3tvRaedMDHsFugfN0Tf8pnURsAkmiKeYpFOMLOvGQrEVA==
webfontloader.js
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 2AC4 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yyyp-AAPLOsIu-UwAAUbuzfaEK0lLx-rdBQm-w&u=%7ChIUXIrGDpJKs%2BNQhCogTOVXt6NMGZn2MLqy7hzamzrA%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrGxHd21mMpxNh6ptbvoFGr5-taiijmDVNfEog-pHxa6wvg-tUOFnI36QG0DZhqQiWFLzK9PeXkRUnRcJnQGiAJN1oUKXq_0FiTwIkyB5pawzTsYyrVn4RaACGKq-geHHNBGwUeH42rbtlPUycZCimCT4WrjS_nVwovPqf-iMMZzU6kUYCdOTqtTvbFFQlxGXW-RoNdmKRIy_YWCcgNzIKbBUp0Br_k1CuvilQJ2gWk88N1lz-3TcnzkAMF6A6Tg0Crnu1dFcVaCfIIOncAIm-H5BN2h9qdMHiE7-0_x-1lU2v7HgXPizZPO61sDpdSq8QvSKo0z4Tz0Mxip6UfJCOomN0tMaLH0NaND0mETmaHrbpTnGLpuFSCarUhywpv-C8vKHNt1wpOoIocV6zmPp-QPfkue6YU6dDTW-6F48TKA71R8SBZo_2cFVi2Mnp2oyrFBRhbGXitC7T1e963VNEP4lxtli_GfeCFlYbR2P3XiE5RizYasXEgzJ9AY6qbL6Fnggr9OTQFOU6rY-Xlb5mK8tT2GzWxDivHNUUIoENXQFRi9xDx_8pEoD2noMFIsxddScxQyzotCyIVMNa0prenBtUbtfGYMnQqoD771xYSDQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9evf-KksY-vZPLDK7_UPu7eUqArJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTMyMzg1NTUyMTg1ODg0MzmgAdW20uoDyAEJqQJRkiwkv3iwPuACAKgDAaoEmgJP0GMtPfwPFcfwgrcF14hVtttrdBm4ayu5gghJueZFX9_KOV8XuEEsUSR5U9IeKAizuJzRjA2JAJvmITiNDutMvFEeKOUhyUlm7J9Ptkb270A9UnEyBrqWNZt42_DTls1VJQ436PXJmXQV9M2_x1QFtNwyUzyPpwaGxKy1OoCh4j4tLZ9MbmWVZlg10xCkMVbbg1f_8vWsukW2_rSsjNX0d0Xdar1Pe6IgjW_dsO2Ny2ivgWX7YlpZ-lOHlB8Vgf-1dpGB6iRPslOJOxtWRAL9B6EzD5bzkcMhLdtf3WeF-JX8KJn8eABjPdojp3NPcvJU62QTY_X4Tni5GEniHU3Z4VVHSOZtbVnmg0qV8ey2xsIYEKMMLW2rs5jgBAGABuv1oOjThojk4QGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgHAQATIC6wI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0QiN2AxmuZc7TwqL_FL7RXFI5oEQ%26client%3Dca-pub-3238555218588439%26adurl%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:23 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
2509826
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4420
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:17:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb04030-30d9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1M8uGuLI2Nv6cdjUFJSfZ6HFOMKEZ4oaEExENtN6q8e1wRywnyegKXOgu49WeHv9%2FFWxexO78O7mmpbdm3RKs1cz%2FvSnveHnVE%2BGjraFJYeUDr9opV5EUwvFbokP7RIx32dONHDZ25gW6r6cw8wsAeJz"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
74ed1e04efb99c0d-FRA
expires
Tue, 12 Sep 2023 18:31:23 GMT
animejs.js
static.criteo.net/animejs/ Frame 2AC4 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yyyp-AAPLOsIu-UwAAUbuzfaEK0lLx-rdBQm-w&u=%7ChIUXIrGDpJKs%2BNQhCogTOVXt6NMGZn2MLqy7hzamzrA%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrGxHd21mMpxNh6ptbvoFGr5-taiijmDVNfEog-pHxa6wvg-tUOFnI36QG0DZhqQiWFLzK9PeXkRUnRcJnQGiAJN1oUKXq_0FiTwIkyB5pawzTsYyrVn4RaACGKq-geHHNBGwUeH42rbtlPUycZCimCT4WrjS_nVwovPqf-iMMZzU6kUYCdOTqtTvbFFQlxGXW-RoNdmKRIy_YWCcgNzIKbBUp0Br_k1CuvilQJ2gWk88N1lz-3TcnzkAMF6A6Tg0Crnu1dFcVaCfIIOncAIm-H5BN2h9qdMHiE7-0_x-1lU2v7HgXPizZPO61sDpdSq8QvSKo0z4Tz0Mxip6UfJCOomN0tMaLH0NaND0mETmaHrbpTnGLpuFSCarUhywpv-C8vKHNt1wpOoIocV6zmPp-QPfkue6YU6dDTW-6F48TKA71R8SBZo_2cFVi2Mnp2oyrFBRhbGXitC7T1e963VNEP4lxtli_GfeCFlYbR2P3XiE5RizYasXEgzJ9AY6qbL6Fnggr9OTQFOU6rY-Xlb5mK8tT2GzWxDivHNUUIoENXQFRi9xDx_8pEoD2noMFIsxddScxQyzotCyIVMNa0prenBtUbtfGYMnQqoD771xYSDQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9evf-KksY-vZPLDK7_UPu7eUqArJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTMyMzg1NTUyMTg1ODg0MzmgAdW20uoDyAEJqQJRkiwkv3iwPuACAKgDAaoEmgJP0GMtPfwPFcfwgrcF14hVtttrdBm4ayu5gghJueZFX9_KOV8XuEEsUSR5U9IeKAizuJzRjA2JAJvmITiNDutMvFEeKOUhyUlm7J9Ptkb270A9UnEyBrqWNZt42_DTls1VJQ436PXJmXQV9M2_x1QFtNwyUzyPpwaGxKy1OoCh4j4tLZ9MbmWVZlg10xCkMVbbg1f_8vWsukW2_rSsjNX0d0Xdar1Pe6IgjW_dsO2Ny2ivgWX7YlpZ-lOHlB8Vgf-1dpGB6iRPslOJOxtWRAL9B6EzD5bzkcMhLdtf3WeF-JX8KJn8eABjPdojp3NPcvJU62QTY_X4Tni5GEniHU3Z4VVHSOZtbVnmg0qV8ey2xsIYEKMMLW2rs5jgBAGABuv1oOjThojk4QGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgHAQATIC6wI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0QiN2AxmuZc7TwqL_FL7RXFI5oEQ%26client%3Dca-pub-3238555218588439%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:23 GMT
content-encoding
gzip
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 17 Sep 2023 18:31:23 GMT
config.js
cdn.confiant-integrations.net/3YAuFpM-Bh5lZY_ZLdSxFknzxv8/gpt_and_prebid/ 		70 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.confiant-integrations.net/3YAuFpM-Bh5lZY_ZLdSxFknzxv8/gpt_and_prebid/config.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TV3WXZ5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:116b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
275139d27a5d654293f562ebf0d9aaaf67b11e1c37b9790836be17bfb7fd83ba

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:23 GMT
content-encoding
br
cf-cache-status
EXPIRED
last-modified
Thu, 22 Sep 2022 18:15:16 GMT
server
cloudflare
x-amz-request-id
DVKKE8CVM8482D74
etag
W/"ba2a60830897e6653f380f04977b8cc4"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=900, stale-while-revalidate=3600
cf-ray
74ed1e055b1b9262-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
goPPLSIfxCugfp03ESsnZzCzve7bNuqsYIpHUGJhZUL1cWv5eLeWVnT0aoBd/v/FMMEIOP3TUio=
authIframe.js
auth.instiengage.com/auth/ Frame A22C 		65 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://auth.instiengage.com/auth/authIframe.js?v=1
Requested by
Host: auth.instiengage.com
URL: https://auth.instiengage.com/auth/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206e:7000:9:78a:e540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d1d05642e23866a6d7fb1b165615355e7c01fffaf89c61e9c14c0beecb96ae23

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://auth.instiengage.com/auth/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id
bjKlbjl1idrb07_BYuQLp8gSlZzXUS_r
content-encoding
br
last-modified
Tue, 16 Aug 2022 12:46:41 GMT
server
AmazonS3
age
25
etag
W/"e0bffec4a3929b23d4347f914449f5cb"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
via
1.1 d3e698ff6aa93657f45eda478b9496e0.cloudfront.net (CloudFront)
cache-control
max-age=300
date
Thu, 22 Sep 2022 18:30:59 GMT
x-amz-cf-pop
VIE50-C1
x-amz-cf-id
V9ZDjev79YXSKvabJ3KDry2WcvDcYi593rP_vCT3GrppKtebIqBYlg==
bc3057fa-ff98-402a-87a3-aeb709aa23b0
https://d728ad254c91b2c39129194f45466e21.safeframe.googlesyndication.com/ Frame ED50 		789 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://d728ad254c91b2c39129194f45466e21.safeframe.googlesyndication.com/bc3057fa-ff98-402a-87a3-aeb709aa23b0
Requested by
Host: d728ad254c91b2c39129194f45466e21.safeframe.googlesyndication.com
URL: https://d728ad254c91b2c39129194f45466e21.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6bc4cd5be69f0c87c948ad881f4f72e4414b5e5166ba219b7a6b72f197b775ee

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Length
789
Content-Type
application/javascript
e5645857-8f24-4c69-925d-03019c3238dd
https://d728ad254c91b2c39129194f45466e21.safeframe.googlesyndication.com/ Frame 9021 		789 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://d728ad254c91b2c39129194f45466e21.safeframe.googlesyndication.com/e5645857-8f24-4c69-925d-03019c3238dd
Requested by
Host: d728ad254c91b2c39129194f45466e21.safeframe.googlesyndication.com
URL: https://d728ad254c91b2c39129194f45466e21.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6bc4cd5be69f0c87c948ad881f4f72e4414b5e5166ba219b7a6b72f197b775ee

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Length
789
Content-Type
application/javascript
798d9270-b6f3-475f-aa44-33aba2ec77f7
https://d728ad254c91b2c39129194f45466e21.safeframe.googlesyndication.com/ Frame 2938 		789 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://d728ad254c91b2c39129194f45466e21.safeframe.googlesyndication.com/798d9270-b6f3-475f-aa44-33aba2ec77f7
Requested by
Host: d728ad254c91b2c39129194f45466e21.safeframe.googlesyndication.com
URL: https://d728ad254c91b2c39129194f45466e21.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6bc4cd5be69f0c87c948ad881f4f72e4414b5e5166ba219b7a6b72f197b775ee

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Length
789
Content-Type
application/javascript
33261c1b-8ce1-458e-b356-875ced8f7242
https://d728ad254c91b2c39129194f45466e21.safeframe.googlesyndication.com/ Frame C871 		789 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://d728ad254c91b2c39129194f45466e21.safeframe.googlesyndication.com/33261c1b-8ce1-458e-b356-875ced8f7242
Requested by
Host: d728ad254c91b2c39129194f45466e21.safeframe.googlesyndication.com
URL: https://d728ad254c91b2c39129194f45466e21.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6bc4cd5be69f0c87c948ad881f4f72e4414b5e5166ba219b7a6b72f197b775ee

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Length
789
Content-Type
application/javascript
2c47f216-e83d-4f1e-97aa-a2a1179d78ef
https://d728ad254c91b2c39129194f45466e21.safeframe.googlesyndication.com/ Frame 4BE6 		789 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://d728ad254c91b2c39129194f45466e21.safeframe.googlesyndication.com/2c47f216-e83d-4f1e-97aa-a2a1179d78ef
Requested by
Host: d728ad254c91b2c39129194f45466e21.safeframe.googlesyndication.com
URL: https://d728ad254c91b2c39129194f45466e21.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6bc4cd5be69f0c87c948ad881f4f72e4414b5e5166ba219b7a6b72f197b775ee

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Length
789
Content-Type
application/javascript
e21e4c5c-13ce-4d5f-9a34-ad2d94b529bc
https://d728ad254c91b2c39129194f45466e21.safeframe.googlesyndication.com/ Frame 4B86 		789 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://d728ad254c91b2c39129194f45466e21.safeframe.googlesyndication.com/e21e4c5c-13ce-4d5f-9a34-ad2d94b529bc
Requested by
Host: d728ad254c91b2c39129194f45466e21.safeframe.googlesyndication.com
URL: https://d728ad254c91b2c39129194f45466e21.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6bc4cd5be69f0c87c948ad881f4f72e4414b5e5166ba219b7a6b72f197b775ee

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Length
789
Content-Type
application/javascript
img
pix.eu.criteo.net/img/ Frame E1BA 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?h=196&m=0&partner=93548&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F93548%2F220216%2Fc158d3d80e644cc591348e4db417aead_interiorr_png.png&v=3&w=210&s=WITdvCUDZXecH3WR8HgnJuAR
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yyyp-AAPLOQIu-UwAAUbuw6LzDfe00S78k6aZg&u=%7ChIUXIrGDpJLB33NFN%2B3rCXe2AtJekpDZuvl0gFCv2bk%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNy44cDHK1QYNdJ71gdyCWvylMYxXMLCj4fODidRdwMR55tQ-B9hy0g4MQ3Y2uLD3JJ7lEKfzn4aFBSnAzQtPDFlUCNVr5sGfcUGLidg4S-JIc8fkmU7t_3lDQ-7uQxz5KC1LVpZy0lTa47_eeDpJKgFIqyafXhv162gFLR43EChItsYynTLOrVYw7Xvntv1WZxGmwZA1EiEi2zVPGXSbK9GhrMGiMwJURESq7rVw--kcOCp7nieQq5XY1ZIpbKSVjSYozomh1w65iM4eXCeJp7G7V4FRP88_JQnm5cNer5kQaUNtQbVLysjqCDWd4GLZt6HIFEhmm8nIeSK6hGQgfU1oZ2-MfYrKAq4WWH_m9HYby1rekhU_OJXaYhFKP3DRpqYfQem3JtNGI3cvBXqg7sh1d8l7Jk7mlCT4BGh-Bkg_lmQ0IOCDdCCRpasPsxBL0-bCARgZ-Grtr32oZ9UMlssSMisy958bc-MCRG4d8elEigRpLbUZiebWfBMEjyiUqyyUyBCIthKQHlfnh85NMDMQCISVJSN3BD4oOt8T1UHUiEGwTJnQ-hNa56F65jt-tHGtnoDsdEURWYIc9zriXgjwdc1LIWe16WpZuQxQDnfg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCVk0s-KksY-TZPLDK7_UPu7eUqArJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTMyMzg1NTUyMTg1ODg0MzmgAdW20uoDyAEJqQJRkiwkv3iwPuACAKgDAaoEjwJP0BQWJUFwle9V2J5_nSXkGxeQ0xxITrODZatVfDrtmnz-S0nmjk9vH1hZcHBvUMaAIVglImsb8dvAtyRNXBDYMU0s0A4BCP79eD7G81qQwuZdKx6rfIvQk32vE26O7tH3OBbaLr96QO0dFTcqKyi6uN8XmgeUYbnCOT-ZWvdugNvn5uDZGG4g5pOXLORMIZFUcNQad6tiyVOLaL1kuIQC54FeyJPxJF26OEzndVFhzT1GitqFYvbSvejD78ayJ7TWBJXt5JfPw9UWt19tirIOmBlTHkFuBRFVsTqPJJp6CY14e_dVCskJOFYS1IFsq5w775NuhNgN_rgVrZmacAG2MgiEGlbtLkDQ27v3nDGP4AQBgAaWmt3Y0N-Y5osBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YBwEAEyAusCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3uVn_vXnUP5W6OXrQ1iFPoN9D3NQ%26client%3Dca-pub-3238555218588439%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
7a06ee584bdaf2aee88119e3ff69a8a85fa64ee6fdda9becd58c769ecf6c1e6b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:23 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=28462088
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
8514
expires
Fri, 18 Aug 2023 04:39:32 GMT
img
pix.eu.criteo.net/img/ Frame E1BA 		48 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?h=1200&m=0&partner=93548&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F93548%2F220216%2F0602254c9fec4b51b566b046397a786b_interiorr_1-1-2022-034.jpg&v=3&w=1200&s=ItnOAm6Mtlw-WQtreojDf7EK
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yyyp-AAPLOQIu-UwAAUbuw6LzDfe00S78k6aZg&u=%7ChIUXIrGDpJLB33NFN%2B3rCXe2AtJekpDZuvl0gFCv2bk%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNy44cDHK1QYNdJ71gdyCWvylMYxXMLCj4fODidRdwMR55tQ-B9hy0g4MQ3Y2uLD3JJ7lEKfzn4aFBSnAzQtPDFlUCNVr5sGfcUGLidg4S-JIc8fkmU7t_3lDQ-7uQxz5KC1LVpZy0lTa47_eeDpJKgFIqyafXhv162gFLR43EChItsYynTLOrVYw7Xvntv1WZxGmwZA1EiEi2zVPGXSbK9GhrMGiMwJURESq7rVw--kcOCp7nieQq5XY1ZIpbKSVjSYozomh1w65iM4eXCeJp7G7V4FRP88_JQnm5cNer5kQaUNtQbVLysjqCDWd4GLZt6HIFEhmm8nIeSK6hGQgfU1oZ2-MfYrKAq4WWH_m9HYby1rekhU_OJXaYhFKP3DRpqYfQem3JtNGI3cvBXqg7sh1d8l7Jk7mlCT4BGh-Bkg_lmQ0IOCDdCCRpasPsxBL0-bCARgZ-Grtr32oZ9UMlssSMisy958bc-MCRG4d8elEigRpLbUZiebWfBMEjyiUqyyUyBCIthKQHlfnh85NMDMQCISVJSN3BD4oOt8T1UHUiEGwTJnQ-hNa56F65jt-tHGtnoDsdEURWYIc9zriXgjwdc1LIWe16WpZuQxQDnfg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCVk0s-KksY-TZPLDK7_UPu7eUqArJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTMyMzg1NTUyMTg1ODg0MzmgAdW20uoDyAEJqQJRkiwkv3iwPuACAKgDAaoEjwJP0BQWJUFwle9V2J5_nSXkGxeQ0xxITrODZatVfDrtmnz-S0nmjk9vH1hZcHBvUMaAIVglImsb8dvAtyRNXBDYMU0s0A4BCP79eD7G81qQwuZdKx6rfIvQk32vE26O7tH3OBbaLr96QO0dFTcqKyi6uN8XmgeUYbnCOT-ZWvdugNvn5uDZGG4g5pOXLORMIZFUcNQad6tiyVOLaL1kuIQC54FeyJPxJF26OEzndVFhzT1GitqFYvbSvejD78ayJ7TWBJXt5JfPw9UWt19tirIOmBlTHkFuBRFVsTqPJJp6CY14e_dVCskJOFYS1IFsq5w775NuhNgN_rgVrZmacAG2MgiEGlbtLkDQ27v3nDGP4AQBgAaWmt3Y0N-Y5osBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YBwEAEyAusCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3uVn_vXnUP5W6OXrQ1iFPoN9D3NQ%26client%3Dca-pub-3238555218588439%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e0409be36290c1cf05ab13c3381cacc11136520c0f01f7aae79fb7359d348991
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:23 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=30130087
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
48888
expires
Wed, 06 Sep 2023 11:59:31 GMT
img
pix.eu.criteo.net/img/ Frame E1BA 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=93548&q=80&r=0&u=https%3A%2F%2Finteriorr.com%2Fmedia%2Fcatalog%2Fproduct%2F2%2Fw%2F2walton_white_leather_1.jpg&v=3&w=400&s=QYR9JnnpNV-0MgzZN2ftOeEl&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yyyp-AAPLOQIu-UwAAUbuw6LzDfe00S78k6aZg&u=%7ChIUXIrGDpJLB33NFN%2B3rCXe2AtJekpDZuvl0gFCv2bk%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNy44cDHK1QYNdJ71gdyCWvylMYxXMLCj4fODidRdwMR55tQ-B9hy0g4MQ3Y2uLD3JJ7lEKfzn4aFBSnAzQtPDFlUCNVr5sGfcUGLidg4S-JIc8fkmU7t_3lDQ-7uQxz5KC1LVpZy0lTa47_eeDpJKgFIqyafXhv162gFLR43EChItsYynTLOrVYw7Xvntv1WZxGmwZA1EiEi2zVPGXSbK9GhrMGiMwJURESq7rVw--kcOCp7nieQq5XY1ZIpbKSVjSYozomh1w65iM4eXCeJp7G7V4FRP88_JQnm5cNer5kQaUNtQbVLysjqCDWd4GLZt6HIFEhmm8nIeSK6hGQgfU1oZ2-MfYrKAq4WWH_m9HYby1rekhU_OJXaYhFKP3DRpqYfQem3JtNGI3cvBXqg7sh1d8l7Jk7mlCT4BGh-Bkg_lmQ0IOCDdCCRpasPsxBL0-bCARgZ-Grtr32oZ9UMlssSMisy958bc-MCRG4d8elEigRpLbUZiebWfBMEjyiUqyyUyBCIthKQHlfnh85NMDMQCISVJSN3BD4oOt8T1UHUiEGwTJnQ-hNa56F65jt-tHGtnoDsdEURWYIc9zriXgjwdc1LIWe16WpZuQxQDnfg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCVk0s-KksY-TZPLDK7_UPu7eUqArJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTMyMzg1NTUyMTg1ODg0MzmgAdW20uoDyAEJqQJRkiwkv3iwPuACAKgDAaoEjwJP0BQWJUFwle9V2J5_nSXkGxeQ0xxITrODZatVfDrtmnz-S0nmjk9vH1hZcHBvUMaAIVglImsb8dvAtyRNXBDYMU0s0A4BCP79eD7G81qQwuZdKx6rfIvQk32vE26O7tH3OBbaLr96QO0dFTcqKyi6uN8XmgeUYbnCOT-ZWvdugNvn5uDZGG4g5pOXLORMIZFUcNQad6tiyVOLaL1kuIQC54FeyJPxJF26OEzndVFhzT1GitqFYvbSvejD78ayJ7TWBJXt5JfPw9UWt19tirIOmBlTHkFuBRFVsTqPJJp6CY14e_dVCskJOFYS1IFsq5w775NuhNgN_rgVrZmacAG2MgiEGlbtLkDQ27v3nDGP4AQBgAaWmt3Y0N-Y5osBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YBwEAEyAusCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3uVn_vXnUP5W6OXrQ1iFPoN9D3NQ%26client%3Dca-pub-3238555218588439%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
5ab53299486253679841688884c74e9d7db2d9922f7f1db3d375e007637dae65
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:23 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=29163691
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
5498
expires
Sat, 26 Aug 2023 07:32:55 GMT
all
csm.eu.criteo.net/ Frame E1BA 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=ZXNQZ9sDNmC2JH9r_jjzsLLVBR4sd5u67ruVnJI_ZUzQpB0ep8X8LLRENd_mfY-BM8B9DNsZtREcjwQaNirZkrwUJKQh4oPEBBW47Dn8H3uB25SaJaRNbQIDfjb3axnvaxwRzwScOr64YNgf2d59-WNdEFGyiv1vp4EX1chGGCJvX6WPAL3HmPjOI3Z42GMs1HJ-4dPCAy3E7TmFgzM0poACXiE3rXdcs91GXYrfNI4WeOj2j-zuRfD3anisNI_VScQ2Xw&sds=2&rev=82884&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yyyp-AAPLOQIu-UwAAUbuw6LzDfe00S78k6aZg&u=%7ChIUXIrGDpJLB33NFN%2B3rCXe2AtJekpDZuvl0gFCv2bk%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNy44cDHK1QYNdJ71gdyCWvylMYxXMLCj4fODidRdwMR55tQ-B9hy0g4MQ3Y2uLD3JJ7lEKfzn4aFBSnAzQtPDFlUCNVr5sGfcUGLidg4S-JIc8fkmU7t_3lDQ-7uQxz5KC1LVpZy0lTa47_eeDpJKgFIqyafXhv162gFLR43EChItsYynTLOrVYw7Xvntv1WZxGmwZA1EiEi2zVPGXSbK9GhrMGiMwJURESq7rVw--kcOCp7nieQq5XY1ZIpbKSVjSYozomh1w65iM4eXCeJp7G7V4FRP88_JQnm5cNer5kQaUNtQbVLysjqCDWd4GLZt6HIFEhmm8nIeSK6hGQgfU1oZ2-MfYrKAq4WWH_m9HYby1rekhU_OJXaYhFKP3DRpqYfQem3JtNGI3cvBXqg7sh1d8l7Jk7mlCT4BGh-Bkg_lmQ0IOCDdCCRpasPsxBL0-bCARgZ-Grtr32oZ9UMlssSMisy958bc-MCRG4d8elEigRpLbUZiebWfBMEjyiUqyyUyBCIthKQHlfnh85NMDMQCISVJSN3BD4oOt8T1UHUiEGwTJnQ-hNa56F65jt-tHGtnoDsdEURWYIc9zriXgjwdc1LIWe16WpZuQxQDnfg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCVk0s-KksY-TZPLDK7_UPu7eUqArJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTMyMzg1NTUyMTg1ODg0MzmgAdW20uoDyAEJqQJRkiwkv3iwPuACAKgDAaoEjwJP0BQWJUFwle9V2J5_nSXkGxeQ0xxITrODZatVfDrtmnz-S0nmjk9vH1hZcHBvUMaAIVglImsb8dvAtyRNXBDYMU0s0A4BCP79eD7G81qQwuZdKx6rfIvQk32vE26O7tH3OBbaLr96QO0dFTcqKyi6uN8XmgeUYbnCOT-ZWvdugNvn5uDZGG4g5pOXLORMIZFUcNQad6tiyVOLaL1kuIQC54FeyJPxJF26OEzndVFhzT1GitqFYvbSvejD78ayJ7TWBJXt5JfPw9UWt19tirIOmBlTHkFuBRFVsTqPJJp6CY14e_dVCskJOFYS1IFsq5w775NuhNgN_rgVrZmacAG2MgiEGlbtLkDQ27v3nDGP4AQBgAaWmt3Y0N-Y5osBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YBwEAEyAusCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3uVn_vXnUP5W6OXrQ1iFPoN9D3NQ%26client%3Dca-pub-3238555218588439%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.162 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Thu, 22 Sep 2022 18:31:23 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame E1BA 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yyyp-AAPLOQIu-UwAAUbuw6LzDfe00S78k6aZg&u=%7ChIUXIrGDpJLB33NFN%2B3rCXe2AtJekpDZuvl0gFCv2bk%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNy44cDHK1QYNdJ71gdyCWvylMYxXMLCj4fODidRdwMR55tQ-B9hy0g4MQ3Y2uLD3JJ7lEKfzn4aFBSnAzQtPDFlUCNVr5sGfcUGLidg4S-JIc8fkmU7t_3lDQ-7uQxz5KC1LVpZy0lTa47_eeDpJKgFIqyafXhv162gFLR43EChItsYynTLOrVYw7Xvntv1WZxGmwZA1EiEi2zVPGXSbK9GhrMGiMwJURESq7rVw--kcOCp7nieQq5XY1ZIpbKSVjSYozomh1w65iM4eXCeJp7G7V4FRP88_JQnm5cNer5kQaUNtQbVLysjqCDWd4GLZt6HIFEhmm8nIeSK6hGQgfU1oZ2-MfYrKAq4WWH_m9HYby1rekhU_OJXaYhFKP3DRpqYfQem3JtNGI3cvBXqg7sh1d8l7Jk7mlCT4BGh-Bkg_lmQ0IOCDdCCRpasPsxBL0-bCARgZ-Grtr32oZ9UMlssSMisy958bc-MCRG4d8elEigRpLbUZiebWfBMEjyiUqyyUyBCIthKQHlfnh85NMDMQCISVJSN3BD4oOt8T1UHUiEGwTJnQ-hNa56F65jt-tHGtnoDsdEURWYIc9zriXgjwdc1LIWe16WpZuQxQDnfg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCVk0s-KksY-TZPLDK7_UPu7eUqArJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTMyMzg1NTUyMTg1ODg0MzmgAdW20uoDyAEJqQJRkiwkv3iwPuACAKgDAaoEjwJP0BQWJUFwle9V2J5_nSXkGxeQ0xxITrODZatVfDrtmnz-S0nmjk9vH1hZcHBvUMaAIVglImsb8dvAtyRNXBDYMU0s0A4BCP79eD7G81qQwuZdKx6rfIvQk32vE26O7tH3OBbaLr96QO0dFTcqKyi6uN8XmgeUYbnCOT-ZWvdugNvn5uDZGG4g5pOXLORMIZFUcNQad6tiyVOLaL1kuIQC54FeyJPxJF26OEzndVFhzT1GitqFYvbSvejD78ayJ7TWBJXt5JfPw9UWt19tirIOmBlTHkFuBRFVsTqPJJp6CY14e_dVCskJOFYS1IFsq5w775NuhNgN_rgVrZmacAG2MgiEGlbtLkDQ27v3nDGP4AQBgAaWmt3Y0N-Y5osBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YBwEAEyAusCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3uVn_vXnUP5W6OXrQ1iFPoN9D3NQ%26client%3Dca-pub-3238555218588439%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:23 GMT
content-encoding
gzip
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 17 Sep 2023 18:31:23 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame E1BA 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yyyp-AAPLOQIu-UwAAUbuw6LzDfe00S78k6aZg&u=%7ChIUXIrGDpJLB33NFN%2B3rCXe2AtJekpDZuvl0gFCv2bk%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNy44cDHK1QYNdJ71gdyCWvylMYxXMLCj4fODidRdwMR55tQ-B9hy0g4MQ3Y2uLD3JJ7lEKfzn4aFBSnAzQtPDFlUCNVr5sGfcUGLidg4S-JIc8fkmU7t_3lDQ-7uQxz5KC1LVpZy0lTa47_eeDpJKgFIqyafXhv162gFLR43EChItsYynTLOrVYw7Xvntv1WZxGmwZA1EiEi2zVPGXSbK9GhrMGiMwJURESq7rVw--kcOCp7nieQq5XY1ZIpbKSVjSYozomh1w65iM4eXCeJp7G7V4FRP88_JQnm5cNer5kQaUNtQbVLysjqCDWd4GLZt6HIFEhmm8nIeSK6hGQgfU1oZ2-MfYrKAq4WWH_m9HYby1rekhU_OJXaYhFKP3DRpqYfQem3JtNGI3cvBXqg7sh1d8l7Jk7mlCT4BGh-Bkg_lmQ0IOCDdCCRpasPsxBL0-bCARgZ-Grtr32oZ9UMlssSMisy958bc-MCRG4d8elEigRpLbUZiebWfBMEjyiUqyyUyBCIthKQHlfnh85NMDMQCISVJSN3BD4oOt8T1UHUiEGwTJnQ-hNa56F65jt-tHGtnoDsdEURWYIc9zriXgjwdc1LIWe16WpZuQxQDnfg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCVk0s-KksY-TZPLDK7_UPu7eUqArJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTMyMzg1NTUyMTg1ODg0MzmgAdW20uoDyAEJqQJRkiwkv3iwPuACAKgDAaoEjwJP0BQWJUFwle9V2J5_nSXkGxeQ0xxITrODZatVfDrtmnz-S0nmjk9vH1hZcHBvUMaAIVglImsb8dvAtyRNXBDYMU0s0A4BCP79eD7G81qQwuZdKx6rfIvQk32vE26O7tH3OBbaLr96QO0dFTcqKyi6uN8XmgeUYbnCOT-ZWvdugNvn5uDZGG4g5pOXLORMIZFUcNQad6tiyVOLaL1kuIQC54FeyJPxJF26OEzndVFhzT1GitqFYvbSvejD78ayJ7TWBJXt5JfPw9UWt19tirIOmBlTHkFuBRFVsTqPJJp6CY14e_dVCskJOFYS1IFsq5w775NuhNgN_rgVrZmacAG2MgiEGlbtLkDQ27v3nDGP4AQBgAaWmt3Y0N-Y5osBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YBwEAEyAusCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3uVn_vXnUP5W6OXrQ1iFPoN9D3NQ%26client%3Dca-pub-3238555218588439%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:23 GMT
content-encoding
gzip
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 17 Sep 2023 18:31:23 GMT
event
event.insticator.com/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://event.insticator.com/v1/event?event_name=event_adunit-load
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.44.229.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-44-229-202.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.staradvertiser.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://www.staradvertiser.com
access-control-max-age
3600
content-length
0
date
Thu, 22 Sep 2022 18:31:23 GMT
vary
Origin
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 79CB 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/ads-code/134cd2a0-7eab-4f89-ad56-f416cc5743c6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0ffcf3aff7299466635b70c8562870bd1853a859a488ad86d51b9a9da1e93a7a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27800
x-xss-protection
0
server
sffe
etag
"1342 / 600 of 1000 / last-modified: 1663845016"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 22 Sep 2022 18:31:23 GMT
event
event.insticator.com/v1/ Frame 79CB 		0
125 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://event.insticator.com/v1/event?event_name=event_adunit-load
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/ads-code/134cd2a0-7eab-4f89-ad56-f416cc5743c6.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.44.229.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-44-229-202.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.staradvertiser.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-type
application/json

Response headers

access-control-allow-origin
https://www.staradvertiser.com
date
Thu, 22 Sep 2022 18:31:23 GMT
access-control-allow-credentials
true
content-length
0
vary
Origin
img
pix.eu.criteo.net/img/ Frame 2AC4 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?h=196&m=0&partner=25080&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F25080%2F220505%2Fb0df4b81f52f48c386b6472c88230d0b_vev_luxury_second_hand.png&v=3&w=168&s=yi7V3KSnW1-ZQZRRBaIw86do
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yyyp-AAPLOsIu-UwAAUbuzfaEK0lLx-rdBQm-w&u=%7ChIUXIrGDpJKs%2BNQhCogTOVXt6NMGZn2MLqy7hzamzrA%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrGxHd21mMpxNh6ptbvoFGr5-taiijmDVNfEog-pHxa6wvg-tUOFnI36QG0DZhqQiWFLzK9PeXkRUnRcJnQGiAJN1oUKXq_0FiTwIkyB5pawzTsYyrVn4RaACGKq-geHHNBGwUeH42rbtlPUycZCimCT4WrjS_nVwovPqf-iMMZzU6kUYCdOTqtTvbFFQlxGXW-RoNdmKRIy_YWCcgNzIKbBUp0Br_k1CuvilQJ2gWk88N1lz-3TcnzkAMF6A6Tg0Crnu1dFcVaCfIIOncAIm-H5BN2h9qdMHiE7-0_x-1lU2v7HgXPizZPO61sDpdSq8QvSKo0z4Tz0Mxip6UfJCOomN0tMaLH0NaND0mETmaHrbpTnGLpuFSCarUhywpv-C8vKHNt1wpOoIocV6zmPp-QPfkue6YU6dDTW-6F48TKA71R8SBZo_2cFVi2Mnp2oyrFBRhbGXitC7T1e963VNEP4lxtli_GfeCFlYbR2P3XiE5RizYasXEgzJ9AY6qbL6Fnggr9OTQFOU6rY-Xlb5mK8tT2GzWxDivHNUUIoENXQFRi9xDx_8pEoD2noMFIsxddScxQyzotCyIVMNa0prenBtUbtfGYMnQqoD771xYSDQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9evf-KksY-vZPLDK7_UPu7eUqArJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTMyMzg1NTUyMTg1ODg0MzmgAdW20uoDyAEJqQJRkiwkv3iwPuACAKgDAaoEmgJP0GMtPfwPFcfwgrcF14hVtttrdBm4ayu5gghJueZFX9_KOV8XuEEsUSR5U9IeKAizuJzRjA2JAJvmITiNDutMvFEeKOUhyUlm7J9Ptkb270A9UnEyBrqWNZt42_DTls1VJQ436PXJmXQV9M2_x1QFtNwyUzyPpwaGxKy1OoCh4j4tLZ9MbmWVZlg10xCkMVbbg1f_8vWsukW2_rSsjNX0d0Xdar1Pe6IgjW_dsO2Ny2ivgWX7YlpZ-lOHlB8Vgf-1dpGB6iRPslOJOxtWRAL9B6EzD5bzkcMhLdtf3WeF-JX8KJn8eABjPdojp3NPcvJU62QTY_X4Tni5GEniHU3Z4VVHSOZtbVnmg0qV8ey2xsIYEKMMLW2rs5jgBAGABuv1oOjThojk4QGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgHAQATIC6wI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0QiN2AxmuZc7TwqL_FL7RXFI5oEQ%26client%3Dca-pub-3238555218588439%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
8c49b34a567cb1d6c3d26d5f80db23c1afec8cd2d34f38e5474d3c6510e20d45
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:23 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=29679906
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
5851
expires
Fri, 01 Sep 2023 06:56:30 GMT
img
pix.eu.criteo.net/img/ Frame 2AC4 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=25080&q=80&r=0&u=https%3A%2F%2Fviteenvogue-b2c-production.imgix.net%2Fproduct%2F454707%2F28%2F454707-28-image-1-5fce003a8e9b3.jpg%3Fauto%3Dformat%26q%3D80&v=3&w=400&s=Ds3MMSDt19-VwAPSGgLlcwF1&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yyyp-AAPLOsIu-UwAAUbuzfaEK0lLx-rdBQm-w&u=%7ChIUXIrGDpJKs%2BNQhCogTOVXt6NMGZn2MLqy7hzamzrA%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrGxHd21mMpxNh6ptbvoFGr5-taiijmDVNfEog-pHxa6wvg-tUOFnI36QG0DZhqQiWFLzK9PeXkRUnRcJnQGiAJN1oUKXq_0FiTwIkyB5pawzTsYyrVn4RaACGKq-geHHNBGwUeH42rbtlPUycZCimCT4WrjS_nVwovPqf-iMMZzU6kUYCdOTqtTvbFFQlxGXW-RoNdmKRIy_YWCcgNzIKbBUp0Br_k1CuvilQJ2gWk88N1lz-3TcnzkAMF6A6Tg0Crnu1dFcVaCfIIOncAIm-H5BN2h9qdMHiE7-0_x-1lU2v7HgXPizZPO61sDpdSq8QvSKo0z4Tz0Mxip6UfJCOomN0tMaLH0NaND0mETmaHrbpTnGLpuFSCarUhywpv-C8vKHNt1wpOoIocV6zmPp-QPfkue6YU6dDTW-6F48TKA71R8SBZo_2cFVi2Mnp2oyrFBRhbGXitC7T1e963VNEP4lxtli_GfeCFlYbR2P3XiE5RizYasXEgzJ9AY6qbL6Fnggr9OTQFOU6rY-Xlb5mK8tT2GzWxDivHNUUIoENXQFRi9xDx_8pEoD2noMFIsxddScxQyzotCyIVMNa0prenBtUbtfGYMnQqoD771xYSDQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9evf-KksY-vZPLDK7_UPu7eUqArJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTMyMzg1NTUyMTg1ODg0MzmgAdW20uoDyAEJqQJRkiwkv3iwPuACAKgDAaoEmgJP0GMtPfwPFcfwgrcF14hVtttrdBm4ayu5gghJueZFX9_KOV8XuEEsUSR5U9IeKAizuJzRjA2JAJvmITiNDutMvFEeKOUhyUlm7J9Ptkb270A9UnEyBrqWNZt42_DTls1VJQ436PXJmXQV9M2_x1QFtNwyUzyPpwaGxKy1OoCh4j4tLZ9MbmWVZlg10xCkMVbbg1f_8vWsukW2_rSsjNX0d0Xdar1Pe6IgjW_dsO2Ny2ivgWX7YlpZ-lOHlB8Vgf-1dpGB6iRPslOJOxtWRAL9B6EzD5bzkcMhLdtf3WeF-JX8KJn8eABjPdojp3NPcvJU62QTY_X4Tni5GEniHU3Z4VVHSOZtbVnmg0qV8ey2xsIYEKMMLW2rs5jgBAGABuv1oOjThojk4QGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgHAQATIC6wI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0QiN2AxmuZc7TwqL_FL7RXFI5oEQ%26client%3Dca-pub-3238555218588439%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
d1fd346908d8a8f026e8974fb61c587e62eaf2a35675f8ed015c9e1eca0fa463
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:23 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=69007
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
7300
expires
Fri, 23 Sep 2022 13:41:31 GMT
all
csm.eu.criteo.net/ Frame 2AC4 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=7RQccNsDNmC2JH9r3XHahfMgtrpe9WGr9gHclvnrzOMsHkhyGCnECHRbrmw9wQXz8FuAAR7SSzFnwRRc7QUhk8VWiWxOJiJJilBKtOCB2HEH8NnYKPCMRtkNbcCBDZJhjS-WvnwtnA0lyosWFJz5ct3qFJKkObWwMSC6L8m3pumfxk2Vs9OdyrvZOd-qKo2shq-521Z7qT1VRKpnctPoanA28kRsz1mVdQBDxbimxtZlyFNJBuCPiGNnpifrLHincMWQhg&sds=2&rev=82884&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yyyp-AAPLOsIu-UwAAUbuzfaEK0lLx-rdBQm-w&u=%7ChIUXIrGDpJKs%2BNQhCogTOVXt6NMGZn2MLqy7hzamzrA%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrGxHd21mMpxNh6ptbvoFGr5-taiijmDVNfEog-pHxa6wvg-tUOFnI36QG0DZhqQiWFLzK9PeXkRUnRcJnQGiAJN1oUKXq_0FiTwIkyB5pawzTsYyrVn4RaACGKq-geHHNBGwUeH42rbtlPUycZCimCT4WrjS_nVwovPqf-iMMZzU6kUYCdOTqtTvbFFQlxGXW-RoNdmKRIy_YWCcgNzIKbBUp0Br_k1CuvilQJ2gWk88N1lz-3TcnzkAMF6A6Tg0Crnu1dFcVaCfIIOncAIm-H5BN2h9qdMHiE7-0_x-1lU2v7HgXPizZPO61sDpdSq8QvSKo0z4Tz0Mxip6UfJCOomN0tMaLH0NaND0mETmaHrbpTnGLpuFSCarUhywpv-C8vKHNt1wpOoIocV6zmPp-QPfkue6YU6dDTW-6F48TKA71R8SBZo_2cFVi2Mnp2oyrFBRhbGXitC7T1e963VNEP4lxtli_GfeCFlYbR2P3XiE5RizYasXEgzJ9AY6qbL6Fnggr9OTQFOU6rY-Xlb5mK8tT2GzWxDivHNUUIoENXQFRi9xDx_8pEoD2noMFIsxddScxQyzotCyIVMNa0prenBtUbtfGYMnQqoD771xYSDQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9evf-KksY-vZPLDK7_UPu7eUqArJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTMyMzg1NTUyMTg1ODg0MzmgAdW20uoDyAEJqQJRkiwkv3iwPuACAKgDAaoEmgJP0GMtPfwPFcfwgrcF14hVtttrdBm4ayu5gghJueZFX9_KOV8XuEEsUSR5U9IeKAizuJzRjA2JAJvmITiNDutMvFEeKOUhyUlm7J9Ptkb270A9UnEyBrqWNZt42_DTls1VJQ436PXJmXQV9M2_x1QFtNwyUzyPpwaGxKy1OoCh4j4tLZ9MbmWVZlg10xCkMVbbg1f_8vWsukW2_rSsjNX0d0Xdar1Pe6IgjW_dsO2Ny2ivgWX7YlpZ-lOHlB8Vgf-1dpGB6iRPslOJOxtWRAL9B6EzD5bzkcMhLdtf3WeF-JX8KJn8eABjPdojp3NPcvJU62QTY_X4Tni5GEniHU3Z4VVHSOZtbVnmg0qV8ey2xsIYEKMMLW2rs5jgBAGABuv1oOjThojk4QGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgHAQATIC6wI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0QiN2AxmuZc7TwqL_FL7RXFI5oEQ%26client%3Dca-pub-3238555218588439%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.162 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Thu, 22 Sep 2022 18:31:23 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 2AC4 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yyyp-AAPLOsIu-UwAAUbuzfaEK0lLx-rdBQm-w&u=%7ChIUXIrGDpJKs%2BNQhCogTOVXt6NMGZn2MLqy7hzamzrA%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrGxHd21mMpxNh6ptbvoFGr5-taiijmDVNfEog-pHxa6wvg-tUOFnI36QG0DZhqQiWFLzK9PeXkRUnRcJnQGiAJN1oUKXq_0FiTwIkyB5pawzTsYyrVn4RaACGKq-geHHNBGwUeH42rbtlPUycZCimCT4WrjS_nVwovPqf-iMMZzU6kUYCdOTqtTvbFFQlxGXW-RoNdmKRIy_YWCcgNzIKbBUp0Br_k1CuvilQJ2gWk88N1lz-3TcnzkAMF6A6Tg0Crnu1dFcVaCfIIOncAIm-H5BN2h9qdMHiE7-0_x-1lU2v7HgXPizZPO61sDpdSq8QvSKo0z4Tz0Mxip6UfJCOomN0tMaLH0NaND0mETmaHrbpTnGLpuFSCarUhywpv-C8vKHNt1wpOoIocV6zmPp-QPfkue6YU6dDTW-6F48TKA71R8SBZo_2cFVi2Mnp2oyrFBRhbGXitC7T1e963VNEP4lxtli_GfeCFlYbR2P3XiE5RizYasXEgzJ9AY6qbL6Fnggr9OTQFOU6rY-Xlb5mK8tT2GzWxDivHNUUIoENXQFRi9xDx_8pEoD2noMFIsxddScxQyzotCyIVMNa0prenBtUbtfGYMnQqoD771xYSDQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9evf-KksY-vZPLDK7_UPu7eUqArJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTMyMzg1NTUyMTg1ODg0MzmgAdW20uoDyAEJqQJRkiwkv3iwPuACAKgDAaoEmgJP0GMtPfwPFcfwgrcF14hVtttrdBm4ayu5gghJueZFX9_KOV8XuEEsUSR5U9IeKAizuJzRjA2JAJvmITiNDutMvFEeKOUhyUlm7J9Ptkb270A9UnEyBrqWNZt42_DTls1VJQ436PXJmXQV9M2_x1QFtNwyUzyPpwaGxKy1OoCh4j4tLZ9MbmWVZlg10xCkMVbbg1f_8vWsukW2_rSsjNX0d0Xdar1Pe6IgjW_dsO2Ny2ivgWX7YlpZ-lOHlB8Vgf-1dpGB6iRPslOJOxtWRAL9B6EzD5bzkcMhLdtf3WeF-JX8KJn8eABjPdojp3NPcvJU62QTY_X4Tni5GEniHU3Z4VVHSOZtbVnmg0qV8ey2xsIYEKMMLW2rs5jgBAGABuv1oOjThojk4QGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgHAQATIC6wI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0QiN2AxmuZc7TwqL_FL7RXFI5oEQ%26client%3Dca-pub-3238555218588439%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:23 GMT
content-encoding
gzip
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 17 Sep 2023 18:31:23 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame 2AC4 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yyyp-AAPLOsIu-UwAAUbuzfaEK0lLx-rdBQm-w&u=%7ChIUXIrGDpJKs%2BNQhCogTOVXt6NMGZn2MLqy7hzamzrA%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrGxHd21mMpxNh6ptbvoFGr5-taiijmDVNfEog-pHxa6wvg-tUOFnI36QG0DZhqQiWFLzK9PeXkRUnRcJnQGiAJN1oUKXq_0FiTwIkyB5pawzTsYyrVn4RaACGKq-geHHNBGwUeH42rbtlPUycZCimCT4WrjS_nVwovPqf-iMMZzU6kUYCdOTqtTvbFFQlxGXW-RoNdmKRIy_YWCcgNzIKbBUp0Br_k1CuvilQJ2gWk88N1lz-3TcnzkAMF6A6Tg0Crnu1dFcVaCfIIOncAIm-H5BN2h9qdMHiE7-0_x-1lU2v7HgXPizZPO61sDpdSq8QvSKo0z4Tz0Mxip6UfJCOomN0tMaLH0NaND0mETmaHrbpTnGLpuFSCarUhywpv-C8vKHNt1wpOoIocV6zmPp-QPfkue6YU6dDTW-6F48TKA71R8SBZo_2cFVi2Mnp2oyrFBRhbGXitC7T1e963VNEP4lxtli_GfeCFlYbR2P3XiE5RizYasXEgzJ9AY6qbL6Fnggr9OTQFOU6rY-Xlb5mK8tT2GzWxDivHNUUIoENXQFRi9xDx_8pEoD2noMFIsxddScxQyzotCyIVMNa0prenBtUbtfGYMnQqoD771xYSDQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9evf-KksY-vZPLDK7_UPu7eUqArJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTMyMzg1NTUyMTg1ODg0MzmgAdW20uoDyAEJqQJRkiwkv3iwPuACAKgDAaoEmgJP0GMtPfwPFcfwgrcF14hVtttrdBm4ayu5gghJueZFX9_KOV8XuEEsUSR5U9IeKAizuJzRjA2JAJvmITiNDutMvFEeKOUhyUlm7J9Ptkb270A9UnEyBrqWNZt42_DTls1VJQ436PXJmXQV9M2_x1QFtNwyUzyPpwaGxKy1OoCh4j4tLZ9MbmWVZlg10xCkMVbbg1f_8vWsukW2_rSsjNX0d0Xdar1Pe6IgjW_dsO2Ny2ivgWX7YlpZ-lOHlB8Vgf-1dpGB6iRPslOJOxtWRAL9B6EzD5bzkcMhLdtf3WeF-JX8KJn8eABjPdojp3NPcvJU62QTY_X4Tni5GEniHU3Z4VVHSOZtbVnmg0qV8ey2xsIYEKMMLW2rs5jgBAGABuv1oOjThojk4QGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgHAQATIC6wI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0QiN2AxmuZc7TwqL_FL7RXFI5oEQ%26client%3Dca-pub-3238555218588439%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:23 GMT
content-encoding
gzip
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 17 Sep 2023 18:31:23 GMT
webfontloader.js
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 6E1E 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yyyp-AAPLOUIu-UwAAUbuxe_kjS-X3qD5Pr_xQ&u=%7ChIUXIrGDpJK759hFcJIrfPzCzTrExvh6vYUvpezIPF0%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNy44cDHK1QYNdJ71gdyCWvylMYxXMLCj4fODidRdwMR55tQ-B9hy0g4MQ3Y2uLD3JJ7lEKfzn4aGxZFJgNB2TpNcNBw4A1xZ6hsv-V10fUCPEi72bbOVQPHldwVW2uHxuCq4e4SNc2fb-DRN3AaoZ3PFtmUBb1kM79_wXOVk_cQc8ypAxD1Qv-jcaGvgyYe7flx0YZ7PFy5sHXBjw4zHU8jjmfgHAGfFlq0_eyR1Ln5PnpOt1-gog_Y7efWSSEAW82QmtxSFvyIcgpTHMcqqX9FI60hyHP8fXPxib_s4coQ-SmlYTtxG3t6gKs-swQyhBBEUql04uvN1p2xmq66EnPlkmcSa0QEXwcZjcejqt3NxUD9I1LYt9J9Nv-uT5caTYeLczIGXGeKhTLxb5ujisZqW7X-YDmA3npTW6ewAKP8ktrCQBc71UgBzNEgqBKS9LS1UIPs2QsxOuu_EtiHsu3nKbGiPMxiNFSnMPUNpIusmw_-S9pH5KCrdbAVYQzHykxHH-iGKz8sEAangpklUbp5n5XzAhB2E4KApbU8SJhFvSzz5aqsVC11ANz6IDFNOr3RD-BCn7cAiFhf6ZfDVq3IglhWwx37exlo2n1S4bE3o7LJpZhWhZdQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCLlUY-KksY-XZPLDK7_UPu7eUqArJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTMyMzg1NTUyMTg1ODg0MzmgAdW20uoDyAEJqQJRkiwkv3iwPuACAKgDAaoEjwJP0Mofhcty9SdKssCL--yyKdEEj07NcYmeTiMNaDF8KIlSN45dcYgbb8oo7GbkW-5o2cDA6R8f-bpIAdjAcy4PypA0GdKnhcEa6uO-R8ck951VHojpHAR4BUcuyy3R2gQdy8n8SSTH-qwsYUdcnKUeuXlbvy96hmbTl0XdZxYFUXv9LVQDGerg304JhaDHZOjil4o-eOpJR0NH8u0qLSZtf-cCffFmmvGdgXASr9gf6ciQTG69A8m5nXP03TQqjxRFHwihpRjkFOvNSJGXZaJOe2GKugYLbM4bWMowFRCe0kkkT1sUFjNKxJJdQ4tV44VA7qexylPXgS_lQcJMoR4lLIAYyZMu846pMn74Zjh24AQBgAaWmt3Y0N-Y5osBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YBwEAEyAusCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0q2SxgFUiv9khkeoSN-tKeMIVBVw%26client%3Dca-pub-3238555218588439%26adurl%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:23 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
2509826
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4420
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:17:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb04030-30d9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k0Lxl6DCwmab8JSVx3otduhpOPYA7%2BlHt4suHtXYVN1CxZvYhucMh5UJJdK2mUSjIPSl%2BUMomwpSrIF8Y1WIzRD9hYRw71j1loR3%2B3KZCIjEkIus5lmpUfUYLGKD0fZAMTsJCIwlU%2FqFQw42N5zOHfY%2B"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
74ed1e063a129c0d-FRA
expires
Tue, 12 Sep 2023 18:31:23 GMT
animejs.js
static.criteo.net/animejs/ Frame 6E1E 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yyyp-AAPLOUIu-UwAAUbuxe_kjS-X3qD5Pr_xQ&u=%7ChIUXIrGDpJK759hFcJIrfPzCzTrExvh6vYUvpezIPF0%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNy44cDHK1QYNdJ71gdyCWvylMYxXMLCj4fODidRdwMR55tQ-B9hy0g4MQ3Y2uLD3JJ7lEKfzn4aGxZFJgNB2TpNcNBw4A1xZ6hsv-V10fUCPEi72bbOVQPHldwVW2uHxuCq4e4SNc2fb-DRN3AaoZ3PFtmUBb1kM79_wXOVk_cQc8ypAxD1Qv-jcaGvgyYe7flx0YZ7PFy5sHXBjw4zHU8jjmfgHAGfFlq0_eyR1Ln5PnpOt1-gog_Y7efWSSEAW82QmtxSFvyIcgpTHMcqqX9FI60hyHP8fXPxib_s4coQ-SmlYTtxG3t6gKs-swQyhBBEUql04uvN1p2xmq66EnPlkmcSa0QEXwcZjcejqt3NxUD9I1LYt9J9Nv-uT5caTYeLczIGXGeKhTLxb5ujisZqW7X-YDmA3npTW6ewAKP8ktrCQBc71UgBzNEgqBKS9LS1UIPs2QsxOuu_EtiHsu3nKbGiPMxiNFSnMPUNpIusmw_-S9pH5KCrdbAVYQzHykxHH-iGKz8sEAangpklUbp5n5XzAhB2E4KApbU8SJhFvSzz5aqsVC11ANz6IDFNOr3RD-BCn7cAiFhf6ZfDVq3IglhWwx37exlo2n1S4bE3o7LJpZhWhZdQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCLlUY-KksY-XZPLDK7_UPu7eUqArJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTMyMzg1NTUyMTg1ODg0MzmgAdW20uoDyAEJqQJRkiwkv3iwPuACAKgDAaoEjwJP0Mofhcty9SdKssCL--yyKdEEj07NcYmeTiMNaDF8KIlSN45dcYgbb8oo7GbkW-5o2cDA6R8f-bpIAdjAcy4PypA0GdKnhcEa6uO-R8ck951VHojpHAR4BUcuyy3R2gQdy8n8SSTH-qwsYUdcnKUeuXlbvy96hmbTl0XdZxYFUXv9LVQDGerg304JhaDHZOjil4o-eOpJR0NH8u0qLSZtf-cCffFmmvGdgXASr9gf6ciQTG69A8m5nXP03TQqjxRFHwihpRjkFOvNSJGXZaJOe2GKugYLbM4bWMowFRCe0kkkT1sUFjNKxJJdQ4tV44VA7qexylPXgS_lQcJMoR4lLIAYyZMu846pMn74Zjh24AQBgAaWmt3Y0N-Y5osBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YBwEAEyAusCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0q2SxgFUiv9khkeoSN-tKeMIVBVw%26client%3Dca-pub-3238555218588439%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:23 GMT
content-encoding
gzip
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 17 Sep 2023 18:31:23 GMT
img
pix.eu.criteo.net/img/ Frame 6E1E 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?h=196&m=0&partner=93548&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F93548%2F220216%2Fc158d3d80e644cc591348e4db417aead_interiorr_png.png&v=3&w=210&s=WITdvCUDZXecH3WR8HgnJuAR
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yyyp-AAPLOUIu-UwAAUbuxe_kjS-X3qD5Pr_xQ&u=%7ChIUXIrGDpJK759hFcJIrfPzCzTrExvh6vYUvpezIPF0%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNy44cDHK1QYNdJ71gdyCWvylMYxXMLCj4fODidRdwMR55tQ-B9hy0g4MQ3Y2uLD3JJ7lEKfzn4aGxZFJgNB2TpNcNBw4A1xZ6hsv-V10fUCPEi72bbOVQPHldwVW2uHxuCq4e4SNc2fb-DRN3AaoZ3PFtmUBb1kM79_wXOVk_cQc8ypAxD1Qv-jcaGvgyYe7flx0YZ7PFy5sHXBjw4zHU8jjmfgHAGfFlq0_eyR1Ln5PnpOt1-gog_Y7efWSSEAW82QmtxSFvyIcgpTHMcqqX9FI60hyHP8fXPxib_s4coQ-SmlYTtxG3t6gKs-swQyhBBEUql04uvN1p2xmq66EnPlkmcSa0QEXwcZjcejqt3NxUD9I1LYt9J9Nv-uT5caTYeLczIGXGeKhTLxb5ujisZqW7X-YDmA3npTW6ewAKP8ktrCQBc71UgBzNEgqBKS9LS1UIPs2QsxOuu_EtiHsu3nKbGiPMxiNFSnMPUNpIusmw_-S9pH5KCrdbAVYQzHykxHH-iGKz8sEAangpklUbp5n5XzAhB2E4KApbU8SJhFvSzz5aqsVC11ANz6IDFNOr3RD-BCn7cAiFhf6ZfDVq3IglhWwx37exlo2n1S4bE3o7LJpZhWhZdQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCLlUY-KksY-XZPLDK7_UPu7eUqArJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTMyMzg1NTUyMTg1ODg0MzmgAdW20uoDyAEJqQJRkiwkv3iwPuACAKgDAaoEjwJP0Mofhcty9SdKssCL--yyKdEEj07NcYmeTiMNaDF8KIlSN45dcYgbb8oo7GbkW-5o2cDA6R8f-bpIAdjAcy4PypA0GdKnhcEa6uO-R8ck951VHojpHAR4BUcuyy3R2gQdy8n8SSTH-qwsYUdcnKUeuXlbvy96hmbTl0XdZxYFUXv9LVQDGerg304JhaDHZOjil4o-eOpJR0NH8u0qLSZtf-cCffFmmvGdgXASr9gf6ciQTG69A8m5nXP03TQqjxRFHwihpRjkFOvNSJGXZaJOe2GKugYLbM4bWMowFRCe0kkkT1sUFjNKxJJdQ4tV44VA7qexylPXgS_lQcJMoR4lLIAYyZMu846pMn74Zjh24AQBgAaWmt3Y0N-Y5osBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YBwEAEyAusCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0q2SxgFUiv9khkeoSN-tKeMIVBVw%26client%3Dca-pub-3238555218588439%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
7a06ee584bdaf2aee88119e3ff69a8a85fa64ee6fdda9becd58c769ecf6c1e6b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:23 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=28462088
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
8514
expires
Fri, 18 Aug 2023 04:39:32 GMT
img
pix.eu.criteo.net/img/ Frame 6E1E 		48 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?h=1200&m=0&partner=93548&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F93548%2F220216%2F0602254c9fec4b51b566b046397a786b_interiorr_1-1-2022-034.jpg&v=3&w=1200&s=ItnOAm6Mtlw-WQtreojDf7EK
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yyyp-AAPLOUIu-UwAAUbuxe_kjS-X3qD5Pr_xQ&u=%7ChIUXIrGDpJK759hFcJIrfPzCzTrExvh6vYUvpezIPF0%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNy44cDHK1QYNdJ71gdyCWvylMYxXMLCj4fODidRdwMR55tQ-B9hy0g4MQ3Y2uLD3JJ7lEKfzn4aGxZFJgNB2TpNcNBw4A1xZ6hsv-V10fUCPEi72bbOVQPHldwVW2uHxuCq4e4SNc2fb-DRN3AaoZ3PFtmUBb1kM79_wXOVk_cQc8ypAxD1Qv-jcaGvgyYe7flx0YZ7PFy5sHXBjw4zHU8jjmfgHAGfFlq0_eyR1Ln5PnpOt1-gog_Y7efWSSEAW82QmtxSFvyIcgpTHMcqqX9FI60hyHP8fXPxib_s4coQ-SmlYTtxG3t6gKs-swQyhBBEUql04uvN1p2xmq66EnPlkmcSa0QEXwcZjcejqt3NxUD9I1LYt9J9Nv-uT5caTYeLczIGXGeKhTLxb5ujisZqW7X-YDmA3npTW6ewAKP8ktrCQBc71UgBzNEgqBKS9LS1UIPs2QsxOuu_EtiHsu3nKbGiPMxiNFSnMPUNpIusmw_-S9pH5KCrdbAVYQzHykxHH-iGKz8sEAangpklUbp5n5XzAhB2E4KApbU8SJhFvSzz5aqsVC11ANz6IDFNOr3RD-BCn7cAiFhf6ZfDVq3IglhWwx37exlo2n1S4bE3o7LJpZhWhZdQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCLlUY-KksY-XZPLDK7_UPu7eUqArJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTMyMzg1NTUyMTg1ODg0MzmgAdW20uoDyAEJqQJRkiwkv3iwPuACAKgDAaoEjwJP0Mofhcty9SdKssCL--yyKdEEj07NcYmeTiMNaDF8KIlSN45dcYgbb8oo7GbkW-5o2cDA6R8f-bpIAdjAcy4PypA0GdKnhcEa6uO-R8ck951VHojpHAR4BUcuyy3R2gQdy8n8SSTH-qwsYUdcnKUeuXlbvy96hmbTl0XdZxYFUXv9LVQDGerg304JhaDHZOjil4o-eOpJR0NH8u0qLSZtf-cCffFmmvGdgXASr9gf6ciQTG69A8m5nXP03TQqjxRFHwihpRjkFOvNSJGXZaJOe2GKugYLbM4bWMowFRCe0kkkT1sUFjNKxJJdQ4tV44VA7qexylPXgS_lQcJMoR4lLIAYyZMu846pMn74Zjh24AQBgAaWmt3Y0N-Y5osBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YBwEAEyAusCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0q2SxgFUiv9khkeoSN-tKeMIVBVw%26client%3Dca-pub-3238555218588439%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e0409be36290c1cf05ab13c3381cacc11136520c0f01f7aae79fb7359d348991
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:23 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=30130087
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
48888
expires
Wed, 06 Sep 2023 11:59:31 GMT
img
pix.eu.criteo.net/img/ Frame 6E1E 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=93548&q=80&r=0&u=https%3A%2F%2Finteriorr.com%2Fmedia%2Fcatalog%2Fproduct%2Fc%2Fh%2Fchlo_beige_new_7_.jpg&v=3&w=400&s=lkdiMblahPh6nMuEjS3eZy5z&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yyyp-AAPLOUIu-UwAAUbuxe_kjS-X3qD5Pr_xQ&u=%7ChIUXIrGDpJK759hFcJIrfPzCzTrExvh6vYUvpezIPF0%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNy44cDHK1QYNdJ71gdyCWvylMYxXMLCj4fODidRdwMR55tQ-B9hy0g4MQ3Y2uLD3JJ7lEKfzn4aGxZFJgNB2TpNcNBw4A1xZ6hsv-V10fUCPEi72bbOVQPHldwVW2uHxuCq4e4SNc2fb-DRN3AaoZ3PFtmUBb1kM79_wXOVk_cQc8ypAxD1Qv-jcaGvgyYe7flx0YZ7PFy5sHXBjw4zHU8jjmfgHAGfFlq0_eyR1Ln5PnpOt1-gog_Y7efWSSEAW82QmtxSFvyIcgpTHMcqqX9FI60hyHP8fXPxib_s4coQ-SmlYTtxG3t6gKs-swQyhBBEUql04uvN1p2xmq66EnPlkmcSa0QEXwcZjcejqt3NxUD9I1LYt9J9Nv-uT5caTYeLczIGXGeKhTLxb5ujisZqW7X-YDmA3npTW6ewAKP8ktrCQBc71UgBzNEgqBKS9LS1UIPs2QsxOuu_EtiHsu3nKbGiPMxiNFSnMPUNpIusmw_-S9pH5KCrdbAVYQzHykxHH-iGKz8sEAangpklUbp5n5XzAhB2E4KApbU8SJhFvSzz5aqsVC11ANz6IDFNOr3RD-BCn7cAiFhf6ZfDVq3IglhWwx37exlo2n1S4bE3o7LJpZhWhZdQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCLlUY-KksY-XZPLDK7_UPu7eUqArJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTMyMzg1NTUyMTg1ODg0MzmgAdW20uoDyAEJqQJRkiwkv3iwPuACAKgDAaoEjwJP0Mofhcty9SdKssCL--yyKdEEj07NcYmeTiMNaDF8KIlSN45dcYgbb8oo7GbkW-5o2cDA6R8f-bpIAdjAcy4PypA0GdKnhcEa6uO-R8ck951VHojpHAR4BUcuyy3R2gQdy8n8SSTH-qwsYUdcnKUeuXlbvy96hmbTl0XdZxYFUXv9LVQDGerg304JhaDHZOjil4o-eOpJR0NH8u0qLSZtf-cCffFmmvGdgXASr9gf6ciQTG69A8m5nXP03TQqjxRFHwihpRjkFOvNSJGXZaJOe2GKugYLbM4bWMowFRCe0kkkT1sUFjNKxJJdQ4tV44VA7qexylPXgS_lQcJMoR4lLIAYyZMu846pMn74Zjh24AQBgAaWmt3Y0N-Y5osBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YBwEAEyAusCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0q2SxgFUiv9khkeoSN-tKeMIVBVw%26client%3Dca-pub-3238555218588439%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
25eb3f0340ca71f3b5a454e9ca2d19a81172df023a2c8b1543258ffd1dbdb14c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:23 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=31484345
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
4306
expires
Fri, 22 Sep 2023 04:10:29 GMT
all
csm.eu.criteo.net/ Frame 6E1E 		0
128 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=CpjZ3NsDNmC2JH9rFX7NDz55zDmQUcZtLU4z9xWoYeDbIcuURKtU_bqYgUxKTnbe7RaZtVkZgQMcGUThddSRm-wKXARUzcT_60klW4bNty_iFnfIF7x6ikZbjyMXo039y3Fi8hgqQtKnOnjvC7TQNnWITXrNk73sSyZAIn4znGeSl85ZcCcefCnT33AwmgLlWi68-AoapIyxaHENXnwGvTN3YO1eE2VdWmzlVUBZ1GhlFnYfLkz6c3PonfcfFm8znpyRTlN8NjktkEbe&sds=2&rev=82884&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yyyp-AAPLOUIu-UwAAUbuxe_kjS-X3qD5Pr_xQ&u=%7ChIUXIrGDpJK759hFcJIrfPzCzTrExvh6vYUvpezIPF0%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNy44cDHK1QYNdJ71gdyCWvylMYxXMLCj4fODidRdwMR55tQ-B9hy0g4MQ3Y2uLD3JJ7lEKfzn4aGxZFJgNB2TpNcNBw4A1xZ6hsv-V10fUCPEi72bbOVQPHldwVW2uHxuCq4e4SNc2fb-DRN3AaoZ3PFtmUBb1kM79_wXOVk_cQc8ypAxD1Qv-jcaGvgyYe7flx0YZ7PFy5sHXBjw4zHU8jjmfgHAGfFlq0_eyR1Ln5PnpOt1-gog_Y7efWSSEAW82QmtxSFvyIcgpTHMcqqX9FI60hyHP8fXPxib_s4coQ-SmlYTtxG3t6gKs-swQyhBBEUql04uvN1p2xmq66EnPlkmcSa0QEXwcZjcejqt3NxUD9I1LYt9J9Nv-uT5caTYeLczIGXGeKhTLxb5ujisZqW7X-YDmA3npTW6ewAKP8ktrCQBc71UgBzNEgqBKS9LS1UIPs2QsxOuu_EtiHsu3nKbGiPMxiNFSnMPUNpIusmw_-S9pH5KCrdbAVYQzHykxHH-iGKz8sEAangpklUbp5n5XzAhB2E4KApbU8SJhFvSzz5aqsVC11ANz6IDFNOr3RD-BCn7cAiFhf6ZfDVq3IglhWwx37exlo2n1S4bE3o7LJpZhWhZdQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCLlUY-KksY-XZPLDK7_UPu7eUqArJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTMyMzg1NTUyMTg1ODg0MzmgAdW20uoDyAEJqQJRkiwkv3iwPuACAKgDAaoEjwJP0Mofhcty9SdKssCL--yyKdEEj07NcYmeTiMNaDF8KIlSN45dcYgbb8oo7GbkW-5o2cDA6R8f-bpIAdjAcy4PypA0GdKnhcEa6uO-R8ck951VHojpHAR4BUcuyy3R2gQdy8n8SSTH-qwsYUdcnKUeuXlbvy96hmbTl0XdZxYFUXv9LVQDGerg304JhaDHZOjil4o-eOpJR0NH8u0qLSZtf-cCffFmmvGdgXASr9gf6ciQTG69A8m5nXP03TQqjxRFHwihpRjkFOvNSJGXZaJOe2GKugYLbM4bWMowFRCe0kkkT1sUFjNKxJJdQ4tV44VA7qexylPXgS_lQcJMoR4lLIAYyZMu846pMn74Zjh24AQBgAaWmt3Y0N-Y5osBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YBwEAEyAusCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0q2SxgFUiv9khkeoSN-tKeMIVBVw%26client%3Dca-pub-3238555218588439%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.162 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Thu, 22 Sep 2022 18:31:23 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 6E1E 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yyyp-AAPLOUIu-UwAAUbuxe_kjS-X3qD5Pr_xQ&u=%7ChIUXIrGDpJK759hFcJIrfPzCzTrExvh6vYUvpezIPF0%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNy44cDHK1QYNdJ71gdyCWvylMYxXMLCj4fODidRdwMR55tQ-B9hy0g4MQ3Y2uLD3JJ7lEKfzn4aGxZFJgNB2TpNcNBw4A1xZ6hsv-V10fUCPEi72bbOVQPHldwVW2uHxuCq4e4SNc2fb-DRN3AaoZ3PFtmUBb1kM79_wXOVk_cQc8ypAxD1Qv-jcaGvgyYe7flx0YZ7PFy5sHXBjw4zHU8jjmfgHAGfFlq0_eyR1Ln5PnpOt1-gog_Y7efWSSEAW82QmtxSFvyIcgpTHMcqqX9FI60hyHP8fXPxib_s4coQ-SmlYTtxG3t6gKs-swQyhBBEUql04uvN1p2xmq66EnPlkmcSa0QEXwcZjcejqt3NxUD9I1LYt9J9Nv-uT5caTYeLczIGXGeKhTLxb5ujisZqW7X-YDmA3npTW6ewAKP8ktrCQBc71UgBzNEgqBKS9LS1UIPs2QsxOuu_EtiHsu3nKbGiPMxiNFSnMPUNpIusmw_-S9pH5KCrdbAVYQzHykxHH-iGKz8sEAangpklUbp5n5XzAhB2E4KApbU8SJhFvSzz5aqsVC11ANz6IDFNOr3RD-BCn7cAiFhf6ZfDVq3IglhWwx37exlo2n1S4bE3o7LJpZhWhZdQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCLlUY-KksY-XZPLDK7_UPu7eUqArJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTMyMzg1NTUyMTg1ODg0MzmgAdW20uoDyAEJqQJRkiwkv3iwPuACAKgDAaoEjwJP0Mofhcty9SdKssCL--yyKdEEj07NcYmeTiMNaDF8KIlSN45dcYgbb8oo7GbkW-5o2cDA6R8f-bpIAdjAcy4PypA0GdKnhcEa6uO-R8ck951VHojpHAR4BUcuyy3R2gQdy8n8SSTH-qwsYUdcnKUeuXlbvy96hmbTl0XdZxYFUXv9LVQDGerg304JhaDHZOjil4o-eOpJR0NH8u0qLSZtf-cCffFmmvGdgXASr9gf6ciQTG69A8m5nXP03TQqjxRFHwihpRjkFOvNSJGXZaJOe2GKugYLbM4bWMowFRCe0kkkT1sUFjNKxJJdQ4tV44VA7qexylPXgS_lQcJMoR4lLIAYyZMu846pMn74Zjh24AQBgAaWmt3Y0N-Y5osBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YBwEAEyAusCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0q2SxgFUiv9khkeoSN-tKeMIVBVw%26client%3Dca-pub-3238555218588439%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:23 GMT
content-encoding
gzip
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 17 Sep 2023 18:31:23 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame 6E1E 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yyyp-AAPLOUIu-UwAAUbuxe_kjS-X3qD5Pr_xQ&u=%7ChIUXIrGDpJK759hFcJIrfPzCzTrExvh6vYUvpezIPF0%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNy44cDHK1QYNdJ71gdyCWvylMYxXMLCj4fODidRdwMR55tQ-B9hy0g4MQ3Y2uLD3JJ7lEKfzn4aGxZFJgNB2TpNcNBw4A1xZ6hsv-V10fUCPEi72bbOVQPHldwVW2uHxuCq4e4SNc2fb-DRN3AaoZ3PFtmUBb1kM79_wXOVk_cQc8ypAxD1Qv-jcaGvgyYe7flx0YZ7PFy5sHXBjw4zHU8jjmfgHAGfFlq0_eyR1Ln5PnpOt1-gog_Y7efWSSEAW82QmtxSFvyIcgpTHMcqqX9FI60hyHP8fXPxib_s4coQ-SmlYTtxG3t6gKs-swQyhBBEUql04uvN1p2xmq66EnPlkmcSa0QEXwcZjcejqt3NxUD9I1LYt9J9Nv-uT5caTYeLczIGXGeKhTLxb5ujisZqW7X-YDmA3npTW6ewAKP8ktrCQBc71UgBzNEgqBKS9LS1UIPs2QsxOuu_EtiHsu3nKbGiPMxiNFSnMPUNpIusmw_-S9pH5KCrdbAVYQzHykxHH-iGKz8sEAangpklUbp5n5XzAhB2E4KApbU8SJhFvSzz5aqsVC11ANz6IDFNOr3RD-BCn7cAiFhf6ZfDVq3IglhWwx37exlo2n1S4bE3o7LJpZhWhZdQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCLlUY-KksY-XZPLDK7_UPu7eUqArJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTMyMzg1NTUyMTg1ODg0MzmgAdW20uoDyAEJqQJRkiwkv3iwPuACAKgDAaoEjwJP0Mofhcty9SdKssCL--yyKdEEj07NcYmeTiMNaDF8KIlSN45dcYgbb8oo7GbkW-5o2cDA6R8f-bpIAdjAcy4PypA0GdKnhcEa6uO-R8ck951VHojpHAR4BUcuyy3R2gQdy8n8SSTH-qwsYUdcnKUeuXlbvy96hmbTl0XdZxYFUXv9LVQDGerg304JhaDHZOjil4o-eOpJR0NH8u0qLSZtf-cCffFmmvGdgXASr9gf6ciQTG69A8m5nXP03TQqjxRFHwihpRjkFOvNSJGXZaJOe2GKugYLbM4bWMowFRCe0kkkT1sUFjNKxJJdQ4tV44VA7qexylPXgS_lQcJMoR4lLIAYyZMu846pMn74Zjh24AQBgAaWmt3Y0N-Y5osBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YBwEAEyAusCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0q2SxgFUiv9khkeoSN-tKeMIVBVw%26client%3Dca-pub-3238555218588439%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:23 GMT
content-encoding
gzip
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 17 Sep 2023 18:31:23 GMT
webfontloader.js
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 5CF7 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yyyp-AAPLPAIu-UwAAUbu4IGuQ-NwO_ih8iFfQ&u=%7ChIUXIrGDpJL6ACliD7asN7bF%2FtPdfLs3BxdlWUEBWhU%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy3nBR3pkar3jW9x1qp97j4VxsJ0frS2_wLdRBXhALqgDilxRAFHEEdI_JvtZc4hgvnhPqIP-IQMXIpmr0QWwpQTLcqY2ARHL-jzZ_VofujCAGeYp6ibKVLCjhxz68EIja199XyVD29nh9P2AlXuvysrnDpb2k0ErKNEpWr8lK7-XCv4kVcixdVFlNgWk2quHhEf2sUIi-0WWu58WPEPeWwWca29UwhQ2EG7msLe-cPckpeIF_1ky2sw9u2idVAqrOhuklMzLvG8PW7uz_3YxN0r-6WKHIPNEL2bugxhuD-OraOuFjRJRLQd1BmQ7Mm3g3fmMWpckUvIdeOxA8bd_DJIZi1MIHtICVwkxKTsDC3D6bFAkqpN0mYFoMElbs5KlGPfA-X-evXJCRflnm8zZerELqwQ-lpqEKtk6Bpef0Qnje1D2xmHi7J5DEVMvu6f4-EvAzYsgHCVEwwvx_1rLTpZZJffFi5VpBDDmavkDkonfKO2Z1XHT6sWIHfMGK4-WpYdjIPplipR0su_qss9fKKR7KVuWcKmvA3KzxA4mGaRzEHnqhSEeFIRxzNOtYlSMQTKj7Pg6YuJ9N77JhOnTmjY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCglD4-KksY_DZPLDK7_UPu7eUqArJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTMyMzg1NTUyMTg1ODg0MzmgAdW20uoDyAEJqQJRkiwkv3iwPuACAKgDAaoEnAJP0HWI8UnqOGOv6n0_lc5AWvQHEOep17No4x2EuW89V39r-QhwPiqlz-Tldp0wyrXVAGrnrRTwkvvrAuYO0izMctkucGZPP3DcqE13QhJTOk9PZE9PW_py7nGlEWCof5HeJQYOML9qNMwqbgv3XoECuCrJNz-3PnUouWfGG_FRJrUdvlQm1TeWFohE5px04ewNVEMXTxAMOvXVjj1FWh1pYiFTGYTpbvgd3fIRSRUNA09bZLBlMhqTgIkDSxXZdxueKrY9EJ-SXuRwUL0Lf4fdO4LNVffs4c5cbIVv1c1GWtiO5cJSYu5kizVZLjtFCWxBBpsDBCwDOIbuUSY0mNhpnHPAyaaA0LXQu9j7Wn01tTBbHK5l7TEc3sTb3uAEAYAG6_Wg6NOGiOThAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAcBABMgLrAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1s8A8x-l3C2aW9Kzq0nlvzaS2pTw%26client%3Dca-pub-3238555218588439%26adurl%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:23 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
2509826
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4420
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:17:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb04030-30d9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=knxxzuXHG3YjkPt51ZUwJFpaEdH5titnpfDE1lkLHG1MprQDKZg8uFjb4WkTd3QU3Glgdq3LuIEZRU%2BO0SCYhClNdy1KR4OJxjDYJtUkZyuhmL%2BwBAbO%2FoY1GxJHu1TLn1Z7OY3BRKhpIggf%2BKd2NEWy"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
74ed1e066a749c0d-FRA
expires
Tue, 12 Sep 2023 18:31:23 GMT
animejs.js
static.criteo.net/animejs/ Frame 5CF7 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yyyp-AAPLPAIu-UwAAUbu4IGuQ-NwO_ih8iFfQ&u=%7ChIUXIrGDpJL6ACliD7asN7bF%2FtPdfLs3BxdlWUEBWhU%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy3nBR3pkar3jW9x1qp97j4VxsJ0frS2_wLdRBXhALqgDilxRAFHEEdI_JvtZc4hgvnhPqIP-IQMXIpmr0QWwpQTLcqY2ARHL-jzZ_VofujCAGeYp6ibKVLCjhxz68EIja199XyVD29nh9P2AlXuvysrnDpb2k0ErKNEpWr8lK7-XCv4kVcixdVFlNgWk2quHhEf2sUIi-0WWu58WPEPeWwWca29UwhQ2EG7msLe-cPckpeIF_1ky2sw9u2idVAqrOhuklMzLvG8PW7uz_3YxN0r-6WKHIPNEL2bugxhuD-OraOuFjRJRLQd1BmQ7Mm3g3fmMWpckUvIdeOxA8bd_DJIZi1MIHtICVwkxKTsDC3D6bFAkqpN0mYFoMElbs5KlGPfA-X-evXJCRflnm8zZerELqwQ-lpqEKtk6Bpef0Qnje1D2xmHi7J5DEVMvu6f4-EvAzYsgHCVEwwvx_1rLTpZZJffFi5VpBDDmavkDkonfKO2Z1XHT6sWIHfMGK4-WpYdjIPplipR0su_qss9fKKR7KVuWcKmvA3KzxA4mGaRzEHnqhSEeFIRxzNOtYlSMQTKj7Pg6YuJ9N77JhOnTmjY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCglD4-KksY_DZPLDK7_UPu7eUqArJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTMyMzg1NTUyMTg1ODg0MzmgAdW20uoDyAEJqQJRkiwkv3iwPuACAKgDAaoEnAJP0HWI8UnqOGOv6n0_lc5AWvQHEOep17No4x2EuW89V39r-QhwPiqlz-Tldp0wyrXVAGrnrRTwkvvrAuYO0izMctkucGZPP3DcqE13QhJTOk9PZE9PW_py7nGlEWCof5HeJQYOML9qNMwqbgv3XoECuCrJNz-3PnUouWfGG_FRJrUdvlQm1TeWFohE5px04ewNVEMXTxAMOvXVjj1FWh1pYiFTGYTpbvgd3fIRSRUNA09bZLBlMhqTgIkDSxXZdxueKrY9EJ-SXuRwUL0Lf4fdO4LNVffs4c5cbIVv1c1GWtiO5cJSYu5kizVZLjtFCWxBBpsDBCwDOIbuUSY0mNhpnHPAyaaA0LXQu9j7Wn01tTBbHK5l7TEc3sTb3uAEAYAG6_Wg6NOGiOThAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAcBABMgLrAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1s8A8x-l3C2aW9Kzq0nlvzaS2pTw%26client%3Dca-pub-3238555218588439%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:23 GMT
content-encoding
gzip
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 17 Sep 2023 18:31:23 GMT
6893d9208fb94220b234b7a25f323df9_cpn_300x250_1.png
static.criteo.net/design/dt/25080/220907/ Frame 5CF7 		122 KB
123 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/design/dt/25080/220907/6893d9208fb94220b234b7a25f323df9_cpn_300x250_1.png
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yyyp-AAPLPAIu-UwAAUbu4IGuQ-NwO_ih8iFfQ&u=%7ChIUXIrGDpJL6ACliD7asN7bF%2FtPdfLs3BxdlWUEBWhU%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy3nBR3pkar3jW9x1qp97j4VxsJ0frS2_wLdRBXhALqgDilxRAFHEEdI_JvtZc4hgvnhPqIP-IQMXIpmr0QWwpQTLcqY2ARHL-jzZ_VofujCAGeYp6ibKVLCjhxz68EIja199XyVD29nh9P2AlXuvysrnDpb2k0ErKNEpWr8lK7-XCv4kVcixdVFlNgWk2quHhEf2sUIi-0WWu58WPEPeWwWca29UwhQ2EG7msLe-cPckpeIF_1ky2sw9u2idVAqrOhuklMzLvG8PW7uz_3YxN0r-6WKHIPNEL2bugxhuD-OraOuFjRJRLQd1BmQ7Mm3g3fmMWpckUvIdeOxA8bd_DJIZi1MIHtICVwkxKTsDC3D6bFAkqpN0mYFoMElbs5KlGPfA-X-evXJCRflnm8zZerELqwQ-lpqEKtk6Bpef0Qnje1D2xmHi7J5DEVMvu6f4-EvAzYsgHCVEwwvx_1rLTpZZJffFi5VpBDDmavkDkonfKO2Z1XHT6sWIHfMGK4-WpYdjIPplipR0su_qss9fKKR7KVuWcKmvA3KzxA4mGaRzEHnqhSEeFIRxzNOtYlSMQTKj7Pg6YuJ9N77JhOnTmjY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCglD4-KksY_DZPLDK7_UPu7eUqArJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTMyMzg1NTUyMTg1ODg0MzmgAdW20uoDyAEJqQJRkiwkv3iwPuACAKgDAaoEnAJP0HWI8UnqOGOv6n0_lc5AWvQHEOep17No4x2EuW89V39r-QhwPiqlz-Tldp0wyrXVAGrnrRTwkvvrAuYO0izMctkucGZPP3DcqE13QhJTOk9PZE9PW_py7nGlEWCof5HeJQYOML9qNMwqbgv3XoECuCrJNz-3PnUouWfGG_FRJrUdvlQm1TeWFohE5px04ewNVEMXTxAMOvXVjj1FWh1pYiFTGYTpbvgd3fIRSRUNA09bZLBlMhqTgIkDSxXZdxueKrY9EJ-SXuRwUL0Lf4fdO4LNVffs4c5cbIVv1c1GWtiO5cJSYu5kizVZLjtFCWxBBpsDBCwDOIbuUSY0mNhpnHPAyaaA0LXQu9j7Wn01tTBbHK5l7TEc3sTb3uAEAYAG6_Wg6NOGiOThAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAcBABMgLrAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1s8A8x-l3C2aW9Kzq0nlvzaS2pTw%26client%3Dca-pub-3238555218588439%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
aebf876f9e6a79cc725c099ff17b2801f85aa7bc16aa106cd164653662d45fa1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:23 GMT
last-modified
Wed, 07 Sep 2022 07:35:06 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"631849aa-1e96b"
strict-transport-security
max-age=31536000; preload;
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
125291
expires
Sun, 17 Sep 2023 18:31:23 GMT
img
pix.eu.criteo.net/img/ Frame 5CF7 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?h=76&m=0&partner=25080&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F25080%2F220505%2Fb0df4b81f52f48c386b6472c88230d0b_vev_luxury_second_hand.png&v=3&w=596&s=mb0vxHriruIB3EjnigN5wbMF
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yyyp-AAPLPAIu-UwAAUbu4IGuQ-NwO_ih8iFfQ&u=%7ChIUXIrGDpJL6ACliD7asN7bF%2FtPdfLs3BxdlWUEBWhU%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy3nBR3pkar3jW9x1qp97j4VxsJ0frS2_wLdRBXhALqgDilxRAFHEEdI_JvtZc4hgvnhPqIP-IQMXIpmr0QWwpQTLcqY2ARHL-jzZ_VofujCAGeYp6ibKVLCjhxz68EIja199XyVD29nh9P2AlXuvysrnDpb2k0ErKNEpWr8lK7-XCv4kVcixdVFlNgWk2quHhEf2sUIi-0WWu58WPEPeWwWca29UwhQ2EG7msLe-cPckpeIF_1ky2sw9u2idVAqrOhuklMzLvG8PW7uz_3YxN0r-6WKHIPNEL2bugxhuD-OraOuFjRJRLQd1BmQ7Mm3g3fmMWpckUvIdeOxA8bd_DJIZi1MIHtICVwkxKTsDC3D6bFAkqpN0mYFoMElbs5KlGPfA-X-evXJCRflnm8zZerELqwQ-lpqEKtk6Bpef0Qnje1D2xmHi7J5DEVMvu6f4-EvAzYsgHCVEwwvx_1rLTpZZJffFi5VpBDDmavkDkonfKO2Z1XHT6sWIHfMGK4-WpYdjIPplipR0su_qss9fKKR7KVuWcKmvA3KzxA4mGaRzEHnqhSEeFIRxzNOtYlSMQTKj7Pg6YuJ9N77JhOnTmjY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCglD4-KksY_DZPLDK7_UPu7eUqArJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTMyMzg1NTUyMTg1ODg0MzmgAdW20uoDyAEJqQJRkiwkv3iwPuACAKgDAaoEnAJP0HWI8UnqOGOv6n0_lc5AWvQHEOep17No4x2EuW89V39r-QhwPiqlz-Tldp0wyrXVAGrnrRTwkvvrAuYO0izMctkucGZPP3DcqE13QhJTOk9PZE9PW_py7nGlEWCof5HeJQYOML9qNMwqbgv3XoECuCrJNz-3PnUouWfGG_FRJrUdvlQm1TeWFohE5px04ewNVEMXTxAMOvXVjj1FWh1pYiFTGYTpbvgd3fIRSRUNA09bZLBlMhqTgIkDSxXZdxueKrY9EJ-SXuRwUL0Lf4fdO4LNVffs4c5cbIVv1c1GWtiO5cJSYu5kizVZLjtFCWxBBpsDBCwDOIbuUSY0mNhpnHPAyaaA0LXQu9j7Wn01tTBbHK5l7TEc3sTb3uAEAYAG6_Wg6NOGiOThAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAcBABMgLrAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1s8A8x-l3C2aW9Kzq0nlvzaS2pTw%26client%3Dca-pub-3238555218588439%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
5864d61d2e023b4443c481022d223a128bbeb4d5dd92578837a2061d9cb396f6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:23 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=29679906
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
10891
expires
Fri, 01 Sep 2023 06:56:30 GMT
img
pix.eu.criteo.net/img/ Frame 5CF7 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=25080&q=80&r=0&u=https%3A%2F%2Fviteenvogue-b2c-production.imgix.net%2Fproduct%2F1217478%2F61%2F1217478-61-image-1-62f41daaa2a55.jpg%3Fauto%3Dformat%26q%3D80&v=3&w=400&s=FnFb4fFumq0HOkV7AlqLJ7HX&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yyyp-AAPLPAIu-UwAAUbu4IGuQ-NwO_ih8iFfQ&u=%7ChIUXIrGDpJL6ACliD7asN7bF%2FtPdfLs3BxdlWUEBWhU%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy3nBR3pkar3jW9x1qp97j4VxsJ0frS2_wLdRBXhALqgDilxRAFHEEdI_JvtZc4hgvnhPqIP-IQMXIpmr0QWwpQTLcqY2ARHL-jzZ_VofujCAGeYp6ibKVLCjhxz68EIja199XyVD29nh9P2AlXuvysrnDpb2k0ErKNEpWr8lK7-XCv4kVcixdVFlNgWk2quHhEf2sUIi-0WWu58WPEPeWwWca29UwhQ2EG7msLe-cPckpeIF_1ky2sw9u2idVAqrOhuklMzLvG8PW7uz_3YxN0r-6WKHIPNEL2bugxhuD-OraOuFjRJRLQd1BmQ7Mm3g3fmMWpckUvIdeOxA8bd_DJIZi1MIHtICVwkxKTsDC3D6bFAkqpN0mYFoMElbs5KlGPfA-X-evXJCRflnm8zZerELqwQ-lpqEKtk6Bpef0Qnje1D2xmHi7J5DEVMvu6f4-EvAzYsgHCVEwwvx_1rLTpZZJffFi5VpBDDmavkDkonfKO2Z1XHT6sWIHfMGK4-WpYdjIPplipR0su_qss9fKKR7KVuWcKmvA3KzxA4mGaRzEHnqhSEeFIRxzNOtYlSMQTKj7Pg6YuJ9N77JhOnTmjY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCglD4-KksY_DZPLDK7_UPu7eUqArJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTMyMzg1NTUyMTg1ODg0MzmgAdW20uoDyAEJqQJRkiwkv3iwPuACAKgDAaoEnAJP0HWI8UnqOGOv6n0_lc5AWvQHEOep17No4x2EuW89V39r-QhwPiqlz-Tldp0wyrXVAGrnrRTwkvvrAuYO0izMctkucGZPP3DcqE13QhJTOk9PZE9PW_py7nGlEWCof5HeJQYOML9qNMwqbgv3XoECuCrJNz-3PnUouWfGG_FRJrUdvlQm1TeWFohE5px04ewNVEMXTxAMOvXVjj1FWh1pYiFTGYTpbvgd3fIRSRUNA09bZLBlMhqTgIkDSxXZdxueKrY9EJ-SXuRwUL0Lf4fdO4LNVffs4c5cbIVv1c1GWtiO5cJSYu5kizVZLjtFCWxBBpsDBCwDOIbuUSY0mNhpnHPAyaaA0LXQu9j7Wn01tTBbHK5l7TEc3sTb3uAEAYAG6_Wg6NOGiOThAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAcBABMgLrAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1s8A8x-l3C2aW9Kzq0nlvzaS2pTw%26client%3Dca-pub-3238555218588439%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
65810546bf9cd2610f954a318f819b2e560a2392eff69d32cd076c72e065dedb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:23 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=51264
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
3960
expires
Fri, 23 Sep 2022 08:45:48 GMT
img
pix.eu.criteo.net/img/ Frame 5CF7 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=25080&q=80&r=0&u=https%3A%2F%2Fviteenvogue-b2c-production.imgix.net%2Fproduct%2F1244496%2F28%2F1244496-28-image-1-631c292b163b4.jpg%3Fauto%3Dformat%26q%3D80&v=3&w=400&s=4c5jM7GXetLmXissy9pc3J3c&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yyyp-AAPLPAIu-UwAAUbu4IGuQ-NwO_ih8iFfQ&u=%7ChIUXIrGDpJL6ACliD7asN7bF%2FtPdfLs3BxdlWUEBWhU%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy3nBR3pkar3jW9x1qp97j4VxsJ0frS2_wLdRBXhALqgDilxRAFHEEdI_JvtZc4hgvnhPqIP-IQMXIpmr0QWwpQTLcqY2ARHL-jzZ_VofujCAGeYp6ibKVLCjhxz68EIja199XyVD29nh9P2AlXuvysrnDpb2k0ErKNEpWr8lK7-XCv4kVcixdVFlNgWk2quHhEf2sUIi-0WWu58WPEPeWwWca29UwhQ2EG7msLe-cPckpeIF_1ky2sw9u2idVAqrOhuklMzLvG8PW7uz_3YxN0r-6WKHIPNEL2bugxhuD-OraOuFjRJRLQd1BmQ7Mm3g3fmMWpckUvIdeOxA8bd_DJIZi1MIHtICVwkxKTsDC3D6bFAkqpN0mYFoMElbs5KlGPfA-X-evXJCRflnm8zZerELqwQ-lpqEKtk6Bpef0Qnje1D2xmHi7J5DEVMvu6f4-EvAzYsgHCVEwwvx_1rLTpZZJffFi5VpBDDmavkDkonfKO2Z1XHT6sWIHfMGK4-WpYdjIPplipR0su_qss9fKKR7KVuWcKmvA3KzxA4mGaRzEHnqhSEeFIRxzNOtYlSMQTKj7Pg6YuJ9N77JhOnTmjY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCglD4-KksY_DZPLDK7_UPu7eUqArJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTMyMzg1NTUyMTg1ODg0MzmgAdW20uoDyAEJqQJRkiwkv3iwPuACAKgDAaoEnAJP0HWI8UnqOGOv6n0_lc5AWvQHEOep17No4x2EuW89V39r-QhwPiqlz-Tldp0wyrXVAGrnrRTwkvvrAuYO0izMctkucGZPP3DcqE13QhJTOk9PZE9PW_py7nGlEWCof5HeJQYOML9qNMwqbgv3XoECuCrJNz-3PnUouWfGG_FRJrUdvlQm1TeWFohE5px04ewNVEMXTxAMOvXVjj1FWh1pYiFTGYTpbvgd3fIRSRUNA09bZLBlMhqTgIkDSxXZdxueKrY9EJ-SXuRwUL0Lf4fdO4LNVffs4c5cbIVv1c1GWtiO5cJSYu5kizVZLjtFCWxBBpsDBCwDOIbuUSY0mNhpnHPAyaaA0LXQu9j7Wn01tTBbHK5l7TEc3sTb3uAEAYAG6_Wg6NOGiOThAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAcBABMgLrAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1s8A8x-l3C2aW9Kzq0nlvzaS2pTw%26client%3Dca-pub-3238555218588439%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
c553969bd23285a744d2600c4009882596fa8efa3f3de875119861701d636c2f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:23 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=51475
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
4092
expires
Fri, 23 Sep 2022 08:49:19 GMT
all
csm.eu.criteo.net/ Frame 5CF7 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=CadzB9sDNmC2JH9rQz-bjo7EgXlJU0Tsrf-dSoBPXXLCg7If8N4lsZsek-Ak6YC0bGwMYPQdf-pEE4G3Ps7HjLh8OWHcKtL2gNdaIz_Bcmc8d_8sRlK-R59eNQcIfUZcjahG9D5oSTxV-sGb-5zQflHPxli4yhymB2kxrfJVNzhDG0xpmOA5pFzt2coiuEoHAS2c2-eJODQnv2uxxjLsb0XN6D5C-78qXbXhppiX_mx-w1bDNOP_i7CkHJe7GDtj3kV73A&sds=2&rev=82884&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yyyp-AAPLPAIu-UwAAUbu4IGuQ-NwO_ih8iFfQ&u=%7ChIUXIrGDpJL6ACliD7asN7bF%2FtPdfLs3BxdlWUEBWhU%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy3nBR3pkar3jW9x1qp97j4VxsJ0frS2_wLdRBXhALqgDilxRAFHEEdI_JvtZc4hgvnhPqIP-IQMXIpmr0QWwpQTLcqY2ARHL-jzZ_VofujCAGeYp6ibKVLCjhxz68EIja199XyVD29nh9P2AlXuvysrnDpb2k0ErKNEpWr8lK7-XCv4kVcixdVFlNgWk2quHhEf2sUIi-0WWu58WPEPeWwWca29UwhQ2EG7msLe-cPckpeIF_1ky2sw9u2idVAqrOhuklMzLvG8PW7uz_3YxN0r-6WKHIPNEL2bugxhuD-OraOuFjRJRLQd1BmQ7Mm3g3fmMWpckUvIdeOxA8bd_DJIZi1MIHtICVwkxKTsDC3D6bFAkqpN0mYFoMElbs5KlGPfA-X-evXJCRflnm8zZerELqwQ-lpqEKtk6Bpef0Qnje1D2xmHi7J5DEVMvu6f4-EvAzYsgHCVEwwvx_1rLTpZZJffFi5VpBDDmavkDkonfKO2Z1XHT6sWIHfMGK4-WpYdjIPplipR0su_qss9fKKR7KVuWcKmvA3KzxA4mGaRzEHnqhSEeFIRxzNOtYlSMQTKj7Pg6YuJ9N77JhOnTmjY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCglD4-KksY_DZPLDK7_UPu7eUqArJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTMyMzg1NTUyMTg1ODg0MzmgAdW20uoDyAEJqQJRkiwkv3iwPuACAKgDAaoEnAJP0HWI8UnqOGOv6n0_lc5AWvQHEOep17No4x2EuW89V39r-QhwPiqlz-Tldp0wyrXVAGrnrRTwkvvrAuYO0izMctkucGZPP3DcqE13QhJTOk9PZE9PW_py7nGlEWCof5HeJQYOML9qNMwqbgv3XoECuCrJNz-3PnUouWfGG_FRJrUdvlQm1TeWFohE5px04ewNVEMXTxAMOvXVjj1FWh1pYiFTGYTpbvgd3fIRSRUNA09bZLBlMhqTgIkDSxXZdxueKrY9EJ-SXuRwUL0Lf4fdO4LNVffs4c5cbIVv1c1GWtiO5cJSYu5kizVZLjtFCWxBBpsDBCwDOIbuUSY0mNhpnHPAyaaA0LXQu9j7Wn01tTBbHK5l7TEc3sTb3uAEAYAG6_Wg6NOGiOThAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAcBABMgLrAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1s8A8x-l3C2aW9Kzq0nlvzaS2pTw%26client%3Dca-pub-3238555218588439%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.162 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Thu, 22 Sep 2022 18:31:23 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 5CF7 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yyyp-AAPLPAIu-UwAAUbu4IGuQ-NwO_ih8iFfQ&u=%7ChIUXIrGDpJL6ACliD7asN7bF%2FtPdfLs3BxdlWUEBWhU%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy3nBR3pkar3jW9x1qp97j4VxsJ0frS2_wLdRBXhALqgDilxRAFHEEdI_JvtZc4hgvnhPqIP-IQMXIpmr0QWwpQTLcqY2ARHL-jzZ_VofujCAGeYp6ibKVLCjhxz68EIja199XyVD29nh9P2AlXuvysrnDpb2k0ErKNEpWr8lK7-XCv4kVcixdVFlNgWk2quHhEf2sUIi-0WWu58WPEPeWwWca29UwhQ2EG7msLe-cPckpeIF_1ky2sw9u2idVAqrOhuklMzLvG8PW7uz_3YxN0r-6WKHIPNEL2bugxhuD-OraOuFjRJRLQd1BmQ7Mm3g3fmMWpckUvIdeOxA8bd_DJIZi1MIHtICVwkxKTsDC3D6bFAkqpN0mYFoMElbs5KlGPfA-X-evXJCRflnm8zZerELqwQ-lpqEKtk6Bpef0Qnje1D2xmHi7J5DEVMvu6f4-EvAzYsgHCVEwwvx_1rLTpZZJffFi5VpBDDmavkDkonfKO2Z1XHT6sWIHfMGK4-WpYdjIPplipR0su_qss9fKKR7KVuWcKmvA3KzxA4mGaRzEHnqhSEeFIRxzNOtYlSMQTKj7Pg6YuJ9N77JhOnTmjY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCglD4-KksY_DZPLDK7_UPu7eUqArJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTMyMzg1NTUyMTg1ODg0MzmgAdW20uoDyAEJqQJRkiwkv3iwPuACAKgDAaoEnAJP0HWI8UnqOGOv6n0_lc5AWvQHEOep17No4x2EuW89V39r-QhwPiqlz-Tldp0wyrXVAGrnrRTwkvvrAuYO0izMctkucGZPP3DcqE13QhJTOk9PZE9PW_py7nGlEWCof5HeJQYOML9qNMwqbgv3XoECuCrJNz-3PnUouWfGG_FRJrUdvlQm1TeWFohE5px04ewNVEMXTxAMOvXVjj1FWh1pYiFTGYTpbvgd3fIRSRUNA09bZLBlMhqTgIkDSxXZdxueKrY9EJ-SXuRwUL0Lf4fdO4LNVffs4c5cbIVv1c1GWtiO5cJSYu5kizVZLjtFCWxBBpsDBCwDOIbuUSY0mNhpnHPAyaaA0LXQu9j7Wn01tTBbHK5l7TEc3sTb3uAEAYAG6_Wg6NOGiOThAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAcBABMgLrAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1s8A8x-l3C2aW9Kzq0nlvzaS2pTw%26client%3Dca-pub-3238555218588439%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:23 GMT
content-encoding
gzip
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 17 Sep 2023 18:31:23 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame 5CF7 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yyyp-AAPLPAIu-UwAAUbu4IGuQ-NwO_ih8iFfQ&u=%7ChIUXIrGDpJL6ACliD7asN7bF%2FtPdfLs3BxdlWUEBWhU%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy3nBR3pkar3jW9x1qp97j4VxsJ0frS2_wLdRBXhALqgDilxRAFHEEdI_JvtZc4hgvnhPqIP-IQMXIpmr0QWwpQTLcqY2ARHL-jzZ_VofujCAGeYp6ibKVLCjhxz68EIja199XyVD29nh9P2AlXuvysrnDpb2k0ErKNEpWr8lK7-XCv4kVcixdVFlNgWk2quHhEf2sUIi-0WWu58WPEPeWwWca29UwhQ2EG7msLe-cPckpeIF_1ky2sw9u2idVAqrOhuklMzLvG8PW7uz_3YxN0r-6WKHIPNEL2bugxhuD-OraOuFjRJRLQd1BmQ7Mm3g3fmMWpckUvIdeOxA8bd_DJIZi1MIHtICVwkxKTsDC3D6bFAkqpN0mYFoMElbs5KlGPfA-X-evXJCRflnm8zZerELqwQ-lpqEKtk6Bpef0Qnje1D2xmHi7J5DEVMvu6f4-EvAzYsgHCVEwwvx_1rLTpZZJffFi5VpBDDmavkDkonfKO2Z1XHT6sWIHfMGK4-WpYdjIPplipR0su_qss9fKKR7KVuWcKmvA3KzxA4mGaRzEHnqhSEeFIRxzNOtYlSMQTKj7Pg6YuJ9N77JhOnTmjY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCglD4-KksY_DZPLDK7_UPu7eUqArJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTMyMzg1NTUyMTg1ODg0MzmgAdW20uoDyAEJqQJRkiwkv3iwPuACAKgDAaoEnAJP0HWI8UnqOGOv6n0_lc5AWvQHEOep17No4x2EuW89V39r-QhwPiqlz-Tldp0wyrXVAGrnrRTwkvvrAuYO0izMctkucGZPP3DcqE13QhJTOk9PZE9PW_py7nGlEWCof5HeJQYOML9qNMwqbgv3XoECuCrJNz-3PnUouWfGG_FRJrUdvlQm1TeWFohE5px04ewNVEMXTxAMOvXVjj1FWh1pYiFTGYTpbvgd3fIRSRUNA09bZLBlMhqTgIkDSxXZdxueKrY9EJ-SXuRwUL0Lf4fdO4LNVffs4c5cbIVv1c1GWtiO5cJSYu5kizVZLjtFCWxBBpsDBCwDOIbuUSY0mNhpnHPAyaaA0LXQu9j7Wn01tTBbHK5l7TEc3sTb3uAEAYAG6_Wg6NOGiOThAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAcBABMgLrAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1s8A8x-l3C2aW9Kzq0nlvzaS2pTw%26client%3Dca-pub-3238555218588439%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:23 GMT
content-encoding
gzip
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 17 Sep 2023 18:31:23 GMT
config
c.amazon-adsystem.com/cdn/prod/ Frame 954B 		0
316 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.staradvertiser.com&pubid=4cd01fd0-0780-4b33-a4da-c39467660185
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.64.114.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-64-114-85.txl50.r.cloudfront.net
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 12:35:46 GMT
via
1.1 1a620bb236f3df5588fc787c47ccfafa.cloudfront.net (CloudFront)
server
Server
age
21337
x-cache
Hit from cloudfront
access-control-allow-origin
https://www.staradvertiser.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-pop
TXL50-P4
x-amz-cf-id
b7J9gMfon2i5B0vzKtgn9VTprAFQp6D4kAJctKIY4qkMVkW48XtOVQ==
bid
aax-dtb-cf.amazon-adsystem.com/e/dtb/ Frame 954B 		195 B
637 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.staradvertiser.com%2F&pid=2VRQvHrODw6sr&cb=0&ws=728x90&v=22.9.81452&t=2000&slots=%5B%7B%22sd%22%3A%2267473%22%2C%22s%22%3A%5B%22728x90%22%5D%7D%5D&schain=1.0%2C1!firstimpression.io%2C7470%2C1%2C%2C%2C&pubid=4cd01fd0-0780-4b33-a4da-c39467660185&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.87.188 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-87-188.fra2.r.cloudfront.net
Software
Server /
Resource Hash
81f216e64d41cf942dc20d809c5f46b1369dc05238c28bac6d6ee8e4f6922f9d
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:24 GMT
via
1.1 2b2e2811e641703aebf776da39317b9c.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA2-C2
x-amz-rid
049766ADP8X7AK9S8Y60
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.staradvertiser.com
access-control-allow-credentials
true
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
195
x-amz-cf-id
rR-hH4X_dvt2S2M3-CpvSw76kLOBKrc4ZaeW15_sG5Q42QAq1kqSeA==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame 954B 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.64.114.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-64-114-85.txl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id
I95TjGhhrR3O7F99m0mjPLrSrnJRj9o4
content-encoding
gzip
etag
W/"a4d296427fc806b21335359e398c025c"
age
31713
x-cache
Hit from cloudfront
access-control-max-age
3000
access-control-allow-origin
*
last-modified
Mon, 19 Sep 2022 09:37:07 GMT
server
AmazonS3
date
Thu, 22 Sep 2022 09:42:50 GMT
vary
Accept-Encoding,Origin
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 d58f8ae27ab00bbbe1dc072976204492.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
TXL50-P4
x-amz-cf-id
mehIPsSvYI_ni0vOWlAC7cz57wGtXfbhk6-wSfaHAZw3TsRRZXf0DA==
webfontloader.js
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame FF42 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yyyp-AAPLO8Iu-UwAAUbu6ATRCWZyvoag5SHug&u=%7ChIUXIrGDpJLE91T41VdP1QqeHXE1ueDWpukZm9DeKWM%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANZE5PA-gwcExOc4fDdBFkrmfhkfAt6HIWmOd02SfG27iABCa-gZ4QnmR2GsviQVGam_af1ScQc3kOMOAwYRqJLyqucb5imnzI7qjQPWBQiJCzleM1PQX7_dq6Q5chDkCeP7nYFqajOQnv_oXgGArTbmN_HIyopxe2oW2gANA4IU1SxJscmLbdPuClTnoFFM5SjEVK9IwKEW5d9N2kIH0ZmDcvOChObf4HU0nOauCBlUZRppf2ihM3wTk3KEFo363oyoA3YHLL06ew-unYFH2iDSOw_0KlvUWGf89OgUdTGgjCv5rwG28GetA6aS5oRMjhBDy9TUgAgl6hXAXo6mB44Pt9vaR6QhFOGOHLSD_5YrrQBQuNQtbsqiQgrnancVjuTTVRcJwRAv3zPpUopyWu14YcwWOghBj5T-3MlhZjg69m3jd8DQB4Ch9s6TmRH4yJhEXLBMjIV13CGGmxMCQATfF4Vs4FitmXei9SpuO1SVD6U_cmbo3CIcOPtTS45ehtuRlSNcbgFPOS0G08FWtm1jciFrjHZ3tzllApI55K-Yz9_AbZdeJKHE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCSzQ2-KksY-_ZPLDK7_UPu7eUqArJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTMyMzg1NTUyMTg1ODg0MzmgAdW20uoDyAEJqQJRkiwkv3iwPuACAKgDAaoElAJP0IGe1f1aPfJuwKhBjEX4nlbcW60HbisKyMx0oJhOJsuTH0MuvTLCh6uS5cNmHXhSsgw3CX4ccRZFvQoRJT1t5FehBmHnfcyg1Czv7lpMXtghgn8rlXwZ6aUWLRKk94nRRjn2apw0SI98kOtvu7HcqtLMilbiXmEuVRqLMKbHWTPc6_Yl0gTSzCxV3dvqqFglnBMPDDjv_L1AZN1H_C6PJ58aTOyi-F368GCRffTa5NYexW_Z1CG0lA3UI9KBdAxaxIfZ7bn1o9l1AfL_XCTvCJc3W2-knBT49vvg5RO1W9LK90sAe0oPF308kSnJAj3n4t07kZOJCo-ncJdHc9E4R058xwjTPkn-9aHqyYjPSFq8FqPgBAGABpaa3djQ35jmiwGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgHAQATIC6wI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2S_66pDEEever9jLoLHtRIWF3m6A%26client%3Dca-pub-3238555218588439%26adurl%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:23 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
2509826
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4420
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:17:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb04030-30d9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dOZENv%2F54ZEMEZcVwtfIV7b9BhEtDcduM44cxamt7ygrW9wf7zxdZL6RlY6h2YxDg0seDyPJraBdFKBaXGiUB2Fi0AJ26mz9becCPEMhEZLz37JnNuV4n43sbtYn%2Fa3jNyDnX08jhmXPC5%2FVjmB5rs4N"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
74ed1e069ab89c0d-FRA
expires
Tue, 12 Sep 2023 18:31:23 GMT
event
event.insticator.com/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://event.insticator.com/v1/event?event_name=event_adunit-load
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.44.229.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-44-229-202.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.staradvertiser.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://www.staradvertiser.com
access-control-max-age
3600
content-length
0
date
Thu, 22 Sep 2022 18:31:23 GMT
vary
Origin
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame C656 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/ads-code/134cd2a0-7eab-4f89-ad56-f416cc5743c6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ded83dfad5386763df9b7180e4df61811351bbdb196a2d8d5f9f255debf59b9d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27807
x-xss-protection
0
server
sffe
etag
"1342 / 894 of 1000 / last-modified: 1663844945"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 22 Sep 2022 18:31:23 GMT
event
event.insticator.com/v1/ Frame C656 		0
125 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://event.insticator.com/v1/event?event_name=event_adunit-load
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/ads-code/134cd2a0-7eab-4f89-ad56-f416cc5743c6.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.44.229.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-44-229-202.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.staradvertiser.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-type
application/json

Response headers

access-control-allow-origin
https://www.staradvertiser.com
date
Thu, 22 Sep 2022 18:31:24 GMT
access-control-allow-credentials
true
content-length
0
vary
Origin
ImgSync
image8.pubmatic.com/AdServer/ 		0
42 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?p=160074
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.18 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:23 GMT
content-length
0
truncated
/ Frame 9021 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
77977163e280409ff018a05f90284b2637dc97f2d9c7d39e79de1e37bf65545f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame ED50 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ee9b895c8560809e966643e37bdc17b885ed55e53472d3b5e9082c22b271a71d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 2938 		220 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
af88769fb70738eb76e14f1bdb3d7738c94779416cf02d252c16270a7948a9e0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type
image/png
ea076a48-7ff8-4563-b0a2-c28838674b3e
https://www.staradvertiser.com/ 		93 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.staradvertiser.com/ea076a48-7ff8-4563-b0a2-c28838674b3e
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
80cedb5e5fa85548eaf3a95451e57186182aa440e5e8aa2f38c204d8b38f663c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Length
94924
Content-Type
text/javascript
ads
pubads.g.doubleclick.net/gampad/ Frame 9DAC 		156 B
142 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?slotname=%2F92056281%2Fhonolulustar-advertiser-premium&sz=480x270&ciu_szs=300x60&cust_params=sessionKey%3D214988373-Kqg2J0vzlYL6FDsn%26schain%3Dsendtonews.com%2CL7r5UMGIQVI6qe1BoRgEAg%26content%3D4735%26placementType%3DPremium%26embed%3DNxulL6Ef%26domain%3Dstaradvertiser.com%26player_size%3Dlarge%26player_width%3D282%26player_height%3D227%26player_type%3Dbarker%26version%3D7.8.0%26player_status%3DLVFNLNIY%26play_code%3D2008%26view100%3D1%26excl_cat%3Dstl_id00014%26rand%3D6%26us_privacy%3Dfalse&url=https%3A%2F%2Fwww.staradvertiser.com%2F&unviewed_position_start=1&output=xml_vast4&env=vp&gdfp_req=1&ad_rule=0&video_url_to_fetch=https%3A%2F%2Fwww.staradvertiser.com%2F&useragent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F105.0.5195.125%20Safari%2F537.36%2Cgzip(gfe)&vad_type=linear&vpos=preroll&pod=1&ppos=1&lip=true&min_ad_duration=0&max_ad_duration=30000&vrid=1263268&sid=04DED731-241B-4DE8-8805-A72C0C060352&adk=2458199627&cookie_enabled=1&correlator=2546722349721125&dlt=1663871477769&dt=1663871484017&ged=timeout&idt=3803&is_amp=0&omid_p=Google1%2Fh.3.532.0&osd=2&ptt=20&scor=1085602343736678&sdk_apis=2%2C7%2C8&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&us_privacy=false&vis=1&u_so=l&eid=44748969%2C44754420%2C44760950%2C44765701&hl=en&frm=0&cmsid=2460952&mpt=stnvideo%2Fplayer&sdki=445&sdkv=h.3.532.0&sdr=1&vconp=2&video_doc_id=2254305&vpa=auto&vpmute=1&nel=0&cnc=5136785&kfa=0&tfcd=0&ctv=0&cookie=ID%3D6b1163197e313caf%3AT%3D1663871480%3AS%3DALNI_MZN69JqttAfEr_IetFEmKdriJnV6g
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.532.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:24 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
webfontloader.js
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 9781 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yyyp-AAPLOkIu-UwAAUbu3KcBS0Ool-dONwgjQ&u=%7ChIUXIrGDpJIglTT91dladBEXYD9pJZ8Qq6ERhbBffsg%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNy44cDHK1QYNdJ71gdyCWvylMYxXMLCj4fODidRdwMR55tQ-B9hy0g1QCKGju0TMFrgLV7AJgRHBH_AV6w0tnRtraPfdmSHY4VtN0I-eUNMs4nmiqSNt0Ts_20On4dI7aNaxYBPLA60J-6UxxkNxuhC38fb3U0ZCgJ0I0lHbkVJmerFFOwRPGKj2DC9iI2OuMncSNa0RkdE9lg1H4-4LSHFfJodqv7ikBsyJVJNvN7ASwCYgQSBlRti6kuaBc_SXWrpK3TGJnSx2HqthwaHqXkqZr8RcTVeGGL0AMWqxUmceE0TDDDz7jTnLaMa7SWSI1_x0ENiGdp53cFyATf44fQQCpnRxVvL4J6CDI2JWCOGZtbOjIsiBL3CBMA-wr2iIeDPvGnHpd5hoVXAtr4sWayze4JKvxHxdzFhvdri-dDbNS-vXLfGuircLDmvUcU3_Dths2MS3qp1syIk4N41T8U2RoanX40iS7uUovmDK3p6ZsjiM8t0fKPotZs-ekcy3ZrEMRP5mtwWoiukwzVdwd0Ytql7kAdbph9Q91kaUwH1vsE9iyx7F96qdOOdNhG6P2Ps85fCzoZxBuOf6VVaq-A8ehIrGgm_Xz9Ltfgx5_S_GD13liMl1IgQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCGRhB-KksY-nZPLDK7_UPu7eUqArJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTMyMzg1NTUyMTg1ODg0MzmgAdW20uoDyAEJqQJRkiwkv3iwPuACAKgDAaoElgJP0C6ySL7s-LjAmx1VXuYarmCKyi83AH_FGEmZ-4PVCRf1G_bJvPeeAMXpbc_TycCpFZzV1lUEDnCSe5Zef5NXIYQ254EpqWCMWHmrGw0kS0ixYw5W5lNI9gzrO4EAJe9N9Hza1BZLUhO4IbuLZ8DI-WbdBWpzfbDmDVmf5KodQh-KGNfsutxa2ITg5d8YLSGi2pX7pQX3aY1PDwKCnDmkpALHnuV_kcSrUae_9CmkbtWIA08rf3PK317-22E3wcHAQgl3T3XAVwvklEiLYsrhbRV7mDI7gkxyajh3wVonas8rg0U5DuzXD-IdLrL4FAWNar7SIaoRarYn_coggGjucUmy4laI_Sd9XpvH675XLOHnRB4_ReAEAYAGj_aIluyviaSkAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAcBABMgLrAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0Ntpq278oR3lEOV3kZoJmoTG-uBA%26client%3Dca-pub-3238555218588439%26adurl%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:24 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
2509827
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4420
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:17:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb04030-30d9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ik0jt%2Bh3wEwGYeFn%2FX47kYs3S42wXhFb8BwxXlLsZZbNBYkdES%2FT%2B8XKKH0F%2FDmaYo2l1%2BTy8%2Fb3b1D%2BPBjXcUr8qu3OkpLYT7D2ZRx8hF%2FVrQBHziQUVkrYhEIZs%2F6C%2F6%2B7%2FkbVjPpGpvYSsZX%2BRI0l"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
74ed1e073bf29c0d-FRA
expires
Tue, 12 Sep 2023 18:31:24 GMT
animejs.js
static.criteo.net/animejs/ Frame 9781 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yyyp-AAPLOkIu-UwAAUbu3KcBS0Ool-dONwgjQ&u=%7ChIUXIrGDpJIglTT91dladBEXYD9pJZ8Qq6ERhbBffsg%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNy44cDHK1QYNdJ71gdyCWvylMYxXMLCj4fODidRdwMR55tQ-B9hy0g1QCKGju0TMFrgLV7AJgRHBH_AV6w0tnRtraPfdmSHY4VtN0I-eUNMs4nmiqSNt0Ts_20On4dI7aNaxYBPLA60J-6UxxkNxuhC38fb3U0ZCgJ0I0lHbkVJmerFFOwRPGKj2DC9iI2OuMncSNa0RkdE9lg1H4-4LSHFfJodqv7ikBsyJVJNvN7ASwCYgQSBlRti6kuaBc_SXWrpK3TGJnSx2HqthwaHqXkqZr8RcTVeGGL0AMWqxUmceE0TDDDz7jTnLaMa7SWSI1_x0ENiGdp53cFyATf44fQQCpnRxVvL4J6CDI2JWCOGZtbOjIsiBL3CBMA-wr2iIeDPvGnHpd5hoVXAtr4sWayze4JKvxHxdzFhvdri-dDbNS-vXLfGuircLDmvUcU3_Dths2MS3qp1syIk4N41T8U2RoanX40iS7uUovmDK3p6ZsjiM8t0fKPotZs-ekcy3ZrEMRP5mtwWoiukwzVdwd0Ytql7kAdbph9Q91kaUwH1vsE9iyx7F96qdOOdNhG6P2Ps85fCzoZxBuOf6VVaq-A8ehIrGgm_Xz9Ltfgx5_S_GD13liMl1IgQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCGRhB-KksY-nZPLDK7_UPu7eUqArJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTMyMzg1NTUyMTg1ODg0MzmgAdW20uoDyAEJqQJRkiwkv3iwPuACAKgDAaoElgJP0C6ySL7s-LjAmx1VXuYarmCKyi83AH_FGEmZ-4PVCRf1G_bJvPeeAMXpbc_TycCpFZzV1lUEDnCSe5Zef5NXIYQ254EpqWCMWHmrGw0kS0ixYw5W5lNI9gzrO4EAJe9N9Hza1BZLUhO4IbuLZ8DI-WbdBWpzfbDmDVmf5KodQh-KGNfsutxa2ITg5d8YLSGi2pX7pQX3aY1PDwKCnDmkpALHnuV_kcSrUae_9CmkbtWIA08rf3PK317-22E3wcHAQgl3T3XAVwvklEiLYsrhbRV7mDI7gkxyajh3wVonas8rg0U5DuzXD-IdLrL4FAWNar7SIaoRarYn_coggGjucUmy4laI_Sd9XpvH675XLOHnRB4_ReAEAYAGj_aIluyviaSkAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAcBABMgLrAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0Ntpq278oR3lEOV3kZoJmoTG-uBA%26client%3Dca-pub-3238555218588439%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:24 GMT
content-encoding
gzip
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 17 Sep 2023 18:31:24 GMT
animejs.js
static.criteo.net/animejs/ Frame FF42 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yyyp-AAPLO8Iu-UwAAUbu6ATRCWZyvoag5SHug&u=%7ChIUXIrGDpJLE91T41VdP1QqeHXE1ueDWpukZm9DeKWM%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANZE5PA-gwcExOc4fDdBFkrmfhkfAt6HIWmOd02SfG27iABCa-gZ4QnmR2GsviQVGam_af1ScQc3kOMOAwYRqJLyqucb5imnzI7qjQPWBQiJCzleM1PQX7_dq6Q5chDkCeP7nYFqajOQnv_oXgGArTbmN_HIyopxe2oW2gANA4IU1SxJscmLbdPuClTnoFFM5SjEVK9IwKEW5d9N2kIH0ZmDcvOChObf4HU0nOauCBlUZRppf2ihM3wTk3KEFo363oyoA3YHLL06ew-unYFH2iDSOw_0KlvUWGf89OgUdTGgjCv5rwG28GetA6aS5oRMjhBDy9TUgAgl6hXAXo6mB44Pt9vaR6QhFOGOHLSD_5YrrQBQuNQtbsqiQgrnancVjuTTVRcJwRAv3zPpUopyWu14YcwWOghBj5T-3MlhZjg69m3jd8DQB4Ch9s6TmRH4yJhEXLBMjIV13CGGmxMCQATfF4Vs4FitmXei9SpuO1SVD6U_cmbo3CIcOPtTS45ehtuRlSNcbgFPOS0G08FWtm1jciFrjHZ3tzllApI55K-Yz9_AbZdeJKHE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCSzQ2-KksY-_ZPLDK7_UPu7eUqArJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTMyMzg1NTUyMTg1ODg0MzmgAdW20uoDyAEJqQJRkiwkv3iwPuACAKgDAaoElAJP0IGe1f1aPfJuwKhBjEX4nlbcW60HbisKyMx0oJhOJsuTH0MuvTLCh6uS5cNmHXhSsgw3CX4ccRZFvQoRJT1t5FehBmHnfcyg1Czv7lpMXtghgn8rlXwZ6aUWLRKk94nRRjn2apw0SI98kOtvu7HcqtLMilbiXmEuVRqLMKbHWTPc6_Yl0gTSzCxV3dvqqFglnBMPDDjv_L1AZN1H_C6PJ58aTOyi-F368GCRffTa5NYexW_Z1CG0lA3UI9KBdAxaxIfZ7bn1o9l1AfL_XCTvCJc3W2-knBT49vvg5RO1W9LK90sAe0oPF308kSnJAj3n4t07kZOJCo-ncJdHc9E4R058xwjTPkn-9aHqyYjPSFq8FqPgBAGABpaa3djQ35jmiwGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgHAQATIC6wI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2S_66pDEEever9jLoLHtRIWF3m6A%26client%3Dca-pub-3238555218588439%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:24 GMT
content-encoding
gzip
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 17 Sep 2023 18:31:24 GMT
truncated
/ Frame 4BE6 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
93f534249e595c1b7c3dae579aaa79f4d925766f308ada532ebe959afb803e82

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type
image/png
img
pix.eu.criteo.net/img/ Frame FF42 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=93548&q=80&r=0&u=https%3A%2F%2Finteriorr.com%2Fmedia%2Fcatalog%2Fproduct%2Fc%2Fh%2Fchlo_beige_new_7_.jpg&v=3&w=400&s=lkdiMblahPh6nMuEjS3eZy5z&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yyyp-AAPLO8Iu-UwAAUbu6ATRCWZyvoag5SHug&u=%7ChIUXIrGDpJLE91T41VdP1QqeHXE1ueDWpukZm9DeKWM%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANZE5PA-gwcExOc4fDdBFkrmfhkfAt6HIWmOd02SfG27iABCa-gZ4QnmR2GsviQVGam_af1ScQc3kOMOAwYRqJLyqucb5imnzI7qjQPWBQiJCzleM1PQX7_dq6Q5chDkCeP7nYFqajOQnv_oXgGArTbmN_HIyopxe2oW2gANA4IU1SxJscmLbdPuClTnoFFM5SjEVK9IwKEW5d9N2kIH0ZmDcvOChObf4HU0nOauCBlUZRppf2ihM3wTk3KEFo363oyoA3YHLL06ew-unYFH2iDSOw_0KlvUWGf89OgUdTGgjCv5rwG28GetA6aS5oRMjhBDy9TUgAgl6hXAXo6mB44Pt9vaR6QhFOGOHLSD_5YrrQBQuNQtbsqiQgrnancVjuTTVRcJwRAv3zPpUopyWu14YcwWOghBj5T-3MlhZjg69m3jd8DQB4Ch9s6TmRH4yJhEXLBMjIV13CGGmxMCQATfF4Vs4FitmXei9SpuO1SVD6U_cmbo3CIcOPtTS45ehtuRlSNcbgFPOS0G08FWtm1jciFrjHZ3tzllApI55K-Yz9_AbZdeJKHE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCSzQ2-KksY-_ZPLDK7_UPu7eUqArJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTMyMzg1NTUyMTg1ODg0MzmgAdW20uoDyAEJqQJRkiwkv3iwPuACAKgDAaoElAJP0IGe1f1aPfJuwKhBjEX4nlbcW60HbisKyMx0oJhOJsuTH0MuvTLCh6uS5cNmHXhSsgw3CX4ccRZFvQoRJT1t5FehBmHnfcyg1Czv7lpMXtghgn8rlXwZ6aUWLRKk94nRRjn2apw0SI98kOtvu7HcqtLMilbiXmEuVRqLMKbHWTPc6_Yl0gTSzCxV3dvqqFglnBMPDDjv_L1AZN1H_C6PJ58aTOyi-F368GCRffTa5NYexW_Z1CG0lA3UI9KBdAxaxIfZ7bn1o9l1AfL_XCTvCJc3W2-knBT49vvg5RO1W9LK90sAe0oPF308kSnJAj3n4t07kZOJCo-ncJdHc9E4R058xwjTPkn-9aHqyYjPSFq8FqPgBAGABpaa3djQ35jmiwGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgHAQATIC6wI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2S_66pDEEever9jLoLHtRIWF3m6A%26client%3Dca-pub-3238555218588439%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
25eb3f0340ca71f3b5a454e9ca2d19a81172df023a2c8b1543258ffd1dbdb14c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:23 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=31484345
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
4306
expires
Fri, 22 Sep 2023 04:10:29 GMT
img
pix.eu.criteo.net/img/ Frame FF42 		27 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?h=132&m=0&partner=93548&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F93548%2F220216%2Fa926ee7344b84020ba8fb4337c64fba4_logo_spacing.png&v=3&w=596&s=EHdbF0Z6uFwxKUzVYxorkQXT
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yyyp-AAPLO8Iu-UwAAUbu6ATRCWZyvoag5SHug&u=%7ChIUXIrGDpJLE91T41VdP1QqeHXE1ueDWpukZm9DeKWM%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANZE5PA-gwcExOc4fDdBFkrmfhkfAt6HIWmOd02SfG27iABCa-gZ4QnmR2GsviQVGam_af1ScQc3kOMOAwYRqJLyqucb5imnzI7qjQPWBQiJCzleM1PQX7_dq6Q5chDkCeP7nYFqajOQnv_oXgGArTbmN_HIyopxe2oW2gANA4IU1SxJscmLbdPuClTnoFFM5SjEVK9IwKEW5d9N2kIH0ZmDcvOChObf4HU0nOauCBlUZRppf2ihM3wTk3KEFo363oyoA3YHLL06ew-unYFH2iDSOw_0KlvUWGf89OgUdTGgjCv5rwG28GetA6aS5oRMjhBDy9TUgAgl6hXAXo6mB44Pt9vaR6QhFOGOHLSD_5YrrQBQuNQtbsqiQgrnancVjuTTVRcJwRAv3zPpUopyWu14YcwWOghBj5T-3MlhZjg69m3jd8DQB4Ch9s6TmRH4yJhEXLBMjIV13CGGmxMCQATfF4Vs4FitmXei9SpuO1SVD6U_cmbo3CIcOPtTS45ehtuRlSNcbgFPOS0G08FWtm1jciFrjHZ3tzllApI55K-Yz9_AbZdeJKHE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCSzQ2-KksY-_ZPLDK7_UPu7eUqArJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTMyMzg1NTUyMTg1ODg0MzmgAdW20uoDyAEJqQJRkiwkv3iwPuACAKgDAaoElAJP0IGe1f1aPfJuwKhBjEX4nlbcW60HbisKyMx0oJhOJsuTH0MuvTLCh6uS5cNmHXhSsgw3CX4ccRZFvQoRJT1t5FehBmHnfcyg1Czv7lpMXtghgn8rlXwZ6aUWLRKk94nRRjn2apw0SI98kOtvu7HcqtLMilbiXmEuVRqLMKbHWTPc6_Yl0gTSzCxV3dvqqFglnBMPDDjv_L1AZN1H_C6PJ58aTOyi-F368GCRffTa5NYexW_Z1CG0lA3UI9KBdAxaxIfZ7bn1o9l1AfL_XCTvCJc3W2-knBT49vvg5RO1W9LK90sAe0oPF308kSnJAj3n4t07kZOJCo-ncJdHc9E4R058xwjTPkn-9aHqyYjPSFq8FqPgBAGABpaa3djQ35jmiwGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgHAQATIC6wI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2S_66pDEEever9jLoLHtRIWF3m6A%26client%3Dca-pub-3238555218588439%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
09830b9791bcc0e29aa62ad599f8e93a90031aa238269fc16de81489c7cc7a55
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:23 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=28455613
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
28063
expires
Fri, 18 Aug 2023 02:51:37 GMT
img
pix.eu.criteo.net/img/ Frame FF42 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=93548&q=80&r=0&u=https%3A%2F%2Finteriorr.com%2Fmedia%2Fcatalog%2Fproduct%2F1%2Fb%2F1b2a1382_1.jpg&v=3&w=400&s=eOg8udWIrBfxb0KXEX_wbEjj&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yyyp-AAPLO8Iu-UwAAUbu6ATRCWZyvoag5SHug&u=%7ChIUXIrGDpJLE91T41VdP1QqeHXE1ueDWpukZm9DeKWM%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANZE5PA-gwcExOc4fDdBFkrmfhkfAt6HIWmOd02SfG27iABCa-gZ4QnmR2GsviQVGam_af1ScQc3kOMOAwYRqJLyqucb5imnzI7qjQPWBQiJCzleM1PQX7_dq6Q5chDkCeP7nYFqajOQnv_oXgGArTbmN_HIyopxe2oW2gANA4IU1SxJscmLbdPuClTnoFFM5SjEVK9IwKEW5d9N2kIH0ZmDcvOChObf4HU0nOauCBlUZRppf2ihM3wTk3KEFo363oyoA3YHLL06ew-unYFH2iDSOw_0KlvUWGf89OgUdTGgjCv5rwG28GetA6aS5oRMjhBDy9TUgAgl6hXAXo6mB44Pt9vaR6QhFOGOHLSD_5YrrQBQuNQtbsqiQgrnancVjuTTVRcJwRAv3zPpUopyWu14YcwWOghBj5T-3MlhZjg69m3jd8DQB4Ch9s6TmRH4yJhEXLBMjIV13CGGmxMCQATfF4Vs4FitmXei9SpuO1SVD6U_cmbo3CIcOPtTS45ehtuRlSNcbgFPOS0G08FWtm1jciFrjHZ3tzllApI55K-Yz9_AbZdeJKHE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCSzQ2-KksY-_ZPLDK7_UPu7eUqArJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTMyMzg1NTUyMTg1ODg0MzmgAdW20uoDyAEJqQJRkiwkv3iwPuACAKgDAaoElAJP0IGe1f1aPfJuwKhBjEX4nlbcW60HbisKyMx0oJhOJsuTH0MuvTLCh6uS5cNmHXhSsgw3CX4ccRZFvQoRJT1t5FehBmHnfcyg1Czv7lpMXtghgn8rlXwZ6aUWLRKk94nRRjn2apw0SI98kOtvu7HcqtLMilbiXmEuVRqLMKbHWTPc6_Yl0gTSzCxV3dvqqFglnBMPDDjv_L1AZN1H_C6PJ58aTOyi-F368GCRffTa5NYexW_Z1CG0lA3UI9KBdAxaxIfZ7bn1o9l1AfL_XCTvCJc3W2-knBT49vvg5RO1W9LK90sAe0oPF308kSnJAj3n4t07kZOJCo-ncJdHc9E4R058xwjTPkn-9aHqyYjPSFq8FqPgBAGABpaa3djQ35jmiwGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgHAQATIC6wI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2S_66pDEEever9jLoLHtRIWF3m6A%26client%3Dca-pub-3238555218588439%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
8f473e86647a1f9a991c26cdd2f2ee1c56376378a9f36587403a7c54c4bb6e23
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:23 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=29506095
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
7238
expires
Wed, 30 Aug 2023 06:39:40 GMT
all
csm.eu.criteo.net/ Frame FF42 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=JPqa1tsDNmC2JH9r_48Qnt2Cwk8lfpEEU1uuwevgowCqw1Tv8lR-MwTTt91p3JfOqpg1XWrcGO2udQCP7-33s82wOovGKC9XEqohFlwX1QDKW1uzuNHOsWu0JSUQTAo9BESxovgdXy4JnFyw1d40evDSukPEie7LB5l6mM2twEPIAxwUC8x_FSqT5hRU-V8-wI03Fcodp6aUUWjmwu72cracPNyP6IqVeDp2BiXC4ExGnnu_GD6V4HKzeY1YMOQ7afGO1g&sds=2&rev=82884&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yyyp-AAPLO8Iu-UwAAUbu6ATRCWZyvoag5SHug&u=%7ChIUXIrGDpJLE91T41VdP1QqeHXE1ueDWpukZm9DeKWM%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANZE5PA-gwcExOc4fDdBFkrmfhkfAt6HIWmOd02SfG27iABCa-gZ4QnmR2GsviQVGam_af1ScQc3kOMOAwYRqJLyqucb5imnzI7qjQPWBQiJCzleM1PQX7_dq6Q5chDkCeP7nYFqajOQnv_oXgGArTbmN_HIyopxe2oW2gANA4IU1SxJscmLbdPuClTnoFFM5SjEVK9IwKEW5d9N2kIH0ZmDcvOChObf4HU0nOauCBlUZRppf2ihM3wTk3KEFo363oyoA3YHLL06ew-unYFH2iDSOw_0KlvUWGf89OgUdTGgjCv5rwG28GetA6aS5oRMjhBDy9TUgAgl6hXAXo6mB44Pt9vaR6QhFOGOHLSD_5YrrQBQuNQtbsqiQgrnancVjuTTVRcJwRAv3zPpUopyWu14YcwWOghBj5T-3MlhZjg69m3jd8DQB4Ch9s6TmRH4yJhEXLBMjIV13CGGmxMCQATfF4Vs4FitmXei9SpuO1SVD6U_cmbo3CIcOPtTS45ehtuRlSNcbgFPOS0G08FWtm1jciFrjHZ3tzllApI55K-Yz9_AbZdeJKHE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCSzQ2-KksY-_ZPLDK7_UPu7eUqArJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTMyMzg1NTUyMTg1ODg0MzmgAdW20uoDyAEJqQJRkiwkv3iwPuACAKgDAaoElAJP0IGe1f1aPfJuwKhBjEX4nlbcW60HbisKyMx0oJhOJsuTH0MuvTLCh6uS5cNmHXhSsgw3CX4ccRZFvQoRJT1t5FehBmHnfcyg1Czv7lpMXtghgn8rlXwZ6aUWLRKk94nRRjn2apw0SI98kOtvu7HcqtLMilbiXmEuVRqLMKbHWTPc6_Yl0gTSzCxV3dvqqFglnBMPDDjv_L1AZN1H_C6PJ58aTOyi-F368GCRffTa5NYexW_Z1CG0lA3UI9KBdAxaxIfZ7bn1o9l1AfL_XCTvCJc3W2-knBT49vvg5RO1W9LK90sAe0oPF308kSnJAj3n4t07kZOJCo-ncJdHc9E4R058xwjTPkn-9aHqyYjPSFq8FqPgBAGABpaa3djQ35jmiwGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgHAQATIC6wI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2S_66pDEEever9jLoLHtRIWF3m6A%26client%3Dca-pub-3238555218588439%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.162 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Thu, 22 Sep 2022 18:31:23 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame FF42 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yyyp-AAPLO8Iu-UwAAUbu6ATRCWZyvoag5SHug&u=%7ChIUXIrGDpJLE91T41VdP1QqeHXE1ueDWpukZm9DeKWM%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANZE5PA-gwcExOc4fDdBFkrmfhkfAt6HIWmOd02SfG27iABCa-gZ4QnmR2GsviQVGam_af1ScQc3kOMOAwYRqJLyqucb5imnzI7qjQPWBQiJCzleM1PQX7_dq6Q5chDkCeP7nYFqajOQnv_oXgGArTbmN_HIyopxe2oW2gANA4IU1SxJscmLbdPuClTnoFFM5SjEVK9IwKEW5d9N2kIH0ZmDcvOChObf4HU0nOauCBlUZRppf2ihM3wTk3KEFo363oyoA3YHLL06ew-unYFH2iDSOw_0KlvUWGf89OgUdTGgjCv5rwG28GetA6aS5oRMjhBDy9TUgAgl6hXAXo6mB44Pt9vaR6QhFOGOHLSD_5YrrQBQuNQtbsqiQgrnancVjuTTVRcJwRAv3zPpUopyWu14YcwWOghBj5T-3MlhZjg69m3jd8DQB4Ch9s6TmRH4yJhEXLBMjIV13CGGmxMCQATfF4Vs4FitmXei9SpuO1SVD6U_cmbo3CIcOPtTS45ehtuRlSNcbgFPOS0G08FWtm1jciFrjHZ3tzllApI55K-Yz9_AbZdeJKHE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCSzQ2-KksY-_ZPLDK7_UPu7eUqArJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTMyMzg1NTUyMTg1ODg0MzmgAdW20uoDyAEJqQJRkiwkv3iwPuACAKgDAaoElAJP0IGe1f1aPfJuwKhBjEX4nlbcW60HbisKyMx0oJhOJsuTH0MuvTLCh6uS5cNmHXhSsgw3CX4ccRZFvQoRJT1t5FehBmHnfcyg1Czv7lpMXtghgn8rlXwZ6aUWLRKk94nRRjn2apw0SI98kOtvu7HcqtLMilbiXmEuVRqLMKbHWTPc6_Yl0gTSzCxV3dvqqFglnBMPDDjv_L1AZN1H_C6PJ58aTOyi-F368GCRffTa5NYexW_Z1CG0lA3UI9KBdAxaxIfZ7bn1o9l1AfL_XCTvCJc3W2-knBT49vvg5RO1W9LK90sAe0oPF308kSnJAj3n4t07kZOJCo-ncJdHc9E4R058xwjTPkn-9aHqyYjPSFq8FqPgBAGABpaa3djQ35jmiwGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgHAQATIC6wI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2S_66pDEEever9jLoLHtRIWF3m6A%26client%3Dca-pub-3238555218588439%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:24 GMT
content-encoding
gzip
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 17 Sep 2023 18:31:24 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame FF42 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yyyp-AAPLO8Iu-UwAAUbu6ATRCWZyvoag5SHug&u=%7ChIUXIrGDpJLE91T41VdP1QqeHXE1ueDWpukZm9DeKWM%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANZE5PA-gwcExOc4fDdBFkrmfhkfAt6HIWmOd02SfG27iABCa-gZ4QnmR2GsviQVGam_af1ScQc3kOMOAwYRqJLyqucb5imnzI7qjQPWBQiJCzleM1PQX7_dq6Q5chDkCeP7nYFqajOQnv_oXgGArTbmN_HIyopxe2oW2gANA4IU1SxJscmLbdPuClTnoFFM5SjEVK9IwKEW5d9N2kIH0ZmDcvOChObf4HU0nOauCBlUZRppf2ihM3wTk3KEFo363oyoA3YHLL06ew-unYFH2iDSOw_0KlvUWGf89OgUdTGgjCv5rwG28GetA6aS5oRMjhBDy9TUgAgl6hXAXo6mB44Pt9vaR6QhFOGOHLSD_5YrrQBQuNQtbsqiQgrnancVjuTTVRcJwRAv3zPpUopyWu14YcwWOghBj5T-3MlhZjg69m3jd8DQB4Ch9s6TmRH4yJhEXLBMjIV13CGGmxMCQATfF4Vs4FitmXei9SpuO1SVD6U_cmbo3CIcOPtTS45ehtuRlSNcbgFPOS0G08FWtm1jciFrjHZ3tzllApI55K-Yz9_AbZdeJKHE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCSzQ2-KksY-_ZPLDK7_UPu7eUqArJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTMyMzg1NTUyMTg1ODg0MzmgAdW20uoDyAEJqQJRkiwkv3iwPuACAKgDAaoElAJP0IGe1f1aPfJuwKhBjEX4nlbcW60HbisKyMx0oJhOJsuTH0MuvTLCh6uS5cNmHXhSsgw3CX4ccRZFvQoRJT1t5FehBmHnfcyg1Czv7lpMXtghgn8rlXwZ6aUWLRKk94nRRjn2apw0SI98kOtvu7HcqtLMilbiXmEuVRqLMKbHWTPc6_Yl0gTSzCxV3dvqqFglnBMPDDjv_L1AZN1H_C6PJ58aTOyi-F368GCRffTa5NYexW_Z1CG0lA3UI9KBdAxaxIfZ7bn1o9l1AfL_XCTvCJc3W2-knBT49vvg5RO1W9LK90sAe0oPF308kSnJAj3n4t07kZOJCo-ncJdHc9E4R058xwjTPkn-9aHqyYjPSFq8FqPgBAGABpaa3djQ35jmiwGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgHAQATIC6wI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2S_66pDEEever9jLoLHtRIWF3m6A%26client%3Dca-pub-3238555218588439%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:24 GMT
content-encoding
gzip
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 17 Sep 2023 18:31:24 GMT
truncated
/ Frame C871 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
52c41e6659158c4ee481fa395fec5b2c3936d898c0c6147a7169243c9f9b4019

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 4B86 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ba206a402d0a493fca32482d3aedc3cff60010ec9419e9628654ef445c244195

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type
image/png
wrap.js
confiant-integrations.global.ssl.fastly.net/gptprebidnative/202209061116/ Frame 79CB 		202 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://confiant-integrations.global.ssl.fastly.net/gptprebidnative/202209061116/wrap.js
Requested by
Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/Fseez_-nDyWQXIJsbnoKkKTHXC4/gpt_and_prebid/config.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4dd9a0a89a6f744f971d703a692ba46ac458994d236cff82a8f79a0d1980d4d6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Thu, 22 Sep 2022 18:31:24 GMT
Content-Encoding
gzip
Age
842644
X-Cache
HIT
Connection
keep-alive
Content-Length
65932
x-amz-id-2
ngZ6pxjjczHY0u7YqE1bIxYw0LWZvYegA9szd02uJZFuzAIryNjj7UaegkzpKukqNXuC3nV8vcFuAa1eap3XTw==
X-Served-By
cache-hhn4067-HHN
Last-Modified
Tue, 06 Sep 2022 17:14:03 GMT
Server
AmazonS3
X-Timer
S1663871484.123024,VS0,VE0
ETag
"ff03fa033abd214ac10b94ea9d102f86"
x-amz-request-id
AYGP566NEH6T1319
Via
1.1 varnish
Cache-Control
public, max-age=864000
Accept-Ranges
bytes
Content-Type
application/javascript; charset=utf-8
X-Cache-Hits
409085
activeview
pagead2.googlesyndication.com/pcs/ Frame EA2D 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu8yfaNtB4noNJI5ABcTZdvYCWCiLQ1ggoIIT-MtiLCM8W1hBeH8TzzKpKYEGaV-WhhMJ6CYJLXqsDIdU4BX0vddEwCw4Bb5ibs4oA1TkDqmFlPXTeINWhQxie8cuttFKKikuT9AF5jLnvBmHqHWf69aMfMe59GY6V2WD5bQvcMLtX2cFctHpd2v8nmhlYOzagCTiFlUla5XOoFneTIh3nOjFrFGfxoEegh9ZXH47zrDQ-2sZeexv7yKtCVrwtvc0jUV7W1mrXhZQtLfygWZ5icur93fvDrGT6O6B7BavkMvpMV3ZLtFR9ubjouljkqJZVrbNFwSyIRAg2zDepGdp8&sai=AMfl-YSBD376ncLU43ccrVn4lIXt-q3Oj_37Omoch_Y-ZTyzGJ_FsIeSlwYUaU92VQo_Mk4a35UAsGUiMo4W1eB28D5hRyaT79oOfaycxGfR54LSNwMucOyR9rtRtJIA9Q&sig=Cg0ArKJSzI6rBW0mFmJGEAE&id=lidar2&mcvt=1163&p=271,436,361,1164&mtos=1163,1163,1163,1163,1163&tos=1163,0,0,0,0&v=20220921&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=776454535&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1663871481962&rpt=950&isd=0&lsd=0&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Sep 2022 18:31:24 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
css
fonts.googleapis.com/ Frame E1BA 		682 B
363 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=DM+Sans:400&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400a:800::200a Zurich, Switzerland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
5e57c6f907891c213a4be1b8db03ae43076e8a9ac6a02a88fe33bf8dca52dd3f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 22 Sep 2022 18:31:24 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 22 Sep 2022 18:31:24 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 22 Sep 2022 18:31:24 GMT
feac5d27cde84d4e99139161d87e213d_cpn_728x90_1.jpeg
static.criteo.net/design/dt/19906/220913/ Frame 9781 		53 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/design/dt/19906/220913/feac5d27cde84d4e99139161d87e213d_cpn_728x90_1.jpeg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yyyp-AAPLOkIu-UwAAUbu3KcBS0Ool-dONwgjQ&u=%7ChIUXIrGDpJIglTT91dladBEXYD9pJZ8Qq6ERhbBffsg%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNy44cDHK1QYNdJ71gdyCWvylMYxXMLCj4fODidRdwMR55tQ-B9hy0g1QCKGju0TMFrgLV7AJgRHBH_AV6w0tnRtraPfdmSHY4VtN0I-eUNMs4nmiqSNt0Ts_20On4dI7aNaxYBPLA60J-6UxxkNxuhC38fb3U0ZCgJ0I0lHbkVJmerFFOwRPGKj2DC9iI2OuMncSNa0RkdE9lg1H4-4LSHFfJodqv7ikBsyJVJNvN7ASwCYgQSBlRti6kuaBc_SXWrpK3TGJnSx2HqthwaHqXkqZr8RcTVeGGL0AMWqxUmceE0TDDDz7jTnLaMa7SWSI1_x0ENiGdp53cFyATf44fQQCpnRxVvL4J6CDI2JWCOGZtbOjIsiBL3CBMA-wr2iIeDPvGnHpd5hoVXAtr4sWayze4JKvxHxdzFhvdri-dDbNS-vXLfGuircLDmvUcU3_Dths2MS3qp1syIk4N41T8U2RoanX40iS7uUovmDK3p6ZsjiM8t0fKPotZs-ekcy3ZrEMRP5mtwWoiukwzVdwd0Ytql7kAdbph9Q91kaUwH1vsE9iyx7F96qdOOdNhG6P2Ps85fCzoZxBuOf6VVaq-A8ehIrGgm_Xz9Ltfgx5_S_GD13liMl1IgQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCGRhB-KksY-nZPLDK7_UPu7eUqArJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTMyMzg1NTUyMTg1ODg0MzmgAdW20uoDyAEJqQJRkiwkv3iwPuACAKgDAaoElgJP0C6ySL7s-LjAmx1VXuYarmCKyi83AH_FGEmZ-4PVCRf1G_bJvPeeAMXpbc_TycCpFZzV1lUEDnCSe5Zef5NXIYQ254EpqWCMWHmrGw0kS0ixYw5W5lNI9gzrO4EAJe9N9Hza1BZLUhO4IbuLZ8DI-WbdBWpzfbDmDVmf5KodQh-KGNfsutxa2ITg5d8YLSGi2pX7pQX3aY1PDwKCnDmkpALHnuV_kcSrUae_9CmkbtWIA08rf3PK317-22E3wcHAQgl3T3XAVwvklEiLYsrhbRV7mDI7gkxyajh3wVonas8rg0U5DuzXD-IdLrL4FAWNar7SIaoRarYn_coggGjucUmy4laI_Sd9XpvH675XLOHnRB4_ReAEAYAGj_aIluyviaSkAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAcBABMgLrAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0Ntpq278oR3lEOV3kZoJmoTG-uBA%26client%3Dca-pub-3238555218588439%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
d8f14ad34a712b8e053487c63dcb52721155d3eb717a064fc4165f7f5387c05b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:24 GMT
last-modified
Tue, 13 Sep 2022 12:57:57 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"63207e55-d594"
strict-transport-security
max-age=31536000; preload;
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
54676
expires
Sun, 17 Sep 2023 18:31:24 GMT
img
pix.eu.criteo.net/img/ Frame 9781 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?h=176&m=0&partner=19906&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F19906%2F190812%2F319a2d5469c04e068839667ed003cd32_logo4.png&v=3&w=256&s=uxQSob9Hdw7oEZItXk8DnehC
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yyyp-AAPLOkIu-UwAAUbu3KcBS0Ool-dONwgjQ&u=%7ChIUXIrGDpJIglTT91dladBEXYD9pJZ8Qq6ERhbBffsg%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNy44cDHK1QYNdJ71gdyCWvylMYxXMLCj4fODidRdwMR55tQ-B9hy0g1QCKGju0TMFrgLV7AJgRHBH_AV6w0tnRtraPfdmSHY4VtN0I-eUNMs4nmiqSNt0Ts_20On4dI7aNaxYBPLA60J-6UxxkNxuhC38fb3U0ZCgJ0I0lHbkVJmerFFOwRPGKj2DC9iI2OuMncSNa0RkdE9lg1H4-4LSHFfJodqv7ikBsyJVJNvN7ASwCYgQSBlRti6kuaBc_SXWrpK3TGJnSx2HqthwaHqXkqZr8RcTVeGGL0AMWqxUmceE0TDDDz7jTnLaMa7SWSI1_x0ENiGdp53cFyATf44fQQCpnRxVvL4J6CDI2JWCOGZtbOjIsiBL3CBMA-wr2iIeDPvGnHpd5hoVXAtr4sWayze4JKvxHxdzFhvdri-dDbNS-vXLfGuircLDmvUcU3_Dths2MS3qp1syIk4N41T8U2RoanX40iS7uUovmDK3p6ZsjiM8t0fKPotZs-ekcy3ZrEMRP5mtwWoiukwzVdwd0Ytql7kAdbph9Q91kaUwH1vsE9iyx7F96qdOOdNhG6P2Ps85fCzoZxBuOf6VVaq-A8ehIrGgm_Xz9Ltfgx5_S_GD13liMl1IgQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCGRhB-KksY-nZPLDK7_UPu7eUqArJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTMyMzg1NTUyMTg1ODg0MzmgAdW20uoDyAEJqQJRkiwkv3iwPuACAKgDAaoElgJP0C6ySL7s-LjAmx1VXuYarmCKyi83AH_FGEmZ-4PVCRf1G_bJvPeeAMXpbc_TycCpFZzV1lUEDnCSe5Zef5NXIYQ254EpqWCMWHmrGw0kS0ixYw5W5lNI9gzrO4EAJe9N9Hza1BZLUhO4IbuLZ8DI-WbdBWpzfbDmDVmf5KodQh-KGNfsutxa2ITg5d8YLSGi2pX7pQX3aY1PDwKCnDmkpALHnuV_kcSrUae_9CmkbtWIA08rf3PK317-22E3wcHAQgl3T3XAVwvklEiLYsrhbRV7mDI7gkxyajh3wVonas8rg0U5DuzXD-IdLrL4FAWNar7SIaoRarYn_coggGjucUmy4laI_Sd9XpvH675XLOHnRB4_ReAEAYAGj_aIluyviaSkAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAcBABMgLrAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0Ntpq278oR3lEOV3kZoJmoTG-uBA%26client%3Dca-pub-3238555218588439%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
88292217f6a404abcac66f09259df9e254c69f5611a7fac7c00584b8ac6693e1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:23 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=28989045
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
11290
expires
Thu, 24 Aug 2023 07:02:09 GMT
img
pix.eu.criteo.net/img/ Frame 9781 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=19906&q=80&r=0&u=https%3A%2F%2Fmedia.hoeffner.de%2Fmedias%2Fzoom%2F12234527_3-201811271556.jpg&v=3&w=400&s=nE1sHOlKLArPo6prilQQvc5K&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yyyp-AAPLOkIu-UwAAUbu3KcBS0Ool-dONwgjQ&u=%7ChIUXIrGDpJIglTT91dladBEXYD9pJZ8Qq6ERhbBffsg%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNy44cDHK1QYNdJ71gdyCWvylMYxXMLCj4fODidRdwMR55tQ-B9hy0g1QCKGju0TMFrgLV7AJgRHBH_AV6w0tnRtraPfdmSHY4VtN0I-eUNMs4nmiqSNt0Ts_20On4dI7aNaxYBPLA60J-6UxxkNxuhC38fb3U0ZCgJ0I0lHbkVJmerFFOwRPGKj2DC9iI2OuMncSNa0RkdE9lg1H4-4LSHFfJodqv7ikBsyJVJNvN7ASwCYgQSBlRti6kuaBc_SXWrpK3TGJnSx2HqthwaHqXkqZr8RcTVeGGL0AMWqxUmceE0TDDDz7jTnLaMa7SWSI1_x0ENiGdp53cFyATf44fQQCpnRxVvL4J6CDI2JWCOGZtbOjIsiBL3CBMA-wr2iIeDPvGnHpd5hoVXAtr4sWayze4JKvxHxdzFhvdri-dDbNS-vXLfGuircLDmvUcU3_Dths2MS3qp1syIk4N41T8U2RoanX40iS7uUovmDK3p6ZsjiM8t0fKPotZs-ekcy3ZrEMRP5mtwWoiukwzVdwd0Ytql7kAdbph9Q91kaUwH1vsE9iyx7F96qdOOdNhG6P2Ps85fCzoZxBuOf6VVaq-A8ehIrGgm_Xz9Ltfgx5_S_GD13liMl1IgQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCGRhB-KksY-nZPLDK7_UPu7eUqArJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTMyMzg1NTUyMTg1ODg0MzmgAdW20uoDyAEJqQJRkiwkv3iwPuACAKgDAaoElgJP0C6ySL7s-LjAmx1VXuYarmCKyi83AH_FGEmZ-4PVCRf1G_bJvPeeAMXpbc_TycCpFZzV1lUEDnCSe5Zef5NXIYQ254EpqWCMWHmrGw0kS0ixYw5W5lNI9gzrO4EAJe9N9Hza1BZLUhO4IbuLZ8DI-WbdBWpzfbDmDVmf5KodQh-KGNfsutxa2ITg5d8YLSGi2pX7pQX3aY1PDwKCnDmkpALHnuV_kcSrUae_9CmkbtWIA08rf3PK317-22E3wcHAQgl3T3XAVwvklEiLYsrhbRV7mDI7gkxyajh3wVonas8rg0U5DuzXD-IdLrL4FAWNar7SIaoRarYn_coggGjucUmy4laI_Sd9XpvH675XLOHnRB4_ReAEAYAGj_aIluyviaSkAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAcBABMgLrAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0Ntpq278oR3lEOV3kZoJmoTG-uBA%26client%3Dca-pub-3238555218588439%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
012d5ce95232da29e5dae8cfea13bcd72f7d3026705db2110e23b4907f34a2c4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:23 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=28480287
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
2850
expires
Fri, 18 Aug 2023 09:42:51 GMT
img
pix.eu.criteo.net/img/ Frame 9781 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=19906&q=80&r=0&u=https%3A%2F%2Fmedia.hoeffner.de%2Fmedias%2Fzoom%2F28402135_15-202204142232.jpg&v=3&w=400&s=nnn1qmNfmQF1tKTMX35CyTYc&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yyyp-AAPLOkIu-UwAAUbu3KcBS0Ool-dONwgjQ&u=%7ChIUXIrGDpJIglTT91dladBEXYD9pJZ8Qq6ERhbBffsg%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNy44cDHK1QYNdJ71gdyCWvylMYxXMLCj4fODidRdwMR55tQ-B9hy0g1QCKGju0TMFrgLV7AJgRHBH_AV6w0tnRtraPfdmSHY4VtN0I-eUNMs4nmiqSNt0Ts_20On4dI7aNaxYBPLA60J-6UxxkNxuhC38fb3U0ZCgJ0I0lHbkVJmerFFOwRPGKj2DC9iI2OuMncSNa0RkdE9lg1H4-4LSHFfJodqv7ikBsyJVJNvN7ASwCYgQSBlRti6kuaBc_SXWrpK3TGJnSx2HqthwaHqXkqZr8RcTVeGGL0AMWqxUmceE0TDDDz7jTnLaMa7SWSI1_x0ENiGdp53cFyATf44fQQCpnRxVvL4J6CDI2JWCOGZtbOjIsiBL3CBMA-wr2iIeDPvGnHpd5hoVXAtr4sWayze4JKvxHxdzFhvdri-dDbNS-vXLfGuircLDmvUcU3_Dths2MS3qp1syIk4N41T8U2RoanX40iS7uUovmDK3p6ZsjiM8t0fKPotZs-ekcy3ZrEMRP5mtwWoiukwzVdwd0Ytql7kAdbph9Q91kaUwH1vsE9iyx7F96qdOOdNhG6P2Ps85fCzoZxBuOf6VVaq-A8ehIrGgm_Xz9Ltfgx5_S_GD13liMl1IgQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCGRhB-KksY-nZPLDK7_UPu7eUqArJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTMyMzg1NTUyMTg1ODg0MzmgAdW20uoDyAEJqQJRkiwkv3iwPuACAKgDAaoElgJP0C6ySL7s-LjAmx1VXuYarmCKyi83AH_FGEmZ-4PVCRf1G_bJvPeeAMXpbc_TycCpFZzV1lUEDnCSe5Zef5NXIYQ254EpqWCMWHmrGw0kS0ixYw5W5lNI9gzrO4EAJe9N9Hza1BZLUhO4IbuLZ8DI-WbdBWpzfbDmDVmf5KodQh-KGNfsutxa2ITg5d8YLSGi2pX7pQX3aY1PDwKCnDmkpALHnuV_kcSrUae_9CmkbtWIA08rf3PK317-22E3wcHAQgl3T3XAVwvklEiLYsrhbRV7mDI7gkxyajh3wVonas8rg0U5DuzXD-IdLrL4FAWNar7SIaoRarYn_coggGjucUmy4laI_Sd9XpvH675XLOHnRB4_ReAEAYAGj_aIluyviaSkAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAcBABMgLrAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0Ntpq278oR3lEOV3kZoJmoTG-uBA%26client%3Dca-pub-3238555218588439%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
6885380bb4328ebd9c2249b68724cd410e633bd195290b858ade92118b7d68ec
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:23 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=30281991
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
2886
expires
Fri, 08 Sep 2023 06:11:15 GMT
img
pix.eu.criteo.net/img/ Frame 9781 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=19906&q=80&r=0&u=https%3A%2F%2Fmedia.hoeffner.de%2Fmedias%2Fzoom%2F12307622_6-202004152233.jpg&v=3&w=400&s=qhygLiOluwch5sMDzUzFLerJ&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yyyp-AAPLOkIu-UwAAUbu3KcBS0Ool-dONwgjQ&u=%7ChIUXIrGDpJIglTT91dladBEXYD9pJZ8Qq6ERhbBffsg%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNy44cDHK1QYNdJ71gdyCWvylMYxXMLCj4fODidRdwMR55tQ-B9hy0g1QCKGju0TMFrgLV7AJgRHBH_AV6w0tnRtraPfdmSHY4VtN0I-eUNMs4nmiqSNt0Ts_20On4dI7aNaxYBPLA60J-6UxxkNxuhC38fb3U0ZCgJ0I0lHbkVJmerFFOwRPGKj2DC9iI2OuMncSNa0RkdE9lg1H4-4LSHFfJodqv7ikBsyJVJNvN7ASwCYgQSBlRti6kuaBc_SXWrpK3TGJnSx2HqthwaHqXkqZr8RcTVeGGL0AMWqxUmceE0TDDDz7jTnLaMa7SWSI1_x0ENiGdp53cFyATf44fQQCpnRxVvL4J6CDI2JWCOGZtbOjIsiBL3CBMA-wr2iIeDPvGnHpd5hoVXAtr4sWayze4JKvxHxdzFhvdri-dDbNS-vXLfGuircLDmvUcU3_Dths2MS3qp1syIk4N41T8U2RoanX40iS7uUovmDK3p6ZsjiM8t0fKPotZs-ekcy3ZrEMRP5mtwWoiukwzVdwd0Ytql7kAdbph9Q91kaUwH1vsE9iyx7F96qdOOdNhG6P2Ps85fCzoZxBuOf6VVaq-A8ehIrGgm_Xz9Ltfgx5_S_GD13liMl1IgQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCGRhB-KksY-nZPLDK7_UPu7eUqArJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTMyMzg1NTUyMTg1ODg0MzmgAdW20uoDyAEJqQJRkiwkv3iwPuACAKgDAaoElgJP0C6ySL7s-LjAmx1VXuYarmCKyi83AH_FGEmZ-4PVCRf1G_bJvPeeAMXpbc_TycCpFZzV1lUEDnCSe5Zef5NXIYQ254EpqWCMWHmrGw0kS0ixYw5W5lNI9gzrO4EAJe9N9Hza1BZLUhO4IbuLZ8DI-WbdBWpzfbDmDVmf5KodQh-KGNfsutxa2ITg5d8YLSGi2pX7pQX3aY1PDwKCnDmkpALHnuV_kcSrUae_9CmkbtWIA08rf3PK317-22E3wcHAQgl3T3XAVwvklEiLYsrhbRV7mDI7gkxyajh3wVonas8rg0U5DuzXD-IdLrL4FAWNar7SIaoRarYn_coggGjucUmy4laI_Sd9XpvH675XLOHnRB4_ReAEAYAGj_aIluyviaSkAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAcBABMgLrAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0Ntpq278oR3lEOV3kZoJmoTG-uBA%26client%3Dca-pub-3238555218588439%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
487c94f553476ef5978265344ad4290a10cabb1bf6e489cecfdd53ead369e38b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:23 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=30883742
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
6462
expires
Fri, 15 Sep 2023 05:20:26 GMT
img
pix.eu.criteo.net/img/ Frame 9781 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=19906&q=80&r=0&u=https%3A%2F%2Fmedia.hoeffner.de%2Fmedias%2Fzoom%2F14304745_8-202104091234.jpg&v=3&w=400&s=KzbXAMaMQrEbnGGI2Pz75HTe&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yyyp-AAPLOkIu-UwAAUbu3KcBS0Ool-dONwgjQ&u=%7ChIUXIrGDpJIglTT91dladBEXYD9pJZ8Qq6ERhbBffsg%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNy44cDHK1QYNdJ71gdyCWvylMYxXMLCj4fODidRdwMR55tQ-B9hy0g1QCKGju0TMFrgLV7AJgRHBH_AV6w0tnRtraPfdmSHY4VtN0I-eUNMs4nmiqSNt0Ts_20On4dI7aNaxYBPLA60J-6UxxkNxuhC38fb3U0ZCgJ0I0lHbkVJmerFFOwRPGKj2DC9iI2OuMncSNa0RkdE9lg1H4-4LSHFfJodqv7ikBsyJVJNvN7ASwCYgQSBlRti6kuaBc_SXWrpK3TGJnSx2HqthwaHqXkqZr8RcTVeGGL0AMWqxUmceE0TDDDz7jTnLaMa7SWSI1_x0ENiGdp53cFyATf44fQQCpnRxVvL4J6CDI2JWCOGZtbOjIsiBL3CBMA-wr2iIeDPvGnHpd5hoVXAtr4sWayze4JKvxHxdzFhvdri-dDbNS-vXLfGuircLDmvUcU3_Dths2MS3qp1syIk4N41T8U2RoanX40iS7uUovmDK3p6ZsjiM8t0fKPotZs-ekcy3ZrEMRP5mtwWoiukwzVdwd0Ytql7kAdbph9Q91kaUwH1vsE9iyx7F96qdOOdNhG6P2Ps85fCzoZxBuOf6VVaq-A8ehIrGgm_Xz9Ltfgx5_S_GD13liMl1IgQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCGRhB-KksY-nZPLDK7_UPu7eUqArJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTMyMzg1NTUyMTg1ODg0MzmgAdW20uoDyAEJqQJRkiwkv3iwPuACAKgDAaoElgJP0C6ySL7s-LjAmx1VXuYarmCKyi83AH_FGEmZ-4PVCRf1G_bJvPeeAMXpbc_TycCpFZzV1lUEDnCSe5Zef5NXIYQ254EpqWCMWHmrGw0kS0ixYw5W5lNI9gzrO4EAJe9N9Hza1BZLUhO4IbuLZ8DI-WbdBWpzfbDmDVmf5KodQh-KGNfsutxa2ITg5d8YLSGi2pX7pQX3aY1PDwKCnDmkpALHnuV_kcSrUae_9CmkbtWIA08rf3PK317-22E3wcHAQgl3T3XAVwvklEiLYsrhbRV7mDI7gkxyajh3wVonas8rg0U5DuzXD-IdLrL4FAWNar7SIaoRarYn_coggGjucUmy4laI_Sd9XpvH675XLOHnRB4_ReAEAYAGj_aIluyviaSkAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAcBABMgLrAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0Ntpq278oR3lEOV3kZoJmoTG-uBA%26client%3Dca-pub-3238555218588439%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
47bb23643a2ed63a16373248182233917a9c67a7e601f1d3d14a2e046ff990ab
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:24 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=30365483
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
1496
expires
Sat, 09 Sep 2023 05:22:47 GMT
img
pix.eu.criteo.net/img/ Frame 9781 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=19906&q=80&r=0&u=https%3A%2F%2Fmedia.hoeffner.de%2Fmedias%2Fzoom%2F14305153_9-202207071237.jpg&v=3&w=400&s=uqcGOCtQC5qOCGrd3dptyS1W&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yyyp-AAPLOkIu-UwAAUbu3KcBS0Ool-dONwgjQ&u=%7ChIUXIrGDpJIglTT91dladBEXYD9pJZ8Qq6ERhbBffsg%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNy44cDHK1QYNdJ71gdyCWvylMYxXMLCj4fODidRdwMR55tQ-B9hy0g1QCKGju0TMFrgLV7AJgRHBH_AV6w0tnRtraPfdmSHY4VtN0I-eUNMs4nmiqSNt0Ts_20On4dI7aNaxYBPLA60J-6UxxkNxuhC38fb3U0ZCgJ0I0lHbkVJmerFFOwRPGKj2DC9iI2OuMncSNa0RkdE9lg1H4-4LSHFfJodqv7ikBsyJVJNvN7ASwCYgQSBlRti6kuaBc_SXWrpK3TGJnSx2HqthwaHqXkqZr8RcTVeGGL0AMWqxUmceE0TDDDz7jTnLaMa7SWSI1_x0ENiGdp53cFyATf44fQQCpnRxVvL4J6CDI2JWCOGZtbOjIsiBL3CBMA-wr2iIeDPvGnHpd5hoVXAtr4sWayze4JKvxHxdzFhvdri-dDbNS-vXLfGuircLDmvUcU3_Dths2MS3qp1syIk4N41T8U2RoanX40iS7uUovmDK3p6ZsjiM8t0fKPotZs-ekcy3ZrEMRP5mtwWoiukwzVdwd0Ytql7kAdbph9Q91kaUwH1vsE9iyx7F96qdOOdNhG6P2Ps85fCzoZxBuOf6VVaq-A8ehIrGgm_Xz9Ltfgx5_S_GD13liMl1IgQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCGRhB-KksY-nZPLDK7_UPu7eUqArJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTMyMzg1NTUyMTg1ODg0MzmgAdW20uoDyAEJqQJRkiwkv3iwPuACAKgDAaoElgJP0C6ySL7s-LjAmx1VXuYarmCKyi83AH_FGEmZ-4PVCRf1G_bJvPeeAMXpbc_TycCpFZzV1lUEDnCSe5Zef5NXIYQ254EpqWCMWHmrGw0kS0ixYw5W5lNI9gzrO4EAJe9N9Hza1BZLUhO4IbuLZ8DI-WbdBWpzfbDmDVmf5KodQh-KGNfsutxa2ITg5d8YLSGi2pX7pQX3aY1PDwKCnDmkpALHnuV_kcSrUae_9CmkbtWIA08rf3PK317-22E3wcHAQgl3T3XAVwvklEiLYsrhbRV7mDI7gkxyajh3wVonas8rg0U5DuzXD-IdLrL4FAWNar7SIaoRarYn_coggGjucUmy4laI_Sd9XpvH675XLOHnRB4_ReAEAYAGj_aIluyviaSkAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAcBABMgLrAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0Ntpq278oR3lEOV3kZoJmoTG-uBA%26client%3Dca-pub-3238555218588439%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
d1fad3cccf4dd54107288231c65bd65f1b0096295128d25de812b6de54ddb9a1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:24 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=29279822
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
5780
expires
Sun, 27 Aug 2023 15:48:26 GMT
img
pix.eu.criteo.net/img/ Frame 9781 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=19906&q=80&r=0&u=https%3A%2F%2Fmedia.hoeffner.de%2Fmedias%2Fzoom%2F12126311_2-202108130002.jpg&v=3&w=400&s=L0oDTP2b8TwjcfDgCxE3O9qC&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yyyp-AAPLOkIu-UwAAUbu3KcBS0Ool-dONwgjQ&u=%7ChIUXIrGDpJIglTT91dladBEXYD9pJZ8Qq6ERhbBffsg%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNy44cDHK1QYNdJ71gdyCWvylMYxXMLCj4fODidRdwMR55tQ-B9hy0g1QCKGju0TMFrgLV7AJgRHBH_AV6w0tnRtraPfdmSHY4VtN0I-eUNMs4nmiqSNt0Ts_20On4dI7aNaxYBPLA60J-6UxxkNxuhC38fb3U0ZCgJ0I0lHbkVJmerFFOwRPGKj2DC9iI2OuMncSNa0RkdE9lg1H4-4LSHFfJodqv7ikBsyJVJNvN7ASwCYgQSBlRti6kuaBc_SXWrpK3TGJnSx2HqthwaHqXkqZr8RcTVeGGL0AMWqxUmceE0TDDDz7jTnLaMa7SWSI1_x0ENiGdp53cFyATf44fQQCpnRxVvL4J6CDI2JWCOGZtbOjIsiBL3CBMA-wr2iIeDPvGnHpd5hoVXAtr4sWayze4JKvxHxdzFhvdri-dDbNS-vXLfGuircLDmvUcU3_Dths2MS3qp1syIk4N41T8U2RoanX40iS7uUovmDK3p6ZsjiM8t0fKPotZs-ekcy3ZrEMRP5mtwWoiukwzVdwd0Ytql7kAdbph9Q91kaUwH1vsE9iyx7F96qdOOdNhG6P2Ps85fCzoZxBuOf6VVaq-A8ehIrGgm_Xz9Ltfgx5_S_GD13liMl1IgQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCGRhB-KksY-nZPLDK7_UPu7eUqArJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTMyMzg1NTUyMTg1ODg0MzmgAdW20uoDyAEJqQJRkiwkv3iwPuACAKgDAaoElgJP0C6ySL7s-LjAmx1VXuYarmCKyi83AH_FGEmZ-4PVCRf1G_bJvPeeAMXpbc_TycCpFZzV1lUEDnCSe5Zef5NXIYQ254EpqWCMWHmrGw0kS0ixYw5W5lNI9gzrO4EAJe9N9Hza1BZLUhO4IbuLZ8DI-WbdBWpzfbDmDVmf5KodQh-KGNfsutxa2ITg5d8YLSGi2pX7pQX3aY1PDwKCnDmkpALHnuV_kcSrUae_9CmkbtWIA08rf3PK317-22E3wcHAQgl3T3XAVwvklEiLYsrhbRV7mDI7gkxyajh3wVonas8rg0U5DuzXD-IdLrL4FAWNar7SIaoRarYn_coggGjucUmy4laI_Sd9XpvH675XLOHnRB4_ReAEAYAGj_aIluyviaSkAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAcBABMgLrAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0Ntpq278oR3lEOV3kZoJmoTG-uBA%26client%3Dca-pub-3238555218588439%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e8178f9a7be273f7ed39b229a22c3d3ffc0566f61a3adcdcb09a1c24a8bd74a9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:23 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=30790457
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
3110
expires
Thu, 14 Sep 2023 03:25:41 GMT
img
pix.eu.criteo.net/img/ Frame 9781 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=19906&q=80&r=0&u=https%3A%2F%2Fmedia.hoeffner.de%2Fmedias%2Fzoom%2F538120_3-202006091051.jpg&v=3&w=400&s=qlwBlklEvmEbdej07YHGvDw9&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yyyp-AAPLOkIu-UwAAUbu3KcBS0Ool-dONwgjQ&u=%7ChIUXIrGDpJIglTT91dladBEXYD9pJZ8Qq6ERhbBffsg%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNy44cDHK1QYNdJ71gdyCWvylMYxXMLCj4fODidRdwMR55tQ-B9hy0g1QCKGju0TMFrgLV7AJgRHBH_AV6w0tnRtraPfdmSHY4VtN0I-eUNMs4nmiqSNt0Ts_20On4dI7aNaxYBPLA60J-6UxxkNxuhC38fb3U0ZCgJ0I0lHbkVJmerFFOwRPGKj2DC9iI2OuMncSNa0RkdE9lg1H4-4LSHFfJodqv7ikBsyJVJNvN7ASwCYgQSBlRti6kuaBc_SXWrpK3TGJnSx2HqthwaHqXkqZr8RcTVeGGL0AMWqxUmceE0TDDDz7jTnLaMa7SWSI1_x0ENiGdp53cFyATf44fQQCpnRxVvL4J6CDI2JWCOGZtbOjIsiBL3CBMA-wr2iIeDPvGnHpd5hoVXAtr4sWayze4JKvxHxdzFhvdri-dDbNS-vXLfGuircLDmvUcU3_Dths2MS3qp1syIk4N41T8U2RoanX40iS7uUovmDK3p6ZsjiM8t0fKPotZs-ekcy3ZrEMRP5mtwWoiukwzVdwd0Ytql7kAdbph9Q91kaUwH1vsE9iyx7F96qdOOdNhG6P2Ps85fCzoZxBuOf6VVaq-A8ehIrGgm_Xz9Ltfgx5_S_GD13liMl1IgQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCGRhB-KksY-nZPLDK7_UPu7eUqArJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTMyMzg1NTUyMTg1ODg0MzmgAdW20uoDyAEJqQJRkiwkv3iwPuACAKgDAaoElgJP0C6ySL7s-LjAmx1VXuYarmCKyi83AH_FGEmZ-4PVCRf1G_bJvPeeAMXpbc_TycCpFZzV1lUEDnCSe5Zef5NXIYQ254EpqWCMWHmrGw0kS0ixYw5W5lNI9gzrO4EAJe9N9Hza1BZLUhO4IbuLZ8DI-WbdBWpzfbDmDVmf5KodQh-KGNfsutxa2ITg5d8YLSGi2pX7pQX3aY1PDwKCnDmkpALHnuV_kcSrUae_9CmkbtWIA08rf3PK317-22E3wcHAQgl3T3XAVwvklEiLYsrhbRV7mDI7gkxyajh3wVonas8rg0U5DuzXD-IdLrL4FAWNar7SIaoRarYn_coggGjucUmy4laI_Sd9XpvH675XLOHnRB4_ReAEAYAGj_aIluyviaSkAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAcBABMgLrAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0Ntpq278oR3lEOV3kZoJmoTG-uBA%26client%3Dca-pub-3238555218588439%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
313c58521dc9299922e5a9eb07c4bb418f13e5e06142ba459fd03ed5d86dc543
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:24 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=28587508
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
15244
expires
Sat, 19 Aug 2023 15:29:53 GMT
all
csm.eu.criteo.net/ Frame 9781 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=HpH__NsDNmC2JH9rCFkitnK7G9zTjIxgJeYxvDCe3NikEf-HXh_9YKqTLiuItYVFKgJTJDte9MOy7UnAtAFpDFN5AJQj-neLXeqEpM5RRmSkq-F3FiBhVpC_tf2d7pJbzluQe9aX3SfQls0-SjSWiUtDtHTO9hknOx7k8s7c6R5Bg11xfYLT-HAq1ySTEtCWy3RtUH2bakEEGF3ZCB0JJTR56_TICXwHud9etP_X97527Xln2D8UE-ETdCntUuxAKrypsw&sds=2&rev=82884&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yyyp-AAPLOkIu-UwAAUbu3KcBS0Ool-dONwgjQ&u=%7ChIUXIrGDpJIglTT91dladBEXYD9pJZ8Qq6ERhbBffsg%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNy44cDHK1QYNdJ71gdyCWvylMYxXMLCj4fODidRdwMR55tQ-B9hy0g1QCKGju0TMFrgLV7AJgRHBH_AV6w0tnRtraPfdmSHY4VtN0I-eUNMs4nmiqSNt0Ts_20On4dI7aNaxYBPLA60J-6UxxkNxuhC38fb3U0ZCgJ0I0lHbkVJmerFFOwRPGKj2DC9iI2OuMncSNa0RkdE9lg1H4-4LSHFfJodqv7ikBsyJVJNvN7ASwCYgQSBlRti6kuaBc_SXWrpK3TGJnSx2HqthwaHqXkqZr8RcTVeGGL0AMWqxUmceE0TDDDz7jTnLaMa7SWSI1_x0ENiGdp53cFyATf44fQQCpnRxVvL4J6CDI2JWCOGZtbOjIsiBL3CBMA-wr2iIeDPvGnHpd5hoVXAtr4sWayze4JKvxHxdzFhvdri-dDbNS-vXLfGuircLDmvUcU3_Dths2MS3qp1syIk4N41T8U2RoanX40iS7uUovmDK3p6ZsjiM8t0fKPotZs-ekcy3ZrEMRP5mtwWoiukwzVdwd0Ytql7kAdbph9Q91kaUwH1vsE9iyx7F96qdOOdNhG6P2Ps85fCzoZxBuOf6VVaq-A8ehIrGgm_Xz9Ltfgx5_S_GD13liMl1IgQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCGRhB-KksY-nZPLDK7_UPu7eUqArJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTMyMzg1NTUyMTg1ODg0MzmgAdW20uoDyAEJqQJRkiwkv3iwPuACAKgDAaoElgJP0C6ySL7s-LjAmx1VXuYarmCKyi83AH_FGEmZ-4PVCRf1G_bJvPeeAMXpbc_TycCpFZzV1lUEDnCSe5Zef5NXIYQ254EpqWCMWHmrGw0kS0ixYw5W5lNI9gzrO4EAJe9N9Hza1BZLUhO4IbuLZ8DI-WbdBWpzfbDmDVmf5KodQh-KGNfsutxa2ITg5d8YLSGi2pX7pQX3aY1PDwKCnDmkpALHnuV_kcSrUae_9CmkbtWIA08rf3PK317-22E3wcHAQgl3T3XAVwvklEiLYsrhbRV7mDI7gkxyajh3wVonas8rg0U5DuzXD-IdLrL4FAWNar7SIaoRarYn_coggGjucUmy4laI_Sd9XpvH675XLOHnRB4_ReAEAYAGj_aIluyviaSkAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAcBABMgLrAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0Ntpq278oR3lEOV3kZoJmoTG-uBA%26client%3Dca-pub-3238555218588439%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.162 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Thu, 22 Sep 2022 18:31:23 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 9781 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yyyp-AAPLOkIu-UwAAUbu3KcBS0Ool-dONwgjQ&u=%7ChIUXIrGDpJIglTT91dladBEXYD9pJZ8Qq6ERhbBffsg%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNy44cDHK1QYNdJ71gdyCWvylMYxXMLCj4fODidRdwMR55tQ-B9hy0g1QCKGju0TMFrgLV7AJgRHBH_AV6w0tnRtraPfdmSHY4VtN0I-eUNMs4nmiqSNt0Ts_20On4dI7aNaxYBPLA60J-6UxxkNxuhC38fb3U0ZCgJ0I0lHbkVJmerFFOwRPGKj2DC9iI2OuMncSNa0RkdE9lg1H4-4LSHFfJodqv7ikBsyJVJNvN7ASwCYgQSBlRti6kuaBc_SXWrpK3TGJnSx2HqthwaHqXkqZr8RcTVeGGL0AMWqxUmceE0TDDDz7jTnLaMa7SWSI1_x0ENiGdp53cFyATf44fQQCpnRxVvL4J6CDI2JWCOGZtbOjIsiBL3CBMA-wr2iIeDPvGnHpd5hoVXAtr4sWayze4JKvxHxdzFhvdri-dDbNS-vXLfGuircLDmvUcU3_Dths2MS3qp1syIk4N41T8U2RoanX40iS7uUovmDK3p6ZsjiM8t0fKPotZs-ekcy3ZrEMRP5mtwWoiukwzVdwd0Ytql7kAdbph9Q91kaUwH1vsE9iyx7F96qdOOdNhG6P2Ps85fCzoZxBuOf6VVaq-A8ehIrGgm_Xz9Ltfgx5_S_GD13liMl1IgQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCGRhB-KksY-nZPLDK7_UPu7eUqArJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTMyMzg1NTUyMTg1ODg0MzmgAdW20uoDyAEJqQJRkiwkv3iwPuACAKgDAaoElgJP0C6ySL7s-LjAmx1VXuYarmCKyi83AH_FGEmZ-4PVCRf1G_bJvPeeAMXpbc_TycCpFZzV1lUEDnCSe5Zef5NXIYQ254EpqWCMWHmrGw0kS0ixYw5W5lNI9gzrO4EAJe9N9Hza1BZLUhO4IbuLZ8DI-WbdBWpzfbDmDVmf5KodQh-KGNfsutxa2ITg5d8YLSGi2pX7pQX3aY1PDwKCnDmkpALHnuV_kcSrUae_9CmkbtWIA08rf3PK317-22E3wcHAQgl3T3XAVwvklEiLYsrhbRV7mDI7gkxyajh3wVonas8rg0U5DuzXD-IdLrL4FAWNar7SIaoRarYn_coggGjucUmy4laI_Sd9XpvH675XLOHnRB4_ReAEAYAGj_aIluyviaSkAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAcBABMgLrAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0Ntpq278oR3lEOV3kZoJmoTG-uBA%26client%3Dca-pub-3238555218588439%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:24 GMT
content-encoding
gzip
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 17 Sep 2023 18:31:24 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame 9781 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yyyp-AAPLOkIu-UwAAUbu3KcBS0Ool-dONwgjQ&u=%7ChIUXIrGDpJIglTT91dladBEXYD9pJZ8Qq6ERhbBffsg%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNy44cDHK1QYNdJ71gdyCWvylMYxXMLCj4fODidRdwMR55tQ-B9hy0g1QCKGju0TMFrgLV7AJgRHBH_AV6w0tnRtraPfdmSHY4VtN0I-eUNMs4nmiqSNt0Ts_20On4dI7aNaxYBPLA60J-6UxxkNxuhC38fb3U0ZCgJ0I0lHbkVJmerFFOwRPGKj2DC9iI2OuMncSNa0RkdE9lg1H4-4LSHFfJodqv7ikBsyJVJNvN7ASwCYgQSBlRti6kuaBc_SXWrpK3TGJnSx2HqthwaHqXkqZr8RcTVeGGL0AMWqxUmceE0TDDDz7jTnLaMa7SWSI1_x0ENiGdp53cFyATf44fQQCpnRxVvL4J6CDI2JWCOGZtbOjIsiBL3CBMA-wr2iIeDPvGnHpd5hoVXAtr4sWayze4JKvxHxdzFhvdri-dDbNS-vXLfGuircLDmvUcU3_Dths2MS3qp1syIk4N41T8U2RoanX40iS7uUovmDK3p6ZsjiM8t0fKPotZs-ekcy3ZrEMRP5mtwWoiukwzVdwd0Ytql7kAdbph9Q91kaUwH1vsE9iyx7F96qdOOdNhG6P2Ps85fCzoZxBuOf6VVaq-A8ehIrGgm_Xz9Ltfgx5_S_GD13liMl1IgQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCGRhB-KksY-nZPLDK7_UPu7eUqArJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTMyMzg1NTUyMTg1ODg0MzmgAdW20uoDyAEJqQJRkiwkv3iwPuACAKgDAaoElgJP0C6ySL7s-LjAmx1VXuYarmCKyi83AH_FGEmZ-4PVCRf1G_bJvPeeAMXpbc_TycCpFZzV1lUEDnCSe5Zef5NXIYQ254EpqWCMWHmrGw0kS0ixYw5W5lNI9gzrO4EAJe9N9Hza1BZLUhO4IbuLZ8DI-WbdBWpzfbDmDVmf5KodQh-KGNfsutxa2ITg5d8YLSGi2pX7pQX3aY1PDwKCnDmkpALHnuV_kcSrUae_9CmkbtWIA08rf3PK317-22E3wcHAQgl3T3XAVwvklEiLYsrhbRV7mDI7gkxyajh3wVonas8rg0U5DuzXD-IdLrL4FAWNar7SIaoRarYn_coggGjucUmy4laI_Sd9XpvH675XLOHnRB4_ReAEAYAGj_aIluyviaSkAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAcBABMgLrAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0Ntpq278oR3lEOV3kZoJmoTG-uBA%26client%3Dca-pub-3238555218588439%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:24 GMT
content-encoding
gzip
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 17 Sep 2023 18:31:24 GMT
wrap.js
confiant-integrations.global.ssl.fastly.net/gptprebidnative/202209061116/ Frame C656 		202 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://confiant-integrations.global.ssl.fastly.net/gptprebidnative/202209061116/wrap.js
Requested by
Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/Fseez_-nDyWQXIJsbnoKkKTHXC4/gpt_and_prebid/config.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4dd9a0a89a6f744f971d703a692ba46ac458994d236cff82a8f79a0d1980d4d6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Thu, 22 Sep 2022 18:31:24 GMT
Content-Encoding
gzip
Age
842644
X-Cache
HIT
Connection
keep-alive
Content-Length
65932
x-amz-id-2
ngZ6pxjjczHY0u7YqE1bIxYw0LWZvYegA9szd02uJZFuzAIryNjj7UaegkzpKukqNXuC3nV8vcFuAa1eap3XTw==
X-Served-By
cache-hhn4067-HHN
Last-Modified
Tue, 06 Sep 2022 17:14:03 GMT
Server
AmazonS3
X-Timer
S1663871484.246519,VS0,VE0
ETag
"ff03fa033abd214ac10b94ea9d102f86"
x-amz-request-id
AYGP566NEH6T1319
Via
1.1 varnish
Cache-Control
public, max-age=864000
Accept-Ranges
bytes
Content-Type
application/javascript; charset=utf-8
X-Cache-Hits
409086
css
fonts.googleapis.com/ Frame 2AC4 		1 KB
400 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=DM+Sans:400,700&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400a:800::200a Zurich, Switzerland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
fff15b94aca6e5009fa59ef79f4d1b49fdc7fa9e3e4c646debde8e6d6e24703b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 22 Sep 2022 16:37:38 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 22 Sep 2022 18:31:24 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 22 Sep 2022 18:31:24 GMT
outbid
outbid.firstimpression.io/v1/ Frame 954B 		153 B
403 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://outbid.firstimpression.io/v1/outbid?id=7470
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/fiamp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.91.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-91-74.cdg50.r.cloudfront.net
Software
/
Resource Hash
a6ab7dfdfca4f10566682705e95b72b4d3d85e2a18a83711591b8ff6a9f4b3ea

Request headers

Referer
https://www.staradvertiser.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 22 Sep 2022 18:31:24 GMT
via
1.1 4dacb01807cb4c0e8eb52307b7de1392.cloudfront.net (CloudFront)
x-amz-cf-pop
CDG50-C1
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
content-length
153
x-amz-cf-id
zjjqvhxTkKqDwsRgp-hqqriTIa5K857ZO5zEfYdXWPD9ESwjMr5HiA==
view
securepubads.g.doubleclick.net/pcs/ Frame 03FE 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuH-bE0JmJQBzLV8abGVrRVAhZkGgYgRxUHLW0OXzlI2UcS_p8z1BqLIoDxRuGWKG7N3-gicqw55pV2yRcsZm9HuXrWfKu1NcAYu6cU1BbaCtH4N5XsM5gRQZ9NckXFY27M29UFsEZS0TZJnsAXIqrXMeZWVkMUPa11ALl3RLWsAsx1A0ABKkby3-EpeeVydSs9eGPtMEUhbxm7DXHAXNGuUAVYgwOSgNavYarvlfs4OMefl2nEt8f1ZNM2oOeAPLIcHpswBmhjcUG-NXGXXbvMzmpBxbtquyBidXNvdYTW0aR3zB75IDfYOpJn3f_SFtCjIlYL2Zm5DgyKwwdR_Ik&sai=AMfl-YSOWodZN6bk2v1kK1wqY9wHkPxYoJW3rdOmj3AqSX3LvI9fo-qLIqxTcA9aGMfK7kQ1vNwoZQ4ar6E_1nEzpikePhfr7OF0frKE_8pkLPCVu_TpYQpyeV_Hg4vT1w&sig=Cg0ArKJSzBG-l0idZLyuEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 22 Sep 2022 18:31:24 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Thu, 22 Sep 2022 18:31:24 GMT
wrap.js
cdn.confiant-integrations.net/gptprebidnative/202209061116/ 		202 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.confiant-integrations.net/gptprebidnative/202209061116/wrap.js
Requested by
Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/3YAuFpM-Bh5lZY_ZLdSxFknzxv8/gpt_and_prebid/config.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:116b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4dd9a0a89a6f744f971d703a692ba46ac458994d236cff82a8f79a0d1980d4d6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:24 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 06 Sep 2022 17:14:03 GMT
server
cloudflare
age
687725
etag
W/"ff03fa033abd214ac10b94ea9d102f86"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=864000
cf-ray
74ed1e092ab9904c-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
JJANN8CKX3C0248T
x-amz-id-2
bl2GKrCUigmljsGHBU6jfzBp0LZun8W1FBSS3sSkjSMdrEcZoCzkw8IEwaWe0XaHP6jjAZkmVrQ=
gpt.js
www.googletagservices.com/tag/js/ 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TV3WXZ5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ea7e9857bba3f434fd1b8f8d7c35e0485bfe1f5b4b7cf5c677b1560a48550873
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27800
x-xss-protection
0
server
sffe
etag
"1342 / 431 of 1000 / last-modified: 1663845016"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 22 Sep 2022 18:31:24 GMT
css
fonts.googleapis.com/ Frame 6E1E 		682 B
363 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=DM+Sans:400&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400a:800::200a Zurich, Switzerland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
5e57c6f907891c213a4be1b8db03ae43076e8a9ac6a02a88fe33bf8dca52dd3f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 22 Sep 2022 18:31:24 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 22 Sep 2022 18:31:24 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 22 Sep 2022 18:31:24 GMT
pubads_impl_2022092001.js
securepubads.g.doubleclick.net/gpt/ Frame 79CB 		378 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092001.js?cb=31069792
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
47395347833919b1b83bb90b7487da0d9213502fb8f18af28230b9c4a199affa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 11:02:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
113332
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131075
x-xss-protection
0
last-modified
Tue, 20 Sep 2022 08:35:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 21 Sep 2023 11:02:32 GMT
css
fonts.googleapis.com/ Frame 5CF7 		1 KB
400 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=DM+Sans:400,700&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400a:800::200a Zurich, Switzerland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
fff15b94aca6e5009fa59ef79f4d1b49fdc7fa9e3e4c646debde8e6d6e24703b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 22 Sep 2022 16:42:22 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 22 Sep 2022 18:31:24 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 22 Sep 2022 18:31:24 GMT
rP2Hp2ywxg089UriCZOIHQ.woff2
fonts.gstatic.com/s/dmsans/v11/ Frame E1BA 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/dmsans/v11/rP2Hp2ywxg089UriCZOIHQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=DM+Sans:400&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7164a212fb4df27bf1e006342d1686badcba58f5a5d301772c14cc7adf1d4821
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ads.eu.criteo.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 20:26:19 GMT
x-content-type-options
nosniff
age
597905
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18096
x-xss-protection
0
last-modified
Thu, 21 Apr 2022 16:54:12 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 15 Sep 2023 20:26:19 GMT
d21ec34ccf4f465abd5a78b717971bf0_klavika-light.woff
static.criteo.net/design/dt/ Frame 2AC4 		42 KB
42 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/dt/d21ec34ccf4f465abd5a78b717971bf0_klavika-light.woff
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yyyp-AAPLOsIu-UwAAUbuzfaEK0lLx-rdBQm-w&u=%7ChIUXIrGDpJKs%2BNQhCogTOVXt6NMGZn2MLqy7hzamzrA%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrGxHd21mMpxNh6ptbvoFGr5-taiijmDVNfEog-pHxa6wvg-tUOFnI36QG0DZhqQiWFLzK9PeXkRUnRcJnQGiAJN1oUKXq_0FiTwIkyB5pawzTsYyrVn4RaACGKq-geHHNBGwUeH42rbtlPUycZCimCT4WrjS_nVwovPqf-iMMZzU6kUYCdOTqtTvbFFQlxGXW-RoNdmKRIy_YWCcgNzIKbBUp0Br_k1CuvilQJ2gWk88N1lz-3TcnzkAMF6A6Tg0Crnu1dFcVaCfIIOncAIm-H5BN2h9qdMHiE7-0_x-1lU2v7HgXPizZPO61sDpdSq8QvSKo0z4Tz0Mxip6UfJCOomN0tMaLH0NaND0mETmaHrbpTnGLpuFSCarUhywpv-C8vKHNt1wpOoIocV6zmPp-QPfkue6YU6dDTW-6F48TKA71R8SBZo_2cFVi2Mnp2oyrFBRhbGXitC7T1e963VNEP4lxtli_GfeCFlYbR2P3XiE5RizYasXEgzJ9AY6qbL6Fnggr9OTQFOU6rY-Xlb5mK8tT2GzWxDivHNUUIoENXQFRi9xDx_8pEoD2noMFIsxddScxQyzotCyIVMNa0prenBtUbtfGYMnQqoD771xYSDQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9evf-KksY-vZPLDK7_UPu7eUqArJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTMyMzg1NTUyMTg1ODg0MzmgAdW20uoDyAEJqQJRkiwkv3iwPuACAKgDAaoEmgJP0GMtPfwPFcfwgrcF14hVtttrdBm4ayu5gghJueZFX9_KOV8XuEEsUSR5U9IeKAizuJzRjA2JAJvmITiNDutMvFEeKOUhyUlm7J9Ptkb270A9UnEyBrqWNZt42_DTls1VJQ436PXJmXQV9M2_x1QFtNwyUzyPpwaGxKy1OoCh4j4tLZ9MbmWVZlg10xCkMVbbg1f_8vWsukW2_rSsjNX0d0Xdar1Pe6IgjW_dsO2Ny2ivgWX7YlpZ-lOHlB8Vgf-1dpGB6iRPslOJOxtWRAL9B6EzD5bzkcMhLdtf3WeF-JX8KJn8eABjPdojp3NPcvJU62QTY_X4Tni5GEniHU3Z4VVHSOZtbVnmg0qV8ey2xsIYEKMMLW2rs5jgBAGABuv1oOjThojk4QGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgHAQATIC6wI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0QiN2AxmuZc7TwqL_FL7RXFI5oEQ%26client%3Dca-pub-3238555218588439%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
d2e47ce9d709494e8a4c5d4bf47774a0dbaeaa17c259a429f18372e36777578e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
Origin
https://ads.eu.criteo.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:24 GMT
content-encoding
gzip
last-modified
Mon, 12 Apr 2021 08:02:01 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"6073fe79-a654"
strict-transport-security
max-age=31536000; preload;
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 17 Sep 2023 18:31:24 GMT
css
fonts.googleapis.com/ Frame FF42 		682 B
363 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=DM+Sans:400&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400a:800::200a Zurich, Switzerland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
5e57c6f907891c213a4be1b8db03ae43076e8a9ac6a02a88fe33bf8dca52dd3f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 22 Sep 2022 18:31:24 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 22 Sep 2022 18:31:24 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 22 Sep 2022 18:31:24 GMT
iu3
aax-eu.amazon-adsystem.com/s/ Frame 9579
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-mediagrid_n-sharethrough_n-LoopMe_pm-db5_rbd_ox-db5_smrt_n-amobee_sovrn_n-Outbrain
  • https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-mediagrid_n-sharethrough_n-LoopMe_pm-db5_rbd_ox-db5_smrt_n-amobee_sovrn_n-Outbrain&dcc=t
65 B
609 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-mediagrid_n-sharethrough_n-LoopMe_pm-db5_rbd_ox-db5_smrt_n-amobee_sovrn_n-Outbrain&dcc=t
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.94.223.37 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
115d83ece49fd1c5769409aab9d78572eed86cd38a0556b4cdeeac82c83091d3
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://www.staradvertiser.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
65
Content-Type
text/html;charset=ISO-8859-1
Date
Thu, 22 Sep 2022 18:31:24 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
5EJKKD38J030MRPM3X7Y

Redirect headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Date
Thu, 22 Sep 2022 18:31:24 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-mediagrid_n-sharethrough_n-LoopMe_pm-db5_rbd_ox-db5_smrt_n-amobee_sovrn_n-Outbrain&dcc=t
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
N5C3Z63QKTEJFE5YEC53
ping.gif
prd.jwpltx.com/v1/jwplayer6/ 		0
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prd.jwpltx.com/v1/jwplayer6/ping.gif?h=-1771088790&e=e&n=9141925474817336&aid=53T65BNiEei3kAY3v_uBow&amp=0&at=1&c=-1&ccp=0&cp=0&d=0&eb=1&ed=9&emi=18xrddyeupdr&i=0&id=v7puK1SS&lid=19rcu5ovxt91&lsa=set&mt=1&pbd=1&pbr=1&pgi=13zbp08uu794&ph=1&pid=ZoPFXSjg&pii=0&pl=0&plc=23&pli=omc6m1mrs4is&pp=hlsjs&ppm=VOD&prc=1&ps=4&pss=1&pt=Hawaii%20News%20%7C%20Honolulu%20Star-Advertiser&pu=https%3A%2F%2Fwww.staradvertiser.com%2F&pv=8.26.0&pyc=0&s=0&sdk=0&stc=1&stpe=0&t=Safeway%20-%20Hawaii%27s%20Best%202022&tv=3.40.0&vb=0&vi=0&vl=90&wd=0&ab=0&cae=0&cb=0&cdid=partners-video-ads&cme=0&dd=0&fed=025uSCQm&flc=0&fv=&ga=1&lng=en-US&mk=hls&mu=https%3A%2F%2Fcdn.jwplayer.com%2Fmanifests%2Fv7puK1SS.m3u8&pbc=0&pd=1&pdr=&plng=en-US&plt=2800&pni=0&po=0&pogt=Hawaii%20News%20%7C%20Honolulu%20Star-Advertiser&sp=0&st=1280&sa=1663871479709
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:24 GMT
via
1.1 varnish
server
nginx
accept-ranges
bytes
x-served-by
cache-hhn4065-HHN
x-cache
MISS
x-cache-hits
0
pubads_impl_2022091901.js
securepubads.g.doubleclick.net/gpt/ Frame C656 		379 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091901.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b64c070e33c73628d39ab223f17487bc8efb2944794231186aeef2c3e32f5288
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 10:32:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
287914
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131339
x-xss-protection
0
last-modified
Mon, 19 Sep 2022 08:34:51 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 19 Sep 2023 10:32:50 GMT
integrator.js
adservice.google.de/adsid/ Frame 03FE 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.staradvertiser.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 22 Sep 2022 18:31:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 03FE 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.staradvertiser.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092101.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 22 Sep 2022 18:31:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 03FE 		26 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4445235799942356&correlator=2488901129832936&output=ldjh&gdfp_req=1&vrg=2022092101&ptt=17&impl=fifs&iu_parts=43606300%3A5136785%2COahupublications_Staradvertiser_Dir_Des_Dis_Lis_MC&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=1&adks=4167107031&sfv=1-0-38&fsapi=false&sc=1&cookie=ID%3D6b1163197e313caf%3AT%3D1663871480%3AS%3DALNI_MZN69JqttAfEr_IetFEmKdriJnV6g&abxe=1&dt=1663871484400&lmt=1663871484&dlt=1663871482088&idt=2050&adxs=1161&adys=4125&biw=1600&bih=1200&isw=300&ish=250&scr_x=0&scr_y=0&btvi=1&ucis=lrthg8sjaw49&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=1&url=https%3A%2F%2Fwww.staradvertiser.com%2F&ref=https%3A%2F%2Fwww.staradvertiser.com%2F&top=https%3A%2F%2Fwww.staradvertiser.com%2F&frm=23&vis=1&psz=300x250&msz=300x250&fws=256&ohw=0&ea=0&ga_vid=1040327165.1663871479&ga_sid=1663871484&ga_hid=2028766897&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092101.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
54840b37c9d2e2d816f632e1e78e73556a3329225ff44b7462b16537144993c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:24 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11817
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.staradvertiser.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 03FE 		15 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022092101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092101.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4da6e550a33bcfe8e2042ba84500902420a42c22a12c79d15ae953648b1d96af
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 22 Sep 2022 18:31:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11300
x-xss-protection
0
container.html
17b0de2947672e3435c036d26a10ff7b.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame A5BE 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://17b0de2947672e3435c036d26a10ff7b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.staradvertiser.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 22 Sep 2022 18:31:24 GMT
expires
Fri, 22 Sep 2023 18:31:24 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
rP2Hp2ywxg089UriCZOIHQ.woff2
fonts.gstatic.com/s/dmsans/v11/ Frame 2AC4 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/dmsans/v11/rP2Hp2ywxg089UriCZOIHQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=DM+Sans:400,700&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7164a212fb4df27bf1e006342d1686badcba58f5a5d301772c14cc7adf1d4821
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ads.eu.criteo.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 20:26:19 GMT
x-content-type-options
nosniff
age
597905
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18096
x-xss-protection
0
last-modified
Thu, 21 Apr 2022 16:54:12 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 15 Sep 2023 20:26:19 GMT
rP2Cp2ywxg089UriASitCBimCw.woff2
fonts.gstatic.com/s/dmsans/v11/ Frame 2AC4 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/dmsans/v11/rP2Cp2ywxg089UriASitCBimCw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=DM+Sans:400,700&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f3c0fa2cd71bb91d0e3acf5d77b93c49a184e9ad941532ca8c07c82eb0bd6a6c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ads.eu.criteo.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 20:26:20 GMT
x-content-type-options
nosniff
age
597904
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18212
x-xss-protection
0
last-modified
Thu, 21 Apr 2022 16:54:14 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 15 Sep 2023 20:26:20 GMT
d21ec34ccf4f465abd5a78b717971bf0_klavika-light.woff
static.criteo.net/design/dt/ Frame 5CF7 		42 KB
42 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/dt/d21ec34ccf4f465abd5a78b717971bf0_klavika-light.woff
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yyyp-AAPLPAIu-UwAAUbu4IGuQ-NwO_ih8iFfQ&u=%7ChIUXIrGDpJL6ACliD7asN7bF%2FtPdfLs3BxdlWUEBWhU%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy3nBR3pkar3jW9x1qp97j4VxsJ0frS2_wLdRBXhALqgDilxRAFHEEdI_JvtZc4hgvnhPqIP-IQMXIpmr0QWwpQTLcqY2ARHL-jzZ_VofujCAGeYp6ibKVLCjhxz68EIja199XyVD29nh9P2AlXuvysrnDpb2k0ErKNEpWr8lK7-XCv4kVcixdVFlNgWk2quHhEf2sUIi-0WWu58WPEPeWwWca29UwhQ2EG7msLe-cPckpeIF_1ky2sw9u2idVAqrOhuklMzLvG8PW7uz_3YxN0r-6WKHIPNEL2bugxhuD-OraOuFjRJRLQd1BmQ7Mm3g3fmMWpckUvIdeOxA8bd_DJIZi1MIHtICVwkxKTsDC3D6bFAkqpN0mYFoMElbs5KlGPfA-X-evXJCRflnm8zZerELqwQ-lpqEKtk6Bpef0Qnje1D2xmHi7J5DEVMvu6f4-EvAzYsgHCVEwwvx_1rLTpZZJffFi5VpBDDmavkDkonfKO2Z1XHT6sWIHfMGK4-WpYdjIPplipR0su_qss9fKKR7KVuWcKmvA3KzxA4mGaRzEHnqhSEeFIRxzNOtYlSMQTKj7Pg6YuJ9N77JhOnTmjY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCglD4-KksY_DZPLDK7_UPu7eUqArJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTMyMzg1NTUyMTg1ODg0MzmgAdW20uoDyAEJqQJRkiwkv3iwPuACAKgDAaoEnAJP0HWI8UnqOGOv6n0_lc5AWvQHEOep17No4x2EuW89V39r-QhwPiqlz-Tldp0wyrXVAGrnrRTwkvvrAuYO0izMctkucGZPP3DcqE13QhJTOk9PZE9PW_py7nGlEWCof5HeJQYOML9qNMwqbgv3XoECuCrJNz-3PnUouWfGG_FRJrUdvlQm1TeWFohE5px04ewNVEMXTxAMOvXVjj1FWh1pYiFTGYTpbvgd3fIRSRUNA09bZLBlMhqTgIkDSxXZdxueKrY9EJ-SXuRwUL0Lf4fdO4LNVffs4c5cbIVv1c1GWtiO5cJSYu5kizVZLjtFCWxBBpsDBCwDOIbuUSY0mNhpnHPAyaaA0LXQu9j7Wn01tTBbHK5l7TEc3sTb3uAEAYAG6_Wg6NOGiOThAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAcBABMgLrAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1s8A8x-l3C2aW9Kzq0nlvzaS2pTw%26client%3Dca-pub-3238555218588439%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
d2e47ce9d709494e8a4c5d4bf47774a0dbaeaa17c259a429f18372e36777578e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
Origin
https://ads.eu.criteo.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:24 GMT
content-encoding
gzip
last-modified
Mon, 12 Apr 2021 08:02:01 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"6073fe79-a654"
strict-transport-security
max-age=31536000; preload;
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 17 Sep 2023 18:31:24 GMT
css
fonts.googleapis.com/ Frame 9781 		5 KB
667 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,700&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400a:800::200a Zurich, Switzerland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
910612fc65208677f4e2fff60558e0f1949138a3696402a17ed5582efe0d2649
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 22 Sep 2022 17:14:23 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 22 Sep 2022 18:31:24 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 22 Sep 2022 18:31:24 GMT
rP2Hp2ywxg089UriCZOIHQ.woff2
fonts.gstatic.com/s/dmsans/v11/ Frame 6E1E 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/dmsans/v11/rP2Hp2ywxg089UriCZOIHQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=DM+Sans:400&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7164a212fb4df27bf1e006342d1686badcba58f5a5d301772c14cc7adf1d4821
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ads.eu.criteo.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 20:26:19 GMT
x-content-type-options
nosniff
age
597905
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18096
x-xss-protection
0
last-modified
Thu, 21 Apr 2022 16:54:12 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 15 Sep 2023 20:26:19 GMT
rP2Hp2ywxg089UriCZOIHQ.woff2
fonts.gstatic.com/s/dmsans/v11/ Frame FF42 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/dmsans/v11/rP2Hp2ywxg089UriCZOIHQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=DM+Sans:400&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7164a212fb4df27bf1e006342d1686badcba58f5a5d301772c14cc7adf1d4821
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ads.eu.criteo.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 20:26:19 GMT
x-content-type-options
nosniff
age
597905
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18096
x-xss-protection
0
last-modified
Thu, 21 Apr 2022 16:54:12 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 15 Sep 2023 20:26:19 GMT
rP2Hp2ywxg089UriCZOIHQ.woff2
fonts.gstatic.com/s/dmsans/v11/ Frame 5CF7 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/dmsans/v11/rP2Hp2ywxg089UriCZOIHQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=DM+Sans:400,700&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7164a212fb4df27bf1e006342d1686badcba58f5a5d301772c14cc7adf1d4821
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ads.eu.criteo.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 20:26:19 GMT
x-content-type-options
nosniff
age
597905
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18096
x-xss-protection
0
last-modified
Thu, 21 Apr 2022 16:54:12 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 15 Sep 2023 20:26:19 GMT
rP2Cp2ywxg089UriASitCBimCw.woff2
fonts.gstatic.com/s/dmsans/v11/ Frame 5CF7 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/dmsans/v11/rP2Cp2ywxg089UriASitCBimCw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=DM+Sans:400,700&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f3c0fa2cd71bb91d0e3acf5d77b93c49a184e9ad941532ca8c07c82eb0bd6a6c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ads.eu.criteo.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 20:26:20 GMT
x-content-type-options
nosniff
age
597904
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18212
x-xss-protection
0
last-modified
Thu, 21 Apr 2022 16:54:14 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 15 Sep 2023 20:26:20 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 03FE 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092101.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 22 Sep 2022 18:31:26 GMT
p
sb.scorecardresearch.com/ Frame 52B2 		43 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/p?c1=2&c2=18065638&ns_type=hidden&ns_st_sv=6.3.4.190424&ns_st_smv=5.10&ns_st_it=c&ns_st_id=1663871480519&ns_st_ec=1&ns_st_sp=1&ns_st_sc=1&ns_st_psq=1&ns_st_asq=1&ns_st_sq=1&ns_st_ppc=1&ns_st_apc=1&ns_st_spc=1&ns_st_cn=1&ns_st_ev=play&ns_st_po=0&ns_st_cl=493583&ns_st_pb=1&ns_st_mp=js_api&ns_st_mv=6.3.4.190424&ns_st_pn=1&ns_st_tp=1&ns_st_ci=2254305&ns_st_pt=0&ns_st_dpt=0&ns_st_ipt=0&ns_st_ap=0&ns_st_dap=0&ns_st_et=0&ns_st_det=0&ns_st_upc=0&ns_st_dupc=0&ns_st_iupc=0&ns_st_upa=0&ns_st_dupa=0&ns_st_iupa=0&ns_st_lpc=0&ns_st_dlpc=0&ns_st_lpa=0&ns_st_dlpa=0&ns_st_pa=0&ns_st_ldw=0&ns_st_ldo=0&ns_ts=1663871484559&ns_st_bc=0&ns_st_dbc=0&ns_st_bt=0&ns_st_dbt=0&ns_st_bp=0&ns_st_lt=4040&ns_st_skc=0&ns_st_dskc=0&ns_st_ska=0&ns_st_dska=0&ns_st_skd=0&ns_st_skt=0&ns_st_dskt=0&ns_st_pc=0&ns_st_dpc=0&ns_st_pp=0&ns_st_br=0&ns_st_rt=100&ns_st_ub=0&ns_st_ki=1200000&ns_st_pr=*null&ns_st_sn=*null&ns_st_en=*null&ns_st_ep=*null&ns_st_ct=vc12&ns_st_ge=Sports&ns_st_st=SendtoNews&ns_st_ce=0&ns_st_ia=0&ns_st_ddt=*null&ns_st_tdt=*null&ns_st_pu=MLB&c3=sendtonews&c4=Sports&c6=*null&c7=https%3A%2F%2Fwww.staradvertiser.com%2F&c8=&c9=https%3A%2F%2Fwww.staradvertiser.com%2F
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-90.fra60.r.cloudfront.net
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:24 GMT
via
1.1 372875ad1ec20daf24f3f29f14a73cd0.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
content-length
43
x-amz-cf-id
Oeqr-pkqqmexNyfrl0npHo8uFTRpq4EjvmKN5US4CZAANeWVdRIYTg==
x-cache
Miss from cloudfront
content-type
image/gif
integrator.js
adservice.google.de/adsid/ Frame 954B 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.staradvertiser.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 22 Sep 2022 18:31:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 954B 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.staradvertiser.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091901.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 22 Sep 2022 18:31:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 954B 		508 B
0 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3632588438906298&correlator=2006711979114346&eid=31068929%2C31069761%2C31069354%2C21065725&output=ldjh&gdfp_req=1&vrg=2022091901&ptt=17&impl=fif&npa=1&iu_parts=15764254%3A5136785%2Cplatform%2C7470%2C(s%3A7470)_(z%3A110722)_(wf%3A16154)_(b%3A103210)&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=728x90&ifi=1&adks=4259440028&sfv=1-0-38&fsapi=false&prev_scp=fi_group%3DG0%26fi_outbid%3Dabcdef&eri=1&sc=1&cookie=ID%3D6b1163197e313caf%3AT%3D1663871480%3AS%3DALNI_MZN69JqttAfEr_IetFEmKdriJnV6g&abxe=1&dt=1663871484580&lmt=1663871484&dlt=1663871481064&idt=3035&adxs=140&adys=3702&biw=1600&bih=1200&isw=728&ish=90&scr_x=0&scr_y=0&btvi=1&ucis=89ot98saifkj&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=1&url=https%3A%2F%2Fwww.staradvertiser.com%2F&ref=https%3A%2F%2Fwww.staradvertiser.com%2F&top=https%3A%2F%2Fwww.staradvertiser.com%2F&frm=23&vis=1&psz=728x-1&msz=728x-1&fws=256&ohw=0&ea=0&ga_vid=1040327165.1663871479&ga_sid=1663871485&ga_hid=1844065479&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091901.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:24 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
243
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.staradvertiser.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 954B 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022091901&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091901.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
508ff954224bf2758b378be9f05000d65e28ee71fac1b3c001920f58ce834924
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 22 Sep 2022 18:31:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11255
x-xss-protection
0
container.html
144588f010523d2468bf3a1c1df8e211.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame D85B 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://144588f010523d2468bf3a1c1df8e211.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.staradvertiser.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 22 Sep 2022 18:31:24 GMT
expires
Fri, 22 Sep 2023 18:31:24 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
diberp-tcx-v4.29.0-v2.js
americanhometownmedia.com/static/ 		337 KB
104 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://americanhometownmedia.com/static/diberp-tcx-v4.29.0-v2.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TV3WXZ5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.58.62 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
62.58.120.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
d43f8c46a66a4d7ee79dd714bb6464d91ec7634f547f2aa485e353839a146d19

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 26 Aug 2022 16:42:07 GMT
content-encoding
gzip
age
2339357
x-guploader-uploadid
ADPycdvIsDLj85v0afwq5G_ijEecQxvozlP1XNFJXPYkZ8MtRPgNcJ33BTKd_thAyIhh0XJPHwJgFhJB2hlYzYmDvzQWqp3Ine6e
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106099
last-modified
Thu, 04 Mar 2021 16:18:32 GMT
server
UploadServer
etag
"02c7b9ff3fbd84a1b8d93e95e255b626"
vary
Accept-Encoding, Origin
x-goog-hash
crc32c=2R6v6g==, md5=Ase5/z+9hKG42T6V4lW2Jg==
x-goog-generation
1614874712638160
cache-control
public, max-age=31536000
x-goog-stored-content-length
106099
accept-ranges
bytes
content-type
text/javascript
expires
Sat, 26 Aug 2023 16:42:07 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ Frame 9781 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,700&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ads.eu.criteo.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 18:50:34 GMT
x-content-type-options
nosniff
age
258050
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44856
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 18:20:18 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 19 Sep 2023 18:50:34 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 79CB 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst_lcbIy_GyFRzCzqaPPQo9CPQVh_q91StZwZnoWIkS1E2BSdNp_YmQY2Xh3tOhdKRNrNv6gJ-Ne50sqqR0JTp5xbt2GKWx7XUkDY8pM3TKpO0i2w9pAmiyRZaCy6C7e3Mn73oTTWz1ca-NXmP9kleMps4tzBV8yk2X-6nF2DuSy8OQu3f0JSvBc8LshK-BHg8X2RuoE0LYjIWJ6Di7nl1GYyc_7A-aa30pm5sh3w4FVfqVzaT0M3Mc0acv2x10iLmLQFoDZ8aVFJr22hgFnufOwVZLJ6wTZEn_U0s2UDb16miCTUwfuOqWgI04vCHLTw-SkYE1fJdRR0AuZtB6Rg&sai=AMfl-YRdpgea8p_YBZc5wBlSFDmih8qYsMZ7lNi29kF8S2bYFFo2ldrfD080u8Jk3uSA18QSYVjM-SeL-7p23Bx787F3CTQ81M0YQP_K0v9Y8fV6joVgG6gjwuYE954D0w&sig=Cg0ArKJSzCQZTQHTuzI4EAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 22 Sep 2022 18:31:24 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Thu, 22 Sep 2022 18:31:24 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame C656 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvvu0Rdn7T9M7bh1MvcE7H2Crxg2vDUhmIutBEm5X2jABjTeW1IpWieeByzBJmAzpD_9uPtBSiScC8TLwjpKzfzcOrZYB6UvZQOPVcH2C1fTuCEw-44mjhMnyrumwpeCrDyJJXFdvSFbMr60eMcQud7XGAFXF4zRC0U6Sq5vw40hPGMBN6myTPRvUd0lTz7NF-X0LsIxLBNvdpb2i3IzniVrEkP9g2jvJTWsim8H7Qb-VP57g5050KIVFf_BEYiAIYoXWVtvfudZwm3ZcnBS4eEJ7oPWjl9jG0NxZo9Qlxktto7EDwxIMVJVc5vk2B5ReqYA-2lpRA7SmslQ4HpYNs&sai=AMfl-YQFqDEyICr0qQIXeHLE_x9ZkpW6zUBAPpus3IX-OYBHBeKM6IcOQJgMwKVeACZ9pZP8STg5CZx8NrLwbLMLY1YF2B9NU0J0FOLN0q1-gY87sBE8woI75mkkYtyrXw&sig=Cg0ArKJSzFmRbrsxw4HyEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 22 Sep 2022 18:31:24 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Thu, 22 Sep 2022 18:31:24 GMT
stn_trk.gif
s2l.sendtonews.com/ 		26 B
186 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://s2l.sendtonews.com/stn_trk.gif?session=Kqg2J0vzlYL6FDsn&instance=214988373&version=7.8.0&age=220922&cmd=PLAY&key=NxulL6Ef&c_id=13479&seq=1&order=7&absoluteTime=7824.8&relativeTime=5201.2&alt=0&sC_ID=4735&sm_id=2254305&load=1&status=LVFNMNIY&ac_id=2008&EXTREF=https://www.staradvertiser.com/&REF=https://www.staradvertiser.com/&playerCfg=BR
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.206.60.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-206-60-169.compute-1.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:24 GMT
last-modified
Wed, 23 Dec 2020 21:38:39 GMT
server
Apache/2.4.41 (Ubuntu)
accept-ranges
bytes
etag
"1a-5b72883b37f80"
content-length
26
content-type
image/gif
data_stn_l.php
timber.sendtonews.com/timber/ 		0
142 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://timber.sendtonews.com/timber/data_stn_l.php?CMD=PLAY&ESG_key=NxulL6Ef&ES_key=NxulL6Ef&ES_ID=34893&S_RKEY=kmnhGKQYEz&USR_ID=214988373&ST_usrKey=Kqg2J0vzlYL6FDsn&SM_ID=2254305&C_ID=13479&C_companyName=Oahu%20Publications%20Inc&version=70080000&sC_ID=4735&AC_ID=2008&TYPE=BARKER&EXTREF=https://www.staradvertiser.com/&REF=https://www.staradvertiser.com/&PLAYERWIDTH=298.5&PLAYERCODE=LVFNMN&OGSET=1&REFONLY=0&STRIPQUERY=1&pposition=float&floattype=s
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.170.30.54 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-170-30-54.compute-1.amazonaws.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 22 Sep 2022 18:31:29 GMT
cache-control
max-age=1
server
Apache
content-type
text/html; charset=UTF-8
content-length
0
expires
Thu, 22 Sep 2022 18:30:49 GMT
integrator.js
adservice.google.de/adsid/ Frame 79CB 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.staradvertiser.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092001.js?cb=31069792
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 22 Sep 2022 18:31:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 79CB 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.staradvertiser.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092001.js?cb=31069792
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 22 Sep 2022 18:31:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 79CB 		48 KB
19 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4137092168443179&correlator=3322260862163270&eid=31068498%2C31069764%2C31069792&output=ldjh&gdfp_req=1&vrg=2022092001&ptt=17&impl=fif&iu_parts=2507246%3A5136785%2Cstaradvertiser.com_Web_728x90_1&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ifi=1&adks=128770239&sfv=1-0-38&fsapi=false&prev_scp=h%3D18%26shb%3D1%26tg%3D0%26p%3DBTF%26at%3D1%26hostname%3Dwww.staradvertiser.com%26consent%3D0%26Exclude_Adx%3DN%26ib%3Dnofill%26iba%3D0%26iaid%3Dnofill%26it%3Dil&cust_params=ip%3D1%26he%3D0&ppid=1329b7a3-57e0-4a4c-8c42-3fec8b79e7d3&sc=1&cookie=ID%3D6b1163197e313caf%3AT%3D1663871480%3AS%3DALNI_MZN69JqttAfEr_IetFEmKdriJnV6g&abxe=1&dt=1663871484747&lmt=1663871484&dlt=1663871482003&idt=2603&adxs=436&adys=1899&biw=1600&bih=1200&isw=728&ish=90&scr_x=0&scr_y=0&btvi=1&ucis=hf6td0o8u92w&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=1&url=https%3A%2F%2Fwww.staradvertiser.com%2F&ref=https%3A%2F%2Fwww.staradvertiser.com%2F&top=https%3A%2F%2Fwww.staradvertiser.com%2F&frm=23&vis=1&psz=0x0&msz=728x0&fws=256&ohw=0&ea=0&ga_vid=1040327165.1663871479&ga_sid=1663871485&ga_hid=842507549&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092001.js?cb=31069792
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
451d7babd973b5c0a4239572335398dab69cab88e9fc3bbb77903db31e823aca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:25 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19159
x-xss-protection
0
google-lineitem-id
5747548770
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138357539006
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.staradvertiser.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 79CB 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022092001&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092001.js?cb=31069792
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e9dd44c4db17fa875c48669fa923da0417d648f805e1fbed67daabc70b55fcde
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 22 Sep 2022 18:31:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11219
x-xss-protection
0
container.html
8d7be3625a97d28e0bfa042004ddc3d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 3673 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://8d7be3625a97d28e0bfa042004ddc3d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092001.js?cb=31069792
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.staradvertiser.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 22 Sep 2022 18:31:24 GMT
expires
Fri, 22 Sep 2023 18:31:24 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
publishertag.prebid.113.js
static.criteo.net/js/ld/ Frame 954B 		85 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.113.js
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/prebidamp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
e6969b69570c743952ab51b9fba22410be503db91b0566753d6da10894e76dad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:24 GMT
content-encoding
gzip
last-modified
Wed, 08 Sep 2021 12:50:31 GMT
server
nginx
etag
W/"6138b197-1532d"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 23 Sep 2022 18:31:24 GMT
integrator.js
adservice.google.de/adsid/ Frame C656 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.staradvertiser.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091901.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 22 Sep 2022 18:31:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame C656 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.staradvertiser.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091901.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 22 Sep 2022 18:31:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame C656 		18 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1944132421059258&correlator=203257151951883&eid=44768257&output=ldjh&gdfp_req=1&vrg=2022091901&ptt=17&impl=fif&iu_parts=2507246%3A5136785%2Cstaradvertiser.com_Web_300x250_3&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=1&adks=2933112504&sfv=1-0-38&fsapi=false&prev_scp=h%3D18%26shb%3D1%26tg%3D0%26p%3DBTF%26at%3D1%26hostname%3Dwww.staradvertiser.com%26consent%3D0%26Exclude_Adx%3DN%26ib%3Dnofill%26iba%3D0%26iaid%3Dnofill%26it%3Dil&cust_params=ip%3D1%26he%3D0&ppid=1329b7a3-57e0-4a4c-8c42-3fec8b79e7d3&sc=1&cookie=ID%3D6b1163197e313caf%3AT%3D1663871480%3AS%3DALNI_MZN69JqttAfEr_IetFEmKdriJnV6g&abxe=1&dt=1663871484775&lmt=1663871484&dlt=1663871482103&idt=2554&adxs=1161&adys=5427&biw=1600&bih=1200&isw=300&ish=250&scr_x=0&scr_y=0&btvi=1&ucis=x4ekibrauvo3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=1&url=https%3A%2F%2Fwww.staradvertiser.com%2F&ref=https%3A%2F%2Fwww.staradvertiser.com%2F&top=https%3A%2F%2Fwww.staradvertiser.com%2F&frm=23&vis=1&psz=0x0&msz=300x0&fws=256&ohw=0&ea=0&ga_vid=1040327165.1663871479&ga_sid=1663871485&ga_hid=1128854630&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091901.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5254f451baf70066671623791f4e6af37ca2c992fa36e3ad577d51ab8d827d4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:25 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9819
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.staradvertiser.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame C656 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022091901&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091901.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f41d8890e440c3b4f07f855dcd352252478e09ae5f382e8cb060709a82e72c6c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 22 Sep 2022 18:31:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11251
x-xss-protection
0
container.html
a132e780e94323eea01bca5efa1eeda0.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 30D2 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://a132e780e94323eea01bca5efa1eeda0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.staradvertiser.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 22 Sep 2022 18:31:24 GMT
expires
Fri, 22 Sep 2023 18:31:24 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
1710p4s4p868n18sn0pqps224o506381.m3u8
d29xw9s9x32j3w.cloudfront.net/videos/m3u8/1000k/ 		3 KB
882 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://d29xw9s9x32j3w.cloudfront.net/videos/m3u8/1000k/1710p4s4p868n18sn0pqps224o506381.m3u8
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.145.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-145-10.cdg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d2a9b93458c8585d80a3d1d19b15d785aa5930a1cf337489c3112f463c0f176c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 17:50:58 GMT
content-encoding
gzip
age
2427
x-cache
Hit from cloudfront
x-amz-storage-class
REDUCED_REDUNDANCY
content-disposition
attachment
access-control-allow-origin
*
last-modified
Thu, 22 Sep 2022 17:35:17 GMT
server
AmazonS3
etag
W/"804a73c6c1f575e5074b06e25606f1d2"
vary
Accept-Encoding,Origin
access-control-allow-methods
GET, HEAD, POST
content-type
application/x-mpegURL
via
1.1 3a19e7746bbbb8dd91ed586197497ae8.cloudfront.net (CloudFront)
access-control-expose-headers
Access-Control-Allow-Origin, Access-Control-Allow-Credentials
cache-control
max-age=86400
x-amz-cf-pop
CDG50-C2
x-amz-cf-id
fLX6NAH5MjDZ9lzF4wjFpXQe4_YuQhR9tGtTsdzXKzsrrDDxNX6WHA==
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 954B 		0
0
container.html
17b0de2947672e3435c036d26a10ff7b.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame E683 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://17b0de2947672e3435c036d26a10ff7b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092101.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.staradvertiser.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 22 Sep 2022 18:31:24 GMT
expires
Fri, 22 Sep 2023 18:31:24 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
e5666664-52a2-4b8b-bca2-c3f0a6d328e9.js
product.instiengage.com/ceu-code/ Frame 57A7 		369 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://product.instiengage.com/ceu-code/e5666664-52a2-4b8b-bca2-c3f0a6d328e9.js
Requested by
Host: d2na2p72vtqyok.cloudfront.net
URL: https://d2na2p72vtqyok.cloudfront.net/client-embed/134cd2a0-7eab-4f89-ad56-f416cc5743c6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206e:7000:9:78a:e540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bf5f3a5d952adbc5fa39717df95ed452435908c8d36c5e9d5d38774ed4444612

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id
.f991fRbvC4R33v5yAD0S_pevWmrPldj
content-encoding
br
last-modified
Mon, 08 Aug 2022 11:28:20 GMT
server
AmazonS3
age
291
etag
W/"862110fbf38fad43aeb806fbba38c62c"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 d3e698ff6aa93657f45eda478b9496e0.cloudfront.net (CloudFront)
cache-control
max-age=3600,public
date
Thu, 22 Sep 2022 18:31:24 GMT
x-amz-cf-pop
VIE50-C1
x-amz-cf-id
C2uPWTgFAdHruN8971p6mKapvt-BJUHDDRDk3YjYUnuGHtf7AESm4w==
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 79CB 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092001.js?cb=31069792
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 22 Sep 2022 18:31:26 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame C656 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091901.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 22 Sep 2022 18:31:26 GMT
publishertag.prebid.js
static.criteo.net/js/ld/ Frame 954B 		0
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 954B 		0
0
adview
securepubads.g.doubleclick.net/pagead/ Frame E683 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CJF2V_KksY6XOHJ6A7_UPlcOauAuQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0wNzk2NzkwODkwMzA3ODM4oAHCrujdA8gBCakCUZIsJL94sD7gAgCoAwGqBL8CT9BIZrNJ0-QszY1qHJ8N5jL8qDWguT6AcoEWHPCPqCfWwdF15s45KM42xjk55Tr1aPdYXlwAEQEbpQ6dkyvcpLa-Z_vwk8P0N7uXK7uisaU5PS_8hhJJVF-6G4Lc2PiAl0-AZeOlZA2N0GCViLDaWf6twjp5T8eRNKRbVxweFElxsAiCoGtPtcIZRCNReTCYc8im5Fzv5QJi0hnYJJemvsqkej7UAoBOlV1RqyS9SwSEFnJy5q84baJ_KdPgllZPdDaqYvwed9sIUcZRrAgiilvw2fdB8D8haXzIO1udYif3GMmUFUWaDdhZ2mKx3ZeaXiMtHJZoyMduISvjutff-HXrXZ3VSCTQ5mze7_Fe1XfkQUfzPeSNcYiVwwjBgJoi_wMP29uDQ--ijtIqxnMO_HZxli14QIrrhAO2dbK38eAEAYAG8bq-wcyDn7X8AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgECACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItMDc5Njc5MDg5MDMwNzgzOBik-w8&sigh=7dtf2lVE-fY&uach_m=[UACH]&cid=CAQSOwCsnQUxg7ipE4_djFZ0Y7lA_ni8OxHhuolE8fg-IIWhwbv4coerVRQKOghlvAjBJlHMu2Jwtrygwb_QGAE
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://17b0de2947672e3435c036d26a10ff7b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers
winResponse
prod-rtb.ad4mat.net/ Frame E683 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prod-rtb.ad4mat.net/winResponse?a=1hr5wk4rg4qmr6t4dmgk9avjap8kbgg7838eseqtx5qp88p7w6rgkdbz457zchkxjnv433dq5n6e314g9ttg30vqxntbjq1q95xbrh30dnty5g58v24ymrg6j1y15gbtf08q6jcgw3mxd3g1ye4we1b1ga2rwz0rzwnnzp1p6ycewq7hw36s8b12zdyym9ad3wemmd4n44a1egxxjhcz9bt9pk06r8e9kx1qt44n7zwjcjz7y9mvv80ybevnz982chbwnvdsnj2g7j9s6bmqrbfwycwhpyzyhcb801zmwvksv936n9hbz82gs5q7yc0h6r89rtdbdc8ef3shmbdm5qhb8jrxgb4k2rddzssdgeha1wyc1xtdw76xgggnzfrbrp3kg467hvyndfvr3tbhe9r&b=Yyyp_AAHJyUIu8AeAAahlfUXg8VtXawybUgO1Q
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://17b0de2947672e3435c036d26a10ff7b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 22 Sep 2022 18:31:24 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
image/gif
dr
as.ad4m.at/ad/ Frame 4F42 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/dr?ed=1h1y0sh83a7fypftge3n2ewyp45bkz01xnhsnyxb2p9zq24my27bc5qaqvs8940b6bcgqf1z9zgjwqyqbr4b6a811jm075k8f6qrnmf01ftwsq1hv9j1khqzkfpvw5waw85qk871s9t2a7dd0x2193cnhvtxs54h4tv66b0m5edq0vdzn9h0s10r9jqvesrxzprt45t0rzz1e1w4hvbddw09c33qxb57pzc8ck8q0a395gp4rfvkb4mm5py35w8p44zf8d708fqq9f1rfqbck9te2hgn9tf5hxnqjczcgq6w5vsbyct4c5z0rjtkbgmpf60b7npmzehpe3rrm5b242jmavkcfcyzpc4a7h59yhrg3dxs1j3jsw477ae5vhdjtcvfc56smx7nr3n2msyh12kx9ct7j8r51c&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCSmuW_KksY6XOHJ6A7_UPlcOauAuQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0wNzk2NzkwODkwMzA3ODM4oAHCrujdA8gBCakCUZIsJL94sD7gAgCoAwGqBMICT9BIZrNJ0-QszY1qHJ8N5jL8qDWguT6AcoEWHPCPqCfWwdF15s45KM42xjk55Tr1aPdYXlwAEQEbpQ6dkyvcpLa-Z_vwk8P0N7uXK7uisaU5PS_8hhJJVF-6G4Lc2PiAl0-AZeOlZA2N0GCViLDaWf6twjp5T8eRNKRbVxweFElxsAiCoGtPtcIZRCNReTCYc8im5Fzv5QJi0hnYJJemvsqkej7UAoBOlV1RqyS9SwSEFnJy5q84baJ_KdPgllZPdDaqYvwed9sIUcZRrAgiilvw2fdB8D8haXzIO1udYif3GMmUFUWaDdhZ2mKx3ZeaXiMtHJZoyMduISvjutff-HXrXZ3VSCTQ5mze7_Fe1XfkQUfzPeSNcYjXwSlTV2Olv8uIk01ZCn1Qt8Yga3kg5KvxVGTquB71qBtjqS33OTqTbOAEAYAG8bq-wcyDn7X8AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0v7i0dDhmxlJ4mRiZUpnmuJBR6kg%26client%3Dca-pub-0796790890307838%26adurl%3D
Requested by
Host: 17b0de2947672e3435c036d26a10ff7b.safeframe.googlesyndication.com
URL: https://17b0de2947672e3435c036d26a10ff7b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
017a73698ff14f115204ff1554c03852673d54d2b72f8fcc2b6305576f838f6a
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://17b0de2947672e3435c036d26a10ff7b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
74ed1e0cf92c91de-FRA
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Thu, 22 Sep 2022 18:31:24 GMT
expires
0
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220919/r20110914/client/ Frame E683 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220919/r20110914/client/window_focus_fy2021.js
Requested by
Host: 17b0de2947672e3435c036d26a10ff7b.safeframe.googlesyndication.com
URL: https://17b0de2947672e3435c036d26a10ff7b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://17b0de2947672e3435c036d26a10ff7b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:24:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
430
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 06 Oct 2022 18:24:14 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame A35D 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 17b0de2947672e3435c036d26a10ff7b.safeframe.googlesyndication.com
URL: https://17b0de2947672e3435c036d26a10ff7b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://17b0de2947672e3435c036d26a10ff7b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
32879
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 22 Sep 2022 09:23:25 GMT
etag
48472445140208031
expires
Fri, 23 Sep 2022 09:23:25 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220919/r20110914/client/ Frame E683 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220919/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 17b0de2947672e3435c036d26a10ff7b.safeframe.googlesyndication.com
URL: https://17b0de2947672e3435c036d26a10ff7b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
343e8bb1ac79eaf674b71ae9b5da8696724016649576600cdeaf11b69704ea40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://17b0de2947672e3435c036d26a10ff7b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:26:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
310
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7568
x-xss-protection
0
server
cafe
etag
16266204680973569043
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 06 Oct 2022 18:26:14 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame E683 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: 17b0de2947672e3435c036d26a10ff7b.safeframe.googlesyndication.com
URL: https://17b0de2947672e3435c036d26a10ff7b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://17b0de2947672e3435c036d26a10ff7b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 07:13:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
127090
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 21 Sep 2023 07:13:14 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame E683 		140 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 17b0de2947672e3435c036d26a10ff7b.safeframe.googlesyndication.com
URL: https://17b0de2947672e3435c036d26a10ff7b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0d71b1f9bb2c1439edff9c640fedc7e649eeaa3a1d5b5b08199a6877b3328a71
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://17b0de2947672e3435c036d26a10ff7b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44544
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1663587528796173"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 22 Sep 2022 18:31:25 GMT
truncated
/ Frame E683 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
042110a177712845ad988f479fb24541777fe61fb991ab896c5964d1459e99ca

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type
image/png
default.css
as.ad4m.at/ad/style/0.1.23/one-ad/ Frame 4F42 		85 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.23/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1h1y0sh83a7fypftge3n2ewyp45bkz01xnhsnyxb2p9zq24my27bc5qaqvs8940b6bcgqf1z9zgjwqyqbr4b6a811jm075k8f6qrnmf01ftwsq1hv9j1khqzkfpvw5waw85qk871s9t2a7dd0x2193cnhvtxs54h4tv66b0m5edq0vdzn9h0s10r9jqvesrxzprt45t0rzz1e1w4hvbddw09c33qxb57pzc8ck8q0a395gp4rfvkb4mm5py35w8p44zf8d708fqq9f1rfqbck9te2hgn9tf5hxnqjczcgq6w5vsbyct4c5z0rjtkbgmpf60b7npmzehpe3rrm5b242jmavkcfcyzpc4a7h59yhrg3dxs1j3jsw477ae5vhdjtcvfc56smx7nr3n2msyh12kx9ct7j8r51c&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCSmuW_KksY6XOHJ6A7_UPlcOauAuQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0wNzk2NzkwODkwMzA3ODM4oAHCrujdA8gBCakCUZIsJL94sD7gAgCoAwGqBMICT9BIZrNJ0-QszY1qHJ8N5jL8qDWguT6AcoEWHPCPqCfWwdF15s45KM42xjk55Tr1aPdYXlwAEQEbpQ6dkyvcpLa-Z_vwk8P0N7uXK7uisaU5PS_8hhJJVF-6G4Lc2PiAl0-AZeOlZA2N0GCViLDaWf6twjp5T8eRNKRbVxweFElxsAiCoGtPtcIZRCNReTCYc8im5Fzv5QJi0hnYJJemvsqkej7UAoBOlV1RqyS9SwSEFnJy5q84baJ_KdPgllZPdDaqYvwed9sIUcZRrAgiilvw2fdB8D8haXzIO1udYif3GMmUFUWaDdhZ2mKx3ZeaXiMtHJZoyMduISvjutff-HXrXZ3VSCTQ5mze7_Fe1XfkQUfzPeSNcYjXwSlTV2Olv8uIk01ZCn1Qt8Yga3kg5KvxVGTquB71qBtjqS33OTqTbOAEAYAG8bq-wcyDn7X8AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0v7i0dDhmxlJ4mRiZUpnmuJBR6kg%26client%3Dca-pub-0796790890307838%26adurl%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
34c3ae81cd958df09f8912557b0a7c53fea002cc24b4d6058d852da53811e414
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/dr?ed=1h1y0sh83a7fypftge3n2ewyp45bkz01xnhsnyxb2p9zq24my27bc5qaqvs8940b6bcgqf1z9zgjwqyqbr4b6a811jm075k8f6qrnmf01ftwsq1hv9j1khqzkfpvw5waw85qk871s9t2a7dd0x2193cnhvtxs54h4tv66b0m5edq0vdzn9h0s10r9jqvesrxzprt45t0rzz1e1w4hvbddw09c33qxb57pzc8ck8q0a395gp4rfvkb4mm5py35w8p44zf8d708fqq9f1rfqbck9te2hgn9tf5hxnqjczcgq6w5vsbyct4c5z0rjtkbgmpf60b7npmzehpe3rrm5b242jmavkcfcyzpc4a7h59yhrg3dxs1j3jsw477ae5vhdjtcvfc56smx7nr3n2msyh12kx9ct7j8r51c&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCSmuW_KksY6XOHJ6A7_UPlcOauAuQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0wNzk2NzkwODkwMzA3ODM4oAHCrujdA8gBCakCUZIsJL94sD7gAgCoAwGqBMICT9BIZrNJ0-QszY1qHJ8N5jL8qDWguT6AcoEWHPCPqCfWwdF15s45KM42xjk55Tr1aPdYXlwAEQEbpQ6dkyvcpLa-Z_vwk8P0N7uXK7uisaU5PS_8hhJJVF-6G4Lc2PiAl0-AZeOlZA2N0GCViLDaWf6twjp5T8eRNKRbVxweFElxsAiCoGtPtcIZRCNReTCYc8im5Fzv5QJi0hnYJJemvsqkej7UAoBOlV1RqyS9SwSEFnJy5q84baJ_KdPgllZPdDaqYvwed9sIUcZRrAgiilvw2fdB8D8haXzIO1udYif3GMmUFUWaDdhZ2mKx3ZeaXiMtHJZoyMduISvjutff-HXrXZ3VSCTQ5mze7_Fe1XfkQUfzPeSNcYjXwSlTV2Olv8uIk01ZCn1Qt8Yga3kg5KvxVGTquB71qBtjqS33OTqTbOAEAYAG8bq-wcyDn7X8AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0v7i0dDhmxlJ4mRiZUpnmuJBR6kg%26client%3Dca-pub-0796790890307838%26adurl%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:25 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age
879248
cross-origin-embedder-policy
unsafe-none
cf-polished
origSize=86781
surrogate-control
no-store
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=86400; includeSubDomains; preload
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
same-origin
last-modified
Mon, 12 Sep 2022 14:17:16 GMT
server
cloudflare
cross-origin-opener-policy
unsafe-none
x-download-options
noopen
vary
accept-encoding
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type
text/css; charset=utf-8
expires
0
cache-control
max-age=3600, must-revalidate, proxy-revalidate
cf-ray
74ed1e0d7ef2696a-FRA
cf-bgj
minify
fxpcopuw.js
ad4m.at/ Frame 4F42 		36 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/fxpcopuw.js
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1h1y0sh83a7fypftge3n2ewyp45bkz01xnhsnyxb2p9zq24my27bc5qaqvs8940b6bcgqf1z9zgjwqyqbr4b6a811jm075k8f6qrnmf01ftwsq1hv9j1khqzkfpvw5waw85qk871s9t2a7dd0x2193cnhvtxs54h4tv66b0m5edq0vdzn9h0s10r9jqvesrxzprt45t0rzz1e1w4hvbddw09c33qxb57pzc8ck8q0a395gp4rfvkb4mm5py35w8p44zf8d708fqq9f1rfqbck9te2hgn9tf5hxnqjczcgq6w5vsbyct4c5z0rjtkbgmpf60b7npmzehpe3rrm5b242jmavkcfcyzpc4a7h59yhrg3dxs1j3jsw477ae5vhdjtcvfc56smx7nr3n2msyh12kx9ct7j8r51c&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCSmuW_KksY6XOHJ6A7_UPlcOauAuQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0wNzk2NzkwODkwMzA3ODM4oAHCrujdA8gBCakCUZIsJL94sD7gAgCoAwGqBMICT9BIZrNJ0-QszY1qHJ8N5jL8qDWguT6AcoEWHPCPqCfWwdF15s45KM42xjk55Tr1aPdYXlwAEQEbpQ6dkyvcpLa-Z_vwk8P0N7uXK7uisaU5PS_8hhJJVF-6G4Lc2PiAl0-AZeOlZA2N0GCViLDaWf6twjp5T8eRNKRbVxweFElxsAiCoGtPtcIZRCNReTCYc8im5Fzv5QJi0hnYJJemvsqkej7UAoBOlV1RqyS9SwSEFnJy5q84baJ_KdPgllZPdDaqYvwed9sIUcZRrAgiilvw2fdB8D8haXzIO1udYif3GMmUFUWaDdhZ2mKx3ZeaXiMtHJZoyMduISvjutff-HXrXZ3VSCTQ5mze7_Fe1XfkQUfzPeSNcYjXwSlTV2Olv8uIk01ZCn1Qt8Yga3kg5KvxVGTquB71qBtjqS33OTqTbOAEAYAG8bq-wcyDn7X8AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0v7i0dDhmxlJ4mRiZUpnmuJBR6kg%26client%3Dca-pub-0796790890307838%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
22cadce4f1aad2a4af3657f90efa02d4e3d32217fdf307ff69512771d1fb08ab

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:25 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
201063
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 27 Jul 2022 10:39:36 GMT
server
cloudflare
etag
W/"1a2552545a3303319c45b19addfd8947"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MkXmFVK4ysADLAsmsvKof8dmGGZhB7KjouFsiIUb9cc5uO5mxEYaOWzs384VCYCUYmr122f%2FJZdzZJW7Ym%2BS3P2rzztSMEB%2FfAMKVk%2BbtmDahPb2URYZqHVJXCQv8LpVKM6OJWc%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray
74ed1e0d7a4691de-FRA
expires
Wed, 14 Sep 2022 13:04:27 GMT
all
csm.eu.criteo.net/ Frame E1BA 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=ZXNQZ9sDNmC2JH9r_jjzsLLVBR4sd5u67ruVnJI_ZUzQpB0ep8X8LLRENd_mfY-BM8B9DNsZtREcjwQaNirZkrwUJKQh4oPEBBW47Dn8H3uB25SaJaRNbQIDfjb3axnvaxwRzwScOr64YNgf2d59-WNdEFGyiv1vp4EX1chGGCJvX6WPAL3HmPjOI3Z42GMs1HJ-4dPCAy3E7TmFgzM0poACXiE3rXdcs91GXYrfNI4WeOj2j-zuRfD3anisNI_VScQ2Xw&sds=2&rev=82884&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yyyp-AAPLOQIu-UwAAUbuw6LzDfe00S78k6aZg&u=%7ChIUXIrGDpJLB33NFN%2B3rCXe2AtJekpDZuvl0gFCv2bk%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNy44cDHK1QYNdJ71gdyCWvylMYxXMLCj4fODidRdwMR55tQ-B9hy0g4MQ3Y2uLD3JJ7lEKfzn4aFBSnAzQtPDFlUCNVr5sGfcUGLidg4S-JIc8fkmU7t_3lDQ-7uQxz5KC1LVpZy0lTa47_eeDpJKgFIqyafXhv162gFLR43EChItsYynTLOrVYw7Xvntv1WZxGmwZA1EiEi2zVPGXSbK9GhrMGiMwJURESq7rVw--kcOCp7nieQq5XY1ZIpbKSVjSYozomh1w65iM4eXCeJp7G7V4FRP88_JQnm5cNer5kQaUNtQbVLysjqCDWd4GLZt6HIFEhmm8nIeSK6hGQgfU1oZ2-MfYrKAq4WWH_m9HYby1rekhU_OJXaYhFKP3DRpqYfQem3JtNGI3cvBXqg7sh1d8l7Jk7mlCT4BGh-Bkg_lmQ0IOCDdCCRpasPsxBL0-bCARgZ-Grtr32oZ9UMlssSMisy958bc-MCRG4d8elEigRpLbUZiebWfBMEjyiUqyyUyBCIthKQHlfnh85NMDMQCISVJSN3BD4oOt8T1UHUiEGwTJnQ-hNa56F65jt-tHGtnoDsdEURWYIc9zriXgjwdc1LIWe16WpZuQxQDnfg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCVk0s-KksY-TZPLDK7_UPu7eUqArJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTMyMzg1NTUyMTg1ODg0MzmgAdW20uoDyAEJqQJRkiwkv3iwPuACAKgDAaoEjwJP0BQWJUFwle9V2J5_nSXkGxeQ0xxITrODZatVfDrtmnz-S0nmjk9vH1hZcHBvUMaAIVglImsb8dvAtyRNXBDYMU0s0A4BCP79eD7G81qQwuZdKx6rfIvQk32vE26O7tH3OBbaLr96QO0dFTcqKyi6uN8XmgeUYbnCOT-ZWvdugNvn5uDZGG4g5pOXLORMIZFUcNQad6tiyVOLaL1kuIQC54FeyJPxJF26OEzndVFhzT1GitqFYvbSvejD78ayJ7TWBJXt5JfPw9UWt19tirIOmBlTHkFuBRFVsTqPJJp6CY14e_dVCskJOFYS1IFsq5w775NuhNgN_rgVrZmacAG2MgiEGlbtLkDQ27v3nDGP4AQBgAaWmt3Y0N-Y5osBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YBwEAEyAusCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3uVn_vXnUP5W6OXrQ1iFPoN9D3NQ%26client%3Dca-pub-3238555218588439%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.162 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Thu, 22 Sep 2022 18:31:24 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;
all
csm.eu.criteo.net/ Frame 2AC4 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=7RQccNsDNmC2JH9r3XHahfMgtrpe9WGr9gHclvnrzOMsHkhyGCnECHRbrmw9wQXz8FuAAR7SSzFnwRRc7QUhk8VWiWxOJiJJilBKtOCB2HEH8NnYKPCMRtkNbcCBDZJhjS-WvnwtnA0lyosWFJz5ct3qFJKkObWwMSC6L8m3pumfxk2Vs9OdyrvZOd-qKo2shq-521Z7qT1VRKpnctPoanA28kRsz1mVdQBDxbimxtZlyFNJBuCPiGNnpifrLHincMWQhg&sds=2&rev=82884&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yyyp-AAPLOsIu-UwAAUbuzfaEK0lLx-rdBQm-w&u=%7ChIUXIrGDpJKs%2BNQhCogTOVXt6NMGZn2MLqy7hzamzrA%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrGxHd21mMpxNh6ptbvoFGr5-taiijmDVNfEog-pHxa6wvg-tUOFnI36QG0DZhqQiWFLzK9PeXkRUnRcJnQGiAJN1oUKXq_0FiTwIkyB5pawzTsYyrVn4RaACGKq-geHHNBGwUeH42rbtlPUycZCimCT4WrjS_nVwovPqf-iMMZzU6kUYCdOTqtTvbFFQlxGXW-RoNdmKRIy_YWCcgNzIKbBUp0Br_k1CuvilQJ2gWk88N1lz-3TcnzkAMF6A6Tg0Crnu1dFcVaCfIIOncAIm-H5BN2h9qdMHiE7-0_x-1lU2v7HgXPizZPO61sDpdSq8QvSKo0z4Tz0Mxip6UfJCOomN0tMaLH0NaND0mETmaHrbpTnGLpuFSCarUhywpv-C8vKHNt1wpOoIocV6zmPp-QPfkue6YU6dDTW-6F48TKA71R8SBZo_2cFVi2Mnp2oyrFBRhbGXitC7T1e963VNEP4lxtli_GfeCFlYbR2P3XiE5RizYasXEgzJ9AY6qbL6Fnggr9OTQFOU6rY-Xlb5mK8tT2GzWxDivHNUUIoENXQFRi9xDx_8pEoD2noMFIsxddScxQyzotCyIVMNa0prenBtUbtfGYMnQqoD771xYSDQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9evf-KksY-vZPLDK7_UPu7eUqArJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTMyMzg1NTUyMTg1ODg0MzmgAdW20uoDyAEJqQJRkiwkv3iwPuACAKgDAaoEmgJP0GMtPfwPFcfwgrcF14hVtttrdBm4ayu5gghJueZFX9_KOV8XuEEsUSR5U9IeKAizuJzRjA2JAJvmITiNDutMvFEeKOUhyUlm7J9Ptkb270A9UnEyBrqWNZt42_DTls1VJQ436PXJmXQV9M2_x1QFtNwyUzyPpwaGxKy1OoCh4j4tLZ9MbmWVZlg10xCkMVbbg1f_8vWsukW2_rSsjNX0d0Xdar1Pe6IgjW_dsO2Ny2ivgWX7YlpZ-lOHlB8Vgf-1dpGB6iRPslOJOxtWRAL9B6EzD5bzkcMhLdtf3WeF-JX8KJn8eABjPdojp3NPcvJU62QTY_X4Tni5GEniHU3Z4VVHSOZtbVnmg0qV8ey2xsIYEKMMLW2rs5jgBAGABuv1oOjThojk4QGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgHAQATIC6wI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0QiN2AxmuZc7TwqL_FL7RXFI5oEQ%26client%3Dca-pub-3238555218588439%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.162 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Thu, 22 Sep 2022 18:31:24 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;
dds
rtb.openx.net/sync/ Frame A35D 		43 B
351 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?google_gid=CAESEHd_-QWTeo0-nsYEIFSr5AU&google_cver=1&google_push=AZmPxg8788XzLo1lolOVrWAEssq3xPwUCCKGNlIMyEc_ef_bgMFJ3oUNtYcDmdlhfhD4Z6hP0y47cDDYNRIuU5KMPnPcf37vWr1V
Requested by
Host: 17b0de2947672e3435c036d26a10ff7b.safeframe.googlesyndication.com
URL: https://17b0de2947672e3435c036d26a10ff7b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Sep 2022 18:31:24 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
j9jf9ra13fji1tpq8l5dguv83hbbem75
UCookieSetPug
image6.pubmatic.com/AdServer/ Frame A35D 		0
166 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEM6zjY35Os1VYHswt4Q5BTs&google_cver=1&google_push=AZmPxg8Wn5UKW3FIbN-zo8jmMiYvxSuPLG5b-tl8gE8kHhlsNJZ3iedJERANW0goiCFwTH12qK2Sr2uJ-d8b3K9qzzypGVGGRkdo
Requested by
Host: 17b0de2947672e3435c036d26a10ff7b.safeframe.googlesyndication.com
URL: https://17b0de2947672e3435c036d26a10ff7b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:24 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame A35D
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEHVesn3tOzduKsNPrVY_sQg&google_cver=1&google_push=AZmPxg9VmXCF9XpkYTf_wFzBS02Nqdj-Wan7f4pxjkX_ycnF4Dwu828wzVcYkocUE1Auw9-8jHCs2eFHSS4wMVn...
  • https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=uiediYpZRVZ_QRTVHxPs8LnVm6Y&google_push=AZmPxg9VmXCF9XpkYTf_wFzBS02Nqdj-Wan7f4pxjkX_ycnF4Dwu828wzVcYkocUE1Auw9-8jHCs2eFHSS4wMV...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=uiediYpZRVZ_QRTVHxPs8LnVm6Y&google_push=AZmPxg9VmXCF9XpkYTf_wFzBS02Nqdj-Wan7f4pxjkX_ycnF4Dwu828wzVcYkocUE1Auw9-8jHCs2eFHSS4wMVnEmbkfejP7gnh9Iw
Requested by
Host: 17b0de2947672e3435c036d26a10ff7b.safeframe.googlesyndication.com
URL: https://17b0de2947672e3435c036d26a10ff7b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Sep 2022 18:31:25 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=uiediYpZRVZ_QRTVHxPs8LnVm6Y&google_push=AZmPxg9VmXCF9XpkYTf_wFzBS02Nqdj-Wan7f4pxjkX_ycnF4Dwu828wzVcYkocUE1Auw9-8jHCs2eFHSS4wMVnEmbkfejP7gnh9Iw
Date
Thu, 22 Sep 2022 18:31:25 GMT
Connection
keep-alive
Content-Length
244
Content-Type
text/html; charset=utf-8
us
sync.go.sonobi.com/ Frame A35D 		0
498 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsonobi%26google_push%3DAZmPxg-fozvtFXcDiOnrilSRcn0RI49R4jh4XRIgzAIKtlYJWNuD8Y2hzq-XDNcri4xANu66jkcFZmf9taz46oYRqSrhylKYAtz5qg%26google_hm%3D%5BUID%5D&google_gid=CAESECpFhTgiGfaQyqP2HtaksrU&google_cver=1
Requested by
Host: 17b0de2947672e3435c036d26a10ff7b.safeframe.googlesyndication.com
URL: https://17b0de2947672e3435c036d26a10ff7b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.166.1.10 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 22 Sep 2022 18:31:25 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-7-22
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
text/plain; charset=utf8
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame A35D
Redirect Chain
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEMDM5L11zjfdRhEWnNU9UYA&google_cver=1&google_push=AZmPxg_CPyfPjejzXx-XZXdb6MfmvsiCFzh7bbVIih-3F0Z3sxmDW4DUu7XUdAQKfPSoyrL6HFIcVRjQcUEp...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AZmPxg_CPyfPjejzXx-XZXdb6MfmvsiCFzh7bbVIih-3F0Z3sxmDW4DUu7XUdAQKfPSoyrL6HFIcVRjQcUEp-YnIsOd58lh2O4jeXg
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AZmPxg_CPyfPjejzXx-XZXdb6MfmvsiCFzh7bbVIih-3F0Z3sxmDW4DUu7XUdAQKfPSoyrL6HFIcVRjQcUEp-YnIsOd58lh2O4jeXg
Requested by
Host: 17b0de2947672e3435c036d26a10ff7b.safeframe.googlesyndication.com
URL: https://17b0de2947672e3435c036d26a10ff7b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Sep 2022 18:31:25 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AZmPxg_CPyfPjejzXx-XZXdb6MfmvsiCFzh7bbVIih-3F0Z3sxmDW4DUu7XUdAQKfPSoyrL6HFIcVRjQcUEp-YnIsOd58lh2O4jeXg
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
pixel
cm.g.doubleclick.net/ Frame A35D
Redirect Chain
  • https://tg.socdm.com/rtb/sync_before?proto=google_ebda&google_gid=CAESEPohff0dT-Zj2_TjEoyuLew&google_cver=1&google_push=AZmPxg9t5K8FPqZJXV-cHR-Jjur3VfZJm2BeQ0mJcem_qX3Pe4g2vnfX7YgGlZNmC3SeTcE04Pg3p...
  • https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=AZmPxg9t5K8FPqZJXV-cHR-Jjur3VfZJm2BeQ0mJcem_qX3Pe4g2vnfX7YgGlZNmC3SeTcE04Pg3pqABvPJ0ocDPtNl9ATyLC_Af9A&google_hm=WXl5cC1jQ...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=AZmPxg9t5K8FPqZJXV-cHR-Jjur3VfZJm2BeQ0mJcem_qX3Pe4g2vnfX7YgGlZNmC3SeTcE04Pg3pqABvPJ0ocDPtNl9ATyLC_Af9A&google_hm=WXl5cC1jQ284WG9BQUhzR2pJWUFBQUFB
Requested by
Host: 17b0de2947672e3435c036d26a10ff7b.safeframe.googlesyndication.com
URL: https://17b0de2947672e3435c036d26a10ff7b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Sep 2022 18:31:25 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

X-SO-Cluster-ID
62
Date
Thu, 22 Sep 2022 18:31:25 GMT
X-SO-LB-Data
{"ban":false,"clean_query":"\/rtb\/sync_before?google_cver=1&google_gid=CAESEPohff0dT-Zj2_TjEoyuLew&google_push=AZmPxg9t5K8FPqZJXV-cHR-Jjur3VfZJm2BeQ0mJcem_qX3Pe4g2vnfX7YgGlZNmC3SeTcE04Pg3pqABvPJ0ocDPtNl9ATyLC_Af9A&proto=google_ebda","cluster_id":62,"gdpr":true,"ipv4":"0.0.0.0","key":"Yyyp-cCo8XoAAHsGjIYAAAAA","privacy_sensitive":true,"uid":"","upstream_id":"m-ad318"}
X-SO-Ads-Time
4
X-SO-Key
Yyyp-cCo8XoAAHsGjIYAAAAA
Server
nginx
X-SO-Upstream-ID
m-ad318
P3P
CP="See also http://www.scaleout.jp/privacy/"
Location
https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=AZmPxg9t5K8FPqZJXV-cHR-Jjur3VfZJm2BeQ0mJcem_qX3Pe4g2vnfX7YgGlZNmC3SeTcE04Pg3pqABvPJ0ocDPtNl9ATyLC_Af9A&google_hm=WXl5cC1jQ284WG9BQUhzR2pJWUFBQUFB
Cache-Control
private
X-SO-HostName
m-ad318.dc4p.scaleout.jp
Connection
keep-alive
Content-Length
0
X-SO-LB-Hostname
m-tgng22.dc4p.scaleout.jp
X-SO-IP
185.213.155.166
pixel
cm.g.doubleclick.net/ Frame A35D
Redirect Chain
  • https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEJvTZ4m7aOVpa3__LihqwLo&google_cver=1&google_push=AZmPxg-nwZb4gRJWu...
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dxandr_eb%26google_hm%3D%24%7BBASE64_UID_ENC%7D%26google_gid%3DCAESEJvTZ4m7aOVpa3__LihqwLo%26goo...
  • https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NDQ2MDcyMDU0MjMxMDcyMjcwMw%3D%3D&google_gid=CAESEJvTZ4m7aOVpa3__LihqwLo&google_cver=1&google_push=AZmPxg-nwZb4gRJWu4WtDlwdt-g9di4613...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NDQ2MDcyMDU0MjMxMDcyMjcwMw%3D%3D&google_gid=CAESEJvTZ4m7aOVpa3__LihqwLo&google_cver=1&google_push=AZmPxg-nwZb4gRJWu4WtDlwdt-g9di46130jPXIApa9yjyarizzUuOk7SV0o3sYb_qGtZJpz6eM_qxKPhtMoe4QMKcgpH0ybN5fXkA
Requested by
Host: 17b0de2947672e3435c036d26a10ff7b.safeframe.googlesyndication.com
URL: https://17b0de2947672e3435c036d26a10ff7b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Sep 2022 18:31:25 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 22 Sep 2022 18:31:25 GMT
X-Proxy-Origin
185.213.155.166; 185.213.155.166; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
1c761c68-d0fb-4cb7-bca1-6e4d2576902a
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NDQ2MDcyMDU0MjMxMDcyMjcwMw%3D%3D&google_gid=CAESEJvTZ4m7aOVpa3__LihqwLo&google_cver=1&google_push=AZmPxg-nwZb4gRJWu4WtDlwdt-g9di46130jPXIApa9yjyarizzUuOk7SV0o3sYb_qGtZJpz6eM_qxKPhtMoe4QMKcgpH0ybN5fXkA
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame A35D 		0
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JirAJxO24c8cIywXxUTW7OdalaTAWUdBTkZcNfESlPgZgpuzpxMFXfsl0mmHdEFF7KcLeLAw
Requested by
Host: 17b0de2947672e3435c036d26a10ff7b.safeframe.googlesyndication.com
URL: https://17b0de2947672e3435c036d26a10ff7b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:25 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
css
fonts.googleapis.com/ Frame 57A7 		4 KB
509 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Work+Sans:400,500,600,700&display=swap
Requested by
Host: client
URL: about:client
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400a:800::200a Zurich, Switzerland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c6d229fd71143f36b3de274a7457709f8e268bdd2a303f232aa005a5aa358d5c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 22 Sep 2022 17:17:14 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 22 Sep 2022 18:31:25 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 22 Sep 2022 18:31:25 GMT
all.css
use.fontawesome.com/releases/v5.5.0/css/ Frame 57A7 		50 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.5.0/css/all.css
Requested by
Host: client
URL: about:client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.133.15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9e4cac65c7a5ee0bd0743afefcabdd3e73854e1284ac9ac433813d6231f550f2

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:25 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
20759560
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
KM9WC41QGTX7314V
x-amz-id-2
TqDxe5m1nS2C2HKJ9SMMtMLcj2P4narsgLwmcYcxIk7ANB1KgDzcEqrWwy2kRUs3bR4KzxnMk+U=
last-modified
Wed, 30 Jun 2021 15:43:32 GMT
server
cloudflare
etag
W/"1cc6c92172d124fbd305ba3d8e263333"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vP8ctqyjZJpHsqVM4tprw%2Bz51DQ%2Fxr5tZWq66E9JqDIfYSzQoEVkF%2B4r8p33ayrVBl1fEkiIRvs9SE4zIsR%2BY6N5TT2WiC3Tz7U5BxOZEdzJNhQq3E2eftIdPtgzm0bhjPYXHV9O"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31556926
cf-ray
74ed1e1028e49295-FRA
collect
www.google-analytics.com/j/ 		4 B
24 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j97&a=1388760453&t=pageview&_s=1&dl=https%3A%2F%2Fwww.staradvertiser.com%2F&dp=%2F134cd2a0-7eab-4f89-ad56-f416cc5743c6&ul=en-us&de=UTF-8&dt=Hawaii%20News%20%7C%20Honolulu%20Star-Advertiser&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aHFAAEABAAAAAC~&jid=1171405508&gjid=592085815&cid=1040327165.1663871479&tid=UA-123718506-11&_gid=773932396.1663871479&_r=1&_slc=1&z=2131837674
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.staradvertiser.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 22 Sep 2022 18:31:25 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.staradvertiser.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
geoip.instiengage.com/json/ Frame 57A7 		243 B
434 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://geoip.instiengage.com/json/
Requested by
Host: product.instiengage.com
URL: https://product.instiengage.com/ceu-code/e5666664-52a2-4b8b-bca2-c3f0a6d328e9.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.82.239.242 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-82-239-242.compute-1.amazonaws.com
Software
/
Resource Hash
9338b2f2bf36668c9ecb49cda4459b8d8227c5f031abbe917891f213b1991863

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-origin
https://www.staradvertiser.com
date
Thu, 22 Sep 2022 18:31:25 GMT
access-control-allow-credentials
true
x-database-date
Wed, 21 Sep 2022 23:35:47 GMT
content-length
243
vary
Origin
content-type
application/json
logo-insticator-light-opt.png
static.instiengage.com/files/images/embed4.0/app/ Frame 57A7 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.instiengage.com/files/images/embed4.0/app/logo-insticator-light-opt.png
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:d600:17:5bae:c7c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c7ed7ef9182dc5206d1b7a8038bcfe2b57fc1be96d78b75152e9b713ca4ef2d6

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id
T2IjPTIo4qchLnC2G3GrIcEa98kcWaxz
via
1.1 a962efd99fafcdb81ca24e0e8140a67c.cloudfront.net (CloudFront)
last-modified
Wed, 13 Jul 2022 16:30:10 GMT
server
AmazonS3
age
262
etag
"591958545714b5567fc57c2f4c215b1c"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
date
Thu, 22 Sep 2022 18:27:05 GMT
x-amz-replication-status
REPLICA
x-amz-cf-pop
FRA60-P4
accept-ranges
bytes
content-length
3973
x-amz-cf-id
GWplLtWdNwoO4A0R_UMqmaw4idR0yH_mRtGlou9K8ybKFBI0DPs6EA==
icon-check.png
static.instiengage.com/files/images/embed4.0/app/ Frame 57A7 		649 B
1022 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.instiengage.com/files/images/embed4.0/app/icon-check.png
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:d600:17:5bae:c7c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
151c4c52c25dd28c33321aaaeabe879c4814087d4eaf7545d93f5d81d4d1c4f3

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id
LAzj2T9To4nJbbC7ZHWfpQpTuFxrgcvY
via
1.1 a962efd99fafcdb81ca24e0e8140a67c.cloudfront.net (CloudFront)
last-modified
Wed, 06 Oct 2021 18:59:06 GMT
server
AmazonS3
age
212
etag
"b673377b664a0b33454c267d911fcfc1"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
date
Thu, 22 Sep 2022 18:27:54 GMT
x-amz-cf-pop
FRA60-P4
accept-ranges
bytes
content-length
649
x-amz-cf-id
7-uJK0XZtTeTdBblyQ1gT6w5U60m-BVE-dEEBwZx59yBiF1dXH-F2g==
graphic-ooc-opt.png
static.instiengage.com/files/images/embed4.0/app/ Frame 57A7 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.instiengage.com/files/images/embed4.0/app/graphic-ooc-opt.png
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:d600:17:5bae:c7c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
695ce10188e5306fcbf679b7cc125b6eac681d124a85a5908bbd8d0079a47e9a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id
eOMnJSzBI81wb4OK.n4S.oHVD4IqRrSP
via
1.1 a962efd99fafcdb81ca24e0e8140a67c.cloudfront.net (CloudFront)
last-modified
Wed, 06 Oct 2021 18:59:05 GMT
server
AmazonS3
age
127
etag
"3b5c1361f893cc23b07c2f3cc48cee32"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
date
Thu, 22 Sep 2022 18:29:19 GMT
x-amz-cf-pop
FRA60-P4
accept-ranges
bytes
content-length
4833
x-amz-cf-id
yr4E5cCwKOOpI0ITS9JbbJcF0GeaY0zo_0JZ-HfjKFsJw8Hi53wLzQ==
contents
cms.instiengage.com/v3/ Frame 57A7 		19 KB
19 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cms.instiengage.com/v3/contents?embed_uuid=e5666664-52a2-4b8b-bca2-c3f0a6d328e9&cookie_id=null&content_order=ORDERED&for_embed=true&content_count=20
Requested by
Host: product.instiengage.com
URL: https://product.instiengage.com/ceu-code/e5666664-52a2-4b8b-bca2-c3f0a6d328e9.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.82.239.242 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-82-239-242.compute-1.amazonaws.com
Software
/
Resource Hash
4b08a4e1249d15a5528ca608417b9eea11b7950b4d8ac9f892456ebacb26b488

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-origin
https://www.staradvertiser.com
date
Thu, 22 Sep 2022 18:31:25 GMT
access-control-allow-credentials
true
content-length
19223
vary
Origin
content-type
application/json
view
securepubads.g.doubleclick.net/pcs/ Frame 335F 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstVCQLWLXk6cJBfETpb0G4Ly5BSDhs25hOLz__xbEypRIWsAxTDIP5BxvVQF96JpLegj3az1EJf32xDVXeEEaogFmOivW-RShIcxIADd7OwFQ4mWQfB9yZxKBlKmSRVZz3y2jpaCXgFbk1_2MKY9dB9ldKMkcwxsc7Txk0ann7DIcU7zTnYkUBJy3ghiIrb3e2_Prnr3iQo37VuP8wx6XngIgUETtDtVhsz2kGLptW16mqUulZ13hHCuZWU5uYAC5BgZFVMZN2cLN2KZ9uXi2sk71w1eBQD1-GZ8_viFjBIZaWGXPh7YC-DWgrk9KHBFBLp8kdtcPOehI2O2uRXmgBuurt5iNyjBUda&sai=AMfl-YR7hsmivG5p3HYiCQlyW8qwfwZYBB2Kf-cO4YIwTF-SPc3K80HKW_Po6VjFxlc7K1mCYMXGKEZ5DtMbG64t-bJfzuU4e_dzHG84dyYE7GtiirEXFqrjjSnTF-N33MvzetyfvEvc4eBdPfuMGPSQqQ&sig=Cg0ArKJSzDrHbnQ7iWwPEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 22 Sep 2022 18:31:25 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220919/r20110914/ Frame 335F 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220919/r20110914/abg_lite_fy2021.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0c2d5358c7df05018004b5ff5434f854385d8fe8a64593901d9ae662564592d3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:12:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1128
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9574
x-xss-protection
0
server
cafe
etag
3447265524526809024
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 06 Oct 2022 18:12:37 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220919/r20110914/client/ Frame 335F 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220919/r20110914/client/window_focus_fy2021.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:24:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
431
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 06 Oct 2022 18:24:14 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 335F 		140 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0d71b1f9bb2c1439edff9c640fedc7e649eeaa3a1d5b5b08199a6877b3328a71
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44544
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1663587528796173"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 22 Sep 2022 18:31:25 GMT
473814325554434780
tpc.googlesyndication.com/simgad/ Frame 335F 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/473814325554434780
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2134c475d6915ec706aa8aec9b78d83297cfaefbf42c70ed818766168f7c73dd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 09:41:19 GMT
x-content-type-options
nosniff
age
118206
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11470
x-xss-protection
0
last-modified
Tue, 27 Jul 2021 18:58:33 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 21 Sep 2023 09:41:19 GMT
container.html
a132e780e94323eea01bca5efa1eeda0.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame FB35 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://a132e780e94323eea01bca5efa1eeda0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gptprebidnative/202209061116/wrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.staradvertiser.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 22 Sep 2022 18:31:24 GMT
expires
Fri, 22 Sep 2023 18:31:24 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
all
csm.eu.criteo.net/ Frame 6E1E 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=CpjZ3NsDNmC2JH9rFX7NDz55zDmQUcZtLU4z9xWoYeDbIcuURKtU_bqYgUxKTnbe7RaZtVkZgQMcGUThddSRm-wKXARUzcT_60klW4bNty_iFnfIF7x6ikZbjyMXo039y3Fi8hgqQtKnOnjvC7TQNnWITXrNk73sSyZAIn4znGeSl85ZcCcefCnT33AwmgLlWi68-AoapIyxaHENXnwGvTN3YO1eE2VdWmzlVUBZ1GhlFnYfLkz6c3PonfcfFm8znpyRTlN8NjktkEbe&sds=2&rev=82884&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yyyp-AAPLOUIu-UwAAUbuxe_kjS-X3qD5Pr_xQ&u=%7ChIUXIrGDpJK759hFcJIrfPzCzTrExvh6vYUvpezIPF0%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNy44cDHK1QYNdJ71gdyCWvylMYxXMLCj4fODidRdwMR55tQ-B9hy0g4MQ3Y2uLD3JJ7lEKfzn4aGxZFJgNB2TpNcNBw4A1xZ6hsv-V10fUCPEi72bbOVQPHldwVW2uHxuCq4e4SNc2fb-DRN3AaoZ3PFtmUBb1kM79_wXOVk_cQc8ypAxD1Qv-jcaGvgyYe7flx0YZ7PFy5sHXBjw4zHU8jjmfgHAGfFlq0_eyR1Ln5PnpOt1-gog_Y7efWSSEAW82QmtxSFvyIcgpTHMcqqX9FI60hyHP8fXPxib_s4coQ-SmlYTtxG3t6gKs-swQyhBBEUql04uvN1p2xmq66EnPlkmcSa0QEXwcZjcejqt3NxUD9I1LYt9J9Nv-uT5caTYeLczIGXGeKhTLxb5ujisZqW7X-YDmA3npTW6ewAKP8ktrCQBc71UgBzNEgqBKS9LS1UIPs2QsxOuu_EtiHsu3nKbGiPMxiNFSnMPUNpIusmw_-S9pH5KCrdbAVYQzHykxHH-iGKz8sEAangpklUbp5n5XzAhB2E4KApbU8SJhFvSzz5aqsVC11ANz6IDFNOr3RD-BCn7cAiFhf6ZfDVq3IglhWwx37exlo2n1S4bE3o7LJpZhWhZdQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCLlUY-KksY-XZPLDK7_UPu7eUqArJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTMyMzg1NTUyMTg1ODg0MzmgAdW20uoDyAEJqQJRkiwkv3iwPuACAKgDAaoEjwJP0Mofhcty9SdKssCL--yyKdEEj07NcYmeTiMNaDF8KIlSN45dcYgbb8oo7GbkW-5o2cDA6R8f-bpIAdjAcy4PypA0GdKnhcEa6uO-R8ck951VHojpHAR4BUcuyy3R2gQdy8n8SSTH-qwsYUdcnKUeuXlbvy96hmbTl0XdZxYFUXv9LVQDGerg304JhaDHZOjil4o-eOpJR0NH8u0qLSZtf-cCffFmmvGdgXASr9gf6ciQTG69A8m5nXP03TQqjxRFHwihpRjkFOvNSJGXZaJOe2GKugYLbM4bWMowFRCe0kkkT1sUFjNKxJJdQ4tV44VA7qexylPXgS_lQcJMoR4lLIAYyZMu846pMn74Zjh24AQBgAaWmt3Y0N-Y5osBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YBwEAEyAusCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0q2SxgFUiv9khkeoSN-tKeMIVBVw%26client%3Dca-pub-3238555218588439%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.162 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Thu, 22 Sep 2022 18:31:24 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;
collect
stats.g.doubleclick.net/j/ 		4 B
25 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-123718506-11&cid=1040327165.1663871479&jid=1171405508&gjid=592085815&_gid=773932396.1663871479&_u=aHFAAEABAAAAAC~&z=1599098483
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4025:402::9a Den Helder, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.staradvertiser.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Thu, 22 Sep 2022 18:31:25 GMT
content-type
text/plain
access-control-allow-origin
https://www.staradvertiser.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
QGYsz_wNahGAdqQ43Rh_fKDp.woff2
fonts.gstatic.com/s/worksans/v18/ Frame 57A7 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/worksans/v18/QGYsz_wNahGAdqQ43Rh_fKDp.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Work+Sans:400,500,600,700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
97e82d8eac8d106b28abf1b716982c40c06fffe49cc2f34cd1c299266745ef73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.staradvertiser.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 19:25:31 GMT
x-content-type-options
nosniff
age
169554
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47728
x-xss-protection
0
last-modified
Tue, 23 Aug 2022 17:55:22 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 20 Sep 2023 19:25:31 GMT
QGYsz_wNahGAdqQ43Rh_fKDp.woff2
fonts.gstatic.com/s/worksans/v18/ Frame 57A7 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/worksans/v18/QGYsz_wNahGAdqQ43Rh_fKDp.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Work+Sans:400,500,600,700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
97e82d8eac8d106b28abf1b716982c40c06fffe49cc2f34cd1c299266745ef73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.staradvertiser.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 19:25:31 GMT
x-content-type-options
nosniff
age
169554
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47728
x-xss-protection
0
last-modified
Tue, 23 Aug 2022 17:55:22 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 20 Sep 2023 19:25:31 GMT
all
csm.eu.criteo.net/ Frame FF42 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=JPqa1tsDNmC2JH9r_48Qnt2Cwk8lfpEEU1uuwevgowCqw1Tv8lR-MwTTt91p3JfOqpg1XWrcGO2udQCP7-33s82wOovGKC9XEqohFlwX1QDKW1uzuNHOsWu0JSUQTAo9BESxovgdXy4JnFyw1d40evDSukPEie7LB5l6mM2twEPIAxwUC8x_FSqT5hRU-V8-wI03Fcodp6aUUWjmwu72cracPNyP6IqVeDp2BiXC4ExGnnu_GD6V4HKzeY1YMOQ7afGO1g&sds=2&rev=82884&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yyyp-AAPLO8Iu-UwAAUbu6ATRCWZyvoag5SHug&u=%7ChIUXIrGDpJLE91T41VdP1QqeHXE1ueDWpukZm9DeKWM%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANZE5PA-gwcExOc4fDdBFkrmfhkfAt6HIWmOd02SfG27iABCa-gZ4QnmR2GsviQVGam_af1ScQc3kOMOAwYRqJLyqucb5imnzI7qjQPWBQiJCzleM1PQX7_dq6Q5chDkCeP7nYFqajOQnv_oXgGArTbmN_HIyopxe2oW2gANA4IU1SxJscmLbdPuClTnoFFM5SjEVK9IwKEW5d9N2kIH0ZmDcvOChObf4HU0nOauCBlUZRppf2ihM3wTk3KEFo363oyoA3YHLL06ew-unYFH2iDSOw_0KlvUWGf89OgUdTGgjCv5rwG28GetA6aS5oRMjhBDy9TUgAgl6hXAXo6mB44Pt9vaR6QhFOGOHLSD_5YrrQBQuNQtbsqiQgrnancVjuTTVRcJwRAv3zPpUopyWu14YcwWOghBj5T-3MlhZjg69m3jd8DQB4Ch9s6TmRH4yJhEXLBMjIV13CGGmxMCQATfF4Vs4FitmXei9SpuO1SVD6U_cmbo3CIcOPtTS45ehtuRlSNcbgFPOS0G08FWtm1jciFrjHZ3tzllApI55K-Yz9_AbZdeJKHE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCSzQ2-KksY-_ZPLDK7_UPu7eUqArJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTMyMzg1NTUyMTg1ODg0MzmgAdW20uoDyAEJqQJRkiwkv3iwPuACAKgDAaoElAJP0IGe1f1aPfJuwKhBjEX4nlbcW60HbisKyMx0oJhOJsuTH0MuvTLCh6uS5cNmHXhSsgw3CX4ccRZFvQoRJT1t5FehBmHnfcyg1Czv7lpMXtghgn8rlXwZ6aUWLRKk94nRRjn2apw0SI98kOtvu7HcqtLMilbiXmEuVRqLMKbHWTPc6_Yl0gTSzCxV3dvqqFglnBMPDDjv_L1AZN1H_C6PJ58aTOyi-F368GCRffTa5NYexW_Z1CG0lA3UI9KBdAxaxIfZ7bn1o9l1AfL_XCTvCJc3W2-knBT49vvg5RO1W9LK90sAe0oPF308kSnJAj3n4t07kZOJCo-ncJdHc9E4R058xwjTPkn-9aHqyYjPSFq8FqPgBAGABpaa3djQ35jmiwGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgHAQATIC6wI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2S_66pDEEever9jLoLHtRIWF3m6A%26client%3Dca-pub-3238555218588439%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.162 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Thu, 22 Sep 2022 18:31:24 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;
adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 4F42 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.23/one-ad/default.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:71b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-goog-hash
crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
date
Thu, 22 Sep 2022 18:31:25 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
20775767
x-guploader-uploadid
ADPycdvuqSd5z7x-P6zciDvJguhfevnTZzPv-sFvdv4VVTj2cCVUndir5fZqBzjNPOlq80uW-sAFhIkV33WDoT1aRSnwIseHrQ
x-goog-storage-class
STANDARD
x-goog-custom-time
1970-01-01T00:00:00Z
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3262
x-goog-meta-
last-modified
Wed, 09 Jun 2021 12:35:14 GMT
server
cloudflare
etag
"794c84d30e213ec6a144d64215f07551"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VzOR1SIiwuV40pQdtTgCKxX4S9Tc2NGBfSkcNZsZnMEGAWHQ%2BCcWoXkrJfUbEr8jYWWRjfpCo7kcVh1dxrpIirjcf3gSz6I7EvkjPKnF%2FJCTM14liFG51dUeMj93rOaKiJs6YAKSkaExfJIBRFtHWr5h"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1623242114099744
content-type
image/png
cache-control
public, max-age=31536000, immutable
x-goog-stored-content-length
3262
accept-ranges
bytes
cf-ray
74ed1e0f29426997-FRA
expires
Wed, 25 Jan 2023 07:28:38 GMT
usync.html
eus.rubiconproject.com/ Frame 23EB 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: d29xw9s9x32j3w.cloudfront.net
URL: https://d29xw9s9x32j3w.cloudfront.net/players/library/prebid/6.12.0/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.staradvertiser.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 22 Sep 2022 18:31:25 GMT
ETag
"40014-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
frame.html
ad4m.at/ Frame BC63 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
2413574
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
public, max-age=3600
cf-cache-status
HIT
cf-ray
74ed1e0f0a30696a-FRA
content-encoding
br
content-language
en
content-type
text/html; charset=utf-8
date
Thu, 22 Sep 2022 18:31:25 GMT
expires
Thu, 25 Aug 2022 20:10:16 GMT
last-modified
Thu, 25 Aug 2022 14:12:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hcfb98XzrSnd0cx4oTE%2BdAjY0PlzAHqV7Jyz04Ql6%2B2u6VMBN%2FzIgLySsHpWHHFbJxzHgH3ACRiB93BP3fyzqfWn6n4lqs9ATtH25YrwVgf7yde9CNkatb03vq3SW8OoaV%2Bh2kg%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
truncated
/ Frame 335F 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3580e8c3b1bda26a8f253377b00b267bd295e6cfe846c152df10d43d8654756c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type
image/png
pixel
googleads.g.doubleclick.net/xbbe/ Frame 0FA0 		624 B
297 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CLnBuAEQhp3m6AIYg4iG0wEwAQ&v=APEucNWwnsL171Zx-5kJWqgKOE_5g0H8ZupGYVp4-X93B7DhWCPJbW_wAmPB9rGRKpXhe6K-r_zW2SXP71aBKx_YI2d-wvyPVBbAucuWm5dKIANUJerN6xqXsN9UJzGQdv4I7S-Zwg1lT2-2LHoEwGC7p2qBU6YAlY9ohHHZ0W6bpWWO1sEzN4M
Requested by
Host: a132e780e94323eea01bca5efa1eeda0.safeframe.googlesyndication.com
URL: https://a132e780e94323eea01bca5efa1eeda0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://a132e780e94323eea01bca5efa1eeda0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
276
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 22 Sep 2022 18:31:25 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame FB35 		87 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CbjMNQv916XXO8BPBokl5cvwh6hfQa_paY0aqduKcrQ2VYAXeN9-9mW_DBOxonY6e3HOYlZrgMj147SmZMm7k4sei-THX5RVFi0OVYmdFyA0LhKtUDZaDzRramBeMdWxNiLQa78P4J1_1P-5V43r02LdLRuw&dbm_d=AKAmf-C3TuJmYNkugPJNxDrEkCe5fHsPnqkE6AvyEYCtxAaTwxulGzrmdrqT69KmCXW9mO2tkn_ORoX28T-pFuiPYuZobNFY39iHWcZk0iuej1Be-w6MSf4zgNsTVb-leg8L1N4ihaWZxcHERd-sb60RAuLWjhIU9-VmJSZgS8GsdG_PfS4FjBZBy723G-VDn71wPBoJIfWkfOz0rtAWUed_U9T41Ilk4BJTV3oakApxzsiMUjabVuSPXLZ9l76M6qpVs2D8EGPweHTjEu3FgrRt45EWRklox49c-vHaXIUHML1vgunkQJ4CZFf4qeRomXt9-M4jwoKYLkpySigDHHbfVqHOpQzNO1SXxK958hg8EDW2Vt2yC9T5NEODwnKHbVmcb3uRss-2xMKvvF11csyABgsES5JCOZLAszwE0RmCJSDOZT6aahg84oVng_1PmF8EvjWRTVYKNsKhzH7PJb0C8a2DuSDLXX0r0PE4vxkuiELr7uJ-dkhJeYk-TeDOrxbuxslkY8zjg0pG_EH_nIczU2QmFKsvbHa4oYPGztYwARuLY204DPJFOM83w67gWDg2mkbimaEXA7o6EtM7noXFHCjxct5EI82Ad_hnoF8BUswMvJfvxIMhi62L4FxfXsEGxzMjTpm07yyva8SiCZXGqM_OMCatHl04x3-fhQ8S65PAw1v0U3XNnMCYTPPgRFe1zkY0yHasOjz4TIcCDEy-YCNxyTS_4wOAymQ2GMB4mYrlWAUOKywT9Hy5RvYX7Q2ECiM_Fic_SUGCJENHtW_8U8fWe_Jxms-uQHuj188Rdwvy1LTeCZXpIbqC6KWwK5ycUdQGITD3icJ12R3NmBCn-84T6_kV9ExOj1rrF9OUHTfQoMyolQXvu4mtTzL-dDu2M_ERrJry7wgV4BCK6knp_fGs1BREhSnWtRtBRRRwDpTweOpGVMJBg1l4sXqNAFjByXf48M2TtKid63yjEGfB3WVld8qq2GmhDihVip10M1AkJJeXcFV_AxpTMQcnG5MLcMSqRQMOffMZG3_wBenzexA5FKVigmRaIvRT5GnlIYDSFamOTpby3VRGgceepEsBwFCl-TbUmaBg99RY7tM0rHhgjZsm9P_IKDZFi5ZO1Z3_i0L3Qh5sMRsykdymXlOmB2NTVZcY1huA3nh2BUx8XJX6n389ar6TBeVbkDXmQo9cS7iHUXrNEXO63CMddRkvVUzA1yKos76_UL9bQZ0DvbxPwhaqnrxVhJN2JynHaBCIPd-tq2iJsijkY7iPzjsGANu6Qyt3LzsGnQNLNhgnkFFL49VGrdhzwme3-P7FRkQKZ_vaqmN40jrX6X5IYnrfekjIfBo2ReroEVJvjNZ6ZBtk01kTHdeX_O_soDiAkCEJyP04L7xvWFSmznTT23nRL0LvMVkDJZJXqlPuGrnQLZmg8wg-D0b41-a7yDyEWeX4SnI9JQDLZ04buJ_gNju9KvwTPiIwVZzWiqHNGFj64aeloD5k8n1C6tTT4iuAP9SBVLgj5k538HJqZiBpjf0MjxJnOIxiJtMRhAIUi3Ixo8GFnEN6VYfjST8Y3CYQCZjhfZlFl-EfqUmiA9lEUWPXIkkCmpdxUKtaZ7nV6p402ljVFGJtYwvuTvFyKrF5eMWvEsyCxTV1nSzCtWihTBCCjaHtc7z64jJ3YvBffDYtFK9nVpEVzzwauC6OVn6jvFjOSoAFVT5SCU-DCp6kGnShtkRayMNhySIaDC4NmsLdqTnQrbVPkIloBluZvUp5qB3dBOZXiTE_AqmbkegyKNxtGUkkJrmUNNoUQr3sHeYBtP91YtXDRZmMLPmNIFTI0jThj85UAYm0D4CNQgvLSf5eWrDtQrqA48cj37uiivWsVegLiNBcAvTt00PI2gizgJMcDswUDWrDM5jaq9J99OIkVaV4xOQS9eAjjwob6YL4Bw2sSuMe-7HSGdSbMMavzWH2C4pmQyzgaAKS4T_BP6WS3soxJdanAnUru2Qmg-Dym9I20AEmLjIPteMoWRjZbNnkm0YzZ7TNZXQ9iAr-C3O1ZImBzYQgQgbwlE2R__vt55uL0x7ADtR__5GnqPWLKJ8pWSIUvsN7hsZhptoHchu6ZXELegFKyTouxHLOJ9fm8MtS7rDtgIfpcwopilSCNw2lseaLehhAluWb5TsXlwy-FQe24yh25JdoUpX8xKxqaxCo0LDFL_B_zulvB62yrRnkRQPWgevHJoR_75AkfomoZCqZRNTf7YsKP3uVApMagifY6Wux6eZAe0ksHY8aahh2GogqBakD_3l0Bs_TLnmhkCjHpUcqPV8_uZwt100QSjntM3bdlhhxz4o4WmfaSnYUyP3ThTeJEytsDmjLn1rGuBtCenVaeT2nYWXmRZpnzxGp3Avoumouv4jHFS99dLN5hwvOeYk6Rdrhb6Nc4AKBxqvtTQPAYMBqfZtzIc_FWEVzL56qj6-4HupjgBoYaiHmuBj3r7D2Vkx8JaYWi2F5yT7lktcaNAVxNoiKMc8LC_OZjfKTJkdgaIBOLqNCl0svPJsOfGl43GJqKj5dj5pgKb88URojBsaQ4g7yqlciOXrG7F1qSrStufPYjDFwgumXGNa2Y600KZItQcKacMVi69GN3ZwTtBVaeBJQFUubdJLkfn6bwHQdCW4qRSyIUITkwPZ4FdbG9kirFIhmNU-GBNK5ua-l8e6vdmcV2L1nfH9keJIk7G-R3DMeMerBEHAn5fP_k4EhNsEE6KfLZol2_vMe61ue1xlTtfX5A9v_ijWpppdlOC6Oc4DIXQyL5fbB-4EkDvHvhMxi9tVJnYVfoeHWwciMqYgHvuicjmrhMlB7Gn0mGepUs1udaD350jcYeCoL0N4PYLu7qYnDKjz4Mog658WH7aty5o4LfSAKZcaACzG9DcuNypEkXcwIAKZriwGL1z_FkkRiC5MKH7Q-Zvjy1AVEib0tm-XLoyRGQeZ327TFscBN-arEXg4tgiyBNpbIzcIzp3o-WrqU5xT1yHOehUfGx1Fq4NQaZlwQIGqIZ3HNZgqAFnNNOGMgu0yrW8olt1MzcELaJtZE3TeAzGqH8yE3Cgl6Q9Gc7rRsC3wCaUeBXqodWZb6bh35thqgwdCmo70AszMIEcjOYD_foHiX_G6i9oWowD2Rp3hROUuADUUAmRPCuqBUSDMR572u3A_B3UMELqj_ksxL5Gvr6hVpZvg_r5shgd8SqyDFXKhpV-1cSAWUWW_7_cEBaMe2lUNhqFrcRs_eI3bIaqo_guLWdQJ3_0M-b0bG5vjk1tTW2YA1a7edIaD-Fh04cfjMuqEQ04jRMsbdGK5VluBfUsKPxoRti9lnxmX1Hb3A_Db2RMAgRGwkgbMw7CxJPGsOojLQeI6Y-NJtmEDKgGxea4bMb3RoGLMPCd6FHl-j_h4R_HLdJDMrzbLt1re75se-ZX_F8Ad4MUcCdSplBfGXGpkC_gd0SHaLIw5LMdQALO4pEXMpWkJQJR-trYfSx2gF9uoKdTOJis7LTd8LLYIwS-6UP-4sIzqMSSyDL8yk-TfK4YCFzcVbM8q5XDKXhrgR0QxXek2i3ylBHMXXZnjnVFXiHz9N&cid=CAQSTQCsnQUxEbG4G-JumP-4QcTcWpM7_wABLO1BA8qQAutERRES5f7YxnlkAqjVS8Iwqct4UMJ53MCG3AvFHlbaggF--Wx2ojY0pdSuEAEs&rfl=2%2Chttps%253A%252F%252Fwww.staradvertiser.com%242%2Chttps%253A%252F%252Fwww.staradvertiser.com%252F%240
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fa2b165b3b8c9f255ecfd337c5f9e829fa6880c4d4236a8b19e5e7311f85dbda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a132e780e94323eea01bca5efa1eeda0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Sep 2022 18:31:25 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35411
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame FB35 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-B1rzIFxyk3i1DFCCwxJ0p-7fETSZesC5plY7BkMTCito6cyXK_u98MEMTVGuys8ObBwfMk-IbIGm5uBVsK1Z_QPdW9OpZB52OWSeMGDra3Q7GcjgI
Requested by
Host: a132e780e94323eea01bca5efa1eeda0.safeframe.googlesyndication.com
URL: https://a132e780e94323eea01bca5efa1eeda0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a132e780e94323eea01bca5efa1eeda0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Sep 2022 18:31:25 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220919/r20110914/client/ Frame FB35 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220919/r20110914/client/window_focus_fy2021.js
Requested by
Host: a132e780e94323eea01bca5efa1eeda0.safeframe.googlesyndication.com
URL: https://a132e780e94323eea01bca5efa1eeda0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a132e780e94323eea01bca5efa1eeda0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:24:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
431
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 06 Oct 2022 18:24:14 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220919/r20110914/client/ Frame FB35 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220919/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: a132e780e94323eea01bca5efa1eeda0.safeframe.googlesyndication.com
URL: https://a132e780e94323eea01bca5efa1eeda0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
343e8bb1ac79eaf674b71ae9b5da8696724016649576600cdeaf11b69704ea40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a132e780e94323eea01bca5efa1eeda0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:26:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
311
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7568
x-xss-protection
0
server
cafe
etag
16266204680973569043
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 06 Oct 2022 18:26:14 GMT
l
www.google.com/ads/measurement/ Frame FB35 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQmFb112jG1EMI_t_ZzS8inCV9l6GWmZnrUDbcN0WWX5a7WWEWuzIh9qiSF79SR7oKQEMHPgkvAS23NDaJDxFDWX-j8GQ
Requested by
Host: a132e780e94323eea01bca5efa1eeda0.safeframe.googlesyndication.com
URL: https://a132e780e94323eea01bca5efa1eeda0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a132e780e94323eea01bca5efa1eeda0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame FB35 		140 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: a132e780e94323eea01bca5efa1eeda0.safeframe.googlesyndication.com
URL: https://a132e780e94323eea01bca5efa1eeda0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0d71b1f9bb2c1439edff9c640fedc7e649eeaa3a1d5b5b08199a6877b3328a71
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a132e780e94323eea01bca5efa1eeda0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44544
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1663587528796173"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 22 Sep 2022 18:31:25 GMT
pixel
protected-by.clarium.io/ Frame FB35 		68 B
345 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://protected-by.clarium.io/pixel?tag=wt_RnNlZXpfLW5EeVdRWElKc2Jub0trS1RIWEM0LzI4OTYyMTcyNDA6MzAweDI1MA==&v=5&s=v31gdj7g1cl&id=eyJkZnAiOnsiYWQiOjQ5NzM3Mzc2LCJjIjpudWxsLCJsIjowLCJvIjoyODk2MjE3MjQwLCJBIjoiLzI1MDcyNDYsNTEzNjc4NS9zdGFyYWR2ZXJ0aXNlci5jb21fV2ViXzMwMHgyNTBfMyIsInkiOjMxNzg1MCwiY28iOjAsInMiOiJkaXYtaW5zdGljYXRvci1hZC0zIn0sInRwX2NyaWQiOm51bGx9&sb=undefined&cb=9474202&h=www.staradvertiser.com&d=eyJ3aCI6IlJuTmxaWHBmTFc1RWVWZFJXRWxLYzJKdWIwdHJTMVJJV0VNMEx6STRPVFl5TVRjeU5EQTZNekF3ZURJMU1BPT0iLCJ3ZCI6eyJvIjoyODk2MjE3MjQwLCJ3IjoiMzAwIiwiaCI6IjI1MCJ9LCJ3ciI6Mn0=
Requested by
Host: a132e780e94323eea01bca5efa1eeda0.safeframe.googlesyndication.com
URL: https://a132e780e94323eea01bca5efa1eeda0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.124.27.64 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-27-64.eu-central-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a132e780e94323eea01bca5efa1eeda0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 22 Sep 2022 18:31:25 GMT
Server
nginx/1.14.0 (Ubuntu)
Content-Type
image/png
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
68
Expires
Sat, 26 Jul 1997 05:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-123718506-11&cid=1040327165.1663871479&jid=1171405508&_u=aHFAAEABAAAAAC~&z=435158476
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Sep 2022 18:31:25 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-123718506-11&cid=1040327165.1663871479&jid=1171405508&_u=aHFAAEABAAAAAC~&z=435158476
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Sep 2022 18:31:25 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rs
ad4m.at/ Frame 4F42 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Requested by
Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a2b1f640d7ef845e7402ac76ab0b49bc2b457813f344eec3fdc7e9ddda7c0cf7

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
application/json

Response headers

cf-ray
74ed1e101ea091ff-FRA
date
Thu, 22 Sep 2022 18:31:25 GMT
via
1.1 google
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b7528VF1MUpuCaQFNjtV8%2F%2FUcDLRYaMGCKMItGwQExerOdfTl7%2Fv45mNIdSm7bRbJLjH1sHqN7tDsF5A%2FouZMYI9EWRs7o9licN291tQZ47%2FBBg7CpbwhF%2BkbtZwghF1vP39vpc%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
access-control-allow-origin
https://as.ad4m.at
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
access-control-allow-credentials
true
content-encoding
br
x-backend-server
aa-reachservice-group-europe-west1-h8v1
rs
ad4m.at/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://as.ad4m.at
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin
https://as.ad4m.at
access-control-max-age
1800
allow
HEAD,POST,GET,OPTIONS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
74ed1e0fbdef91ff-FRA
content-length
24
content-type
text/plain
date
Thu, 22 Sep 2022 18:31:25 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x6UZNr6uFlgz3JQELYYp9GQArcWWMbHfzIBTekanswYjNN2xiYbw0dBnVeC%2BNt4iDPU4ngjhoa4gSOmus847unLyiFX%2B9Jcj0SuAzXrVZ4l6D0bfOfrdlgVOTxGJNWrRrEYBN98%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
via
1.1 google
x-backend-server
aa-reachservice-group-europe-west1-h8v1
rum
dsum-sec.casalemedia.com/ Frame 0FA0
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEsYEQmi6aEu2d6RkX0jnJc&google_cver=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEsYEQmi6aEu2d6RkX0jnJc&google_cver=1&C=1
43 B
840 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEsYEQmi6aEu2d6RkX0jnJc&google_cver=1&C=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLnBuAEQhp3m6AIYg4iG0wEwAQ&v=APEucNWwnsL171Zx-5kJWqgKOE_5g0H8ZupGYVp4-X93B7DhWCPJbW_wAmPB9rGRKpXhe6K-r_zW2SXP71aBKx_YI2d-wvyPVBbAucuWm5dKIANUJerN6xqXsN9UJzGQdv4I7S-Zwg1lT2-2LHoEwGC7p2qBU6YAlY9ohHHZ0W6bpWWO1sEzN4M
Protocol
H3
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

cf-ray
74ed1e10a91a9b52-FRA
pragma
no-cache
date
Thu, 22 Sep 2022 18:31:25 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3RYahi38Uwg0gS9OhbcMbqhCA6oskbrkbMLL8yEg2SPnE9uEppJVEbQC0AhVvI5uXYOHT2A7M5u0%2Bdk436AbuMnMPo1r3Ojb3VO%2Ft4SMZBz81eQXJnrmWy94RjEkn3q85Osl3uuuWg4o%2BQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 22 Sep 2022 18:31:25 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PCtstHj%2FGbiOMRzgpDe3QA0XyU%2F5oDyBITH2LOa9wKOPhvu7dXBNWsDkiUxeTDPVTtmqscaNHPVdLx9wGIsceFBDCncAo0hDwo3dSlIqg%2FWz0iNA7eDq3CR7v5yCDTp%2B5vzDL6h7wEteSw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
/rum?cm_dsp_id=45&external_user_id=CAESEEsYEQmi6aEu2d6RkX0jnJc&google_cver=1&C=1
cache-control
no-cache
cf-ray
74ed1e1059f69b92-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
rum
dsum-sec.casalemedia.com/ Frame 0FA0
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Yyyp-Ttj082QvHNJVBjr7AAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEsYEQmi6aEu2d6RkX0jnJc&google_cver=1
43 B
847 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEsYEQmi6aEu2d6RkX0jnJc&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLnBuAEQhp3m6AIYg4iG0wEwAQ&v=APEucNWwnsL171Zx-5kJWqgKOE_5g0H8ZupGYVp4-X93B7DhWCPJbW_wAmPB9rGRKpXhe6K-r_zW2SXP71aBKx_YI2d-wvyPVBbAucuWm5dKIANUJerN6xqXsN9UJzGQdv4I7S-Zwg1lT2-2LHoEwGC7p2qBU6YAlY9ohHHZ0W6bpWWO1sEzN4M
Protocol
H3
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

cf-ray
74ed1e121b7a9b52-FRA
pragma
no-cache
date
Thu, 22 Sep 2022 18:31:25 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0Rfb%2FsE8x%2BMS%2FtsNjA%2F0JmD6W8U7YJSts0MRODuwCsoXazIRX6YCO%2B5RbajZzJMxl5C64Fg9SdgIXr8tnHcDBwcqZvhNX%2FxvY0u29tP9iuZzbsHzx2lZJRBlLmc9tfFtQdMNZ%2BoVjDneaA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 22 Sep 2022 18:31:25 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEsYEQmi6aEu2d6RkX0jnJc&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 0FA0
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEGWM2X_NxW_b34WQjHkpN_U&google_cver=1
43 B
1020 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEGWM2X_NxW_b34WQjHkpN_U&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLnBuAEQhp3m6AIYg4iG0wEwAQ&v=APEucNWwnsL171Zx-5kJWqgKOE_5g0H8ZupGYVp4-X93B7DhWCPJbW_wAmPB9rGRKpXhe6K-r_zW2SXP71aBKx_YI2d-wvyPVBbAucuWm5dKIANUJerN6xqXsN9UJzGQdv4I7S-Zwg1lT2-2LHoEwGC7p2qBU6YAlY9ohHHZ0W6bpWWO1sEzN4M
Protocol
HTTP/1.1
Server
185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 22 Sep 2022 18:31:25 GMT
X-Proxy-Origin
185.213.155.166; 185.213.155.166; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
fbe8b447-de4c-443e-b583-0d162b041588
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 22 Sep 2022 18:31:25 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEGWM2X_NxW_b34WQjHkpN_U&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 0FA0
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDQ2MDcyMDU0MjMxMDcyMjcwMw%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDQ2MDcyMDU0MjMxMDcyMjcwMw%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLnBuAEQhp3m6AIYg4iG0wEwAQ&v=APEucNWwnsL171Zx-5kJWqgKOE_5g0H8ZupGYVp4-X93B7DhWCPJbW_wAmPB9rGRKpXhe6K-r_zW2SXP71aBKx_YI2d-wvyPVBbAucuWm5dKIANUJerN6xqXsN9UJzGQdv4I7S-Zwg1lT2-2LHoEwGC7p2qBU6YAlY9ohHHZ0W6bpWWO1sEzN4M
Protocol
H3
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Sep 2022 18:31:25 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 22 Sep 2022 18:31:25 GMT
X-Proxy-Origin
185.213.155.166; 185.213.155.166; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
5821ca60-e8af-4dc2-9ed4-0ffc90126c4c
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDQ2MDcyMDU0MjMxMDcyMjcwMw%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame FB35 		170 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://a132e780e94323eea01bca5efa1eeda0.safeframe.googlesyndication.com/
Origin
https://a132e780e94323eea01bca5efa1eeda0.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 07:35:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
39365
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
60311
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:25 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 23 Sep 2022 07:35:20 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220919/r20110914/elements/html/ Frame FB35 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220919/r20110914/elements/html/omrhp.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a132e780e94323eea01bca5efa1eeda0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:30:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
52
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3181
x-xss-protection
0
server
cafe
etag
10699485926258732851
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 06 Oct 2022 18:30:33 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220919/r20110914/ Frame FB35 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220919/r20110914/abg_lite.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1a97a1a8b88f4fa4b1eff7a0b360e7b17459268ec07a8fd8001808f191b3b002
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a132e780e94323eea01bca5efa1eeda0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:30:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
75
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11738
x-xss-protection
0
server
cafe
etag
507854449507764401
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 06 Oct 2022 18:30:10 GMT
usync.js
eus.rubiconproject.com/ Frame 23EB 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
1219d714e27f186eb7bbf428f0553a2a5a32fd30e6321b10af81582c66fa173d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Thu, 22 Sep 2022 18:31:25 GMT
Content-Encoding
gzip
Last-Modified
Thu, 15 Sep 2022 22:38:47 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=35519
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9421
Expires
Fri, 23 Sep 2022 04:23:24 GMT
rar
as.ad4m.at/ad/ Frame F218 		11 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/rar?a=22451%2C24673%2C14019&b=PxefBfbfM5Qa9HjHbtMtR5KaJS9TPM7Fp%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2CRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7&f=bM4CQfZfmzVaYHbHzt8Cpb1tbSJT5WecJ%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CQxef4fjfbV7txH5HYt9CZekh6S4T5qBcV&c=300&d=250&e=&g=6139e630d8eac2fd633001bd18afc8be%2F17761228636701703322&i=25174%2C20430%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1663871485487&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jys3wdshqt1re4wx2kk2sb7gnzdes7842nxyfz7yba62spr2fybd20mzhpgwz7x45gtxgc9d9y5km7zvt3f2keb0byg7fn4mbxkfmz9yx1b1bv69f35zbxfm0trqfndp1x3zg6w8er6b0168m9zwj1t5r02r1edasyz3fx95kc2d7n7fnnzsqsjwjan6devb1bzra1ehg4rdmn1hg3cr6bdwpmxg6d960hjwxsxarwpftbqg1m2m2mbf773b9f9v10gvd8a0jygg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCSmuW_KksY6XOHJ6A7_UPlcOauAuQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0wNzk2NzkwODkwMzA3ODM4oAHCrujdA8gBCakCUZIsJL94sD7gAgCoAwGqBMICT9BIZrNJ0-QszY1qHJ8N5jL8qDWguT6AcoEWHPCPqCfWwdF15s45KM42xjk55Tr1aPdYXlwAEQEbpQ6dkyvcpLa-Z_vwk8P0N7uXK7uisaU5PS_8hhJJVF-6G4Lc2PiAl0-AZeOlZA2N0GCViLDaWf6twjp5T8eRNKRbVxweFElxsAiCoGtPtcIZRCNReTCYc8im5Fzv5QJi0hnYJJemvsqkej7UAoBOlV1RqyS9SwSEFnJy5q84baJ_KdPgllZPdDaqYvwed9sIUcZRrAgiilvw2fdB8D8haXzIO1udYif3GMmUFUWaDdhZ2mKx3ZeaXiMtHJZoyMduISvjutff-HXrXZ3VSCTQ5mze7_Fe1XfkQUfzPeSNcYjXwSlTV2Olv8uIk01ZCn1Qt8Yga3kg5KvxVGTquB71qBtjqS33OTqTbOAEAYAG8bq-wcyDn7X8AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0v7i0dDhmxlJ4mRiZUpnmuJBR6kg%2526client%253Dca-pub-0796790890307838%2526adurl%253D&y=1&s=&z=0
Requested by
Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ceac59c57563e396505d8250e2de7a33186b50d5fc86632382d2806bea857a3d
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://as.ad4m.at/ad/dr?ed=1h1y0sh83a7fypftge3n2ewyp45bkz01xnhsnyxb2p9zq24my27bc5qaqvs8940b6bcgqf1z9zgjwqyqbr4b6a811jm075k8f6qrnmf01ftwsq1hv9j1khqzkfpvw5waw85qk871s9t2a7dd0x2193cnhvtxs54h4tv66b0m5edq0vdzn9h0s10r9jqvesrxzprt45t0rzz1e1w4hvbddw09c33qxb57pzc8ck8q0a395gp4rfvkb4mm5py35w8p44zf8d708fqq9f1rfqbck9te2hgn9tf5hxnqjczcgq6w5vsbyct4c5z0rjtkbgmpf60b7npmzehpe3rrm5b242jmavkcfcyzpc4a7h59yhrg3dxs1j3jsw477ae5vhdjtcvfc56smx7nr3n2msyh12kx9ct7j8r51c&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCSmuW_KksY6XOHJ6A7_UPlcOauAuQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0wNzk2NzkwODkwMzA3ODM4oAHCrujdA8gBCakCUZIsJL94sD7gAgCoAwGqBMICT9BIZrNJ0-QszY1qHJ8N5jL8qDWguT6AcoEWHPCPqCfWwdF15s45KM42xjk55Tr1aPdYXlwAEQEbpQ6dkyvcpLa-Z_vwk8P0N7uXK7uisaU5PS_8hhJJVF-6G4Lc2PiAl0-AZeOlZA2N0GCViLDaWf6twjp5T8eRNKRbVxweFElxsAiCoGtPtcIZRCNReTCYc8im5Fzv5QJi0hnYJJemvsqkej7UAoBOlV1RqyS9SwSEFnJy5q84baJ_KdPgllZPdDaqYvwed9sIUcZRrAgiilvw2fdB8D8haXzIO1udYif3GMmUFUWaDdhZ2mKx3ZeaXiMtHJZoyMduISvjutff-HXrXZ3VSCTQ5mze7_Fe1XfkQUfzPeSNcYjXwSlTV2Olv8uIk01ZCn1Qt8Yga3kg5KvxVGTquB71qBtjqS33OTqTbOAEAYAG8bq-wcyDn7X8AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0v7i0dDhmxlJ4mRiZUpnmuJBR6kg%26client%3Dca-pub-0796790890307838%26adurl%3D
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
74ed1e107d3f696a-FRA
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Thu, 22 Sep 2022 18:31:25 GMT
expires
0
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
view
securepubads.g.doubleclick.net/pcs/ Frame 335F 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvw1k0CpC4u2ccT_TDoJWIp2mJuYvldzfzLX7db6afPb-OttvyGaXVeuMOCZjeuxH3FZgbG1TU8nt1QAyEVkrYY6XYGhU4NLvZKMUUxRLcE9zsnJuV3nkZI_7a5CiE9Cj_U1MpOrg9YwgEyfc9LZIwJUI0zM-U_LuygwXQpnSxk267skUV-sL9FurvyNBB3h3o8mUuWboP2flGYeoO4bUHshaoei9zqgXLUHqzExgJzPRvj0WPOYdUb-dbjv6_-YIlDljvJHyHyk-MHEhVugsL4I56fVvENT1he8BY_E_tfO5VPb5Ao3RRik7wASNCbSUYRUQEdBuQZIcP-dY3P1o121acgfmuvUJXjWuc&sai=AMfl-YRpuH0GQ3-2gX3QYWXoV9KAk6KkiOGykYaa7YlRJKKfmNe1n0ophXVNvrqEckwMqtk6KkkzN1e9UXxS1T8Qj0o_lLqRDQ4p13o4sxgKly0vcbXpTh3T4P7sKmAGNGYBE5F2T44DnNwEHuRE6FtFRw&sig=Cg0ArKJSzD16MwBnvM59EAE&uach_m=[UACH]&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 22 Sep 2022 18:31:25 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Thu, 22 Sep 2022 18:31:25 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame FB35 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a132e780e94323eea01bca5efa1eeda0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 08:54:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
34620
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 22 Sep 2023 08:54:25 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 89BC 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: a132e780e94323eea01bca5efa1eeda0.safeframe.googlesyndication.com
URL: https://a132e780e94323eea01bca5efa1eeda0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://a132e780e94323eea01bca5efa1eeda0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
32880
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 22 Sep 2022 09:23:25 GMT
etag
48472445140208031
expires
Fri, 23 Sep 2022 09:23:25 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame FB35 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
029090a52c4d103c02455d253f0bc565d05d1099bf97d769ffe18aaf5b63a8a1

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type
image/png
default.css
as.ad4m.at/ad/style/0.1.23/one-ad/ Frame F218 		85 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.23/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=22451%2C24673%2C14019&b=PxefBfbfM5Qa9HjHbtMtR5KaJS9TPM7Fp%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2CRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7&f=bM4CQfZfmzVaYHbHzt8Cpb1tbSJT5WecJ%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CQxef4fjfbV7txH5HYt9CZekh6S4T5qBcV&c=300&d=250&e=&g=6139e630d8eac2fd633001bd18afc8be%2F17761228636701703322&i=25174%2C20430%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1663871485487&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jys3wdshqt1re4wx2kk2sb7gnzdes7842nxyfz7yba62spr2fybd20mzhpgwz7x45gtxgc9d9y5km7zvt3f2keb0byg7fn4mbxkfmz9yx1b1bv69f35zbxfm0trqfndp1x3zg6w8er6b0168m9zwj1t5r02r1edasyz3fx95kc2d7n7fnnzsqsjwjan6devb1bzra1ehg4rdmn1hg3cr6bdwpmxg6d960hjwxsxarwpftbqg1m2m2mbf773b9f9v10gvd8a0jygg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCSmuW_KksY6XOHJ6A7_UPlcOauAuQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0wNzk2NzkwODkwMzA3ODM4oAHCrujdA8gBCakCUZIsJL94sD7gAgCoAwGqBMICT9BIZrNJ0-QszY1qHJ8N5jL8qDWguT6AcoEWHPCPqCfWwdF15s45KM42xjk55Tr1aPdYXlwAEQEbpQ6dkyvcpLa-Z_vwk8P0N7uXK7uisaU5PS_8hhJJVF-6G4Lc2PiAl0-AZeOlZA2N0GCViLDaWf6twjp5T8eRNKRbVxweFElxsAiCoGtPtcIZRCNReTCYc8im5Fzv5QJi0hnYJJemvsqkej7UAoBOlV1RqyS9SwSEFnJy5q84baJ_KdPgllZPdDaqYvwed9sIUcZRrAgiilvw2fdB8D8haXzIO1udYif3GMmUFUWaDdhZ2mKx3ZeaXiMtHJZoyMduISvjutff-HXrXZ3VSCTQ5mze7_Fe1XfkQUfzPeSNcYjXwSlTV2Olv8uIk01ZCn1Qt8Yga3kg5KvxVGTquB71qBtjqS33OTqTbOAEAYAG8bq-wcyDn7X8AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0v7i0dDhmxlJ4mRiZUpnmuJBR6kg%2526client%253Dca-pub-0796790890307838%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
34c3ae81cd958df09f8912557b0a7c53fea002cc24b4d6058d852da53811e414
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/rar?a=22451%2C24673%2C14019&b=PxefBfbfM5Qa9HjHbtMtR5KaJS9TPM7Fp%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2CRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7&f=bM4CQfZfmzVaYHbHzt8Cpb1tbSJT5WecJ%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CQxef4fjfbV7txH5HYt9CZekh6S4T5qBcV&c=300&d=250&e=&g=6139e630d8eac2fd633001bd18afc8be%2F17761228636701703322&i=25174%2C20430%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1663871485487&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jys3wdshqt1re4wx2kk2sb7gnzdes7842nxyfz7yba62spr2fybd20mzhpgwz7x45gtxgc9d9y5km7zvt3f2keb0byg7fn4mbxkfmz9yx1b1bv69f35zbxfm0trqfndp1x3zg6w8er6b0168m9zwj1t5r02r1edasyz3fx95kc2d7n7fnnzsqsjwjan6devb1bzra1ehg4rdmn1hg3cr6bdwpmxg6d960hjwxsxarwpftbqg1m2m2mbf773b9f9v10gvd8a0jygg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCSmuW_KksY6XOHJ6A7_UPlcOauAuQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0wNzk2NzkwODkwMzA3ODM4oAHCrujdA8gBCakCUZIsJL94sD7gAgCoAwGqBMICT9BIZrNJ0-QszY1qHJ8N5jL8qDWguT6AcoEWHPCPqCfWwdF15s45KM42xjk55Tr1aPdYXlwAEQEbpQ6dkyvcpLa-Z_vwk8P0N7uXK7uisaU5PS_8hhJJVF-6G4Lc2PiAl0-AZeOlZA2N0GCViLDaWf6twjp5T8eRNKRbVxweFElxsAiCoGtPtcIZRCNReTCYc8im5Fzv5QJi0hnYJJemvsqkej7UAoBOlV1RqyS9SwSEFnJy5q84baJ_KdPgllZPdDaqYvwed9sIUcZRrAgiilvw2fdB8D8haXzIO1udYif3GMmUFUWaDdhZ2mKx3ZeaXiMtHJZoyMduISvjutff-HXrXZ3VSCTQ5mze7_Fe1XfkQUfzPeSNcYjXwSlTV2Olv8uIk01ZCn1Qt8Yga3kg5KvxVGTquB71qBtjqS33OTqTbOAEAYAG8bq-wcyDn7X8AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0v7i0dDhmxlJ4mRiZUpnmuJBR6kg%2526client%253Dca-pub-0796790890307838%2526adurl%253D&y=1&s=&z=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:25 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age
879248
cross-origin-embedder-policy
unsafe-none
cf-polished
origSize=86781
surrogate-control
no-store
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=86400; includeSubDomains; preload
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
same-origin
last-modified
Mon, 12 Sep 2022 14:17:16 GMT
server
cloudflare
cross-origin-opener-policy
unsafe-none
x-download-options
noopen
vary
accept-encoding
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type
text/css; charset=utf-8
expires
0
cache-control
max-age=3600, must-revalidate, proxy-revalidate
cf-ray
74ed1e11afdc696a-FRA
cf-bgj
minify
188CB8AAD064EA4A8191591B373E95EFBB15091EC45B736DE282B2519499BCCBCAB6FDEDC5113C2A7BE7DE03216809B9DDF8A0A0594CFE95168D455C315D4410
assets.ad4m.at/logo/ Frame F218 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/188CB8AAD064EA4A8191591B373E95EFBB15091EC45B736DE282B2519499BCCBCAB6FDEDC5113C2A7BE7DE03216809B9DDF8A0A0594CFE95168D455C315D4410
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=22451%2C24673%2C14019&b=PxefBfbfM5Qa9HjHbtMtR5KaJS9TPM7Fp%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2CRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7&f=bM4CQfZfmzVaYHbHzt8Cpb1tbSJT5WecJ%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CQxef4fjfbV7txH5HYt9CZekh6S4T5qBcV&c=300&d=250&e=&g=6139e630d8eac2fd633001bd18afc8be%2F17761228636701703322&i=25174%2C20430%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1663871485487&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jys3wdshqt1re4wx2kk2sb7gnzdes7842nxyfz7yba62spr2fybd20mzhpgwz7x45gtxgc9d9y5km7zvt3f2keb0byg7fn4mbxkfmz9yx1b1bv69f35zbxfm0trqfndp1x3zg6w8er6b0168m9zwj1t5r02r1edasyz3fx95kc2d7n7fnnzsqsjwjan6devb1bzra1ehg4rdmn1hg3cr6bdwpmxg6d960hjwxsxarwpftbqg1m2m2mbf773b9f9v10gvd8a0jygg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCSmuW_KksY6XOHJ6A7_UPlcOauAuQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0wNzk2NzkwODkwMzA3ODM4oAHCrujdA8gBCakCUZIsJL94sD7gAgCoAwGqBMICT9BIZrNJ0-QszY1qHJ8N5jL8qDWguT6AcoEWHPCPqCfWwdF15s45KM42xjk55Tr1aPdYXlwAEQEbpQ6dkyvcpLa-Z_vwk8P0N7uXK7uisaU5PS_8hhJJVF-6G4Lc2PiAl0-AZeOlZA2N0GCViLDaWf6twjp5T8eRNKRbVxweFElxsAiCoGtPtcIZRCNReTCYc8im5Fzv5QJi0hnYJJemvsqkej7UAoBOlV1RqyS9SwSEFnJy5q84baJ_KdPgllZPdDaqYvwed9sIUcZRrAgiilvw2fdB8D8haXzIO1udYif3GMmUFUWaDdhZ2mKx3ZeaXiMtHJZoyMduISvjutff-HXrXZ3VSCTQ5mze7_Fe1XfkQUfzPeSNcYjXwSlTV2Olv8uIk01ZCn1Qt8Yga3kg5KvxVGTquB71qBtjqS33OTqTbOAEAYAG8bq-wcyDn7X8AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0v7i0dDhmxlJ4mRiZUpnmuJBR6kg%2526client%253Dca-pub-0796790890307838%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e49b984d20b3e7cb3f2c4a08805dc3f66bb8a58ec08c365d0cf955dd57c77c7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:25 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2584637
cf-polished
qual=85, origFmt=jpeg, origSize=16723
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
8354
last-modified
Wed, 22 Jan 2020 13:13:07 GMT
server
cloudflare
etag
"04cb7ec205cea351157aeffb998f3a85"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Vor%2FrBqQVm6euAUUQH8uYzaMa6tRChRfoKbbjgfEFZFqZxuZYLrX%2F8Dz8jhIE9fdAP2T0%2Fs0hTvb1fE8FmiasTVuGekA6G0yzZivRMg8gmko8FyFSEmVBmYf1%2FAIYKTkeJCNpyE%2BkOWhM3%2Fx"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
expires
Fri, 23 Sep 2022 18:31:25 GMT
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
74ed1e11bb9d91de-FRA
cf-bgj
imgq:85,h2pri
FC413BBA72211F5AF56B42ACBA3ABD3A49D827F593C9E1323C0F2A226E056430F688C15FF4CD83A6D4A3CFCFA1FE4220CE28CD84F613C42E73DA82679F4A107B
assets.ad4m.at/product_image/ Frame F218 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/FC413BBA72211F5AF56B42ACBA3ABD3A49D827F593C9E1323C0F2A226E056430F688C15FF4CD83A6D4A3CFCFA1FE4220CE28CD84F613C42E73DA82679F4A107B
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=22451%2C24673%2C14019&b=PxefBfbfM5Qa9HjHbtMtR5KaJS9TPM7Fp%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2CRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7&f=bM4CQfZfmzVaYHbHzt8Cpb1tbSJT5WecJ%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CQxef4fjfbV7txH5HYt9CZekh6S4T5qBcV&c=300&d=250&e=&g=6139e630d8eac2fd633001bd18afc8be%2F17761228636701703322&i=25174%2C20430%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1663871485487&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jys3wdshqt1re4wx2kk2sb7gnzdes7842nxyfz7yba62spr2fybd20mzhpgwz7x45gtxgc9d9y5km7zvt3f2keb0byg7fn4mbxkfmz9yx1b1bv69f35zbxfm0trqfndp1x3zg6w8er6b0168m9zwj1t5r02r1edasyz3fx95kc2d7n7fnnzsqsjwjan6devb1bzra1ehg4rdmn1hg3cr6bdwpmxg6d960hjwxsxarwpftbqg1m2m2mbf773b9f9v10gvd8a0jygg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCSmuW_KksY6XOHJ6A7_UPlcOauAuQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0wNzk2NzkwODkwMzA3ODM4oAHCrujdA8gBCakCUZIsJL94sD7gAgCoAwGqBMICT9BIZrNJ0-QszY1qHJ8N5jL8qDWguT6AcoEWHPCPqCfWwdF15s45KM42xjk55Tr1aPdYXlwAEQEbpQ6dkyvcpLa-Z_vwk8P0N7uXK7uisaU5PS_8hhJJVF-6G4Lc2PiAl0-AZeOlZA2N0GCViLDaWf6twjp5T8eRNKRbVxweFElxsAiCoGtPtcIZRCNReTCYc8im5Fzv5QJi0hnYJJemvsqkej7UAoBOlV1RqyS9SwSEFnJy5q84baJ_KdPgllZPdDaqYvwed9sIUcZRrAgiilvw2fdB8D8haXzIO1udYif3GMmUFUWaDdhZ2mKx3ZeaXiMtHJZoyMduISvjutff-HXrXZ3VSCTQ5mze7_Fe1XfkQUfzPeSNcYjXwSlTV2Olv8uIk01ZCn1Qt8Yga3kg5KvxVGTquB71qBtjqS33OTqTbOAEAYAG8bq-wcyDn7X8AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0v7i0dDhmxlJ4mRiZUpnmuJBR6kg%2526client%253Dca-pub-0796790890307838%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8638f3568cf35b04429b02b36b4f4e37baa12bf47b618e530dfa728022c1d41c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:25 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2509352
cf-polished
qual=85, origFmt=jpeg, origSize=81547
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
30226
last-modified
Thu, 09 Apr 2020 08:50:22 GMT
server
cloudflare
etag
"f7c8b1c28756e1f042414e043a02e1fa"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=idjpK5lCkHZmPmZBwdjwrcG%2BRTLqjo8PepNvsNSev0biaG4IyN%2BKssc9qDOlaqub%2Fg997%2FhHGmEKWps3u78KfI0Kksn2l2E6kngaYnWXlXcymF5%2F2r84D3WZw0QOgRKhJAgryljCxTFROMWi"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
expires
Fri, 23 Sep 2022 18:31:25 GMT
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
74ed1e12087b696a-FRA
cf-bgj
imgq:85,h2pri
/
banner.congstar.de/cookie/ Frame F218
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%...
  • https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_pre=CMPT9aaEqfoCFSqI_QcdjyIHJg;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_d...
  • https://www.awin1.com/cawshow.php?v=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneidPxefBfbfM5Qa9HjHbtMtR5KaJS9TPM7Fponeid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0
  • https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1663871485_c43e2cd0-3aa4-11ed-8770-22389f118591
0
518 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1663871485_c43e2cd0-3aa4-11ed-8770-22389f118591
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=22451%2C24673%2C14019&b=PxefBfbfM5Qa9HjHbtMtR5KaJS9TPM7Fp%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2CRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7&f=bM4CQfZfmzVaYHbHzt8Cpb1tbSJT5WecJ%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CQxef4fjfbV7txH5HYt9CZekh6S4T5qBcV&c=300&d=250&e=&g=6139e630d8eac2fd633001bd18afc8be%2F17761228636701703322&i=25174%2C20430%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1663871485487&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jys3wdshqt1re4wx2kk2sb7gnzdes7842nxyfz7yba62spr2fybd20mzhpgwz7x45gtxgc9d9y5km7zvt3f2keb0byg7fn4mbxkfmz9yx1b1bv69f35zbxfm0trqfndp1x3zg6w8er6b0168m9zwj1t5r02r1edasyz3fx95kc2d7n7fnnzsqsjwjan6devb1bzra1ehg4rdmn1hg3cr6bdwpmxg6d960hjwxsxarwpftbqg1m2m2mbf773b9f9v10gvd8a0jygg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCSmuW_KksY6XOHJ6A7_UPlcOauAuQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0wNzk2NzkwODkwMzA3ODM4oAHCrujdA8gBCakCUZIsJL94sD7gAgCoAwGqBMICT9BIZrNJ0-QszY1qHJ8N5jL8qDWguT6AcoEWHPCPqCfWwdF15s45KM42xjk55Tr1aPdYXlwAEQEbpQ6dkyvcpLa-Z_vwk8P0N7uXK7uisaU5PS_8hhJJVF-6G4Lc2PiAl0-AZeOlZA2N0GCViLDaWf6twjp5T8eRNKRbVxweFElxsAiCoGtPtcIZRCNReTCYc8im5Fzv5QJi0hnYJJemvsqkej7UAoBOlV1RqyS9SwSEFnJy5q84baJ_KdPgllZPdDaqYvwed9sIUcZRrAgiilvw2fdB8D8haXzIO1udYif3GMmUFUWaDdhZ2mKx3ZeaXiMtHJZoyMduISvjutff-HXrXZ3VSCTQ5mze7_Fe1XfkQUfzPeSNcYjXwSlTV2Olv8uIk01ZCn1Qt8Yga3kg5KvxVGTquB71qBtjqS33OTqTbOAEAYAG8bq-wcyDn7X8AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0v7i0dDhmxlJ4mRiZUpnmuJBR6kg%2526client%253Dca-pub-0796790890307838%2526adurl%253D&y=1&s=&z=0
Protocol
HTTP/1.1
Server
148.251.139.77 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.77.139.251.148.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 22 Sep 2022 18:31:25 GMT
Server
Apache
P3P
CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
Content-Length
0

Redirect headers

Date
Thu, 22 Sep 2022 18:31:26 GMT
Strict-Transport-Security
max-age=86400
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location
https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1663871485_c43e2cd0-3aa4-11ed-8770-22389f118591
Awin-Akamai-Rule-Set
default
Node
Helix
Connection
keep-alive
Content-Length
0
E8A0B3404CF65D67FABF74F38D2E787E97D75F650E6720B8A047EFE226A7A598DA94FFCF3CDCC52A3B206A422DD3D5082778689277BC79BF962DEE607C6331D8
assets.ad4m.at/logo/ Frame F218 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/E8A0B3404CF65D67FABF74F38D2E787E97D75F650E6720B8A047EFE226A7A598DA94FFCF3CDCC52A3B206A422DD3D5082778689277BC79BF962DEE607C6331D8
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=22451%2C24673%2C14019&b=PxefBfbfM5Qa9HjHbtMtR5KaJS9TPM7Fp%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2CRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7&f=bM4CQfZfmzVaYHbHzt8Cpb1tbSJT5WecJ%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CQxef4fjfbV7txH5HYt9CZekh6S4T5qBcV&c=300&d=250&e=&g=6139e630d8eac2fd633001bd18afc8be%2F17761228636701703322&i=25174%2C20430%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1663871485487&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jys3wdshqt1re4wx2kk2sb7gnzdes7842nxyfz7yba62spr2fybd20mzhpgwz7x45gtxgc9d9y5km7zvt3f2keb0byg7fn4mbxkfmz9yx1b1bv69f35zbxfm0trqfndp1x3zg6w8er6b0168m9zwj1t5r02r1edasyz3fx95kc2d7n7fnnzsqsjwjan6devb1bzra1ehg4rdmn1hg3cr6bdwpmxg6d960hjwxsxarwpftbqg1m2m2mbf773b9f9v10gvd8a0jygg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCSmuW_KksY6XOHJ6A7_UPlcOauAuQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0wNzk2NzkwODkwMzA3ODM4oAHCrujdA8gBCakCUZIsJL94sD7gAgCoAwGqBMICT9BIZrNJ0-QszY1qHJ8N5jL8qDWguT6AcoEWHPCPqCfWwdF15s45KM42xjk55Tr1aPdYXlwAEQEbpQ6dkyvcpLa-Z_vwk8P0N7uXK7uisaU5PS_8hhJJVF-6G4Lc2PiAl0-AZeOlZA2N0GCViLDaWf6twjp5T8eRNKRbVxweFElxsAiCoGtPtcIZRCNReTCYc8im5Fzv5QJi0hnYJJemvsqkej7UAoBOlV1RqyS9SwSEFnJy5q84baJ_KdPgllZPdDaqYvwed9sIUcZRrAgiilvw2fdB8D8haXzIO1udYif3GMmUFUWaDdhZ2mKx3ZeaXiMtHJZoyMduISvjutff-HXrXZ3VSCTQ5mze7_Fe1XfkQUfzPeSNcYjXwSlTV2Olv8uIk01ZCn1Qt8Yga3kg5KvxVGTquB71qBtjqS33OTqTbOAEAYAG8bq-wcyDn7X8AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0v7i0dDhmxlJ4mRiZUpnmuJBR6kg%2526client%253Dca-pub-0796790890307838%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d997fba7832cb78b0933a9eb2ce191d53234c978e25c6c8fc50c75923ea8405e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:25 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
253279
cf-polished
origFmt=png, origSize=77267
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
38696
last-modified
Wed, 22 Jan 2020 13:11:48 GMT
server
cloudflare
etag
"2b0e02e9dde77e31d38d78d73dc69e4f"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a7fxfH3H2PuBaUx9bD3P116kLlnDgfQAdEH9YfKtOZeIBi%2F0pYTv27jGqa8j87qMNzoDrPUWu%2FPfJp7WolcV02Lcmc5vNe%2B0Hq8MeosznttfAa4AB1fAFmsX736vZ7tLWhJAQMJH4l2vsg3r"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
expires
Fri, 23 Sep 2022 18:31:25 GMT
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
74ed1e120884696a-FRA
cf-bgj
imgq:85,h2pri
B45F893E9FFC024BF63F31BCCBD125167CBC3446F3678FC31F706A695A83CDCA7427229BCA4C5992B83E2F60A147FCD1B6148725AA0AF3ABB801A6BB7EA78390
assets.ad4m.at/ Frame F218 		84 KB
84 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/B45F893E9FFC024BF63F31BCCBD125167CBC3446F3678FC31F706A695A83CDCA7427229BCA4C5992B83E2F60A147FCD1B6148725AA0AF3ABB801A6BB7EA78390
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=22451%2C24673%2C14019&b=PxefBfbfM5Qa9HjHbtMtR5KaJS9TPM7Fp%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2CRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7&f=bM4CQfZfmzVaYHbHzt8Cpb1tbSJT5WecJ%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CQxef4fjfbV7txH5HYt9CZekh6S4T5qBcV&c=300&d=250&e=&g=6139e630d8eac2fd633001bd18afc8be%2F17761228636701703322&i=25174%2C20430%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1663871485487&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jys3wdshqt1re4wx2kk2sb7gnzdes7842nxyfz7yba62spr2fybd20mzhpgwz7x45gtxgc9d9y5km7zvt3f2keb0byg7fn4mbxkfmz9yx1b1bv69f35zbxfm0trqfndp1x3zg6w8er6b0168m9zwj1t5r02r1edasyz3fx95kc2d7n7fnnzsqsjwjan6devb1bzra1ehg4rdmn1hg3cr6bdwpmxg6d960hjwxsxarwpftbqg1m2m2mbf773b9f9v10gvd8a0jygg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCSmuW_KksY6XOHJ6A7_UPlcOauAuQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0wNzk2NzkwODkwMzA3ODM4oAHCrujdA8gBCakCUZIsJL94sD7gAgCoAwGqBMICT9BIZrNJ0-QszY1qHJ8N5jL8qDWguT6AcoEWHPCPqCfWwdF15s45KM42xjk55Tr1aPdYXlwAEQEbpQ6dkyvcpLa-Z_vwk8P0N7uXK7uisaU5PS_8hhJJVF-6G4Lc2PiAl0-AZeOlZA2N0GCViLDaWf6twjp5T8eRNKRbVxweFElxsAiCoGtPtcIZRCNReTCYc8im5Fzv5QJi0hnYJJemvsqkej7UAoBOlV1RqyS9SwSEFnJy5q84baJ_KdPgllZPdDaqYvwed9sIUcZRrAgiilvw2fdB8D8haXzIO1udYif3GMmUFUWaDdhZ2mKx3ZeaXiMtHJZoyMduISvjutff-HXrXZ3VSCTQ5mze7_Fe1XfkQUfzPeSNcYjXwSlTV2Olv8uIk01ZCn1Qt8Yga3kg5KvxVGTquB71qBtjqS33OTqTbOAEAYAG8bq-wcyDn7X8AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0v7i0dDhmxlJ4mRiZUpnmuJBR6kg%2526client%253Dca-pub-0796790890307838%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e44684a48d596b56cba6492df2821b18b56fd0b488a77240d415f0eae918abe1

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:25 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1063980
cf-polished
origSize=90165, status=webp_bigger
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
85737
last-modified
Wed, 09 Oct 2019 16:06:53 GMT
server
cloudflare
etag
"a6c89bb079950765946aeeda42e13d01"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WtKrYS6GyVdgKz2zeSfrzmBbXSlAQWnBmd6SNxmdS%2Bts7Rl18uw4RaZU7TLr2RQieTN1MAwab2CpXxOsdOLVOIGq2b8MzDN7eWqqUjxcQHffmKK3FypT1AXntywrNYvLWbqqc8CbBV2Co6rS"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
expires
Fri, 23 Sep 2022 18:31:25 GMT
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
74ed1e120885696a-FRA
cf-bgj
imgq:85,h2pri
CE11F4A269236C0AF074ADB7F1ADA1F8C472CD7AC3290EFBF4A7DADA0100B8792254D4F2CF871D3311E6317269487774B650CDD0B207BED389DBEA35CD2DBC8F
assets.ad4m.at/logo/ Frame F218 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/CE11F4A269236C0AF074ADB7F1ADA1F8C472CD7AC3290EFBF4A7DADA0100B8792254D4F2CF871D3311E6317269487774B650CDD0B207BED389DBEA35CD2DBC8F
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=22451%2C24673%2C14019&b=PxefBfbfM5Qa9HjHbtMtR5KaJS9TPM7Fp%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2CRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7&f=bM4CQfZfmzVaYHbHzt8Cpb1tbSJT5WecJ%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CQxef4fjfbV7txH5HYt9CZekh6S4T5qBcV&c=300&d=250&e=&g=6139e630d8eac2fd633001bd18afc8be%2F17761228636701703322&i=25174%2C20430%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1663871485487&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jys3wdshqt1re4wx2kk2sb7gnzdes7842nxyfz7yba62spr2fybd20mzhpgwz7x45gtxgc9d9y5km7zvt3f2keb0byg7fn4mbxkfmz9yx1b1bv69f35zbxfm0trqfndp1x3zg6w8er6b0168m9zwj1t5r02r1edasyz3fx95kc2d7n7fnnzsqsjwjan6devb1bzra1ehg4rdmn1hg3cr6bdwpmxg6d960hjwxsxarwpftbqg1m2m2mbf773b9f9v10gvd8a0jygg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCSmuW_KksY6XOHJ6A7_UPlcOauAuQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0wNzk2NzkwODkwMzA3ODM4oAHCrujdA8gBCakCUZIsJL94sD7gAgCoAwGqBMICT9BIZrNJ0-QszY1qHJ8N5jL8qDWguT6AcoEWHPCPqCfWwdF15s45KM42xjk55Tr1aPdYXlwAEQEbpQ6dkyvcpLa-Z_vwk8P0N7uXK7uisaU5PS_8hhJJVF-6G4Lc2PiAl0-AZeOlZA2N0GCViLDaWf6twjp5T8eRNKRbVxweFElxsAiCoGtPtcIZRCNReTCYc8im5Fzv5QJi0hnYJJemvsqkej7UAoBOlV1RqyS9SwSEFnJy5q84baJ_KdPgllZPdDaqYvwed9sIUcZRrAgiilvw2fdB8D8haXzIO1udYif3GMmUFUWaDdhZ2mKx3ZeaXiMtHJZoyMduISvjutff-HXrXZ3VSCTQ5mze7_Fe1XfkQUfzPeSNcYjXwSlTV2Olv8uIk01ZCn1Qt8Yga3kg5KvxVGTquB71qBtjqS33OTqTbOAEAYAG8bq-wcyDn7X8AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0v7i0dDhmxlJ4mRiZUpnmuJBR6kg%2526client%253Dca-pub-0796790890307838%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7024493525030ecd098ce0dcb2f0aea839373775120b40580028137b1d125ac9

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:25 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
254168
cf-polished
origFmt=png, origSize=39979
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
15996
last-modified
Wed, 22 Jan 2020 13:07:55 GMT
server
cloudflare
etag
"ad9334664514d900a0c3b76d17ca960f"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y1GscPZAowcGum0g6LDLTR29GPnLobb69Ju4FOLBbSfy2ncyQg1sUmSRV3l74LQHdpnuzqWI9fMcJ4bNE2%2FcbBG2IcUo%2BDBFJvTR%2FSlkgKTZxpq0tolzITD50nF%2Ban84TereAKJ%2Bg6fIBatV"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
expires
Fri, 23 Sep 2022 18:31:25 GMT
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
74ed1e120887696a-FRA
cf-bgj
imgq:85,h2pri
EC9093D4AF3799CF781B1E590A25D192F3BFBB8EF4C33117758FB5ADF524B34A287AF80FDD08D80A46541DEAE1FFA692B6F4CA688E7C199182253AEB01A2863C
assets.ad4m.at/product_image/ Frame F218 		222 KB
222 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/EC9093D4AF3799CF781B1E590A25D192F3BFBB8EF4C33117758FB5ADF524B34A287AF80FDD08D80A46541DEAE1FFA692B6F4CA688E7C199182253AEB01A2863C
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=22451%2C24673%2C14019&b=PxefBfbfM5Qa9HjHbtMtR5KaJS9TPM7Fp%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2CRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7&f=bM4CQfZfmzVaYHbHzt8Cpb1tbSJT5WecJ%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CQxef4fjfbV7txH5HYt9CZekh6S4T5qBcV&c=300&d=250&e=&g=6139e630d8eac2fd633001bd18afc8be%2F17761228636701703322&i=25174%2C20430%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1663871485487&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jys3wdshqt1re4wx2kk2sb7gnzdes7842nxyfz7yba62spr2fybd20mzhpgwz7x45gtxgc9d9y5km7zvt3f2keb0byg7fn4mbxkfmz9yx1b1bv69f35zbxfm0trqfndp1x3zg6w8er6b0168m9zwj1t5r02r1edasyz3fx95kc2d7n7fnnzsqsjwjan6devb1bzra1ehg4rdmn1hg3cr6bdwpmxg6d960hjwxsxarwpftbqg1m2m2mbf773b9f9v10gvd8a0jygg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCSmuW_KksY6XOHJ6A7_UPlcOauAuQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0wNzk2NzkwODkwMzA3ODM4oAHCrujdA8gBCakCUZIsJL94sD7gAgCoAwGqBMICT9BIZrNJ0-QszY1qHJ8N5jL8qDWguT6AcoEWHPCPqCfWwdF15s45KM42xjk55Tr1aPdYXlwAEQEbpQ6dkyvcpLa-Z_vwk8P0N7uXK7uisaU5PS_8hhJJVF-6G4Lc2PiAl0-AZeOlZA2N0GCViLDaWf6twjp5T8eRNKRbVxweFElxsAiCoGtPtcIZRCNReTCYc8im5Fzv5QJi0hnYJJemvsqkej7UAoBOlV1RqyS9SwSEFnJy5q84baJ_KdPgllZPdDaqYvwed9sIUcZRrAgiilvw2fdB8D8haXzIO1udYif3GMmUFUWaDdhZ2mKx3ZeaXiMtHJZoyMduISvjutff-HXrXZ3VSCTQ5mze7_Fe1XfkQUfzPeSNcYjXwSlTV2Olv8uIk01ZCn1Qt8Yga3kg5KvxVGTquB71qBtjqS33OTqTbOAEAYAG8bq-wcyDn7X8AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0v7i0dDhmxlJ4mRiZUpnmuJBR6kg%2526client%253Dca-pub-0796790890307838%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9bfc7d34cd8bc7df36a984d6f3da50799752e33c48bbf07a4a1ee959b51476d0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:25 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1430860
cf-polished
origFmt=png, origSize=342797
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
226950
last-modified
Wed, 15 Jun 2022 14:01:11 GMT
server
cloudflare
etag
"82c7de0f42ff55fdd0acc07731664031"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ipaxAThT4HuuVw1e%2F3Bb%2BZNCLsv75honC5KTpCohFi9sDEtJBxVPECqD96wzXkcYFnsFXlE7X6PU94C%2FchsRECS1kIWh4qV4cml1ZT68e08dh7q6PuEfMX18ttWApCiRLK2ORV4YAJRXxb0C"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
expires
Fri, 23 Sep 2022 18:31:25 GMT
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
74ed1e120889696a-FRA
cf-bgj
imgq:85,h2pri
ztpv.php
www.conrad.de/ Frame F218
Redirect Chain
  • https://www.awin1.com/cshow.php?s=2470185&v=11354&q=377129&r=412871&pv=1&pref3=oneidRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7oneid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0
  • https://www.zenaps.com/cshow.php?pvr=c42f38b1-3aa4-11ed-871f-22647c990db1&v=11354&r=412871&q=377129&s=2470185&viewref3=oneidRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7oneid__dc_reach_suite02wkz&pv=1&gdpr=0&g...
  • https://www.conrad.de/ztpv.php?awc=11354_412871_1663871485_c42f38b1-3aa4-11ed-871f-22647c990db1&insert=AW&&gdpr=0&gdpr_consent=
0
657 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.conrad.de/ztpv.php?awc=11354_412871_1663871485_c42f38b1-3aa4-11ed-871f-22647c990db1&insert=AW&&gdpr=0&gdpr_consent=
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=22451%2C24673%2C14019&b=PxefBfbfM5Qa9HjHbtMtR5KaJS9TPM7Fp%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2CRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7&f=bM4CQfZfmzVaYHbHzt8Cpb1tbSJT5WecJ%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CQxef4fjfbV7txH5HYt9CZekh6S4T5qBcV&c=300&d=250&e=&g=6139e630d8eac2fd633001bd18afc8be%2F17761228636701703322&i=25174%2C20430%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1663871485487&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jys3wdshqt1re4wx2kk2sb7gnzdes7842nxyfz7yba62spr2fybd20mzhpgwz7x45gtxgc9d9y5km7zvt3f2keb0byg7fn4mbxkfmz9yx1b1bv69f35zbxfm0trqfndp1x3zg6w8er6b0168m9zwj1t5r02r1edasyz3fx95kc2d7n7fnnzsqsjwjan6devb1bzra1ehg4rdmn1hg3cr6bdwpmxg6d960hjwxsxarwpftbqg1m2m2mbf773b9f9v10gvd8a0jygg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCSmuW_KksY6XOHJ6A7_UPlcOauAuQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0wNzk2NzkwODkwMzA3ODM4oAHCrujdA8gBCakCUZIsJL94sD7gAgCoAwGqBMICT9BIZrNJ0-QszY1qHJ8N5jL8qDWguT6AcoEWHPCPqCfWwdF15s45KM42xjk55Tr1aPdYXlwAEQEbpQ6dkyvcpLa-Z_vwk8P0N7uXK7uisaU5PS_8hhJJVF-6G4Lc2PiAl0-AZeOlZA2N0GCViLDaWf6twjp5T8eRNKRbVxweFElxsAiCoGtPtcIZRCNReTCYc8im5Fzv5QJi0hnYJJemvsqkej7UAoBOlV1RqyS9SwSEFnJy5q84baJ_KdPgllZPdDaqYvwed9sIUcZRrAgiilvw2fdB8D8haXzIO1udYif3GMmUFUWaDdhZ2mKx3ZeaXiMtHJZoyMduISvjutff-HXrXZ3VSCTQ5mze7_Fe1XfkQUfzPeSNcYjXwSlTV2Olv8uIk01ZCn1Qt8Yga3kg5KvxVGTquB71qBtjqS33OTqTbOAEAYAG8bq-wcyDn7X8AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0v7i0dDhmxlJ4mRiZUpnmuJBR6kg%2526client%253Dca-pub-0796790890307838%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Server
2606:4700::6812:7f05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:26 GMT
via
1.1 varnish (Varnish/6.6)
cf-cache-status
DYNAMIC
server
cloudflare
age
0
strict-transport-security
max-age=15552000
p3p
policyref="http://www.conrad.de/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
content-type
text/html; charset=UTF-8
content-encoding
br
cache-control
no-cache
x-varnish
812346559
server-timing
intid;desc=f0c590bf2f34d3d4
cf-ray
74ed1e153c066901-FRA
expires
-1

Redirect headers

Date
Thu, 22 Sep 2022 18:31:26 GMT
Strict-Transport-Security
max-age=86400
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location
https://www.conrad.de/ztpv.php?awc=11354_412871_1663871485_c42f38b1-3aa4-11ed-871f-22647c990db1&insert=AW&&gdpr=0&gdpr_consent=
Awin-Akamai-Rule-Set
default
Node
Helix
Connection
keep-alive
Content-Length
0
ff22c107-6012-41df-b533-42b43440396e
static.instiengage.com/client_images/0eda47e1-3a3f-4444-8ab9-a525f4133e8d/ Frame 57A7 		120 KB
121 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.instiengage.com/client_images/0eda47e1-3a3f-4444-8ab9-a525f4133e8d/ff22c107-6012-41df-b533-42b43440396e
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:d600:17:5bae:c7c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cc67f48afa808c8c8f95c8e8c11cf7f8d57d96fb901e8548a2dd2b61f9b1c2fa

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id
6vvtsoEgEoX1q9LK9W1dY9aQWqo0FqDY
via
1.1 a962efd99fafcdb81ca24e0e8140a67c.cloudfront.net (CloudFront)
last-modified
Tue, 05 Jul 2022 13:11:31 GMT
server
AmazonS3
age
289
etag
"bdfb420c1e288cc142bf3dd59fdfbd5c"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/octet-stream
cache-control
max-age=3600,public
date
Thu, 22 Sep 2022 18:31:25 GMT
x-amz-cf-pop
FRA60-P4
accept-ranges
bytes
content-length
122957
x-amz-cf-id
8nNwc2kyNHFyBqXoo1KhJJLuJlnpuMiTVeOW4koZ6iUmTUD8kUkRVw==
QGYsz_wNahGAdqQ43Rh_fKDp.woff2
fonts.gstatic.com/s/worksans/v18/ Frame 57A7 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/worksans/v18/QGYsz_wNahGAdqQ43Rh_fKDp.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Work+Sans:400,500,600,700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
97e82d8eac8d106b28abf1b716982c40c06fffe49cc2f34cd1c299266745ef73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.staradvertiser.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 19:25:31 GMT
x-content-type-options
nosniff
age
169554
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47728
x-xss-protection
0
last-modified
Tue, 23 Aug 2022 17:55:22 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 20 Sep 2023 19:25:31 GMT
fa-solid-900.woff2
use.fontawesome.com/releases/v5.5.0/webfonts/ Frame 57A7 		72 KB
73 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.5.0/webfonts/fa-solid-900.woff2
Requested by
Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.5.0/css/all.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.133.15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7798165ee5a3c6809310d8261dcbe7c8d0c12d795b7b09a71af3eb86ec8f33f2

Request headers

Referer
https://use.fontawesome.com/releases/v5.5.0/css/all.css
Origin
https://www.staradvertiser.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:25 GMT
access-control-allow-methods
GET
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
20776952
cf-ray
74ed1e11cecc9078-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
73852
x-amz-id-2
eoIoWTsKC9WudE/9tYy+s/gX9IBbqpbejdzxdzPOqjfcPcZSnP2v+nq8t3P6H/OnTwQQ24nDbdY=
last-modified
Wed, 30 Jun 2021 15:43:51 GMT
server
cloudflare
etag
"fb493903265cad425ccdf8e04fc2de61"
access-control-max-age
3000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1HSuXIvYcRa7MqgJ4L3kAygyvsncmBzeHZjEKQ4rdrW2Rh3U8YbDwRbORoPU7LjsAIO96ue67hM4qlnKTnJ%2F5qOe8Z6JKgQRdZrkafKsjh3UfBVHpx9ftl9PzBz8wXc15K2LvHRo"}],"group":"cf-nel","max_age":604800}
x-amz-request-id
E16T6DK80RX0YN9V
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
content-type
font/woff2
index.html
s0.2mdn.net/sadbundle/4022321549259309056/ Frame 6EF0 		7 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/4022321549259309056/index.html?e=69&leftOffset=0&topOffset=0&c=acjD3co0Uo&t=1&renderingType=2&ev=01_247
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fd7cc564571e24e885d1abb3462de54fb0b0322a4949d835bbcafc0eae57cfa4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://a132e780e94323eea01bca5efa1eeda0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
1754
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Thu, 22 Sep 2022 18:31:25 GMT
expires
Fri, 22 Sep 2023 18:31:25 GMT
last-modified
Thu, 08 Sep 2022 15:23:16 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame FB35 		0
622 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsskx4lV1Kf4EP3GCNPHbzs8Ci-r3m7FBdy1ITsjKvxQ2ltXrVSMKenYnA-uXu2ip5fy0y-gMRkPoVmiUo68jTQkPeNiNCbvULmUyY9shYv4i0VM6z6qpG4kM6Z1FVlVK6yIpdfW408-mf-gOB_saAaIM_2lxw1hO5zUZxEj7ESbF0iAgR_EzVLxotajmwGYDE5TpY7Cxu9f4BTJTRh3j8wzFWF2kmsg6KwwGYpc4XwBCs4Qd5PVLyeDYuarF_tAPBhfCxk_YlKh3JN3bBNPz8x5nUBKPCEKSP5G6G7Z0fNDu3i-knNN1KUSbfJcUaxFvmtyfH-S73uIVBsapalyaeZ63vYHa3ntO22bbBb1u2UvB9HdiX1EFMk5InDpr7Hhq-Ee0OewIz302Wlzr-Oatjmmi_zZa98FVNJGQv1Io8uqPgF7HkkDw6Bw4-zHkRv6IXSKAVr6juV4vkOSCtkOOlIbfAp2R9D6W1-DxRKQ2PWBzeCjNM6jh61VO7IjDS6FhT3NblSfs6qZ-v0NiI3sq4tFeKJVqCaRsyP0nBfOHaRu4T6Ou28yZ3QR7MghmAFNtqw2xjbc3L-CSk5r6PDKX_qj_d7dOz2EVnVW4-bm5KMOzo6rphHE5Zg558ESzXQ1SzrnzhgeXU0nVCdYXZhIJ3Rs3LSzAsL4szJbsOCtRp0voBYPA-zSHmaVFr0e7kNk8gNKpI0aeP8ciAnU4vb2SnQ7iSkUJtIkdiTJF9c0TzvybvHI9nOO00MsBPQs9bKFLzAmlUq3Uot7lXT5NV4YPf5ZezT0LMSAVOA72WD7KOCkIPJXdnUooIkFv9Hl-2EYlvoqwT2sGnN333_5YtFKLoJkn17xYLZmYIv_SoK85mVT6G0qHqw28JdhYXZH2lggGsxCEBk7ltQWBAApn_-tpQqCf2cQ5sO2gCKe4wcEty2MiUnuInoYgD99JUwLAMVAfxdorL5P6BNCCcWd5wiVhTlDmH0OyTzjfvbN5qFN545JAxOIs8GT3LzRjrYe8qUdkXtLPLMGkMgMsCOK_rtfRfd6rQhrmQmsoT3evpW7d19jHkUCwLxHxi1J_cLogmkUebhYDMx5FYxEcciKiIB0WzJjJhjxIz6_RKmfwfaK-iLSXF_bNcHuRhnD0mDAA7u8vk510f9pt0ivnA836cg5NTgJFKcAEPBVEGSz7trVbVNddP4OBF1hlr1iKuW1vn3HxYNkZ2HUuLAHHxXavPAU53zZeOvSGsak7d52w5eLImuF1e49IHBgRYupaFwpFDhZ47TWT2qKzcvjPMPkT1aCufpT9Vd0qDWKAVEkDdKYeUDP15Q9omkSeCJON6Ii-zI&sai=AMfl-YTPPOVkcPldxNxUU1AdAZWBwmSqOx7JAGS9JWX7UZDfYbDIqQt8ZGs28sasH_Q_X_rpdvTBrxkRJaP3o02j3oU1QB0w3M2fMLY_-WGNccUQSmQzUvGM18bi1lc3PVD0hAyrurgxXgSr3M9ULTP2EY_QCQKx6VJpMjdxkveBqdsLuYdUL_Toy7K1C-mzVOxw3J3B43oT-0aHmho4vFrEdRtFhsI2AHjAiCwkO6VkPRIBnOzBOEbhUKpk1tkMDAwXVtqxCMCzYi5ohiDvjo0G6-gIZQv6R3YtLbPrGPUQYVr1BkFpAhO3bg&sig=Cg0ArKJSzPUmqCRqztEyEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=312&cbvp=1&cstd=307&cisv=r20220919.72452&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.39.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s38-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a132e780e94323eea01bca5efa1eeda0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date
Thu, 22 Sep 2022 18:31:25 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
link.html
track.webgains.com/ Frame F218 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.webgains.com/link.html?wglinkid=713569&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1hpd2vvcn45yzz6a9nrfqgx7y2rypta7ytxmt4y6p089w754zp7ay3ftj2sz8pkm2ykyvjdact9ja0kv7krxyt05p6qm6gz05adffdna5ecyxhybgqve45ztv0as6h3gxf3198cxqfpjq0qa8g7p2sh4vynz7nh0rdh5ncrg8r4xn15bc4g7jzwrjxt1rpxb938dkq5p0p32dnnfjjgcgnwj4qppfyvjst8mkwyxh615p9gbdkgqwj0046w76sm6j4g0%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jys3wdshqt1re4wx2kk2sb7gnzdes7842nxyfz7yba62spr2fybd20mzhpgwz7x45gtxgc9d9y5km7zvt3f2keb0byg7fn4mbxkfmz9yx1b1bv69f35zbxfm0trqfndp1x3zg6w8er6b0168m9zwj1t5r02r1edasyz3fx95kc2d7n7fnnzsqsjwjan6devb1bzra1ehg4rdmn1hg3cr6bdwpmxg6d960hjwxsxarwpftbqg1m2m2mbf773b9f9v10gvd8a0jygg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCSmuW_KksY6XOHJ6A7_UPlcOauAuQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0wNzk2NzkwODkwMzA3ODM4oAHCrujdA8gBCakCUZIsJL94sD7gAgCoAwGqBMICT9BIZrNJ0-QszY1qHJ8N5jL8qDWguT6AcoEWHPCPqCfWwdF15s45KM42xjk55Tr1aPdYXlwAEQEbpQ6dkyvcpLa-Z_vwk8P0N7uXK7uisaU5PS_8hhJJVF-6G4Lc2PiAl0-AZeOlZA2N0GCViLDaWf6twjp5T8eRNKRbVxweFElxsAiCoGtPtcIZRCNReTCYc8im5Fzv5QJi0hnYJJemvsqkej7UAoBOlV1RqyS9SwSEFnJy5q84baJ_KdPgllZPdDaqYvwed9sIUcZRrAgiilvw2fdB8D8haXzIO1udYif3GMmUFUWaDdhZ2mKx3ZeaXiMtHJZoyMduISvjutff-HXrXZ3VSCTQ5mze7_Fe1XfkQUfzPeSNcYjXwSlTV2Olv8uIk01ZCn1Qt8Yga3kg5KvxVGTquB71qBtjqS33OTqTbOAEAYAG8bq-wcyDn7X8AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_0v7i0dDhmxlJ4mRiZUpnmuJBR6kg%252526client%25253Dca-pub-0796790890307838%252526adurl%25253D&clickref=oneidr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhdoneid__dc_reach_suite02wkz&viewref=oneid4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuKoneid__dc_reach_suite02wkz
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=22451%2C24673%2C14019&b=PxefBfbfM5Qa9HjHbtMtR5KaJS9TPM7Fp%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2CRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7&f=bM4CQfZfmzVaYHbHzt8Cpb1tbSJT5WecJ%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CQxef4fjfbV7txH5HYt9CZekh6S4T5qBcV&c=300&d=250&e=&g=6139e630d8eac2fd633001bd18afc8be%2F17761228636701703322&i=25174%2C20430%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1663871485487&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jys3wdshqt1re4wx2kk2sb7gnzdes7842nxyfz7yba62spr2fybd20mzhpgwz7x45gtxgc9d9y5km7zvt3f2keb0byg7fn4mbxkfmz9yx1b1bv69f35zbxfm0trqfndp1x3zg6w8er6b0168m9zwj1t5r02r1edasyz3fx95kc2d7n7fnnzsqsjwjan6devb1bzra1ehg4rdmn1hg3cr6bdwpmxg6d960hjwxsxarwpftbqg1m2m2mbf773b9f9v10gvd8a0jygg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCSmuW_KksY6XOHJ6A7_UPlcOauAuQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0wNzk2NzkwODkwMzA3ODM4oAHCrujdA8gBCakCUZIsJL94sD7gAgCoAwGqBMICT9BIZrNJ0-QszY1qHJ8N5jL8qDWguT6AcoEWHPCPqCfWwdF15s45KM42xjk55Tr1aPdYXlwAEQEbpQ6dkyvcpLa-Z_vwk8P0N7uXK7uisaU5PS_8hhJJVF-6G4Lc2PiAl0-AZeOlZA2N0GCViLDaWf6twjp5T8eRNKRbVxweFElxsAiCoGtPtcIZRCNReTCYc8im5Fzv5QJi0hnYJJemvsqkej7UAoBOlV1RqyS9SwSEFnJy5q84baJ_KdPgllZPdDaqYvwed9sIUcZRrAgiilvw2fdB8D8haXzIO1udYif3GMmUFUWaDdhZ2mKx3ZeaXiMtHJZoyMduISvjutff-HXrXZ3VSCTQ5mze7_Fe1XfkQUfzPeSNcYjXwSlTV2Olv8uIk01ZCn1Qt8Yga3kg5KvxVGTquB71qBtjqS33OTqTbOAEAYAG8bq-wcyDn7X8AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0v7i0dDhmxlJ4mRiZUpnmuJBR6kg%2526client%253Dca-pub-0796790890307838%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.132.138.70 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-132-138-70.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
72a2571dd2b114166403e8dde72f8994233e8b74022819787d38f2f4e850dba8

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:25 GMT
last-modified
Thu, 22 Sep 2022 18:31:25 GMT
server
nginx
x-powered-by
PHP/7.4.26
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=60
access-control-allow-headers
Authorization
expires
Thu, 22 Sep 2022 18:32:25 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 5953 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://a132e780e94323eea01bca5efa1eeda0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
34597
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 22 Sep 2022 08:54:48 GMT
expires
Fri, 22 Sep 2023 08:54:48 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pixel
cm.g.doubleclick.net/ Frame 89BC
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEJQLc9i0a6nLoOxLAqovm-0&google_cve...
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEJQLc9i0a6nLoOxLAqovm-0&goog...
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=bVdFNG16dncxT0JxWVI1&google_gid=CAESEJQLc9i0a6nLoOxLAqovm-0&google_cver=1&google_push=AZmPxg8FCNbixXo0pr0waF_TDezIHJC_5ONwXkBjJvICN6v...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=bVdFNG16dncxT0JxWVI1&google_gid=CAESEJQLc9i0a6nLoOxLAqovm-0&google_cver=1&google_push=AZmPxg8FCNbixXo0pr0waF_TDezIHJC_5ONwXkBjJvICN6v-sy6quq3pyv5hUaMwjUp82_9NTRpcGikRJ2ZyQwpzjZouTA2aus9P
Requested by
Host: a132e780e94323eea01bca5efa1eeda0.safeframe.googlesyndication.com
URL: https://a132e780e94323eea01bca5efa1eeda0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Sep 2022 18:31:25 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 22 Sep 2022 18:31:25 GMT
Server
PingMatch/5cd8a5d#5cd8a5dae4649c563ed7e6eb1dd90a4f2423ff29 i-013e0f4b92ef8966c@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
Location
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=bVdFNG16dncxT0JxWVI1&google_gid=CAESEJQLc9i0a6nLoOxLAqovm-0&google_cver=1&google_push=AZmPxg8FCNbixXo0pr0waF_TDezIHJC_5ONwXkBjJvICN6v-sy6quq3pyv5hUaMwjUp82_9NTRpcGikRJ2ZyQwpzjZouTA2aus9P
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 89BC
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESENvyBZznkf1Z1NQz83z91sw&google_cver=1&google_push=AZmPxg-hVmaBRp5Mngej9drZgow1pZHuPmRj0ZPQlK0pFBa-OtGxyqjkLb23kHMRdSe8AnmoIvg5JeHSC4pwpk3L...
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AZmPxg-hVmaBRp5Mngej9drZgow1pZHuPmRj0ZPQlK0pFBa-OtGxyqjkLb23kHMRdSe8AnmoIvg5JeHSC4pwpk3Loti0i-AOiLqE
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AZmPxg-hVmaBRp5Mngej9drZgow1pZHuPmRj0ZPQlK0pFBa-OtGxyqjkLb23kHMRdSe8AnmoIvg5JeHSC4pwpk3Loti0i-AOiLqE
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Sep 2022 18:31:26 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Thu, 22 Sep 2022 18:31:26 GMT
Server
MT3 4505 5b23575 master nrt-pixel-x19 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AZmPxg-hVmaBRp5Mngej9drZgow1pZHuPmRj0ZPQlK0pFBa-OtGxyqjkLb23kHMRdSe8AnmoIvg5JeHSC4pwpk3Loti0i-AOiLqE
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Thu, 22 Sep 2022 18:31:25 GMT
google
match.adsrvr.org/track/cmf/ Frame 89BC 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/google?google_gid=CAESEEC4pvt6FmytdBmyHpW_s0U&google_cver=1&google_push=AZmPxg8tVPJWHk36atjJeA5kohlnaAA5W8j-czzTcYFWeu4quP-PwkMBe-b_yVfs-VpnFcJxhSIMUyc4Ho_8arnZS5SuJnHt3YJG
Requested by
Host: a132e780e94323eea01bca5efa1eeda0.safeframe.googlesyndication.com
URL: https://a132e780e94323eea01bca5efa1eeda0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Sep 2022 18:31:25 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame 89BC
Redirect Chain
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEEGqX3I8wQr2yAsSD1_MMDA&google_cver=1&google_push=AZmPxg8Nx0p09wFz04cQ63AkKm8Jp94ntxu_0A3Nrh2lat-uukL2rTuMzETMgrnuL-WymSUpGTXOloauMOf...
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AZmPxg8Nx0p09wFz04cQ63AkKm8Jp94ntxu_0A3Nrh2lat-uukL2rTuMzETMgrnuL-WymSUpGTXOloauMOf50ZF7Wc3PRQMnju1t&google_hm=68cTRg5UTDCb7TwuIkVNQaY
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AZmPxg8Nx0p09wFz04cQ63AkKm8Jp94ntxu_0A3Nrh2lat-uukL2rTuMzETMgrnuL-WymSUpGTXOloauMOf50ZF7Wc3PRQMnju1t&google_hm=68cTRg5UTDCb7TwuIkVNQaY
Requested by
Host: a132e780e94323eea01bca5efa1eeda0.safeframe.googlesyndication.com
URL: https://a132e780e94323eea01bca5efa1eeda0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Sep 2022 18:31:25 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 22 Sep 2022 18:31:25 GMT
via
1.1 google
server
Apache-Coyote/1.1
status
302
p3p
CP="NOI DSP COR NID CUR OUR NOR"
location
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AZmPxg8Nx0p09wFz04cQ63AkKm8Jp94ntxu_0A3Nrh2lat-uukL2rTuMzETMgrnuL-WymSUpGTXOloauMOf50ZF7Wc3PRQMnju1t&google_hm=68cTRg5UTDCb7TwuIkVNQaY
cache-control
no-cache, must-revalidate
content-type
text/html;charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 89BC
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEL5kXyUjVXjStgztzuQNAe0&google_cver=1&google_push=AZmPxg9oEK0oHl_9rAoxKs5R75JXzxJPKEYJtmGCwplR0Yv21LT_QXUYV74-YrrqJCuLXKNbZ61rwF0Ru9uQRcewTpLi...
  • https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEL5kXyUjVXjStgztzuQNAe0&google_cver=1&google_push=AZmPxg9oEK0oHl_9rAoxKs5R75JXzxJPKEYJtmGCwplR0Yv21LT_QXUYV74-YrrqJCuLXKNbZ61rwF0Ru9uQRc...
  • https://p.rfihub.com/cm?in=1&pub=20513&ssp=google
  • https://x.bidswitch.net/sync?dsp_id=119&user_id=5107433824612667870&expires=30&ssp=google
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AZmPxg9oEK0oHl_9rAoxKs5R75JXzxJPKEYJtmGCwplR0Yv21LT_QXUYV74-YrrqJCuLXKNbZ61rwF0Ru9uQRcewTpLizUTMrI8&google_hm=njvRS1V2RJydxd5SaudtDg==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AZmPxg9oEK0oHl_9rAoxKs5R75JXzxJPKEYJtmGCwplR0Yv21LT_QXUYV74-YrrqJCuLXKNbZ61rwF0Ru9uQRcewTpLizUTMrI8&google_hm=njvRS1V2RJydxd5SaudtDg==
Requested by
Host: a132e780e94323eea01bca5efa1eeda0.safeframe.googlesyndication.com
URL: https://a132e780e94323eea01bca5efa1eeda0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Sep 2022 18:31:26 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
//cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AZmPxg9oEK0oHl_9rAoxKs5R75JXzxJPKEYJtmGCwplR0Yv21LT_QXUYV74-YrrqJCuLXKNbZ61rwF0Ru9uQRcewTpLizUTMrI8&google_hm=njvRS1V2RJydxd5SaudtDg==
Date
Thu, 22 Sep 2022 18:31:26 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame 89BC
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEAlxKcxasdzgn4y1FOVWdxY&google_cver=1&google_push=AZmPxg_HuyosoT7ZbUQx2hi1Er0qzixrEhPAzJeLbKfSbMZT85YSaaDlsV7xC0gVvY088UxnsHT...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhERTRDUk4tVi0yT0FZ&google_push=AZmPxg_HuyosoT7ZbUQx2hi1Er0qzixrEhPAzJeLbKfSbMZT85YSaaDlsV7xC0gVvY088UxnsHT5keYSf4KT5ywcpuKmx6xMlh6e
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhERTRDUk4tVi0yT0FZ&google_push=AZmPxg_HuyosoT7ZbUQx2hi1Er0qzixrEhPAzJeLbKfSbMZT85YSaaDlsV7xC0gVvY088UxnsHT5keYSf4KT5ywcpuKmx6xMlh6e
Requested by
Host: a132e780e94323eea01bca5efa1eeda0.safeframe.googlesyndication.com
URL: https://a132e780e94323eea01bca5efa1eeda0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Sep 2022 18:31:25 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhERTRDUk4tVi0yT0FZ&google_push=AZmPxg_HuyosoT7ZbUQx2hi1Er0qzixrEhPAzJeLbKfSbMZT85YSaaDlsV7xC0gVvY088UxnsHT5keYSf4KT5ywcpuKmx6xMlh6e
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
a66cbf3142c6ef39e3614b84a34262cf
Expires
0
pixel
cm.g.doubleclick.net/ Frame 89BC
Redirect Chain
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEMDM5L11zjfdRhEWnNU9UYA&google_cver=1&google_push=AZmPxg-F8cDFVbODEej5Tzf0XSNuftFgmxKiZZX0TLSNX-kRrVrWfG_JRs-7nJxiR_GsskxwOgegvyoXiC89...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AZmPxg-F8cDFVbODEej5Tzf0XSNuftFgmxKiZZX0TLSNX-kRrVrWfG_JRs-7nJxiR_GsskxwOgegvyoXiC89jkbC9BM6Zogv2yI6
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AZmPxg-F8cDFVbODEej5Tzf0XSNuftFgmxKiZZX0TLSNX-kRrVrWfG_JRs-7nJxiR_GsskxwOgegvyoXiC89jkbC9BM6Zogv2yI6
Requested by
Host: a132e780e94323eea01bca5efa1eeda0.safeframe.googlesyndication.com
URL: https://a132e780e94323eea01bca5efa1eeda0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Sep 2022 18:31:25 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AZmPxg-F8cDFVbODEej5Tzf0XSNuftFgmxKiZZX0TLSNX-kRrVrWfG_JRs-7nJxiR_GsskxwOgegvyoXiC89jkbC9BM6Zogv2yI6
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
attr
cm.g.doubleclick.net/pixel/ Frame 89BC 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13In6ivFWzQrlJgy1EyjFLxXs_hxnd7K-0b8E0RWArRR6pykAORiOgIYeNAYqOBQ3m00A2Nk
Requested by
Host: a132e780e94323eea01bca5efa1eeda0.safeframe.googlesyndication.com
URL: https://a132e780e94323eea01bca5efa1eeda0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:25 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
tap.php
pixel.rubiconproject.com/ Frame 23EB
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEH1lM3OeNGyt8sIq5sz3y70&google_cver=1
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEH1lM3OeNGyt8sIq5sz3y70&google_cver=1
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
HTTP/1.1
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
704c1e4d3fcc922a3031d436b584678b
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 22 Sep 2022 18:31:25 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEH1lM3OeNGyt8sIq5sz3y70&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rubicon
match.adsrvr.org/track/cmf/ Frame 23EB 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/rubicon
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Sep 2022 18:31:25 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
setuid
px.ads.linkedin.com/ Frame 23EB
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L8DE4CRN-V-2OAY
0
707 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L8DE4CRN-V-2OAY
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:25 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: 8281C2A6347C4903AB24EB76956841D9 Ref B: FRAEDGE1312 Ref C: 2022-09-22T18:31:25Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lva1
x-li-proto
http/2
content-length
0
x-li-uuid
AAXpSETf+eYkb6WHG5xwaw==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L8DE4CRN-V-2OAY
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
4b510f0cc5fcbc9800016ef543086418
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 23EB
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhERTRDUk4tVi0yT0FZ
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhERTRDUk4tVi0yT0FZ
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Sep 2022 18:31:25 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhERTRDUk4tVi0yT0FZ
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
4b510f0cc5fcbc9800016ef543086418
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 23EB
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=RsabL-drTMeRk4Xqrpaggw&rk=usync-other
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=RsabL-drTMeRk4Xqrpaggw
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=RsabL-drTMeRk4Xqrpaggw
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
HTTP/1.1
Server
52.94.223.37 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 22 Sep 2022 18:31:26 GMT
Vary
Content-Type,Accept-Encoding,User-Agent
Server
Server
x-amz-rid
TBNDJRZHSNZGY711NMAV
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=RsabL-drTMeRk4Xqrpaggw
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
704c1e4d3fcc922a3031d436b584678b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 23EB
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZTA0ODcwZjc2ODdiNDk5ZjgyM2M4ZTY3M2YzMjYwNjE0MjZmNzZlMA
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZTA0ODcwZjc2ODdiNDk5ZjgyM2M4ZTY3M2YzMjYwNjE0MjZmNzZlMA
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Sep 2022 18:31:25 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZTA0ODcwZjc2ODdiNDk5ZjgyM2M4ZTY3M2YzMjYwNjE0MjZmNzZlMA
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
4b510f0cc5fcbc9800016ef543086418
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
s.amazon-adsystem.com/ Frame 23EB
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=VnFBTeoKTYaTCelOkkMysQ&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=VnFBTeoKTYaTCelOkkMysQ
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=VnFBTeoKTYaTCelOkkMysQ
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
HTTP/1.1
Server
52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 22 Sep 2022 18:31:26 GMT
Vary
Content-Type,Accept-Encoding,User-Agent
Server
Server
x-amz-rid
9H1WYGX5NYDYXPHDX6DT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=VnFBTeoKTYaTCelOkkMysQ
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
704c1e4d3fcc922a3031d436b584678b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 23EB
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/JbFT2HXGL9aXs850AUjeGw?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=746615151415472651
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=746615151415472651
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
HTTP/1.1
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
704c1e4d3fcc922a3031d436b584678b
Content-Type
image/gif

Redirect headers

date
Thu, 22 Sep 2022 18:31:26 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=746615151415472651
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security
max-age=31536000
content-length
0
x-content-type-options
nosniff
6BYXhZMCT46-9MEs0mF7PtO-2LtaEInKrtcRBPC9dKM.js
pagead2.googlesyndication.com/bg/ Frame 5953 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/6BYXhZMCT46-9MEs0mF7PtO-2LtaEInKrtcRBPC9dKM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e816178593024f8ebef4c12cd2617b3ed3bed8bb5a1089caaed71104f0bd74a3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 15:10:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
12079
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15952
x-xss-protection
0
last-modified
Tue, 13 Sep 2022 10:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 22 Sep 2023 15:10:06 GMT
pvClk.min.js
analytics.webgains.io/ Frame F218 		85 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.webgains.io/pvClk.min.js
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=713569&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1hpd2vvcn45yzz6a9nrfqgx7y2rypta7ytxmt4y6p089w754zp7ay3ftj2sz8pkm2ykyvjdact9ja0kv7krxyt05p6qm6gz05adffdna5ecyxhybgqve45ztv0as6h3gxf3198cxqfpjq0qa8g7p2sh4vynz7nh0rdh5ncrg8r4xn15bc4g7jzwrjxt1rpxb938dkq5p0p32dnnfjjgcgnwj4qppfyvjst8mkwyxh615p9gbdkgqwj0046w76sm6j4g0%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jys3wdshqt1re4wx2kk2sb7gnzdes7842nxyfz7yba62spr2fybd20mzhpgwz7x45gtxgc9d9y5km7zvt3f2keb0byg7fn4mbxkfmz9yx1b1bv69f35zbxfm0trqfndp1x3zg6w8er6b0168m9zwj1t5r02r1edasyz3fx95kc2d7n7fnnzsqsjwjan6devb1bzra1ehg4rdmn1hg3cr6bdwpmxg6d960hjwxsxarwpftbqg1m2m2mbf773b9f9v10gvd8a0jygg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCSmuW_KksY6XOHJ6A7_UPlcOauAuQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0wNzk2NzkwODkwMzA3ODM4oAHCrujdA8gBCakCUZIsJL94sD7gAgCoAwGqBMICT9BIZrNJ0-QszY1qHJ8N5jL8qDWguT6AcoEWHPCPqCfWwdF15s45KM42xjk55Tr1aPdYXlwAEQEbpQ6dkyvcpLa-Z_vwk8P0N7uXK7uisaU5PS_8hhJJVF-6G4Lc2PiAl0-AZeOlZA2N0GCViLDaWf6twjp5T8eRNKRbVxweFElxsAiCoGtPtcIZRCNReTCYc8im5Fzv5QJi0hnYJJemvsqkej7UAoBOlV1RqyS9SwSEFnJy5q84baJ_KdPgllZPdDaqYvwed9sIUcZRrAgiilvw2fdB8D8haXzIO1udYif3GMmUFUWaDdhZ2mKx3ZeaXiMtHJZoyMduISvjutff-HXrXZ3VSCTQ5mze7_Fe1XfkQUfzPeSNcYjXwSlTV2Olv8uIk01ZCn1Qt8Yga3kg5KvxVGTquB71qBtjqS33OTqTbOAEAYAG8bq-wcyDn7X8AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_0v7i0dDhmxlJ4mRiZUpnmuJBR6kg%252526client%25253Dca-pub-0796790890307838%252526adurl%25253D&clickref=oneidr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhdoneid__dc_reach_suite02wkz&viewref=oneid4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuKoneid__dc_reach_suite02wkz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.4.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-157-4-61.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ddf89cdacf98bb3a625393cc6301c0e57d1a40b9aab4e246c21c9a37301580dc

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 03:15:38 GMT
via
1.1 3b5a3bc53642845f1ba1a839609aac0e.cloudfront.net (CloudFront)
last-modified
Tue, 23 Aug 2022 13:40:24 GMT
server
AmazonS3
age
54949
etag
"42f12532a1be9c2d028e26e9b82a99a2"
x-cache
Hit from cloudfront
content-type
text/javascript
x-amz-cf-pop
DUS51-P2
content-length
86537
x-amz-cf-id
pkS-TT23CEsnhhmL9zV6DD8LB9RGvvVGbL77D7F11r4Ax04sgBwPcQ==
Logo%20RGB.png
cdn.track.production.webgains.team/12607/ Frame F218 		85 KB
85 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.track.production.webgains.team/12607/Logo%20RGB.png?Expires=1663871785&Signature=fYk1dHzoJPy5bHnJfeaFyciJgKF5B6kCjN6pNSXYXF~G7sTtecFnK~IS3PsVC3dRqOE7PsW8l5KIHsUP9AQWseuHCIecXTR-p5COGtxcPO3-xDKR2MC59Jmc6s9KRl3McHgdHGjrReIC~7FMe2dI-z4wxDieUGvUKthsMk1byoykzx4oRDk3oW7IbAtd~TaUqDiEitWzWIqnzQlgdhzUz-v3hysBBKqyS39OhNk4uqwM8p-jJud1aA2Zy-K4~7FQ62nrTEAMUxYlAcPfTKXwxwdVQB~ywXd2Cngh6CzT07wnO3JyTaEo7Ir4GyZxer2zAmk4EdXQbUam7o-WFEgs0w__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=22451%2C24673%2C14019&b=PxefBfbfM5Qa9HjHbtMtR5KaJS9TPM7Fp%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2CRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7&f=bM4CQfZfmzVaYHbHzt8Cpb1tbSJT5WecJ%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CQxef4fjfbV7txH5HYt9CZekh6S4T5qBcV&c=300&d=250&e=&g=6139e630d8eac2fd633001bd18afc8be%2F17761228636701703322&i=25174%2C20430%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1663871485487&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jys3wdshqt1re4wx2kk2sb7gnzdes7842nxyfz7yba62spr2fybd20mzhpgwz7x45gtxgc9d9y5km7zvt3f2keb0byg7fn4mbxkfmz9yx1b1bv69f35zbxfm0trqfndp1x3zg6w8er6b0168m9zwj1t5r02r1edasyz3fx95kc2d7n7fnnzsqsjwjan6devb1bzra1ehg4rdmn1hg3cr6bdwpmxg6d960hjwxsxarwpftbqg1m2m2mbf773b9f9v10gvd8a0jygg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCSmuW_KksY6XOHJ6A7_UPlcOauAuQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0wNzk2NzkwODkwMzA3ODM4oAHCrujdA8gBCakCUZIsJL94sD7gAgCoAwGqBMICT9BIZrNJ0-QszY1qHJ8N5jL8qDWguT6AcoEWHPCPqCfWwdF15s45KM42xjk55Tr1aPdYXlwAEQEbpQ6dkyvcpLa-Z_vwk8P0N7uXK7uisaU5PS_8hhJJVF-6G4Lc2PiAl0-AZeOlZA2N0GCViLDaWf6twjp5T8eRNKRbVxweFElxsAiCoGtPtcIZRCNReTCYc8im5Fzv5QJi0hnYJJemvsqkej7UAoBOlV1RqyS9SwSEFnJy5q84baJ_KdPgllZPdDaqYvwed9sIUcZRrAgiilvw2fdB8D8haXzIO1udYif3GMmUFUWaDdhZ2mKx3ZeaXiMtHJZoyMduISvjutff-HXrXZ3VSCTQ5mze7_Fe1XfkQUfzPeSNcYjXwSlTV2Olv8uIk01ZCn1Qt8Yga3kg5KvxVGTquB71qBtjqS33OTqTbOAEAYAG8bq-wcyDn7X8AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0v7i0dDhmxlJ4mRiZUpnmuJBR6kg%2526client%253Dca-pub-0796790890307838%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.2.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-2-73.txl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
272d25a3bc4e780b90797dc968a382dbccaa40157d7612ace2f59f2768a6bb86

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 11928875e072fa46f6185840ed222a20.cloudfront.net (CloudFront)
last-modified
Fri, 06 May 2022 09:41:36 GMT
server
AmazonS3
age
28436
etag
"92f323c42d6018008b4cf82e90ac9639"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
date
Thu, 22 Sep 2022 10:37:31 GMT
x-amz-cf-pop
TXL50-P1
accept-ranges
bytes
content-length
86991
x-amz-cf-id
ecYOW9dO4owm6295uE9x1r0ee699EWfsf5zbvDp6x1gi3uf5Dys3aA==
Enabler_01_247.js
s0.2mdn.net/879366/ Frame 6EF0 		118 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/Enabler_01_247.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4022321549259309056/index.html?e=69&leftOffset=0&topOffset=0&c=acjD3co0Uo&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4022321549259309056/index.html?e=69&leftOffset=0&topOffset=0&c=acjD3co0Uo&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 10:25:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
29147
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41099
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 23 Sep 2022 10:25:39 GMT
apple42aa64c41494bc68912.js
s0.2mdn.net/sadbundle/4022321549259309056/ Frame 6EF0 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/4022321549259309056/apple42aa64c41494bc68912.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4022321549259309056/index.html?e=69&leftOffset=0&topOffset=0&c=acjD3co0Uo&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9781b7cbb5df9582c7fdba6daaa9a8c63467c76a85c3bf9fbe71bf705cfd7a40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4022321549259309056/index.html?e=69&leftOffset=0&topOffset=0&c=acjD3co0Uo&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 07:46:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
211467
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4449
x-xss-protection
0
last-modified
Thu, 08 Sep 2022 15:23:16 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 20 Sep 2023 07:46:59 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 5953 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B6GfH_aksY9ygFtmx3gOMwqyIDwAAAAA4AeAEAg&bg=!jo2ljcnNAAZqQh0mSkI7ACkAdvg8WgDlay-gQ3S_qf7PUtZYJgPa0WLJVpZT74xNB2ejmGNGWXwGfgIAAACFUgAAAAJoAQeZAxeDlB7GWUIoMH1dw482rOYHWAldsCyfXt1XDUwd39SUAzituSCy8xpEJv9OJcMOmm8Q0QwqyNHE-yx2ke-1nSZFbtYNrbKIdf1nXFb93FVYOhJW40lz9tw3vFAV0rpOBEnmmT-nSv_Ou8JitxrWQMpSoEIRGJOGstvreHtRD5bQ91RKOjgCKfzzg9J01GAdvhbnlCf3KgqsuX-JnSMhqYZjJeeBwepvgjMerbjkPDxndsnAEXI9A8dXnbEVP8XEaaFPt6FwOliKDLrV7dAs25aAvxOJidwDmFM17k3WDhoCxiaNqDxN2_Q28P3np06fVTni2Hydw-nCtp8KQ3Gn2pY1cJWKzqJmzw4HpLwLfGnLbbw3jGoJDbRsMpjh1xaR_XvR5mOiYSy7RvaMSoI8A4ik1rKp67JXjsMxaW5Nz7Fd40_8o6nTH-i7ZhOLsqzD51LdSQ-Tkf-9Uo8qPSy33jbZrVEIyCbtcnSFicBmWCprd70Aa2vDNNRG5e_eeL6NSyi-pOC3TLPuilVhE6Efl4YqDo2IRVdLsnwj2CE94cehxgSHJgNPKvM7wTvqncxEbqOLL_MG2af8tlZ_JFAyvzhwGLdFGDapM14Wq2m6DKwks8oUHWoiuAAc6202YXmEuO9ECWpvHCQ2YzScr6QoUTda_f9RUwVcAj9u0xAKjP4uh2yv92_A0d3ATS3MjyZ2a9sqFsoBM5EEe7mlqI21mkzj-eGzeESjHDPSNCkAt4IEUATE4I9Jm50kL0KhG01BRC-0DGLGjH_8_dprrze5TvMQLiUYc-EKCPljy_z-W7BONx9BEWTDHQeQ4a8jmcjBbAEahlhcVhrxgRPbyHm5yLmh6HacSOMepx8AcMt4-nvP5ur2YFQ49TjnLwaHtcbmbVJIbCnvGzAnIWQ9dlFRO0KJzthuFrGomqR8cyaPCPRZA735Pi5HgBp6llGcrcihrj-1ok5VBSXRiIp0z09KzdicMTfl3An_SYCu3X_LY54bZ-zcnwstBPSbAgmWYiskxNNiQIN88P4obMkTYmZ8_H3t6nXXXiBKnA
Requested by
Host: a132e780e94323eea01bca5efa1eeda0.safeframe.googlesyndication.com
URL: https://a132e780e94323eea01bca5efa1eeda0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Sep 2022 18:31:26 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
vendorl7f53738c7c0429a70b52.js
s0.2mdn.net/sadbundle/4022321549259309056/ Frame 6EF0 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/4022321549259309056/vendorl7f53738c7c0429a70b52.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4022321549259309056/apple42aa64c41494bc68912.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8fcaefc86e136654f7a6d9ac280844f82f37fea09039e7d36bdc42d7f7d2083a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4022321549259309056/index.html?e=69&leftOffset=0&topOffset=0&c=acjD3co0Uo&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 05:53:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
218281
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5945
x-xss-protection
0
last-modified
Thu, 08 Sep 2022 15:23:16 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 20 Sep 2023 05:53:25 GMT
2lf6c225f11678c71b7652.css
s0.2mdn.net/sadbundle/4022321549259309056/ Frame 6EF0 		22 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/4022321549259309056/2lf6c225f11678c71b7652.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4022321549259309056/apple42aa64c41494bc68912.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
09deff7ce920fe0e5070091780cb938a855578cc907496957780c91e7a36028f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4022321549259309056/index.html?e=69&leftOffset=0&topOffset=0&c=acjD3co0Uo&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 20:28:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
165787
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3874
x-xss-protection
0
last-modified
Thu, 08 Sep 2022 15:23:16 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 20 Sep 2023 20:28:19 GMT
2lad721a178077f01a07d2.js
s0.2mdn.net/sadbundle/4022321549259309056/ Frame 6EF0 		63 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/4022321549259309056/2lad721a178077f01a07d2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4022321549259309056/apple42aa64c41494bc68912.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
917d8b24996bae8dacc707051cb5b6a86436b0fa993243249b9c5ca88fc76276
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4022321549259309056/index.html?e=69&leftOffset=0&topOffset=0&c=acjD3co0Uo&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 16:05:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
181534
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19035
x-xss-protection
0
last-modified
Thu, 08 Sep 2022 15:23:16 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 20 Sep 2023 16:05:52 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame EA43 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.staradvertiser.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
8333
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 22 Sep 2022 16:12:33 GMT
expires
Fri, 22 Sep 2023 16:12:33 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 7ECF 		783 B
536 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
379d5d25ec91f701b5a4565c73ea00d999ee7292e121a0564d5a445d285e35f0
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-eJ-HfjA5DQCn5UU2LgQINw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.staradvertiser.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
514
content-security-policy
script-src 'report-sample' 'nonce-eJ-HfjA5DQCn5UU2LgQINw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 22 Sep 2022 18:31:26 GMT
expires
Thu, 22 Sep 2022 18:31:26 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame D8F4 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.staradvertiser.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
8333
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 22 Sep 2022 16:12:33 GMT
expires
Fri, 22 Sep 2023 16:12:33 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 3A69 		783 B
536 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
cd3a01f808c4fdad4e053bb22e9b786426906560a7a707819fa43884b44c1058
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-1jlV2HaWbU3BQfEUqHFaPA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.staradvertiser.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
514
content-security-policy
script-src 'report-sample' 'nonce-1jlV2HaWbU3BQfEUqHFaPA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 22 Sep 2022 18:31:26 GMT
expires
Thu, 22 Sep 2022 18:31:26 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame B913 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.staradvertiser.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
8333
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 22 Sep 2022 16:12:33 GMT
expires
Fri, 22 Sep 2023 16:12:33 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 2630 		783 B
533 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
86673dd8a97ba25772d360c5b66dca9dcaaed7ef4d2acb3b6b432591a8e17be0
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-WeENs0C5c1QcTslnx1AeVw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.staradvertiser.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
511
content-security-policy
script-src 'report-sample' 'nonce-WeENs0C5c1QcTslnx1AeVw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 22 Sep 2022 18:31:26 GMT
expires
Thu, 22 Sep 2022 18:31:26 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
sodar
pagead2.googlesyndication.com/getconfig/ Frame 6EF0 		7 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c29518a081f4d4929523a86c29ee3b49ef2d3174c663c15dd42ebacbee783e6d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 22 Sep 2022 18:31:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5650
x-xss-protection
0
collect
j.clarity.ms/ 		0
48 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://j.clarity.ms/collect
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.85.30.134 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://www.staradvertiser.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-origin
https://www.staradvertiser.com
date
Thu, 22 Sep 2022 18:31:26 GMT
access-control-allow-credentials
true
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
request-context
appId=cid-v1:3f60b293-70d6-4805-b0bb-3484f0a73bf0
bar_passivel5a72.png
s0.2mdn.net/sadbundle/4022321549259309056/assets/ Frame 6EF0 		222 B
249 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/4022321549259309056/assets/bar_passivel5a72.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4022321549259309056/index.html?e=69&leftOffset=0&topOffset=0&c=acjD3co0Uo&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
deee137a6dfa1f234d7ac0a3e2a41ad36e4351c4f24df0be7bd608332d969dd1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4022321549259309056/index.html?e=69&leftOffset=0&topOffset=0&c=acjD3co0Uo&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 22:26:33 GMT
x-content-type-options
nosniff
age
590693
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
222
x-xss-protection
0
last-modified
Thu, 08 Sep 2022 15:23:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 15 Sep 2023 22:26:33 GMT
bar_activel2c09.png
s0.2mdn.net/sadbundle/4022321549259309056/assets/ Frame 6EF0 		291 B
318 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/4022321549259309056/assets/bar_activel2c09.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4022321549259309056/index.html?e=69&leftOffset=0&topOffset=0&c=acjD3co0Uo&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1099ec07c289ebd84f0514d6e20321df20cb388797ca17e78000bd5678d793d7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4022321549259309056/index.html?e=69&leftOffset=0&topOffset=0&c=acjD3co0Uo&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 23:18:28 GMT
x-content-type-options
nosniff
age
155578
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
291
x-xss-protection
0
last-modified
Thu, 08 Sep 2022 15:23:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 20 Sep 2023 23:18:28 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 7ECF 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022092001&jk=4137092168443179&rc=null
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame 3A69 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022091901&jk=1944132421059258&rc=null
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame 2630 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022092101&jk=4445235799942356&rc=null
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers
6BYXhZMCT46-9MEs0mF7PtO-2LtaEInKrtcRBPC9dKM.js
pagead2.googlesyndication.com/bg/ Frame EA43 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/6BYXhZMCT46-9MEs0mF7PtO-2LtaEInKrtcRBPC9dKM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e816178593024f8ebef4c12cd2617b3ed3bed8bb5a1089caaed71104f0bd74a3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 15:10:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
12080
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15952
x-xss-protection
0
last-modified
Tue, 13 Sep 2022 10:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 22 Sep 2023 15:10:06 GMT
6BYXhZMCT46-9MEs0mF7PtO-2LtaEInKrtcRBPC9dKM.js
pagead2.googlesyndication.com/bg/ Frame D8F4 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/6BYXhZMCT46-9MEs0mF7PtO-2LtaEInKrtcRBPC9dKM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e816178593024f8ebef4c12cd2617b3ed3bed8bb5a1089caaed71104f0bd74a3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 15:10:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
12080
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15952
x-xss-protection
0
last-modified
Tue, 13 Sep 2022 10:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 22 Sep 2023 15:10:06 GMT
6BYXhZMCT46-9MEs0mF7PtO-2LtaEInKrtcRBPC9dKM.js
pagead2.googlesyndication.com/bg/ Frame B913 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/6BYXhZMCT46-9MEs0mF7PtO-2LtaEInKrtcRBPC9dKM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e816178593024f8ebef4c12cd2617b3ed3bed8bb5a1089caaed71104f0bd74a3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 15:10:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
12080
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15952
x-xss-protection
0
last-modified
Tue, 13 Sep 2022 10:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 22 Sep 2023 15:10:06 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 6EF0 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 22 Sep 2022 18:31:26 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame FB35 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsskx4lV1Kf4EP3GCNPHbzs8Ci-r3m7FBdy1ITsjKvxQ2ltXrVSMKenYnA-uXu2ip5fy0y-gMRkPoVmiUo68jTQkPeNiNCbvULmUyY9shYv4i0VM6z6qpG4kM6Z1FVlVK6yIpdfW408-mf-gOB_saAaIM_2lxw1hO5zUZxEj7ESbF0iAgR_EzVLxotajmwGYDE5TpY7Cxu9f4BTJTRh3j8wzFWF2kmsg6KwwGYpc4XwBCs4Qd5PVLyeDYuarF_tAPBhfCxk_YlKh3JN3bBNPz8x5nUBKPCEKSP5G6G7Z0fNDu3i-knNN1KUSbfJcUaxFvmtyfH-S73uIVBsapalyaeZ63vYHa3ntO22bbBb1u2UvB9HdiX1EFMk5InDpr7Hhq-Ee0OewIz302Wlzr-Oatjmmi_zZa98FVNJGQv1Io8uqPgF7HkkDw6Bw4-zHkRv6IXSKAVr6juV4vkOSCtkOOlIbfAp2R9D6W1-DxRKQ2PWBzeCjNM6jh61VO7IjDS6FhT3NblSfs6qZ-v0NiI3sq4tFeKJVqCaRsyP0nBfOHaRu4T6Ou28yZ3QR7MghmAFNtqw2xjbc3L-CSk5r6PDKX_qj_d7dOz2EVnVW4-bm5KMOzo6rphHE5Zg558ESzXQ1SzrnzhgeXU0nVCdYXZhIJ3Rs3LSzAsL4szJbsOCtRp0voBYPA-zSHmaVFr0e7kNk8gNKpI0aeP8ciAnU4vb2SnQ7iSkUJtIkdiTJF9c0TzvybvHI9nOO00MsBPQs9bKFLzAmlUq3Uot7lXT5NV4YPf5ZezT0LMSAVOA72WD7KOCkIPJXdnUooIkFv9Hl-2EYlvoqwT2sGnN333_5YtFKLoJkn17xYLZmYIv_SoK85mVT6G0qHqw28JdhYXZH2lggGsxCEBk7ltQWBAApn_-tpQqCf2cQ5sO2gCKe4wcEty2MiUnuInoYgD99JUwLAMVAfxdorL5P6BNCCcWd5wiVhTlDmH0OyTzjfvbN5qFN545JAxOIs8GT3LzRjrYe8qUdkXtLPLMGkMgMsCOK_rtfRfd6rQhrmQmsoT3evpW7d19jHkUCwLxHxi1J_cLogmkUebhYDMx5FYxEcciKiIB0WzJjJhjxIz6_RKmfwfaK-iLSXF_bNcHuRhnD0mDAA7u8vk510f9pt0ivnA836cg5NTgJFKcAEPBVEGSz7trVbVNddP4OBF1hlr1iKuW1vn3HxYNkZ2HUuLAHHxXavPAU53zZeOvSGsak7d52w5eLImuF1e49IHBgRYupaFwpFDhZ47TWT2qKzcvjPMPkT1aCufpT9Vd0qDWKAVEkDdKYeUDP15Q9omkSeCJON6Ii-zI&sai=AMfl-YTPPOVkcPldxNxUU1AdAZWBwmSqOx7JAGS9JWX7UZDfYbDIqQt8ZGs28sasH_Q_X_rpdvTBrxkRJaP3o02j3oU1QB0w3M2fMLY_-WGNccUQSmQzUvGM18bi1lc3PVD0hAyrurgxXgSr3M9ULTP2EY_QCQKx6VJpMjdxkveBqdsLuYdUL_Toy7K1C-mzVOxw3J3B43oT-0aHmho4vFrEdRtFhsI2AHjAiCwkO6VkPRIBnOzBOEbhUKpk1tkMDAwXVtqxCMCzYi5ohiDvjo0G6-gIZQv6R3YtLbPrGPUQYVr1BkFpAhO3bg&sig=Cg0ArKJSzPUmqCRqztEyEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1014&vt=11&dtpt=702&dett=3&cstd=307&cisv=r20220919.72452&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.39.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s38-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a132e780e94323eea01bca5efa1eeda0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 22 Sep 2022 18:31:26 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
activeview
pagead2.googlesyndication.com/pcs/ Frame ED50 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsszoCg8d-b8i2Q-K8H8EQ8XJnrZVgxImC7cCnmlnvhKmRkGqPVPeZ4Uzn31irP8x4ojqSuyzyoTQXKIi5L_ET2hqWU&sig=Cg0ArKJSzBHzVjwV3giBEAE&cid=CAASF-RosoXVEmAiKLk0S6Q7AatDY-V7VyC_&id=lidar2&mcvt=1005&p=78,1159,178,1459&mtos=1005,1005,1005,1005,1005&tos=1005,0,0,0,0&v=20220919&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=323572193&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1663871481915&rpt=3605&isd=0&lsd=0&met=ie&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d728ad254c91b2c39129194f45466e21.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Sep 2022 18:31:26 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
arrowl43d2.png
s0.2mdn.net/sadbundle/4022321549259309056/assets/ Frame 6EF0 		953 B
980 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/4022321549259309056/assets/arrowl43d2.png
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
59f5eacb66f0acd853f018e20bb9423843ea7730844e65c72a73df30e229e267
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4022321549259309056/index.html?e=69&leftOffset=0&topOffset=0&c=acjD3co0Uo&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 13:31:45 GMT
x-content-type-options
nosniff
age
190781
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
953
x-xss-protection
0
last-modified
Thu, 08 Sep 2022 15:23:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 20 Sep 2023 13:31:45 GMT
button1l7e6c.png
s0.2mdn.net/sadbundle/4022321549259309056/assets/ Frame 6EF0 		727 B
754 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/4022321549259309056/assets/button1l7e6c.png
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cebdf07b17721c086eeb3135a9367f97f17da9650cafd06f5b10e9d5eaff2315
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4022321549259309056/index.html?e=69&leftOffset=0&topOffset=0&c=acjD3co0Uo&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 16:39:50 GMT
x-content-type-options
nosniff
age
179496
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
727
x-xss-protection
0
last-modified
Thu, 08 Sep 2022 15:23:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 20 Sep 2023 16:39:50 GMT
button1_activelfc31.png
s0.2mdn.net/sadbundle/4022321549259309056/assets/ Frame 6EF0 		698 B
725 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/4022321549259309056/assets/button1_activelfc31.png
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
368a4c343dd077cc461d9b3c7226f187fc6e35940bb4747c0df8fcd9f79d2dd4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4022321549259309056/index.html?e=69&leftOffset=0&topOffset=0&c=acjD3co0Uo&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 15:50:51 GMT
x-content-type-options
nosniff
age
182435
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
698
x-xss-protection
0
last-modified
Thu, 08 Sep 2022 15:23:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 20 Sep 2023 15:50:51 GMT
button2lf892.png
s0.2mdn.net/sadbundle/4022321549259309056/assets/ Frame 6EF0 		849 B
884 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/4022321549259309056/assets/button2lf892.png
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
09b1180a5d7ba4cba353b7db720d6d2ef11acfb0fbbd3eb14e84cafb941365cb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4022321549259309056/index.html?e=69&leftOffset=0&topOffset=0&c=acjD3co0Uo&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 07:04:47 GMT
x-content-type-options
nosniff
age
213999
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
849
x-xss-protection
0
last-modified
Thu, 08 Sep 2022 15:23:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 20 Sep 2023 07:04:47 GMT
button2_activeldb5c.png
s0.2mdn.net/sadbundle/4022321549259309056/assets/ Frame 6EF0 		824 B
859 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/4022321549259309056/assets/button2_activeldb5c.png
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5f38c9c3cc013a00e4b6afe2322a99b203116aaf6ecdcff0ea5cbe0472a4e226
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4022321549259309056/index.html?e=69&leftOffset=0&topOffset=0&c=acjD3co0Uo&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 23:18:29 GMT
x-content-type-options
nosniff
age
155577
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
824
x-xss-protection
0
last-modified
Thu, 08 Sep 2022 15:23:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 20 Sep 2023 23:18:29 GMT
button3lddba.png
s0.2mdn.net/sadbundle/4022321549259309056/assets/ Frame 6EF0 		529 B
564 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/4022321549259309056/assets/button3lddba.png
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d86f3c3baecdbb9ce3be42bc9474af56136ea185412a8c7c6c396310059d75ac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4022321549259309056/index.html?e=69&leftOffset=0&topOffset=0&c=acjD3co0Uo&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 20:28:19 GMT
x-content-type-options
nosniff
age
165787
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
529
x-xss-protection
0
last-modified
Thu, 08 Sep 2022 15:23:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 20 Sep 2023 20:28:19 GMT
button3_activelc4c8.png
s0.2mdn.net/sadbundle/4022321549259309056/assets/ Frame 6EF0 		517 B
552 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/4022321549259309056/assets/button3_activelc4c8.png
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
70be92e9b48e93df20fd4f071e3e4f16c83de8b83275c400fbe4277bd7cac296
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4022321549259309056/index.html?e=69&leftOffset=0&topOffset=0&c=acjD3co0Uo&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 03:18:01 GMT
x-content-type-options
nosniff
age
227605
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
517
x-xss-protection
0
last-modified
Thu, 08 Sep 2022 15:23:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 20 Sep 2023 03:18:01 GMT
button4leafb.png
s0.2mdn.net/sadbundle/4022321549259309056/assets/ Frame 6EF0 		667 B
702 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/4022321549259309056/assets/button4leafb.png
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5b70d4870b01782d5ec190f549ced4164ecdf602684760f20b4821aef6e607cd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4022321549259309056/index.html?e=69&leftOffset=0&topOffset=0&c=acjD3co0Uo&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 05:33:39 GMT
x-content-type-options
nosniff
age
219467
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
667
x-xss-protection
0
last-modified
Thu, 08 Sep 2022 15:23:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 20 Sep 2023 05:33:39 GMT
button4_activel3dc8.png
s0.2mdn.net/sadbundle/4022321549259309056/assets/ Frame 6EF0 		640 B
667 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/4022321549259309056/assets/button4_activel3dc8.png
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cadfcaca4a9c47625fb8672234a17a72a7f3c1d1142ddd659bde24221d208c10
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4022321549259309056/index.html?e=69&leftOffset=0&topOffset=0&c=acjD3co0Uo&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 06:27:23 GMT
x-content-type-options
nosniff
age
216243
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
640
x-xss-protection
0
last-modified
Thu, 08 Sep 2022 15:23:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 20 Sep 2023 06:27:23 GMT
button5lab86.png
s0.2mdn.net/sadbundle/4022321549259309056/assets/ Frame 6EF0 		795 B
827 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/4022321549259309056/assets/button5lab86.png
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6b58c013d6c6e77c34ac7675e3179b568b8086b43e4083e8d6a4554ab80ac889
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4022321549259309056/index.html?e=69&leftOffset=0&topOffset=0&c=acjD3co0Uo&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 01:07:31 GMT
x-content-type-options
nosniff
age
149035
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
795
x-xss-protection
0
last-modified
Thu, 08 Sep 2022 15:23:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 21 Sep 2023 01:07:31 GMT
button5_activel266e.png
s0.2mdn.net/sadbundle/4022321549259309056/assets/ Frame 6EF0 		770 B
805 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/4022321549259309056/assets/button5_activel266e.png
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
71970ab429bdaed0de1355bfabec79005912d77d19e02cae01dfb723c25262ac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4022321549259309056/index.html?e=69&leftOffset=0&topOffset=0&c=acjD3co0Uo&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 13:31:45 GMT
x-content-type-options
nosniff
age
190781
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
770
x-xss-protection
0
last-modified
Thu, 08 Sep 2022 15:23:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 20 Sep 2023 13:31:45 GMT
button6l60ce.png
s0.2mdn.net/sadbundle/4022321549259309056/assets/ Frame 6EF0 		654 B
689 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/4022321549259309056/assets/button6l60ce.png
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2fbc468e52116b00ba148221687c812cf4c4234a84349382a1b87bd9db59ff23
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4022321549259309056/index.html?e=69&leftOffset=0&topOffset=0&c=acjD3co0Uo&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 05:19:15 GMT
x-content-type-options
nosniff
age
47531
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
654
x-xss-protection
0
last-modified
Thu, 08 Sep 2022 15:23:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 22 Sep 2023 05:19:15 GMT
button6_activel30e9.png
s0.2mdn.net/sadbundle/4022321549259309056/assets/ Frame 6EF0 		633 B
660 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/4022321549259309056/assets/button6_activel30e9.png
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
87b33d5cedfcdde87d6fd8610c33eef870c860b4745bd3d0e977b9d47ef9954d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4022321549259309056/index.html?e=69&leftOffset=0&topOffset=0&c=acjD3co0Uo&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 19:24:02 GMT
x-content-type-options
nosniff
age
169644
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
633
x-xss-protection
0
last-modified
Thu, 08 Sep 2022 15:23:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 20 Sep 2023 19:24:02 GMT
questionldd0f.png
s0.2mdn.net/sadbundle/4022321549259309056/assets/ Frame 6EF0 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/4022321549259309056/assets/questionldd0f.png
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
30762a1a4fdf9a375400b0eb551a6bd3f6f64305d903ff9e25ee783da3ffdd45
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4022321549259309056/index.html?e=69&leftOffset=0&topOffset=0&c=acjD3co0Uo&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 03:18:01 GMT
x-content-type-options
nosniff
age
227605
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2967
x-xss-protection
0
last-modified
Thu, 08 Sep 2022 15:23:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 20 Sep 2023 03:18:01 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame C871 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstfKsLhkHcmpVPMPo9cMutRs5xmO9btQahutel9wkIaTo9fZoiyaRu2dMMiWh5CQ1v6ZCr7l03b23cs5-7SHxxv2Uo&sig=Cg0ArKJSzIga-SeTRSXKEAE&cid=CAASF-RofbINwnIGUk_xHBlocQkYl67OdYkv&id=lidar2&mcvt=1025&p=1020,1161,1120,1461&mtos=1025,1025,1025,1025,1025&tos=1025,0,0,0,0&v=20220919&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=4116631529&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1663871482085&rpt=3475&isd=0&lsd=0&met=ie&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d728ad254c91b2c39129194f45466e21.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Sep 2022 18:31:26 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
6BYXhZMCT46-9MEs0mF7PtO-2LtaEInKrtcRBPC9dKM.js
pagead2.googlesyndication.com/bg/ Frame DCB5 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/6BYXhZMCT46-9MEs0mF7PtO-2LtaEInKrtcRBPC9dKM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e816178593024f8ebef4c12cd2617b3ed3bed8bb5a1089caaed71104f0bd74a3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 15:10:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
12080
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15952
x-xss-protection
0
last-modified
Tue, 13 Sep 2022 10:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 22 Sep 2023 15:10:06 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 4BE6 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstApgg79OVqh5OABhbk_YntvO2C6x2z1N1Sfe4MJ4Wwt_pB5Kkk7WFtMeUvW50XcWinUQ1ZgyNmpWhOjhOoH84ISqg&sig=Cg0ArKJSzCGWPTd18gxqEAE&cid=CAASF-RoyRxCKFLpSUFMoiP58HExttqFYhg-&id=lidar2&mcvt=1020&p=428,1161,678,1461&mtos=1020,1020,1020,1020,1020&tos=1020,0,0,0,0&v=20220919&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=713581990&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1663871482170&rpt=3420&isd=0&lsd=0&met=ie&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d728ad254c91b2c39129194f45466e21.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Sep 2022 18:31:26 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 9021 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstdJBxKzCv39J4IucEgt2keIn7gxXzTlirgc3XPlBaFO7hL1gRWS5RWUwK3F04-hwxESutKsv4yTWxYa6WXTNZPqxs&sig=Cg0ArKJSzCfqcKFAbH0BEAE&cid=CAASF-RoNF-e8BfTb1kztQWHBgy2JN3zxpDH&id=lidar2&mcvt=1023&p=78,140,178,440&mtos=1023,1023,1023,1023,1023&tos=1023,0,0,0,0&v=20220919&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=415600777&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1663871481959&rpt=3693&isd=0&lsd=0&met=ie&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d728ad254c91b2c39129194f45466e21.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Sep 2022 18:31:26 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
generate_204
tpc.googlesyndication.com/ Frame D8F4 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?mXk0gQ
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:26 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
generate_204
tpc.googlesyndication.com/ Frame EA43 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?vkvf1w
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:26 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
prebid
ib.adnxs.com/ut/v3/ 		138 B
995 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
1a97af754d1cf9f309454a9f1103368b6f6a70a33520ae5c7434cf6cf1788f2c
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.staradvertiser.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 22 Sep 2022 18:31:27 GMT
X-Proxy-Origin
185.213.155.166; 185.213.155.166; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
16ccccd8-87ed-4d3d-bcc5-be46199a9759
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.staradvertiser.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
138
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
trinity.json
apex.go.sonobi.com/ 		94 B
738 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%224dfec997f292fc%22%3A%225ada8bc6024f756e9ec4%7C300x250%22%7D&ref=https%3A%2F%2Fwww.staradvertiser.com%2F&s=a778fd22-9e15-442a-9598-7384f6db35c0&pv=8bc92a67-9336-42c9-bc8c-c1131e4cb2c1&vp=desktop&lib_name=prebid&lib_v=4.29.0-pre&us=5&ius=1
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.166.1.14 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
73d8b1bfd0c5571681091fdf1d482bfa525e001fa841c919c11950cdc22ea49f
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.staradvertiser.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 22 Sep 2022 18:31:27 GMT
Content-Encoding
gzip
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-184
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
https://www.staradvertiser.com
Cache-Control
no-cache, no-store, private
Access-Control-Allow-Credentials
true
Tcn
Choice
Content-Type
application/json
Content-Length
119
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
cygnus
htlb.casalemedia.com/ 		36 B
509 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=359592&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22549ef0ef09b311%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.staradvertiser.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allU%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%224.29.0-pre%22%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2260503952600937%22%2C%22ext%22%3A%7B%22siteID%22%3A%22359592%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6b0d53f1548dfcb970e2af0eb8d1df0e75387a878d6e51e51200db71aadf1196

Request headers

Referer
https://www.staradvertiser.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 22 Sep 2022 18:31:27 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eBbr5MALG7n%2FQo22hZ48tiyu5nwWke0n6h%2BXVccAMQ6BWoPJM1E28SH5r0CZHcQEUjUflWX8%2B%2BlFhxQBD483RKa5XzvuHgmh%2BtN3OKHawVtcIFT7ppjC5OOlyx6DLwySkZDXmHP9"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.staradvertiser.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
74ed1e1a2c969c12-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
36
expires
0
bid
ap.lijit.com/rtb/ 		24 B
654 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_4.29.0-pre
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
209.191.163.209 , United States, ASN14744 (INTERNAP-BLOCK-4, US),
Reverse DNS
Software
/
Resource Hash
08972be59b01affb938f44e39aaac6814cb024456188c3a97d07f14dcd544d03

Request headers

Referer
https://www.staradvertiser.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

Date
Thu, 22 Sep 2022 18:31:27 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.staradvertiser.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap3sfo1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
24
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
298 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969da301757594a0c49518afc10016&pos=8a9695e3017777b66e76bc36403401e5&cmd=bid&secure=1
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
cdf42a5d7b2de4a7c346f7b8f18d1206a2e99352fd71760a7f9edb784abce92b

Request headers

Referer
https://www.staradvertiser.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 22 Sep 2022 18:31:27 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.staradvertiser.com
access-control-allow-credentials
true
content-length
62
generate_204
tpc.googlesyndication.com/ Frame B913 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?yipopw
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:27 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
tracking-event
api.webgains.io/ Frame F218 		16 B
232 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.134.23.117 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-134-23-117.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 22 Sep 2022 18:31:27 GMT
x-content-type-options
nosniff
server
nginx
x-powered-by
PHP/7.4.26
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-xss-protection
1; mode=block
tracking-event
api.webgains.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.134.23.117 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-134-23-117.eu-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://as.ad4m.at
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-headers
Content-Type
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
*
date
Thu, 22 Sep 2022 18:31:27 GMT
server
nginx
sodar
pagead2.googlesyndication.com/pagead/ Frame C656 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022091901&jk=1944132421059258&bg=!2Nul25_NAAZqQh0mSkI7ACkAdvg8Wi1dNR0v8QizNEEs_f7UfN5viNgUXjQo766akGi8Wj_D9JW6bgIAAAGhUgAAAAJoAQcKAC_OqHWP0L0wLMxh5xFm5Nm0nsFRFfEYebvbUg4ac-FrtuiYQb72Z9PcQndzpA7AwJkC1TJvaSkYfgdYsW7WPqkv1LuPRRZFjIqwiycv2SPFDzZ34q-oaVz6u5c3ZLIdQaIrxZ13-KX4gVGUzTktekugCf8eHiq1Jl6NX9YcxoYJBjYIn6kr5HFjoGK0ugwGN33yZaJDBTQSQf5UD6_acjQjCyvKG11WfAnLg7NMVUDSAKQJfeHmuSijDGJWDOaZKW0pdXrYNltjBdIu3E3A0JsY7DrYR2OSa4uir9SeyEWRhrwHNsli-hwfqJzG_nuTCsqzxnwkNBGEuZL8FxxS1RYqm3txpOr9pFVJuSlsRJGynWGAb6va17lsMjV_fJQe8HS_y8iV6gfFoiwyWW5U0K5znIiEUkRl8t9VyQ4aGHOeSFcITU8IprTDYhbX_cngkdP_JgnxX5edi4jKLod8CMGRXmLF_pjzTygcPRazKIS4WEc07RZ1wcv3s4vN8mO--cEf6rSiGeDqu5L0myo_8rbdijjio_b-Hcy1RMl2D8KYcbRuXUN8Cs87kWGDzIRDoCFWeMgu5HH9S1-9Mka8pQ5dOKMA28Y3KYlU-PdpOALgb9lHLpD4JRNrNvCoVXa-7_pYPqEAeYCcTizuOFKxenUMe-pojA0Zl9lA-eCrUlKgtz_WdChgu2B6QjPKdZbZGnXaahrwGD_XNjSmc01NZB2F1GoeRNg2GWDUbIbOIVD14w_QC13wrTcO_cjzM1qWtBpCz--GuaPaaczl-dR8jxcSWLYzn6P2UoioyToncXmAn3lYEcB7CQjVcFhjZ2f7G-cif0b6LrjOrts_ylROEz9rjVsmf-PuGUAlwBAA-9dAM8x2a3CAIV1dMe3AY7GhthFSfipz45jl7ywR_sFgpRcle3vSQMu_qoVXiQnosh9nLjzDU-IVqNMzegsePkZ2pblojYR0RJctfHuy8SyCjytwrH-MUgbmLN-eIR_FtNmRuz2i8GOzaqR1RTiDLAcQsxUdWo95Jggp
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame 79CB 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022092001&jk=4137092168443179&bg=!d3SldDDNAAZqQh0mSkI7ACkAdvg8WlJwp4kfcpmJWVly67Zw5PWeysUBOrLGsORlpA47lbdj9Or_VgIAAAG_UgAAAAJoAQcKADz7A83khBN5sqbqBmnpyDK5wzGKxiiC-AdAhWgRlT3JrbAXYOGLV8dJaec86_yjjakHQhZmaitnFpBWQmCZAr9X3_locDBDLOnXzBVaJ7Ui5l1R_nye2sojFBaw4RDEswSvn3e0bDINKiqk2QIGYnX9LWTHHNh0LhC1yDRGqjjRdwHTTAXTxaaoCM_C6LHilHeybJpDZMYmsGyofpOIN1nzsLyWLkMVwSswXeMz6jUbe3DNhJfVHPOYoIVrOGKZTSG1KlcQsyIAvF_HrubJdif7pHrAFH1qaVYsj1sdQ1nRRxYdi2pv2VmFq2l7EKkLxGpG9hhJ2kVLBkdCzOpb1uEEReTDV90WV1ag7yywVbZMxtpvsm1LxESbUu8WIsjaZ8KOLxaHQNyWq85MnDl0NJ_07X33ooKFeVn-JOgOPSgqqZQcbZDPlZy8LlG2t9WjfXvfS2qfElhhTJNR4ZGd_GbxRKijFv5vBCOxPUXIDuOPO_v9hvzWI8lDVzGWs61G5osY9g0Yv2232UhvdA3PtJ5pZUJFRreEPHYG5samHRgmb9Hmym42L92vwNiObGkQFrNyS-m7rnGIle7ggzPmnli3rlE_Fbr6QXDsZ5UsCvYpKIRji66IYw0YVyF117S4CnZr6p8AeUI3_XE4278EK1I5RaPtWS-vgwcC1bpwY9_oQ0DTJ125gMsmDQLpDC0s-sg-YJeNz6GkA010h_lVkDhKOoQLdL6SaFJuPD0QC_v5kLONdooUuuSCQVj1qIBmoeLhVBgA9AGtxtIFJKHlQye1LA8Qn8gbGLw7Jnec0QaVxj2zK88VU6ESglTSThbTnQVx3yqoceXM02ZoRnK80nKyvLQh638NTJxf51scyIGb5i0oDcpjyViwf_9hqJRCKN13WyyWSxwJMB21TOCK-EhEHH7OBQ9pDZdT3wiqTj9RZzqZH-9ft-g1Y2ebtl00FUpX-YkQSN_sikJpgfI8fy5Pi7-T1WHWoexiPBhR8TlJdw8wdyc5R_9pBcuKsn3y
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame 03FE 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022092101&jk=4445235799942356&bg=!Li2lLWnNAAZqQh0mSkI7ACkAdvg8WpXfs6twemwUn2IPbwd3pfSAIWHwpWDmawLuKM0A7nKyN5iwMwIAAAIsUgAAAARoAQeZAswzf20FcMoRWtKKmULa7y9iawYy7fZPnvLQWugQnBujlaHJfZ1ylZtta9JtJ7Ae2idNEda4W33r9opD2XBdfNqGG5GjaPS5_yEBps_NfZLtfvH5yCRunv9CDa1Xu8W55QvTTUrs6pj_jcCQj7yzxv4yx06MCAvTY41ikazMdCveKtI52KSsYpGP-f0orciCb94sGyTlmEWoCTBszI9ILfAfgjlxheeE-ilBnn9H2YPrix1pahjln1RtT3FgPmCv-PGSan351Um7f1fnw3215rN6HNC21BPdxRybr7vKFRqUckUPK8IIAIZnPdTOLiCZVCOiJNZIAl8H2UDzZzowotZNSM9-Bf3aNYSam4DdIx8R8lEbE-sGoT3wR0B1JbO4M72zNYyf2EQqDwcJnT2xpn0yDqIEOBBG4XMGi6JzivJFrGtBE2_SRfkBYhAGUpc3zrn9fqE-jNtuPFgxghWzaucHDI9GuKV1zXbtHgPf0xRnzAp_UeOVkoXB2YGe9f2nm4Z1ZzTTokiIKR7jmhTZQhwUtgMWB2aghalAuSLjkGR4iqpfDFN-m8rVMIOy9AP1_J95-eqE_aRQoU7_g7drzDN79B94KWxL6aCflpHwgQ-jKog5agheZPIRvIYw0lHkTaYjDMIjpWdL2cPvQZViZLfFRa8lPHvhlsMyNr2yhPYjn-dVkyEbqcEhcO-JS0MsQ68z5fQCU37oVw90I0cls3IdlEO_56oZXmX78PDKslHote3Tkoohyo8cQWDfs-kEKD0GrnJr1OWv1G1Cfg87M_jWJaOnXqmcqWFH_YAGkzBnYXuh_Ty2c6X3biHM-EPcatjXPdQsEJMoeFY3VU47aOqL4QDfVHEpbJJPpAaFs95zjYiX54Wsi69VdcnVONmdZlzFRV8HPyB77rbphXCMzAPD7Yb8qI0PVGFkvi1Gptx7eYEIFCkXrnmEH0Ho6Q
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers
trk.gif
jadserve.postrelease.com/ 		43 B
426 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/trk.gif?ntv_at=386,387,388,389&ntv_r1=7144&ntv_r2=7393&ntv_r3=7393&ntv_r4=9872&ntv_pl=1102376&ntv_it
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.34.160.33 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-34-160-33.eu-west-1.compute.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Sep 2022 18:31:27 GMT
server
nginx/1.12.1
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.staradvertiser.com
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 22 Sep 2022 18:31:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		20 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=329596970703887&correlator=1247089304098764&eid=31060439%2C31069635%2C31069793&output=ldjh&gdfp_req=1&vrg=2022092101&ptt=17&impl=fifs&iu_parts=281191609%3A5136785%2Ccityspark_oahu&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C300x250&fluid=height&ifi=34&adks=1413280974&sfv=1-0-38&fsapi=false&prev_scp=frstlk%3Dtrue&eri=1&cust_params=ip%3D0%26he%3D0&ppid=1329b7a3-57e0-4a4c-8c42-3fec8b79e7d3&sc=1&cookie=ID%3D6b1163197e313caf%3AT%3D1663871480%3AS%3DALNI_MZN69JqttAfEr_IetFEmKdriJnV6g&abxe=1&dt=1663871488880&lmt=1663871488&dlt=1663871477769&idt=2351&adxs=1162&adys=3813&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=22&ucis=y&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.staradvertiser.com%2F&frm=20&vis=1&psz=298x-1&msz=300x-1&fws=4&ohw=298&ga_vid=1040327165.1663871479&ga_sid=1663871480&ga_hid=1388760453&ga_fc=true&a3p=EhUKBmNyaXRlbxi-h-CztjBIAFICCGQ.
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
285a04b4a191617714f9fadec5204de9ea5f9b8c77721393c263085c78672a6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:29 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9126
x-xss-protection
0
google-lineitem-id
5817962342
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138368352309
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.staradvertiser.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
d728ad254c91b2c39129194f45466e21.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 7384 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://d728ad254c91b2c39129194f45466e21.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.staradvertiser.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
9
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 22 Sep 2022 18:31:20 GMT
expires
Fri, 22 Sep 2023 18:31:20 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
d3plfjw9uod7ab.cloudfront.net/ad/ Frame 7384 		97 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3plfjw9uod7ab.cloudfront.net/ad/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Requested by
Host: d728ad254c91b2c39129194f45466e21.safeframe.googlesyndication.com
URL: https://d728ad254c91b2c39129194f45466e21.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:7000:13:a391:88c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3936ef1c8f1732c0c04810760b747102dd4431bcc37689c27196de5d030ba858

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d728ad254c91b2c39129194f45466e21.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id
PidISEiOP90R_913dwkQ2_.B_dtaRt0p
content-encoding
br
last-modified
Thu, 14 Jul 2022 18:51:22 GMT
server
AmazonS3
age
4579
etag
W/"988ed904fe9935453a894f009ac11cc0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 89e34e3fd814f1393ef77867b93dd12e.cloudfront.net (CloudFront)
cache-control
max-age=7200, public
date
Thu, 22 Sep 2022 17:15:11 GMT
x-amz-cf-pop
FRA56-P4
x-amz-cf-id
-BT_fp-SZ-NHoRsYFS25QXn3a5oAmznUh0fvs-UI2jkXlDfHfRK-pQ==
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 7384 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: d728ad254c91b2c39129194f45466e21.safeframe.googlesyndication.com
URL: https://d728ad254c91b2c39129194f45466e21.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d728ad254c91b2c39129194f45466e21.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 07:13:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
127095
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 21 Sep 2023 07:13:14 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 7384 		140 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: d728ad254c91b2c39129194f45466e21.safeframe.googlesyndication.com
URL: https://d728ad254c91b2c39129194f45466e21.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0d71b1f9bb2c1439edff9c640fedc7e649eeaa3a1d5b5b08199a6877b3328a71
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d728ad254c91b2c39129194f45466e21.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44544
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1663587528796173"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 22 Sep 2022 18:31:29 GMT
41e899d4-eecb-4906-b3ea-3f7a3f7fae2f
analyticssystems.net/api/v2/ad/impression/ Frame 7384 		0
490 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analyticssystems.net/api/v2/ad/impression/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f?rand=246123
Requested by
Host: d728ad254c91b2c39129194f45466e21.safeframe.googlesyndication.com
URL: https://d728ad254c91b2c39129194f45466e21.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:251b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d728ad254c91b2c39129194f45466e21.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:29 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wO8DjO4%2Fi4IQZvSSZV%2FtZA2bQV3WdTsbBeEr%2BOKCK%2FZQzap8%2BWtEYADL3O%2B6zGeMZq9wc1EYqhdSwB8JlsqFRXowETfm0uBtGoP1ipPYx7ocPfclmz87tpKc3X5U67nKDpqmL8eBFHDuV4gwBG4oDvpphA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
cf-ray
74ed1e282bf59957-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-request-id
FxdCTdOlKpqZZ74AF9Ux
32c493b4-5aba-4a80-8ed0-b41c07cc2c62
https://d728ad254c91b2c39129194f45466e21.safeframe.googlesyndication.com/ Frame 7384 		789 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://d728ad254c91b2c39129194f45466e21.safeframe.googlesyndication.com/32c493b4-5aba-4a80-8ed0-b41c07cc2c62
Requested by
Host: d728ad254c91b2c39129194f45466e21.safeframe.googlesyndication.com
URL: https://d728ad254c91b2c39129194f45466e21.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6bc4cd5be69f0c87c948ad881f4f72e4414b5e5166ba219b7a6b72f197b775ee

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Length
789
Content-Type
application/javascript
view
securepubads.g.doubleclick.net/pcs/ Frame 7384 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvnk0uQhZX2poeZBXc9DXbf319vJSF-qCQY_Z-qV4FjRWKHZNR0bJ_tSuMVctd0x4j7Y0G2Hr7ElCyPgjUetwVkKSfb3sCkCsmehdy_ZRZJDYlX-6EfS2wGJ3xvDWgXmfMxeta4DUPaVKVXjw44LIBXbKo2yu5JZ_kW_Q4-JLAEpMc20Dyj_cQ-IJF2_919rN_Hqtrt-b_9l30nN5tkxg0KBlpdGm8bnBgfxp7Sn0qNGkJYDe5SuVuNUJ0lcjf5RCAvcq26nqRR6hwWu6NCzv959xz2qvEcL4qylRlvf99xAq2xAIWenUTVdGW3OTPIVGvmtUIz0ILSEyzX&sai=AMfl-YTpL6nZR4L0QL4avmA-R3gk6kI480zY6wG_BM5qHGlL0-iFXb1bi_LKqtJppMhDY24G32Csz_HI47gE0ekrHKU9Hpv09FWQWq3cjskKA6NRqznXqh9spOF_zVh2ZA&sig=Cg0ArKJSzEq5lLEGYdOtEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: d728ad254c91b2c39129194f45466e21.safeframe.googlesyndication.com
URL: https://d728ad254c91b2c39129194f45466e21.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d728ad254c91b2c39129194f45466e21.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 22 Sep 2022 18:31:29 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
/
a.impactradius-go.com/gen-ad-code/258147/1107357/5311/ Frame C8D1 		338 B
770 B 		Document
General
Check archive.org
Download Go to
Full URL
https://a.impactradius-go.com/gen-ad-code/258147/1107357/5311/
Requested by
Host: d728ad254c91b2c39129194f45466e21.safeframe.googlesyndication.com
URL: https://d728ad254c91b2c39129194f45466e21.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-57.fra60.r.cloudfront.net
Software
/
Resource Hash
e6fb3705dfdba91943e9a56216620f519f68584c8a16d0536f0ad6e95a361d17
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://d728ad254c91b2c39129194f45466e21.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
2953
cache-control
public, max-age=7200
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 22 Sep 2022 17:42:16 GMT
expires
Thu, 22 Sep 2022 19:42:16 GMT
p3p
policyref="/w3c/p3p.xml", CP="ALL BUS LEG DSP COR ADM CUR DEV PSA OUR NAV INT"
referrer-policy
strict-origin-when-cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
via
1.1 c60125e7f3465aceafb0abd071a41a36.cloudfront.net (CloudFront)
x-amz-cf-id
YVbu0h65uFUJ7dLxFdphJ7O9BHzayQjLHt9JpBledmTz-9kkO0iX6Q==
x-amz-cf-pop
FRA60-P1
x-cache
Hit from cloudfront
x-cnection
close
x-content-type-options
nosniff
x-xss-protection
1; mode=block
view
securepubads.g.doubleclick.net/pcs/ Frame 7384 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvmTUVfekdfnHBqROgqviHLRjwO_6uUT_gqXA4pXk3PBHGpo3CazQxGlGDWaJrwwhfhQhNd38EMDSk-zhQWZ3hWb_Rn3W9TpnBJRM0jB6WYEs4OWG2bYVxADi6Nnbhs-o-EAR9lJjZoou_CeabeOLnpYWk1IMMZg1hniSLZVNeWHd1qlJaIPThQeO9S_-6qdVbvIstsbIDT9JXESiF1F-HM-nX5YjwYxEiQjzUiyFun2NH7aqxG4VNvSoNRZ2BENcj1QmuEEaQZmBfcAX1uZb9kxF1_UzJ-4w_b8NdftqqPzyv6_Dycs719r8nm7g2CJ1gtSPceW12kxNPE-h8&sai=AMfl-YTl6rYHQi4OdocOyvyZ8SE5wD9XYJrrgG7wSLK6Y1jtD_6h7zUZ7uNgcrB_ObeleTOzDSDnf9eNmSCyF9CvbZONomMog9YX2-8JTtV75u1cnspd0JR5VNZVUm13HA&sig=Cg0ArKJSzImYgsomsPUHEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d728ad254c91b2c39129194f45466e21.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 22 Sep 2022 18:31:29 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Thu, 22 Sep 2022 18:31:29 GMT
truncated
/ Frame 7384 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c8316715915993407c58faed4be61e06446a0ff04a70733c9bd26752f74a6fa1

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type
image/png
5311-1107357
a.impactradius-go.com/display-ad/ Frame C8D1 		60 KB
60 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.impactradius-go.com/display-ad/5311-1107357
Requested by
Host: a.impactradius-go.com
URL: https://a.impactradius-go.com/gen-ad-code/258147/1107357/5311/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-57.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
634b42a6ef5300f0e3662556f06bc40e625f6fbecfd08840fefc4dc65ee29717

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a.impactradius-go.com/gen-ad-code/258147/1107357/5311/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:23:23 GMT
via
1.1 c60125e7f3465aceafb0abd071a41a36.cloudfront.net (CloudFront)
last-modified
Mon, 12 Jul 2021 18:28:42 GMT
server
AmazonS3
age
580
etag
"95fb6c02a058c3b24375ce16a6726a38"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
public,max-age=900,s-maxage=600
x-amz-cf-pop
FRA60-P1
accept-ranges
bytes
content-length
61001
x-amz-cf-id
PGorfYswVDD0Xh_-CCqebcTCq54qtl-VoKCaSs0amuH2XT8-1Mfn0g==
5311
backcountry.tnu8.net/i/258147/1107357/ Frame C8D1
Redirect Chain
  • https://backcountry.tnu8.net/i/258147/1107357/5311
  • https://www.ojrq.net/p/?return=https%3A%2F%2Fbackcountry.tnu8.net%2Fi%2F258147%2F1107357%2F5311%3Flevel%3D1%26srcref%3Dhttps%253A%252F%252Fa.impactradius-go.com%252F&cid=5311&tpsync=no
  • https://backcountry.tnu8.net/i/258147/1107357/5311?level=1&srcref=https%3A%2F%2Fa.impactradius-go.com%2F&brwsr=c663f38f-3aa4-11ed-976c-296187fec1ce&brwsrsig=xgyWbU3o1ww9TLC3esWudR5gwHBSmk
50 B
742 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://backcountry.tnu8.net/i/258147/1107357/5311?level=1&srcref=https%3A%2F%2Fa.impactradius-go.com%2F&brwsr=c663f38f-3aa4-11ed-976c-296187fec1ce&brwsrsig=xgyWbU3o1ww9TLC3esWudR5gwHBSmk
Requested by
Host: a.impactradius-go.com
URL: https://a.impactradius-go.com/gen-ad-code/258147/1107357/5311/
Protocol
H2
Server
34.248.187.45 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-187-45.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ec34cd386427fe6deacf99f4fdbeea4b1d1ed25f505411650d7ceaa843a7fc63

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a.impactradius-go.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Sep 2022 18:31:29 GMT
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="ALL BUS LEG DSP COR ADM CUR DEV PSA OUR NAV INT"
content-length
50
expires
Thu, 22 Sep 2022 18:31:29 GMT

Redirect headers

pragma
no-cache
date
Thu, 22 Sep 2022 18:31:29 GMT
via
1.1 google
p3p
policyref="/w3c/p3p.xml", CP="ALL BUS LEG DSP COR ADM CUR DEV PSA OUR NAV INT"
location
https://backcountry.tnu8.net/i/258147/1107357/5311?level=1&srcref=https%3A%2F%2Fa.impactradius-go.com%2F&brwsr=c663f38f-3aa4-11ed-976c-296187fec1ce&brwsrsig=xgyWbU3o1ww9TLC3esWudR5gwHBSmk
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Thu, 22 Sep 2022 18:31:29 GMT
1710p4s4p868n18sn0pqps224o506381-00002.ts
d29xw9s9x32j3w.cloudfront.net/videos/m3u8/300k/ 		641 KB
643 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://d29xw9s9x32j3w.cloudfront.net/videos/m3u8/300k/1710p4s4p868n18sn0pqps224o506381-00002.ts
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.145.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-145-10.cdg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1b554e416817f0aa7a9de1c5feff17579fbbc7f0b0754d073c4d6f4e7d4a7c29

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:30 GMT
via
1.1 3a19e7746bbbb8dd91ed586197497ae8.cloudfront.net (CloudFront)
x-amz-cf-pop
CDG50-C2
x-cache
Miss from cloudfront
x-amz-storage-class
REDUCED_REDUNDANCY
content-disposition
attachment
content-length
656684
last-modified
Thu, 22 Sep 2022 17:34:47 GMT
server
AmazonS3
etag
"46482e5738468ff2c0fea74d94c0f8e8"
vary
Origin
access-control-allow-methods
GET, HEAD, POST
content-type
video/mp2t
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin, Access-Control-Allow-Credentials
cache-control
max-age=86400
accept-ranges
bytes
x-amz-cf-id
Prq44cGAAXIh7B-wdvfLnPpdi4usZGM7nexbVx7MowMW9H2ySh8QiQ==
collect
j.clarity.ms/ 		0
48 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://j.clarity.ms/collect
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.85.30.134 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://www.staradvertiser.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-origin
https://www.staradvertiser.com
date
Thu, 22 Sep 2022 18:31:29 GMT
access-control-allow-credentials
true
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
request-context
appId=cid-v1:3f60b293-70d6-4805-b0bb-3484f0a73bf0
i
www.i.matheranalytics.com/ 		43 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.i.matheranalytics.com/i?e=pe&tv=js-3.0.153&tna=Mather&aid=v1&p=web&tz=Etc%2FUnknown&tzoff=0&lang=en-US&cs=UTF-8&navt=link&f_pdf=1&res=1600x1200&cd=24&cookie=1&f_jquery=1&f_es6=1&f_gears=2&tvltm=2&f_privb=0&tid=c07b5897-bfa9-4f9f-99d0-139ddd9ba05a&pid=cf315973-ef5d-4c71-8053-92a1f035cb7d&dtm=1663871490385&qnm=_matherq&visible=1&tabid=ac167e9d-77c6-4795-bda0-493391475d46&url=https%3A%2F%2Fwww.staradvertiser.com%2F&vp=1600x1200&ds=1600x12148&tofa=1663871480&vid=1&lvidt=1663871480&duid=c052e739a739f0fc&fp=577415770&cid=ma15446&mrk=988352900&cx=eyJwZXJmIjp7InN0YXJ0IjoiMTY2Mzg3MTQ3Njg5NyIsInJlZGlyQ250IjoiMCIsIm5hdlR5cGUiOiJsaW5rIiwiaGVhcFUiOiIxMy40bWIiLCJoZWFwVCI6IjIxLjdtYiIsImZzdFBhaW50IjoiMTM5NCIsImZldGNoUyI6IjI2NCIsImRvbWFpblMiOiIyNjUiLCJkb21haW5FIjoiMjY1IiwiY29ublMiOiIyNjUiLCJjb25uRSI6IjYwOCIsInNzbFMiOiIzNzkiLCJyZXF1UyI6IjYwOCIsInJlc3BTIjoiNzY4IiwicmVzcEUiOiI5MTIiLCJkb21Mb2FkIjoiODcyIiwiZG9tSW50ZXIiOiIxNzM5IiwiZG9tTG9hZFMiOiIxNzM5IiwiZG9tTG9hZEUiOiIxNzUzIn19
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.219.38.131 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-219-38-131.compute-1.amazonaws.com
Software
/
Resource Hash
d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Thu, 22 Sep 2022 18:31:30 GMT
Connection
keep-alive
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Content-Length
43
Content-Type
image/gif
metrics
connect-metrics-collector.s-onetag.com/ 		0
73 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://connect-metrics-collector.s-onetag.com/metrics
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.83.181.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0cb5afe0ce76779e.awsglobalaccelerator.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.staradvertiser.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Thu, 22 Sep 2022 18:31:31 GMT
content-length
0
vary
Origin
all
csm.eu.criteo.net/ Frame FF42 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=JPqa1tsDNmC2JH9r_48Qnt2Cwk8lfpEEU1uuwevgowCqw1Tv8lR-MwTTt91p3JfOqpg1XWrcGO2udQCP7-33s82wOovGKC9XEqohFlwX1QDKW1uzuNHOsWu0JSUQTAo9BESxovgdXy4JnFyw1d40evDSukPEie7LB5l6mM2twEPIAxwUC8x_FSqT5hRU-V8-wI03Fcodp6aUUWjmwu72cracPNyP6IqVeDp2BiXC4ExGnnu_GD6V4HKzeY1YMOQ7afGO1g&sds=2&rev=82884&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yyyp-AAPLO8Iu-UwAAUbu6ATRCWZyvoag5SHug&u=%7ChIUXIrGDpJLE91T41VdP1QqeHXE1ueDWpukZm9DeKWM%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANZE5PA-gwcExOc4fDdBFkrmfhkfAt6HIWmOd02SfG27iABCa-gZ4QnmR2GsviQVGam_af1ScQc3kOMOAwYRqJLyqucb5imnzI7qjQPWBQiJCzleM1PQX7_dq6Q5chDkCeP7nYFqajOQnv_oXgGArTbmN_HIyopxe2oW2gANA4IU1SxJscmLbdPuClTnoFFM5SjEVK9IwKEW5d9N2kIH0ZmDcvOChObf4HU0nOauCBlUZRppf2ihM3wTk3KEFo363oyoA3YHLL06ew-unYFH2iDSOw_0KlvUWGf89OgUdTGgjCv5rwG28GetA6aS5oRMjhBDy9TUgAgl6hXAXo6mB44Pt9vaR6QhFOGOHLSD_5YrrQBQuNQtbsqiQgrnancVjuTTVRcJwRAv3zPpUopyWu14YcwWOghBj5T-3MlhZjg69m3jd8DQB4Ch9s6TmRH4yJhEXLBMjIV13CGGmxMCQATfF4Vs4FitmXei9SpuO1SVD6U_cmbo3CIcOPtTS45ehtuRlSNcbgFPOS0G08FWtm1jciFrjHZ3tzllApI55K-Yz9_AbZdeJKHE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCSzQ2-KksY-_ZPLDK7_UPu7eUqArJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTMyMzg1NTUyMTg1ODg0MzmgAdW20uoDyAEJqQJRkiwkv3iwPuACAKgDAaoElAJP0IGe1f1aPfJuwKhBjEX4nlbcW60HbisKyMx0oJhOJsuTH0MuvTLCh6uS5cNmHXhSsgw3CX4ccRZFvQoRJT1t5FehBmHnfcyg1Czv7lpMXtghgn8rlXwZ6aUWLRKk94nRRjn2apw0SI98kOtvu7HcqtLMilbiXmEuVRqLMKbHWTPc6_Yl0gTSzCxV3dvqqFglnBMPDDjv_L1AZN1H_C6PJ58aTOyi-F368GCRffTa5NYexW_Z1CG0lA3UI9KBdAxaxIfZ7bn1o9l1AfL_XCTvCJc3W2-knBT49vvg5RO1W9LK90sAe0oPF308kSnJAj3n4t07kZOJCo-ncJdHc9E4R058xwjTPkn-9aHqyYjPSFq8FqPgBAGABpaa3djQ35jmiwGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgHAQATIC6wI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2S_66pDEEever9jLoLHtRIWF3m6A%26client%3Dca-pub-3238555218588439%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.162 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Thu, 22 Sep 2022 18:31:31 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;
all
csm.eu.criteo.net/ Frame 9781 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=HpH__NsDNmC2JH9rCFkitnK7G9zTjIxgJeYxvDCe3NikEf-HXh_9YKqTLiuItYVFKgJTJDte9MOy7UnAtAFpDFN5AJQj-neLXeqEpM5RRmSkq-F3FiBhVpC_tf2d7pJbzluQe9aX3SfQls0-SjSWiUtDtHTO9hknOx7k8s7c6R5Bg11xfYLT-HAq1ySTEtCWy3RtUH2bakEEGF3ZCB0JJTR56_TICXwHud9etP_X97527Xln2D8UE-ETdCntUuxAKrypsw&sds=2&rev=82884&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yyyp-AAPLOkIu-UwAAUbu3KcBS0Ool-dONwgjQ&u=%7ChIUXIrGDpJIglTT91dladBEXYD9pJZ8Qq6ERhbBffsg%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNy44cDHK1QYNdJ71gdyCWvylMYxXMLCj4fODidRdwMR55tQ-B9hy0g1QCKGju0TMFrgLV7AJgRHBH_AV6w0tnRtraPfdmSHY4VtN0I-eUNMs4nmiqSNt0Ts_20On4dI7aNaxYBPLA60J-6UxxkNxuhC38fb3U0ZCgJ0I0lHbkVJmerFFOwRPGKj2DC9iI2OuMncSNa0RkdE9lg1H4-4LSHFfJodqv7ikBsyJVJNvN7ASwCYgQSBlRti6kuaBc_SXWrpK3TGJnSx2HqthwaHqXkqZr8RcTVeGGL0AMWqxUmceE0TDDDz7jTnLaMa7SWSI1_x0ENiGdp53cFyATf44fQQCpnRxVvL4J6CDI2JWCOGZtbOjIsiBL3CBMA-wr2iIeDPvGnHpd5hoVXAtr4sWayze4JKvxHxdzFhvdri-dDbNS-vXLfGuircLDmvUcU3_Dths2MS3qp1syIk4N41T8U2RoanX40iS7uUovmDK3p6ZsjiM8t0fKPotZs-ekcy3ZrEMRP5mtwWoiukwzVdwd0Ytql7kAdbph9Q91kaUwH1vsE9iyx7F96qdOOdNhG6P2Ps85fCzoZxBuOf6VVaq-A8ehIrGgm_Xz9Ltfgx5_S_GD13liMl1IgQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCGRhB-KksY-nZPLDK7_UPu7eUqArJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTMyMzg1NTUyMTg1ODg0MzmgAdW20uoDyAEJqQJRkiwkv3iwPuACAKgDAaoElgJP0C6ySL7s-LjAmx1VXuYarmCKyi83AH_FGEmZ-4PVCRf1G_bJvPeeAMXpbc_TycCpFZzV1lUEDnCSe5Zef5NXIYQ254EpqWCMWHmrGw0kS0ixYw5W5lNI9gzrO4EAJe9N9Hza1BZLUhO4IbuLZ8DI-WbdBWpzfbDmDVmf5KodQh-KGNfsutxa2ITg5d8YLSGi2pX7pQX3aY1PDwKCnDmkpALHnuV_kcSrUae_9CmkbtWIA08rf3PK317-22E3wcHAQgl3T3XAVwvklEiLYsrhbRV7mDI7gkxyajh3wVonas8rg0U5DuzXD-IdLrL4FAWNar7SIaoRarYn_coggGjucUmy4laI_Sd9XpvH675XLOHnRB4_ReAEAYAGj_aIluyviaSkAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAcBABMgLrAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0Ntpq278oR3lEOV3kZoJmoTG-uBA%26client%3Dca-pub-3238555218588439%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.162 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Thu, 22 Sep 2022 18:31:31 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;
metrics
signal-metrics-collector-beta.s-onetag.com/ 		0
72 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://signal-metrics-collector-beta.s-onetag.com/metrics
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.83.181.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0cb5afe0ce76779e.awsglobalaccelerator.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.staradvertiser.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Thu, 22 Sep 2022 18:31:31 GMT
content-length
0
vary
Origin
collect
j.clarity.ms/ 		0
48 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://j.clarity.ms/collect
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.85.30.134 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://www.staradvertiser.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-origin
https://www.staradvertiser.com
date
Thu, 22 Sep 2022 18:31:33 GMT
access-control-allow-credentials
true
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
request-context
appId=cid-v1:3f60b293-70d6-4805-b0bb-3484f0a73bf0
ping
ping.chartbeat.net/ 		43 B
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ping.chartbeat.net/ping?h=staradvertiser.com&p=%2F&u=CzGjNUCwJ5zSC8AOVY&d=staradvertiser.com&g=48334&g0=Homepage&g1=Star-Advertiser%20staff&n=1&f=00001&c=0.25&x=0&m=0&y=12148&o=1600&w=1200&j=30&R=1&W=0&I=0&E=5&e=5&r=&b=2120&t=KWYVVBlCAmVihJ8QuzraKBxT64t&V=136&tz=0&_acct=anon&sn=2&sv=xqzn9CNXClWvNq7LCZ1WOSCLE8jE&sd=1&im=067b2fff&_
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.232.27.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-232-27-202.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Sep 2022 18:31:34 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
content-length
43
expires
0
p
sb.scorecardresearch.com/ Frame 52B2 		43 B
263 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/p?c1=2&c2=18065638&ns_type=hidden&ns_st_sv=6.3.4.190424&ns_st_smv=5.10&ns_st_it=c&ns_st_id=1663871480519&ns_st_ec=2&ns_st_sp=1&ns_st_sc=1&ns_st_psq=1&ns_st_asq=1&ns_st_sq=1&ns_st_ppc=1&ns_st_apc=1&ns_st_spc=1&ns_st_cn=1&ns_st_ev=hb&ns_st_po=10004&ns_st_cl=493583&ns_st_hc=1&ns_st_mp=js_api&ns_st_mv=6.3.4.190424&ns_st_pn=1&ns_st_tp=1&ns_st_ci=2254305&ns_st_pt=10004&ns_st_dpt=10004&ns_st_ipt=10004&ns_st_ap=10004&ns_st_dap=10004&ns_st_et=10004&ns_st_det=10004&ns_st_upc=10004&ns_st_dupc=10004&ns_st_iupc=10004&ns_st_upa=10004&ns_st_dupa=10004&ns_st_iupa=10004&ns_st_lpc=10004&ns_st_dlpc=10004&ns_st_lpa=10004&ns_st_dlpa=10004&ns_st_pa=10004&ns_st_ldw=0&ns_st_ldo=0&ns_ts=1663871494563&ns_st_bc=0&ns_st_dbc=0&ns_st_bt=0&ns_st_dbt=0&ns_st_bp=0&ns_st_skc=0&ns_st_dskc=0&ns_st_ska=0&ns_st_dska=0&ns_st_skd=0&ns_st_skt=0&ns_st_dskt=0&ns_st_pc=0&ns_st_dpc=0&ns_st_pp=0&ns_st_br=0&ns_st_rt=100&ns_st_ub=0&ns_st_ki=1200000&ns_st_pr=*null&ns_st_sn=*null&ns_st_en=*null&ns_st_ep=*null&ns_st_ct=vc12&ns_st_ge=Sports&ns_st_st=SendtoNews&ns_st_ce=0&ns_st_ia=0&ns_st_ddt=*null&ns_st_tdt=*null&ns_st_pu=MLB&c3=sendtonews&c4=Sports&c6=*null&c7=https%3A%2F%2Fwww.staradvertiser.com%2F&c8=&c9=https%3A%2F%2Fwww.staradvertiser.com%2F
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-90.fra60.r.cloudfront.net
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 18:31:34 GMT
via
1.1 372875ad1ec20daf24f3f29f14a73cd0.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
content-length
43
x-amz-cf-id
QNR8wjP1KoecVsp06c8Qm6gSyxWt6k1ZweVdbJpP4hoyhYTfQDmaPw==
x-cache
Miss from cloudfront
content-type
image/gif
event
event.instiengage.com/v1/ Frame 57A7 		0
125 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://event.instiengage.com/v1/event?event_name=event_ceu-load-v2
Requested by
Host: product.instiengage.com
URL: https://product.instiengage.com/ceu-code/e5666664-52a2-4b8b-bca2-c3f0a6d328e9.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.82.239.242 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-82-239-242.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.staradvertiser.com
date
Thu, 22 Sep 2022 18:31:35 GMT
access-control-allow-credentials
true
content-length
0
vary
Origin
event
event.instiengage.com/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://event.instiengage.com/v1/event?event_name=event_ceu-load-v2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.82.239.242 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-82-239-242.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.staradvertiser.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://www.staradvertiser.com
access-control-max-age
3600
content-length
0
date
Thu, 22 Sep 2022 18:31:35 GMT
vary
Origin

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
widgets.recruitology.com
URL
https://widgets.recruitology.com/lib/search-bar-autocomplete.css
Domain
widgets.recruitology.com
URL
https://widgets.recruitology.com/lib/search-bar-autocomplete.css
Domain
insiderdata360online.com
URL
https://insiderdata360online.com/service/platform.js?ran=0.11002588446044137
Domain
tpc.googlesyndication.com
URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Domain
static.criteo.net
URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=plmetrics&cls=0.000&mls=0.000&nls=0&cas=0.000&nas=0&wls=0.000&tls=0.000&was=0.000&lcp=0&lcps=0&cbt=515&mbt=314&nlt=5&nif=0&ifi=1&eid=31068929%2C31069761%2C31069354%2C21065725&top=0&pvsid=3632588438906298&gpt=1

Verdicts & Comments Add Verdict or Comment

293 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 object| 25 object| 26 object| 27 object| 28 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| x00_0x12bd function| x00_0x564d function| x00_0x5c7a function| x00_0x4020 object| _Scanner function| pbjsSetConfig function| getGTagAdSizes function| getGTagAdSizesWithLimit function| executeParallelAuctionAlongsidePrebid object| PublisherCommonId object| PWT object| pbjs object| googletag boolean| gptRan object| prebid_bidders number| PREBID_TIMEOUT object| bidSlots object| outOfPageSlots function| loadPrebidAndGPT object| apstag object| slot1 object| slot2 object| slot3 object| slot4 object| slot5 object| slot6 object| slot7 object| slot8 object| slot9 object| slot10 object| slot11 object| slot12 object| slot13 object| slot14 object| slot15 object| slot16 object| slot17 object| slot18 function| $ function| jQuery string| GoogleAnalyticsObject function| ga object| adblockDetector object| GlobalAamNamespace function| aamsitecertifier object| _sf_async_config number| _sf_startpt object| jwDefaults object| webpackChunkjwplayer function| jwplayer function| createJWPlayer function| loadJSON function| shufflePlaylist function| updateJWPlayerThumbnail function| removeVideosOlderThan function| createModal function| openModal function| closeModal function| createJWPlayerVideoGallery function| populateGallery function| createJWPlayerAdbox function| createJWPlayerVideoGallery_homepage function| populateGallery_homepage function| createJWPlayerVideoGallery_dynamic function| populateGallery_dynamic object| Insticator object| _comscore function| fbq function| _fbq function| __handleUspapiMessage function| __uspapi object| str1 object| dataLayer function| clarity function| matherSubcribeClickEvent object| HSA_OBSERVE function| lozad object| _wpemojiSettings object| _cb_shared string| player1_element string| playlist1 object| player1 function| labnolThumbDBN function| labnolIframeDBN undefined| nQuery number| ntvLoadStart object| ntv object| prdom object| onFocusEvents function| ntvjQueryInit function| ntvExtends function| ntvAppendStylesheet function| ntvAppendScript function| ntvGetElementViewability function| ntvArticleTracker function| ntvViewableImpressionTracker object| PostRelease object| ntvToutAds boolean| onFocus object| cswidgetoverR function| labnolThumb_2 function| labnolIframe_2 object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client function| joinNewsletter function| isToSPPAccepted function| setToSPPCookie function| getTOSPPCookie function| createTOSPPCookie object| AdRefreshControl function| setHSACookie function| getHSACookie function| _ object| wp function| Popper object| bootstrap object| StyleFix object| PrefixFree object| _cbq object| apd_options number| ordnumber string| sscUrl number| x object| atsScript function| pbjsChunk object| _pbjsGlobals function| InvalidInputHelper object| twemoji object| _cbm object| _rollbarConfig object| _rollbarShims object| _rollbarWrappedError object| Rollbar function| rollbar object| pSUPERFLY_mab object| pSUPERFLY boolean| apstagLOADED number| _rollbarStartTime boolean| _rollbarDidLoad boolean| _rollbarInitialized object| $jscomp function| $jscomp$lookupPolyfilledValue object| InsticatorApp string| insticatorHeaderCodeVersion object| __webpack_exports__ object| instBid object| ads_list object| embeds_list boolean| isPageviewSent object| federatedObj object| confiant object| InsticatorXmess object| ggeac object| google_tag_data object| google_js_reporting_queue object| Snowplow object| gaplugins object| gaGlobal object| gaData object| COMSCORE function| udm_ object| ns_p object| google_tag_manager function| recruitologyAutoComplete function| owpbjsChunk object| owpbjs number| __mobxInstanceCount undefined| __mobxGlobals function| gtag boolean| fifabAlready function| fi_fab undefined| commonInit function| visibilityEventsManagerDOM function| visibilityEventsManager function| scrollEventsManager function| DeviceDetector object| FI object| JSON_PIWIK object| _fipaq object| FIPiwik object| AnalyticsTracker function| fiQuery object| recaptcha object| closure_lm_626332 object| ats function| instBidChunk object| __connect undefined| google_measure_js_timing object| outOfPageSlot11 object| outOfPageSlot12 object| outOfPageSlot7 object| outOfPageSlot8 object| outOfPageSlot9 object| outOfPageSlot10 object| outOfPageSlot1 object| outOfPageSlot2 object| outOfPageSlot3 object| outOfPageSlot4 object| outOfPageSlot5 object| outOfPageSlot6 function| processGoogleToken object| googleToken object| googleIMState number| google_unique_id object| google_image_requests object| _mather object| _matherq object| tid object| headertag function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO object| _google_rum_ns_ object| google_persistent_state_async number| google_global_correlator number| google_srt function| mb function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList object| module$contents$ima$CompanionAdSelectionSettings_CompanionAdSelectionSettings object| module$contents$ima$AdsRenderingSettings_AdsRenderingSettings object| ima object| module$contents$ima$AdCuePoints_AdCuePoints object| module$contents$ima$AdError_AdError object| module$contents$ima$AdErrorEvent_AdErrorEvent object| module$contents$ima$AdEvent_AdEvent object| module$contents$ima$AdsManagerLoadedEvent_AdsManagerLoadedEvent object| google object| closure_lm_624924 object| csWidget string| gaName object| gAservice function| csWGa object| fiUtils object| $FIslowSelectors object| $waitOn string| ahm_cs_gtm boolean| ahm_cs_loaded object| closure_lm_400030 function| confiantDfpWrap function| postscribe object| google_tag_manager_external string| myPropertyId object| clientSettings object| ahm_config object| ahmpb function| ahmpbChunk object| mnet object| ahm_adParent object| ahm_friendDiv object| pubgroup_config

87 Cookies

Domain/Path Name / Value
embed.sendtonews.com/ Name: AWSALBCORS
Value: dCKp6Hz+y0aew59EZwB7fIY/uYzbOFGmuPnHuI/5LryHqzfALRm+4M1HKOuNS00mYkCOzZot0SUa4iUJJkmyMF2n73bHqZzOL4tsu/di+5Hu2gpY7c4qUMQx7nf3
.youtube.com/ Name: YSC
Value: v67ViOZW6UE
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: Gh1jtft0PHQ
.staradvertiser.com/ Name: _cb
Value: CzGjNUCwJ5zSC8AOVY
.staradvertiser.com/ Name: _chartbeat2
Value: .1663871479008.1663871479008.1.xqzn9CNXClWvNq7LCZ1WOSCLE8jE.1
.staradvertiser.com/ Name: _cb_svref
Value: null
.staradvertiser.com/ Name: InstiSession
Value: eyJpZCI6IjFkMzIyY2YxLThhZTMtNGMyNy1hYWMzLTE4ZDgwZWE1Yjg5OSIsInJlZmVycmVyIjoiIiwiY2FtcGFpZ24iOnsic291cmNlIjpudWxsLCJtZWRpdW0iOm51bGwsImNhbXBhaWduIjpudWxsLCJ0ZXJtIjpudWxsLCJjb250ZW50IjpudWxsfX0=
www.staradvertiser.com/ Name: _gada_ses.6fbe
Value: *
www.staradvertiser.com/ Name: _gada_id.6fbe
Value: faa66c70-4df7-480a-a53d-1cfb1baf9dd9.1663871479.1.1663871479.1663871479.51cd5962-f142-48d1-aef6-79604a2de72f
.postrelease.com/ Name: opt_out
Value: 1
.staradvertiser.com/ Name: _ga
Value: GA1.2.1040327165.1663871479
.staradvertiser.com/ Name: _gid
Value: GA1.2.773932396.1663871479
.staradvertiser.com/ Name: _gat
Value: 1
www.staradvertiser.com/ Name: privAu
Value: 0
www.clarity.ms/ Name: CLID
Value: c22524b3063349389eaf11a0b7c6e387.20220922.20230922
www.staradvertiser.com/ Name: ntvSession
Value: {"id":2800155,"placementID":1102376,"lastInteraction":1663871479336,"sessionStart":1663871479336,"sessionEndDate":1663891200000,"trackUserSessionTime":true,"experiment":""}
www.staradvertiser.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
www.staradvertiser.com/ Name: emailhashes
Value: []
www.staradvertiser.com/ Name: heCooldown
Value: 1
www.staradvertiser.com/ Name: visitorGeo
Value: DE
www.staradvertiser.com/ Name: visitorCity
Value: Frankfurt am Main
www.staradvertiser.com/ Name: visitorIP
Value: 185.213.155.166
.trkn.us/ Name: barometric[cuid]
Value: cuid_0f47d08f-2b2a-4a87-b61f-e149b6b0c8b6
www.staradvertiser.com/ Name: cto_bidid
Value: QRzvvF9BcEFuJTJCa3RoOFRLcWZscEJoRVExUEJKcWlzUE9RZnEyNkFVOEJQTyUyRnBOREw0VlRLNmtnQXNpQVZ4RnlCa1VVcExQQ1U4OEFnSmElMkJnQ3RSZHZaV0o5QSUzRCUzRA
www.staradvertiser.com/ Name: cto_bundle
Value: etGv9F9TTXdKUERXbURiV2g0OW9TSHNxMFE0S3ZqNk15Q25mYnNubm5ZYmhRMGMwYXpVS1AzTW85QXByMlp6TFRDT0pPQk1ySVh6dUMxYlRvczlHbUhHRDVuSjBwbWhRUlhocDJHVTJDNUVScmRuR2gxYjBXeWF0SkNxZUVjTW90UnNUUQ
.staradvertiser.com/ Name: _fbp
Value: fb.1.1663871480282.1052396613
.staradvertiser.com/ Name: _ml_ses
Value: *
cdn.firstimpression.io/ Name: OAID
Value: GDPR
.doubleclick.net/ Name: IDE
Value: AHWqTUlr2PAC35E9lf0WXtgdvWHS1rS1QRraDVPvRgj_IwPPax8Lciy9QtJB9Q87
.staradvertiser.com/ Name: _clck
Value: 1ngh4z1|1|f53|0
www.staradvertiser.com/ Name: _lr_geo_location
Value: DE
.staradvertiser.com/ Name: __gads
Value: ID=6b1163197e313caf:T=1663871480:S=ALNI_MZN69JqttAfEr_IetFEmKdriJnV6g
www.staradvertiser.com/ Name: _ga
Value: GA1.1.1040327165.1663871479
www.staradvertiser.com/ Name: _gid
Value: GA1.1.773932396.1663871479
.staradvertiser.com/ Name: _clsk
Value: 1cvjwqw|1663871481617|1|1|j.clarity.ms/collect
www.staradvertiser.com/ Name: _lr_retry_request
Value: true
www.staradvertiser.com/ Name: _lr_env_src_ats
Value: false
www.staradvertiser.com/ Name: _sp_ses.6fbe
Value: *
www.staradvertiser.com/ Name: _sp_id.6fbe
Value: 6ff5801c-2ee1-40a9-a569-36b3114c4a92.1663871482.1.1663871482.1663871482.72acb24d-6b0a-4f5b-8a8e-25c13d12bb63
.unsplash.com/ Name: ugid
Value: a8d5dbeec78c0435a025c5014e6b57a05546238
tradehouse.advertserve.com/ Name: AVPUID
Value: c61a3c2996f99078b029120272a780d5
.staradvertiser.com/ Name: panoramaId_expiry
Value: 1663957881746
.rubiconproject.com/ Name: khaos
Value: L8DE4CRN-V-2OAY
.rubiconproject.com/ Name: audit
Value: 1|naVuGyos1qrr+p0QkhTf3j5APvdogVCbaTd6KyMQnavCRi4Lg8bJK5IWGRG+dkpt/f8FfiNlTgKgoxf/P6Ethu9CfqBt6P0RzG6FmltYou3rP6fFStNJCA==
.adnxs.com/ Name: uuid2
Value: 4460720542310722703
.staradvertiser.com/ Name: _gat_Insticator_Embed_v4
Value: 1
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-ba279d89-8a59-4556-7f41-14d51f13ecf0.C2KIhdvdP4TxUxypfC2eFUVacZCDEHwtGgGhG3Wu0Mc
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AuiediYpZRVZ_QRTVHxPs8LnVm6Y.g3ns3PLYb1f9F%2FwpzH9vpI7FYZyTJeyJWr%2Bhfw3yJiU
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2Ilhv=w($!]tbPl1M>e)ZlrFUfJ+tGXxoiaCEfybS.-TM%4f.K`Um0K*J#N[81@9VvEwy3If)y3KL9D3I?+anymJo
.go.sonobi.com/ Name: HAPLB8S
Value: s8722|Yyyp7
.casalemedia.com/ Name: CMPS
Value: 1113
.casalemedia.com/ Name: CMID
Value: Yyyp-XyOYl5oTwezGrllcAAA
.casalemedia.com/ Name: CMPRO
Value: 1113
.casalemedia.com/ Name: CMTS
Value: 1143
.w55c.net/ Name: wfivefivec
Value: mWE4mzvw1OBqYR5
.w55c.net/ Name: matchgoogle
Value: 5
.awin1.com/ Name: awpv11354
Value: 412871|1663871485|c42f38b1-3aa4-11ed-871f-22647c990db1
.ctnsnet.com/ Name: cid_ebc713460e544c309bed3c2e22454d41
Value: 1
.ctnsnet.com/ Name: gid_CAESEEGqX3I8wQr2yAsSD1_MMDA
Value: 1
.bidswitch.net/ Name: tuuid
Value: 9e3bd14b-5576-449c-9dc5-de526ae76d0e
.bidswitch.net/ Name: c
Value: 1663871485
.bidswitch.net/ Name: tuuid_lu
Value: 1663871485
.awin1.com/ Name: awpv11938
Value: 412871|1663871485|c43e2cd0-3aa4-11ed-8770-22389f118591
.awin1.com/ Name: AWSESS
Value: 367022:2542680
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&00268baa-9cc2-4658-8d4b-8cfdf15adf2e"
.linkedin.com/ Name: li_gc
Value: MTswOzE2NjM4NzE0ODU7MjswMjGuHA4HOOI+dSF90kjU1F+GAA9c4DwiG6JYUNHHEGP9OQ==
.linkedin.com/ Name: lidc
Value: "b=VGST04:s=V:r=V:a=V:p=V:g=2734:u=1:x=1:i=1663871486:t=1663957886:v=2:sig=AQF4e4V9BMoMNYo_WBHEL8NSEETb8a49"
.congstar.de/ Name: staticentry
Value: %7B%22spfr%22%3A%22412871%22%2C%22awc%22%3A%2211938_412871_1663871485_c43e2cd0-3aa4-11ed-8770-22389f118591%22%2C%22sp%22%3A%22awin%22%7D
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSNjU0MDcxNrYwMjEzNDIzM7cwNxDiM9TNLAgLqjJ39ilzL4gCAHYeBhglAAAA
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_1vFwmtoZmZsYW5oYmFmaGIEAPvH95UQAAAA
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSNjU0MDcxNrYwMjEzNDIzM7cwNxDiM9TNLAgLqjJ39ilzL4gCAHYeBhglAAAA
.yahoo.com/ Name: A3
Value: d=AQABBP6pLGMCEHS5W-h3FUtT6unxdnW0t18FEgEBAQH7LWM2YwAAAAAA_eMAAA&S=AQAAAu1XofzIbDZi_AR6Zw5qCLY
.zenaps.com/ Name: awpv11354
Value: 412871|1663871485|c42f38b1-3aa4-11ed-871f-22647c990db1
.zenaps.com/ Name: AWSESS
Value: 377129:2470185
www.conrad.de/ Name: HTLP_timestamp
Value: 1663871486
www.conrad.de/ Name: CEAffHA
Value: YD
.www.conrad.de/ Name: __cf_bm
Value: ugZWUfXZ3.mFYnKF9JT0U93PcQmtl1JkDYmNl7Ezrf0-1663871486-0-AcU4/ZWpUSBBVkkPOQ+dkRrF3d/vFzxJonVeFq5zppRdUVRN4R/iNSRt2Rl+Omu0p5KEH4uQSvgqmZsrdAeVFPA=
.amazon-adsystem.com/ Name: ad-id
Value: A1f_W5w4r0jzoZSOQTaHNsA
.mathtag.com/ Name: uuid
Value: f35e632c-a9fe-4600-91b8-eb6f1d313f14
.mathtag.com/ Name: mt_mop
Value: 4:1663871486
.go.sonobi.com/ Name: HAPLB8A
Value: s85184|YyynQ
.ojrq.net/ Name: brwsr
Value: c663f38f-3aa4-11ed-976c-296187fec1ce
backcountry.tnu8.net/ Name: AWSALBCORS
Value: +Pxa3pgVodZgwGLge9M45hJoutB0znp3LxqRD3ycDCuWV5WDrJ5wmo9FWjbpijeCiav6TSu5AM2DYe3ybJdMWBs1XxAhLZp+EZgTgIvTt+5nbF89NG9XgumNKFVw
.tnu8.net/ Name: brwsr
Value: c663f38f-3aa4-11ed-976c-296187fec1ce
.staradvertiser.com/ Name: _ml_id
Value: c052e739a739f0fc.1663871480.1.1663871490.1663871480

8 Console Messages

Source Level URL
Text
javascript error URL: https://www.staradvertiser.com/
Message:
Access to XMLHttpRequest at 'https://widgets.recruitology.com/lib/search-bar-autocomplete.css' from origin 'https://www.staradvertiser.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://widgets.recruitology.com/lib/search-bar-autocomplete.css
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://www.staradvertiser.com/
Message:
Access to XMLHttpRequest at 'https://widgets.recruitology.com/lib/search-bar-autocomplete.css' from origin 'https://www.staradvertiser.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://widgets.recruitology.com/lib/search-bar-autocomplete.css
Message:
Failed to load resource: net::ERR_FAILED
network error URL: https://api.rlcdn.com/api/identity?pid=2&rt=envelope
Message:
Failed to load resource: the server responded with a status of 451 ()
network error URL: https://api.rlcdn.com/api/identity/envelope?pid=1273
Message:
Failed to load resource: the server responded with a status of 451 ()
network error URL: https://tradehouse.advertserve.com/servlet/view/banner/javascript/zone?zid=382&friendly=friendly_811281484&pid=0&fr=400&frlm=1&random=811281484&encode=1&origin=https%3A%2F%2Fwww.staradvertiser.com&referrer=https://www.staradvertiser.com/&cturl=https://adclick.g.doubleclick.net/pcs/click?xai=AKAOjsuceWQbKl9JmRPycKf-_Eiy11_l8YOndSWFmz8guSrFxZ8sBclLJ-xiAt4z4S4FBeY24vf1lffW9ld29uUde-g0bMqApdq7MN9-BBetM-yqgWEeJ3vB4TI8gyvEPC7U-4mFKATeVU7SMEMYmLpvSKg87DElh__BQWffp2T_fFUYXBH4aqZAptWvXzyjbi-O9nFpmrmXDAOdEb6oSSWMGjhxK2LBSA2JIspQBd8CKvN2vOVHv1GvLE3cZ47aFk9sYYXiAK0m3Md5oxmq55Yl6zNtUBklmctDSZRgy7TIaJlxHaC-rtTmme7Uy1-WMTu2hAx5S-k7ioFYnNXh&sai=AMfl-YTMlmzarS2NaD27_69bEptXnDOl7yd1gOPa9bobFsiAv8D_juOUzdSNxTDWi3zBPpF7ble_8v9B3hpi9etdDOXqDuxJIN2ZNC8bYVDTxKpKc2VQYPpwN6sbAgYd8w&sig=Cg0ArKJSzObeqr6uFfVTEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=
Message:
Failed to load resource: the server responded with a status of 401 (Unauthorized)
other warning URL: https://d728ad254c91b2c39129194f45466e21.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html(Line 11)
Message:
Origin trial controlled feature not enabled: 'attribution-reporting'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

144588f010523d2468bf3a1c1df8e211.safeframe.googlesyndication.com
17b0de2947672e3435c036d26a10ff7b.safeframe.googlesyndication.com
8d7be3625a97d28e0bfa042004ddc3d1.safeframe.googlesyndication.com
a.impactradius-go.com
a132e780e94323eea01bca5efa1eeda0.safeframe.googlesyndication.com
aamcf.aamsitecertifier.com
aamcftag.aamsitecertifier.com
aax-dtb-cf.amazon-adsystem.com
aax-eu.amazon-adsystem.com
ad.doubleclick.net
ad4m.at
adclick.g.doubleclick.net
ads.eu.criteo.com
ads.pubmatic.com
adservice.google.com
adservice.google.de
ajax.googleapis.com
americanhometownmedia.com
analytics.webgains.io
analyticssystems.net
ap.lijit.com
apex.go.sonobi.com
api.rlcdn.com
api.webgains.io
as-sec.casalemedia.com
as.ad4m.at
assets-jpcust.jwpsrv.com
assets.ad4m.at
ats.rlcdn.com
auth.instiengage.com
backcountry.tnu8.net
banner.congstar.de
bidder.criteo.com
c.amazon-adsystem.com
c2shb.ssp.yahoo.com
cat.fr.eu.criteo.com
cdn.cityspark.com
cdn.confiant-integrations.net
cdn.firstimpression.io
cdn.jsdelivr.net
cdn.jwplayer.com
cdn.materialdesignicons.com
cdn.polyfill.io
cdn.resonate.com
cdn.track.production.webgains.team
cdnjs.cloudflare.com
citysparkstorage.blob.core.windows.net
cm.g.doubleclick.net
cms.instiengage.com
confiant-integrations.global.ssl.fastly.net
connect-metrics-collector.s-onetag.com
connect.facebook.net
content.jwplatform.com
csm.eu.criteo.net
csp.azureedge.net
d29xw9s9x32j3w.cloudfront.net
d2na2p72vtqyok.cloudfront.net
d3lcz8vpax4lo2.cloudfront.net
d3plfjw9uod7ab.cloudfront.net
d728ad254c91b2c39129194f45466e21.safeframe.googlesyndication.com
df80k0z3fi8zg.cloudfront.net
dining.staradvertiser.com
dsum-sec.casalemedia.com
ecdn.analysis.fi
ecdn.firstimpression.io
embed.sendtonews.com
eus.rubiconproject.com
event.insticator.com
event.instiengage.com
fastlane.rubiconproject.com
firstimpression-d.openx.net
fonts.googleapis.com
fonts.gstatic.com
gcm.ctnsnet.com
geo.privacymanager.io
geoip.insticator.com
geoip.instiengage.com
get.s-onetag.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
h99w9l39sa.execute-api.us-east-1.amazonaws.com
hawaiirenovation.staradvertiser.com
hb.emxdgt.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
i.ytimg.com
ib.adnxs.com
id.crwdcntrl.net
id.sv.rkdms.com
id5-sync.com
image6.pubmatic.com
image8.pubmatic.com
images.unsplash.com
imasdk.googleapis.com
insiderdata360online.com
j.clarity.ms
jadserve.postrelease.com
jnn-pa.googleapis.com
js-sec.indexww.com
js.matheranalytics.com
mab.chartbeat.com
match.adsrvr.org
maxcdn.bootstrapcdn.com
mug.criteo.com
onetag-geo.s-onetag.com
onetag-sys.com
origami.secure.ownlocal.com
outbid.firstimpression.io
p.cityspark.com
p.rfihub.com
p.typekit.net
pagead2.googlesyndication.com
ping.chartbeat.net
pix.eu.criteo.net
pixel.rubiconproject.com
player.sendtonews.com
pm.w55c.net
polyfill.io
pr-bh.ybp.yahoo.com
prd.jwpltx.com
prebid-server.rubiconproject.com
prod-rtb.ad4mat.net
product.instiengage.com
protected-by.clarium.io
pubads.g.doubleclick.net
px.ads.linkedin.com
recruitology-static.s3.amazonaws.com
rsms.me
rtb.fr.eu.criteo.com
rtb.nl.eu.criteo.com
rtb.openx.net
s.amazon-adsystem.com
s.ntv.io
s0.2mdn.net
s2l.sendtonews.com
sa-media.s3.amazonaws.com
sa-media.s3.us-east-1.amazonaws.com
sb.scorecardresearch.com
search.spotxchange.com
secure.adnxs.com
secure.cdn.fastclick.net
securepubads.g.doubleclick.net
signal-beacon.s-onetag.com
signal-metrics-collector-beta.s-onetag.com
signal-segments.s-onetag.com
snowplow.ownlocal.com
ssl.p.jwpcdn.com
staradvertiser-hi.newsmemory.com
static-de.ad4mat.net
static.chartbeat.com
static.criteo.net
static.doubleclick.net
static.instiengage.com
stats.g.doubleclick.net
storage.googleapis.com
sync.go.sonobi.com
sync.mathtag.com
sync.srv.stackadapt.com
tag.1rx.io
tg.socdm.com
timber.sendtonews.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
track.webgains.com
tradehouse.advertserve.com
trkn.us
unpkg.com
us-central1-kube-ownlocal.cloudfunctions.net
us-central1-recruitology-app.cloudfunctions.net
use.fontawesome.com
use.typekit.net
widgets.outbrain.com
widgets.recruitology.com
www.awin1.com
www.clarity.ms
www.conrad.de
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.i.matheranalytics.com
www.ojrq.net
www.staradvertiser.com
www.youtube.com
www.zenaps.com
x.bidswitch.net
yt3.ggpht.com
insiderdata360online.com
pagead2.googlesyndication.com
static.criteo.net
tpc.googlesyndication.com
widgets.recruitology.com
103.229.205.243
104.18.12.242
104.18.19.126
107.178.250.234
108.157.4.61
124.146.215.42
13.224.189.97
13.225.87.188
13.32.121.57
13.32.145.10
13.32.99.90
141.95.98.64
142.250.185.134
142.250.185.66
142.250.185.98
142.251.39.34
143.204.89.60
148.251.139.77
151.101.129.194
172.217.16.130
172.255.62.200
172.64.133.15
178.250.0.139
178.250.0.160
178.250.0.162
178.250.0.165
178.250.2.146
18.132.138.70
18.134.23.117
18.197.134.247
18.214.111.9
18.64.114.85
18.64.79.103
18.66.112.48
18.66.122.72
18.66.147.44
18.66.147.88
18.66.15.17
18.66.2.51
18.66.2.73
18.66.248.107
185.64.190.78
185.89.210.153
185.89.210.244
185.94.180.124
193.0.160.128
198.47.127.18
198.47.127.22
20.60.81.107
20.85.30.134
2001:4860:4802:36::36
209.191.163.209
213.19.147.43
23.205.235.133
23.35.236.201
23.35.236.247
23.35.237.64
23.35.237.86
2400:52e0:1e00::864:1
2600:1901:0:76b9::
2600:9000:206e:7000:9:78a:e540:93a1
2600:9000:223c:2e00:18:1fcd:351:7bc1
2600:9000:223e:7000:13:a391:88c0:21
2600:9000:2251:6200:14:c3e7:6780:93a1
2600:9000:2251:6400:10:3422:3f00:21
2600:9000:225e:4000:1:a3fa:7cc0:93a1
2600:9000:225e:7200:1:a3fa:7cc0:93a1
2600:9000:225e:d600:17:5bae:c7c0:93a1
2600:9000:2491:d000:1c:386f:ec80:21
2602:803:c003:200::21
2606:2800:233:1cb7:261b:1f9c:2074:3c
2606:4700:20::681a:71b
2606:4700:20::681a:bd1
2606:4700:3030::6815:251b
2606:4700:3035::6815:4ea2
2606:4700::6810:7daf
2606:4700::6811:180e
2606:4700::6812:116b
2606:4700::6812:7f05
2606:4700::6812:acf
2620:1ec:21::14
2620:1ec:46::60
2a00:1450:4001:803::2006
2a00:1450:4001:806::2001
2a00:1450:4001:806::2002
2a00:1450:4001:806::200a
2a00:1450:4001:806::200e
2a00:1450:4001:808::2003
2a00:1450:4001:809::2003
2a00:1450:4001:809::2010
2a00:1450:4001:80b::2003
2a00:1450:4001:80f::200e
2a00:1450:4001:810::200a
2a00:1450:4001:827::2002
2a00:1450:4001:828::2002
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2016
2a00:1450:4001:82f::2002
2a00:1450:4001:831::2008
2a00:1450:400a:800::200a
2a00:1450:400d:807::200a
2a00:1450:400d:80a::2001
2a00:1450:400d:80a::2002
2a00:1450:400d:80a::2004
2a00:1450:400d:80c::2002
2a00:1450:400d:80c::2006
2a00:1450:4025:402::9a
2a02:2638:1::2
2a02:2638:1::3
2a02:2638::1c
2a02:2638::2
2a02:2638::b
2a02:26f0:11a::6867:4841
2a02:26f0:3500:16::215:148b
2a02:26f0:dc::6853:521
2a03:2880:f007:8:face:b00c:0:1
2a03:2880:f12d:83:face:b00c:0:25de
2a04:4e42:200::626
2a04:4e42:200::714
2a04:4e42:400::485
2a04:4e42:41::720
2a04:4e42:600::282
2a04:4e42:600::626
2a04:4e42::282
2a05:d018:d29:3605:2390:b34:10a7:b503
3.120.106.63
3.124.27.64
3.126.140.73
3.209.43.118
3.212.26.31
3.219.38.131
3.82.239.242
34.120.133.55
34.120.58.62
34.232.27.202
34.234.134.156
34.248.187.45
34.68.132.100
34.95.127.121
34.96.77.232
34.98.64.218
35.157.246.167
35.158.20.13
35.158.236.126
35.170.30.54
35.184.218.133
35.186.193.173
35.227.252.103
35.244.184.131
51.89.9.253
52.160.40.218
52.206.60.169
52.216.242.208
52.223.40.198
52.44.229.202
52.46.155.104
52.54.46.88
52.89.126.190
52.94.223.37
54.216.193.48
54.221.208.196
54.231.229.145
63.34.160.33
69.166.1.10
69.166.1.14
69.173.144.138
69.173.144.165
92.123.17.141
92.123.21.200
99.83.181.31
99.86.240.121
99.86.91.74
012d5ce95232da29e5dae8cfea13bcd72f7d3026705db2110e23b4907f34a2c4
0159831273549544cb9ff04cb7f31edfa5797d9aa4bf1666636bdca542479b76
017a73698ff14f115204ff1554c03852673d54d2b72f8fcc2b6305576f838f6a
029090a52c4d103c02455d253f0bc565d05d1099bf97d769ffe18aaf5b63a8a1
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
02b3ed8b16f9e8eaeed74f6429ca3ebb2073c5ccb33ab0b0477d1ee13f495cbc
03a36227816959d61be3a6242f5e066fb612b1dfd8d0e10361bc8c9b1c25604e
042110a177712845ad988f479fb24541777fe61fb991ab896c5964d1459e99ca
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
05488f9b88e6509afa4c9438d1352309aee2b020a508c76d66f5691f03824ff1
0597ab745938c4a2cc0818fc2447beb211629e484fed0b4143bdd6fa5724be61
067efced960244ae0901d54bd080fc97a44151fbaeee876bf8156ba5aaf465e2
0697912270d4ad04615851261fa60a3db4bc88e3c0316d1c97fdd3a5a7c68931
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
06c670d4a516e776af191035f68642cacdbf4765d12069722a53e501905044db
06f649b4f873471f1260fb558665d798f22b84463c4dd1e34d01b14a3d8cb9c5
073961274e77bad6bb6d27370cc7f5f92d33b4f89423400dd1b5fc26e99bd4d6
079720151f8e5a548186737593346110b3534909e074b4de98de5f1923dbb486
08972be59b01affb938f44e39aaac6814cb024456188c3a97d07f14dcd544d03
092c53b50ef01631c3b6a171fa30257a1461bfae98689d17d1b9b0b085daff04
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
09830b9791bcc0e29aa62ad599f8e93a90031aa238269fc16de81489c7cc7a55
09af6caefeb671f4527e8bf54659bb482eea031fe6899bafc12f149bb14155d0
09b1180a5d7ba4cba353b7db720d6d2ef11acfb0fbbd3eb14e84cafb941365cb
09dc0765a9dd7efe2c16814e023c0509771ef4cf8dd880a306c59b765942d983
09deff7ce920fe0e5070091780cb938a855578cc907496957780c91e7a36028f
09f9f507e1b9603cb213244da6e536b850fc6934a4e28701a53a341562e62c34
0a2176bad5be68ea7fe742d9ea76084443f8891101898e212361a057b291ca62
0ad9548daef7d5a5123934afebf88c25adbf010517d80f292818b2d19fbb9046
0ae4c07a445aa90ad9f25db7265607c6eaf2654323e5693fd8be2b7e463d7dfe
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
0bfe49b701fd9654d20d7fca23cd7c83371acf5246895526637e4f047450cede
0c2d5358c7df05018004b5ff5434f854385d8fe8a64593901d9ae662564592d3
0c8b503ee21a8166aaf1014f6754c6c53a7ade6ae48ed5ee4dbee415e6aff24a
0d71b1f9bb2c1439edff9c640fedc7e649eeaa3a1d5b5b08199a6877b3328a71
0e2a560f13627bee0925e5e49243f611d9a4cef76f56f4c96d3d3a6510a1d29c
0e5876173a8f57713e246920bf4f8208f9df85eab7beb95193ff9bccab26c533
0e90a6fc772e2d98b5cd30bbff9abab44fe94642b7f93594d8c9c925f7d15944
0f6df50c180f8bf651823d78b3a5ae8f83c99c9387bf93f0c3b57b385380584a
0ffcf3aff7299466635b70c8562870bd1853a859a488ad86d51b9a9da1e93a7a
1099ec07c289ebd84f0514d6e20321df20cb388797ca17e78000bd5678d793d7
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
115d83ece49fd1c5769409aab9d78572eed86cd38a0556b4cdeeac82c83091d3
11a4b7dd6aa3534c1dc9517e87d10874580c121a55b6534b2f2aa75892db69d4
1219d714e27f186eb7bbf428f0553a2a5a32fd30e6321b10af81582c66fa173d
125b1c5f96e7bd6829d8ce638c463f14c0a78f7cadee45d6ea4584b897aaf1e3
12617a86d84e318f81b68310fb64c66b79059877e1b550d2e7a43472e0c417f2
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
1395f98bd995218653eb521ddaadbf2728ae9bf8920c8c69f2e9d8381fe88afe
144af7bafe02560b9d2ef48a35c13844873b533d84db56b03b0f19263cb7437f
151c4c52c25dd28c33321aaaeabe879c4814087d4eaf7545d93f5d81d4d1c4f3
15a39e4e0d5be9203fcce886c5f740a09b64fe9ec72c9af4c59f7cb10bd78064
17fe38ab302c7e5dbfb5c3d87801092d79be958500db6412ed3bc0f126bd53d3
18ea529b7205175dc1cea86369857467bea10907f294e8d22ba8f6b4e5862e61
19017cdc601aa34cf014ee43bbe16a2e8c888e46335946dd24253c1380d46888
1947a61853d92ddbe4cadba9b1b9b1f82ad5ab0e29e327577dc00bd81ae667f6
19a28e2d74e7eee25716e5a9e7bba44191ae28ada05995a5107d7a85cea3054f
1a97a1a8b88f4fa4b1eff7a0b360e7b17459268ec07a8fd8001808f191b3b002
1a97af754d1cf9f309454a9f1103368b6f6a70a33520ae5c7434cf6cf1788f2c
1b554e416817f0aa7a9de1c5feff17579fbbc7f0b0754d073c4d6f4e7d4a7c29
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1bdd3e645e5be204ed300083ad58af70cd5eb69e6b4235bc5b6f7e98170951f0
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
1fe58e459d53d2988182091d15182b1299831468e014f5ff74a66856a46b966f
2134c475d6915ec706aa8aec9b78d83297cfaefbf42c70ed818766168f7c73dd
21366c3c33ff44793eef95d72777f5208600cdf01fcc7276ef1b10f16971b324
21776cdffe2c79712ad66769d9b72ff19b15ea3d00b05742a86bf89108b62325
21ae863e166094b37618bb195db2b44719d89ea2f7748b02ef140c6ed03f0370
22c47ffbe21c5caa8e79dfa00fce0665be86891e5ab44a9d762c707ab4eddccc
22cadce4f1aad2a4af3657f90efa02d4e3d32217fdf307ff69512771d1fb08ab
23091133c2c9c43412cf7ee8e2471a7cba775e981334be7d13b0d78d9babc5a9
24c0e724005344165ee0a0ff4c96a914e174bb4caa20c8a533fb194d92853e95
25b66985ea9b8693072d2c2e10fed3a00ed48eedf1f27528c377c420f9773ca8
25eb3f0340ca71f3b5a454e9ca2d19a81172df023a2c8b1543258ffd1dbdb14c
2615691f85ac35b22617512b2fbe9cf25fc68820884d8b0ae574180624d17a8a
272d25a3bc4e780b90797dc968a382dbccaa40157d7612ace2f59f2768a6bb86
275139d27a5d654293f562ebf0d9aaaf67b11e1c37b9790836be17bfb7fd83ba
27a248eda1fdeed115a09b6721edd068770883206d013e5b493a12aab50a7c41
27fc1140d13e14d49a0489a504c6666969c0f1df2d70397e1c2b639a19e0a265
28046ddcb2fdf4957605e9ec2ce9969e03cc043986f9af8cadda905f87fcb8f8
280ba18a8f425a1b61e54b9ba124525f0a098e61d3b73f6cac37f88d5bce2821
285a04b4a191617714f9fadec5204de9ea5f9b8c77721393c263085c78672a6e
2893d05b01bf3319c158d69c731113d6e7cee410f3489c7abe9d3e3fde46daa1
29e3c74e291617b3ab2e1f42871d78d17770719a0d3ec70d9d8cbd986773792c
2a03771453248c5eb3ee390d87edddd490ac37484b6a6c95567ffc222fccd107
2a3dbbbb4028712475b2a7cc4a26dab0ca4aedc8ac51c8b9c9b1d699389acf93
2a9dd57a3848214eb38b6767b2a82a70ee7dcfea23350c8a2ef3bbd45d51ad72
2b2390af9800ff3f211c392f8389c524ecb8c13bd52629737272bc4981543541
2b3afd179f48753686fa80cd090089c5088dcea5842218e3929659d4aa05e923
2bb58265c9629d2aaa5df11cc0b419bef12a0d340ed0b1c1c98e0fa4193e523e
2c0f3dcfe93d7e380c290fe4ab838ed8cadff1596d62697f5444be460d1f876d
2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04
2dbf38d330768f22c5cd332207d1b4e646662477392c812aec3c253520a89b80
2e169f8349d7514970d4991a8b1fcd050f58a1a1d7fa04c9f1bdf6e33eca03e1
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e
2fbc468e52116b00ba148221687c812cf4c4234a84349382a1b87bd9db59ff23
300706e57de1a7af148bd670379c4b39bb36dda8160e42d92747a3139af37816
30762a1a4fdf9a375400b0eb551a6bd3f6f64305d903ff9e25ee783da3ffdd45
30ef6247f3bd8a85b920e5d3986ecea1758e1b805a038c482b51704d403c8241
313c58521dc9299922e5a9eb07c4bb418f13e5e06142ba459fd03ed5d86dc543
317411aa4ace0961a35e28f5a79c28dd52b28cdda84efa46f80d697fbf695b02
3262c2bd70d868ed379b89eb25e964bf826721f17189a5170c352d20a7563f94
32dcb7b5d0e79583353a56225e4d8097e004103102d584e245d1b96547f9948d
331577f2dea34be78e04f38773004d3e39c3370628d5233108397358a621dc51
33edcc8df004f4ddd374961d453e0bd40a66f741500ffb2a6f0574a8a116cb76
343e8bb1ac79eaf674b71ae9b5da8696724016649576600cdeaf11b69704ea40
34c3ae81cd958df09f8912557b0a7c53fea002cc24b4d6058d852da53811e414
3580e8c3b1bda26a8f253377b00b267bd295e6cfe846c152df10d43d8654756c
3596c8db4dfd165d2fa4af70f72fbb7d22caab7c9b7aa1cd7e91af4a663e6a8d
368a4c343dd077cc461d9b3c7226f187fc6e35940bb4747c0df8fcd9f79d2dd4
370193142ba1758a2307e56fbea3aefa5ae5a9e7af9d60f1ab604495a76d0a62
379d5d25ec91f701b5a4565c73ea00d999ee7292e121a0564d5a445d285e35f0
37da4f4e9645bcde259d1669db9d2548d9ff4f80e72bbe405232924129ae4db7
382156963a41cb48ff4a4b628abdbce0f4c33e4e14bb3a594f687723ffded592
3936ef1c8f1732c0c04810760b747102dd4431bcc37689c27196de5d030ba858
3ab602110806e96ecc398e35aaab291d67de527cb18f3fb4cb09d36802e5d050
3abbb2131f0dde8b5097f8dc5bfc64b269496967281503242d53bf362083976e
3abd2dce8d526360df84778868c24f749c9f707335f5ac8781c8cba7560fa320
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3b7f1a6aeceeb60c709478e55147a48f4031ac6617b3ab089210f1f1f59b7204
3bdf9d951bc2a887da328c2c2be2342fdecae4494fbdc563e2188e0ccf1264ee
3c274720d3ba6d9da9a6a1feb5e9edabff5c73b23bcf552b70cd105f18baa432
3c86d02f206440cf3d81cbf052fdd8f978f5e558b79d75ba27536771137c2ffe
3cab875a2a392985fb6bc7269ea092a6b16d208b2ba247cba8bfc0f626d9caac
3cd0f7339e3fe1e7228f087ed90b78e9fdcbcc1db30e4f228e510ce6bb220f46
3d34b2f2e02c7937501dd51255ee7900c9ec823f07b3d8d0fc19c5e242058cf9
3db1dddce331aee93f257f7b27e47af45cb11cfe485cd914afdb076bea09d21f
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3e8b68b3f9f841b2d071c9102cde5e561142871ae2570f20c8c0e4046da32f2b
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
40ffdc0909c9960fe45b6bc74f259dc549868fae4b3b7ab273eb1401ba684d76
41ab731b25c3f7e4f6cc350774a28353c667e79774622a915f8b16b7897ecc4f
42197f868c8a022a8f36574a2ce910d007c7254e7282742500154471ca82408d
4232418f7cc732582f6471f0e121f91014253ed22617d140b4252977d8c18ddb
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44ee3510bf8c6172582ab45bdb1928288db7599f21bf696a9464eb181a91fbe2
451d7babd973b5c0a4239572335398dab69cab88e9fc3bbb77903db31e823aca
470c08fa28fca932e3fcdc61dcb83ce51358958be3ef38909846174969db5681
47395347833919b1b83bb90b7487da0d9213502fb8f18af28230b9c4a199affa
47bb23643a2ed63a16373248182233917a9c67a7e601f1d3d14a2e046ff990ab
486278462338724cba65ef7ed7dc06d9b7d891383b4ce4c257e59cc9befeb06b
487c94f553476ef5978265344ad4290a10cabb1bf6e489cecfdd53ead369e38b
496db6d47cb7396e6e92ea0d527d26f700d1719a5e993a26379d927da5fd9b20
498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9
4aa5b6229cd6273d34e11a5b7e4190461995418cdea37e600713735d33cccbb8
4b05d7f4339a505c65d2fcb1b21addd2a13a0c155ddf7ca766d1e7203b2b6cae
4b08a4e1249d15a5528ca608417b9eea11b7950b4d8ac9f892456ebacb26b488
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4bc1ecce260e7dda741c29ee094d34765e9af0d3796ba86f2dd2c0fa58026cc8
4c9b04f6e58c0930a81da587b66e4c0cf5b4cfb0fa627c6457c1c806eced7a36
4d5679eb4ffe764c49e2fb1386bf3ef04139e7a5a9e867da46aa1045374d6925
4da6e550a33bcfe8e2042ba84500902420a42c22a12c79d15ae953648b1d96af
4dd9a0a89a6f744f971d703a692ba46ac458994d236cff82a8f79a0d1980d4d6
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f0fb0ccba6278d94ffcacd417bce27eb63efd7b378bee5ae80853782b12bc1d
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
5022fcf9de86b31fb30f480f4aa29fe96298d33242f5455a778da9f3079550b9
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
508ff954224bf2758b378be9f05000d65e28ee71fac1b3c001920f58ce834924
50a160cfe093d79770aa560368661b1ba826f3889e419198822a96b22e644991
50ca486a6b07d73a0ea275c44ed837c4bbbb30ac0a60cbcde818c2121f0300dc
516eadac5b177c303c3f7f4d4c67a5584125ec3050906d4707ccabc2a32bddfc
5254f451baf70066671623791f4e6af37ca2c992fa36e3ad577d51ab8d827d4f
5270155ff4a7e8b5f899599bed68fd18e6bc5a609ca7a451371f3ae24e2380a1
52c41e6659158c4ee481fa395fec5b2c3936d898c0c6147a7169243c9f9b4019
535f71877713ee932cb8d5803d4130c058e2e5c75cc06cb42e4464e8950f542e
54840b37c9d2e2d816f632e1e78e73556a3329225ff44b7462b16537144993c0
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
575a1ddab506fe53ed332fd2b02df023cd604fde865c90b927d7894f07d5165a
5808b9c4fd0b04e7bc4a4c2611b79b217369b5b200abc8b707c0a2f5fef20c76
5864d61d2e023b4443c481022d223a128bbeb4d5dd92578837a2061d9cb396f6
58a8a37fc288ebcb1babc66777ac8c7a922e145d307567c8b7a824dc959c41f9
58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488
59f5eacb66f0acd853f018e20bb9423843ea7730844e65c72a73df30e229e267
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5ab1e1aa0c56753c21741b385ad4ceea5e19afff3298fb0a98d17eb60cff7e49
5ab53299486253679841688884c74e9d7db2d9922f7f1db3d375e007637dae65
5b70d4870b01782d5ec190f549ced4164ecdf602684760f20b4821aef6e607cd
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab
5da042d5812f163384470df8b5fbca46e8364922c47407a8dbdcf114066fc6ab
5dacc86b8a64742e60d70192353e5643da219a3f84c0b26cf6116b06b67fff32
5e57c6f907891c213a4be1b8db03ae43076e8a9ac6a02a88fe33bf8dca52dd3f
5f38c9c3cc013a00e4b6afe2322a99b203116aaf6ecdcff0ea5cbe0472a4e226
5f7a1d5a6ba781ef51870c2e484f8a77f7b5c0aa94366f5fcc4bc290246a05ae
601355040d9e7825c1c8318a75936be30c28a284e4052d4130009a30c470b41e
604742afebae557cbab93a03115a4b1de7dca866a78b27dc9d424403e60d54bb
616cc06d3da590a6ef76c03aa705a5a1fa8a5cf4a4cd7c4e5e7bb3e484dfb4fa
61b9926e5d52c52c383c00d7e52f2c491b15e7cfd715373b53571632a7459517
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
634b42a6ef5300f0e3662556f06bc40e625f6fbecfd08840fefc4dc65ee29717
65810546bf9cd2610f954a318f819b2e560a2392eff69d32cd076c72e065dedb
65e226000123799297a56f51eef94bc0776a2c43daa6bfeb43b4cab3c178ee6c
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
6885380bb4328ebd9c2249b68724cd410e633bd195290b858ade92118b7d68ec
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7
695ce10188e5306fcbf679b7cc125b6eac681d124a85a5908bbd8d0079a47e9a
69f0e66de394788011c9e0d5fcf53f1a0feb32aba17b18c4c78612cd92adb44f
6a526700a518d11ba17f9e4afc2fac0b2cfacda8a91a1975931bb30d6de3b479
6b0d53f1548dfcb970e2af0eb8d1df0e75387a878d6e51e51200db71aadf1196
6b1b8ad0a5a19ce775a74f4e5d7b62b8599c48fefb0c8b5e3593df4e13db634c
6b58c013d6c6e77c34ac7675e3179b568b8086b43e4083e8d6a4554ab80ac889
6b88007a74c504349058e7426f51eab20681dc27d871d34401cd08570e04df58
6bc4cd5be69f0c87c948ad881f4f72e4414b5e5166ba219b7a6b72f197b775ee
6bc768bea624dea37c72c8c10e291ec038548e9efb239b25eac78c77c595714a
6d233c5aa995bf9183725f76a032e297d11d5c7dfe7e1afd2d9a6c4eea16d64b
6d3682f29a884e775dcaf87788e1e0c1677a70ef977542cc5729f3c5198a039d
6df57539628b216a0cc2686a286fbaff2b2b1f2eb7218136d9b97dd486298442
6e206304ef613bb43bbad63baeeef8a0fa2c96dc7295c45f025131467c14aee8
7024493525030ecd098ce0dcb2f0aea839373775120b40580028137b1d125ac9
70992ab75a72e14a70226c3c04954f233d37af25383a561300aa3e4f00a5a910
70be92e9b48e93df20fd4f071e3e4f16c83de8b83275c400fbe4277bd7cac296
7164a212fb4df27bf1e006342d1686badcba58f5a5d301772c14cc7adf1d4821
71970ab429bdaed0de1355bfabec79005912d77d19e02cae01dfb723c25262ac
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
72a2571dd2b114166403e8dde72f8994233e8b74022819787d38f2f4e850dba8
73d8b1bfd0c5571681091fdf1d482bfa525e001fa841c919c11950cdc22ea49f
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
74dc3a5a84ec8332a42ce30e371a4439fd26251b41bb92c837a70518f599d6e8
7620aad53cf1205b9e8d2937abaedd14720f36596090ac12ac4e1b64c12eeeea
765044c52e1c5b4b48bebd8215dba3f64b724fdd8d9795b2cd354a3a83bcba0e
77977163e280409ff018a05f90284b2637dc97f2d9c7d39e79de1e37bf65545f
7798165ee5a3c6809310d8261dcbe7c8d0c12d795b7b09a71af3eb86ec8f33f2
78b8c5ebdcbe9b538d0326396c40f77c5e0f529318a4df6b8cdb6a578527c0a6
78de156bd0e5d06b4b8776af15d929962969e7323e898d1f564d658be60fbe52
7a06ee584bdaf2aee88119e3ff69a8a85fa64ee6fdda9becd58c769ecf6c1e6b
7b9b6adaccf0249565da328b6d6f7b533c08d914757dd0a635193c33a7f183ce
7bcbe327243628310e84027b85bca98a20d208f66f64685d979c6ccfa587d2d2
7beb96ef759b267b4159270a64ca009646a2e9a725882896b3dd431198b92058
7d5b1709b01c32589de685fa1118add1d8a326366e0f50d50b993e4bc8127011
7f1d279703b902aee3682bf47afc04d7d9a4417e08a137638cd8dcce1141c450
7feb35802dcde87fc102cc93bbf632931166012b837cf24ec881724537a0b489
801c9f9f43b0ac567b2a38344b4208c9d38a337d2ef534c3b588a603350f78f6
80cedb5e5fa85548eaf3a95451e57186182aa440e5e8aa2f38c204d8b38f663c
812b0a1164c9328d06e87b8d7f84642aea30f1b35f28e5eb3429535fb49e63f5
81f216e64d41cf942dc20d809c5f46b1369dc05238c28bac6d6ee8e4f6922f9d
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
82ea54e3b5ae0f591a3706c3141a5c81ce5f682a536342f8b7375e0c442562fe
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8418a2741bd3a9983a9ddb2fb6b1565b48b601292ccb98aedeefc0516920a80f
842542e571b27f1586b2472b0f927e13973b6b47e5d9fe345abfd2436eb24fe6
844bfb2ff3311ad9b5611b51d8c72e0c483a8ceafe7c625a5c321637f9277399
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
85a585e78f45829ebec0142b3cbb22ce1900a3be9c8a5941941a2a19d6319c14
85aee76744e58ac196c35cdcc67c46fee65ac29503850310c34d46b4b0040e37
860ebff04b63aa7bd13e38ce1c12500f2d7cfc73a42afa0ceca62a526aa00fc1
8638f3568cf35b04429b02b36b4f4e37baa12bf47b618e530dfa728022c1d41c
86673dd8a97ba25772d360c5b66dca9dcaaed7ef4d2acb3b6b432591a8e17be0
867606dea3b735585df167c32472a766812318bec7b2f5fbad0ee316d22942d6
87228b5246ece9b12bac05b438794791bb67239aab563dafb7e43eb4ddfc8fa9
874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
87b33d5cedfcdde87d6fd8610c33eef870c860b4745bd3d0e977b9d47ef9954d
88292217f6a404abcac66f09259df9e254c69f5611a7fac7c00584b8ac6693e1
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8b52e568ae1266fb61d2f9ba1be24b302d4a022844972683e71276cd33f2a888
8c49b34a567cb1d6c3d26d5f80db23c1afec8cd2d34f38e5474d3c6510e20d45
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8d8de3829d2383650a9308f175c7017fe6f3a60c3888d6d61e089f9b19141323
8e2d476a3da7d96d989379c7fb3be5ed4595a5dcdf7164cda8b5ecf0ed9a39fe
8e39fd18d5e9a74f598cacebac92c4d8a976f0387e45aef78e77047e03b8c8d9
8e49b984d20b3e7cb3f2c4a08805dc3f66bb8a58ec08c365d0cf955dd57c77c7
8e6939e5f7b51aff73455e90d19f3934a9f4dbd2aca2b32218c8f916578af783
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8f473e86647a1f9a991c26cdd2f2ee1c56376378a9f36587403a7c54c4bb6e23
8fcaefc86e136654f7a6d9ac280844f82f37fea09039e7d36bdc42d7f7d2083a
902c8fa8b74a04712f93754ef18d25cbbd7ff7d3cf2c5d9ba41bb33233a6762f
90beaf7b6e4e14893df279b22a8b5255a276d2d444fd431ef272070b72869f90
90d445c5330607ef269ff71d28fce7503453b79560583b4b2bd66836fbb6eb6a
910612fc65208677f4e2fff60558e0f1949138a3696402a17ed5582efe0d2649
9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a
91300a321384409f67ff8b78859154cb77e88ae267c858d5aa797e85d316b7ac
917d8b24996bae8dacc707051cb5b6a86436b0fa993243249b9c5ca88fc76276
9180f589b3c6ace89b0d577f9bbc4d136d2fab3e2c19831caa0bd815f0702d83
922f21a191031ac9fe71d2e81be84fa3a0f11547225503818ed419315db5b4ed
9337f499c9b0cc63404026b5448c6fd449df6ed57abf148722751a3a4b992c54
9338b2f2bf36668c9ecb49cda4459b8d8227c5f031abbe917891f213b1991863
934d098f24bdcb143e9f4e6d9e4e354510ed399f2bdceeae1d65c77feaafeaaa
936b618782946d0715e6e2072e8cfbca6c75c508eaa21e1a09dc9bf6fea67d7c
93975ae1d8cef7cb7a8c05ef392abe1b4d080b570b19cab279a208afe7d36cf9
93f534249e595c1b7c3dae579aaa79f4d925766f308ada532ebe959afb803e82
941992c31d8925f9974df5c3982132ca2e44fba1c15833ca99291ccd68a69d2d
9430bcc9d39849aac0786a7b4e31c0c508f9cfa27e3165fb67daacc45f0a8975
948c224783bfc65ebe57eaca98e5968a10717272ed8120746501997509fa564c
94a557b756089fc7dde1c857bb1a2f776dff6aeec3ceead5c2fa2304433b88ee
969c577b1459c03ad78597e6c1f13a836dc74a439e9c17b0094bedf4d312e57a
96d82e7ded574563b5b6018d4ce1e2e49bcfd9278ba02bb8103c307f5245ffbd
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
975bbb7e2143e20296d5c81673127c8822340f866a2f14f1853a840f716f7cfd
9781b7cbb5df9582c7fdba6daaa9a8c63467c76a85c3bf9fbe71bf705cfd7a40
97e82d8eac8d106b28abf1b716982c40c06fffe49cc2f34cd1c299266745ef73
982fd78f58ce2a94e199e5b624969a8e7261b31955160fce4d1ea98bb36bafb0
9861f51d1896f195c45f603bdc6b7f1455817966f5da945371c922a6f8797711
99a3f66de1863ba8d98263cb5dee8f8f4ed9ff5d081ae0a84fbcdc1437e177fb
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9baa573e4378873b7ac81ccb1d954ce9bb2b1a933947ad3012263ddc604d8505
9bfc7d34cd8bc7df36a984d6f3da50799752e33c48bbf07a4a1ee959b51476d0
9c90f5895a0db476c81ba4fffb769a03b7e097ef26bad2fcda65d507e188d583
9cf71774f1f1f6c394e18096287cb46b53cc4ba8e2f17af4625b2dde339f4776
9de5ce2255bee94141be64a2b4e435c9f2c9655b3819cef844e605ab2286a34d
9e25469f734732205f33dd80ff8ca12080406c18d2fa99a1f368103e51f7999f
9e4cac65c7a5ee0bd0743afefcabdd3e73854e1284ac9ac433813d6231f550f2
9e877167f6f54a122bd114c9429ffdcac4704c20443c9a0aca0fa4b90a86aca9
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a00043be538626b75543972155118579940fb8843f8f6028039e39440c9fcc80
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a15d10ee6ae48395020b55338c0384cc95c1baa147d27f4d0fe05520beb75ff1
a15fc8ec93b66e1fbc725d156dd541033810b93ad270f976205cd819e6f137ad
a2b1f640d7ef845e7402ac76ab0b49bc2b457813f344eec3fdc7e9ddda7c0cf7
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a3b294f2bccbcca32fedd36c537356903ddea7e33fc3eec97f774669a02db79c
a3c7185db72206d6b59ae8d25fd2686eccdf6c1cce9a62b5fc2a68a9a246c765
a3d2e1e7066775143da6681809d6f2c359736315cbc6457e1faacf8647f3e4b9
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a52f7aa54d7bcaafa056ee0a050262dfc5694ae28dee8b4cac3429af37ff0d66
a58c76b78fc011b0c4a8f2c509e31957c5cca3a151b04437e1727c1c5ca9cb99
a6ab7dfdfca4f10566682705e95b72b4d3d85e2a18a83711591b8ff6a9f4b3ea
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a7b4483f9426b5407d14cbbc79ff707cc89f10c5a78917a9bd9c4dceb3770110
aa40ab4f89a7c52dd9cb78a8b5a293e16d06595c62ed13db9bacc8e45353b61a
aa5f1659f3273f8415c6b6fbb1caa04e9a8cced46b25e84a80e583b1f857bf12
aaf8f12803b4ad271150052907885cc4ebe5d439479344e63ddde9818c0de7ef
abe55dd6b57ac421f1aeb49391d2746584cbf8545fa0fe597b929e82fb6e436a
ac29fc9498dc56fbda4da6ea6700fc20349649b9f4c1addfd2b6c04ed144ee5d
acc3c4b04f19bc9067921dc3e4ce4f734521bb13b9d0c9943e8fa9585797114f
ad8f3bfd8e91301c77d8fa64ee32b41ab06245eb58adeb832f40c71b6ed5da3d
aebf876f9e6a79cc725c099ff17b2801f85aa7bc16aa106cd164653662d45fa1
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
af88769fb70738eb76e14f1bdb3d7738c94779416cf02d252c16270a7948a9e0
afd2447f77118df6fd4b8710c2b23e7bb4edb557795c643e3d8a7c12df4e6586
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2c78c910f5ea29e3a9d223dabc203c055c8708b1fe7d83788b490638126db4d
b64c070e33c73628d39ab223f17487bc8efb2944794231186aeef2c3e32f5288
b802fb3c01ca3f7db8a34b590089a2b42cbd17fc9f54f7427f3b9baee195e5bd
b85d3d93070d110bbdeae3fbf2f78091404e348e2264e0b53f922e4b85bde2f9
b9992e87acdce0b56ae06a416a40ba5b4771a9cd7701d97e9487044dbf1b65e0
ba1bfdef6fd715d9b9c3d6f09f1d1c46ae3e1abf8344750c22af4e57d1f7ee31
ba206a402d0a493fca32482d3aedc3cff60010ec9419e9628654ef445c244195
bc611cd3f2e427b4b4c098b3cd5ccbf6e46754bcaa2bf3e2445b0d2f83e78b65
bcfcc890d38af598070d6334e94089f8884f4c5ebb4a400d1f4ac303b503c8c8
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
bec234cee0d2b925aef61b59e119b790f8efd19170f8f55d86fe79a5537db5ec
bf5f3a5d952adbc5fa39717df95ed452435908c8d36c5e9d5d38774ed4444612
bf78c9bad3b9a376810a5a12afa3d5a7a3ec5199228f34ee33d8ae13536a5f1f
c12337c132fc5b05766adf8806c16a2950c0591708c0c45263bc1496979c1870
c14569b287795db20f175729c90108f5e756049018e48f45d6f92c11c31be884
c18843592eb30c7f4647257a17097d1e7b9e25567d027f6137819ab15ae32ed3
c1895630dd470cf7cec36822c5d6367191d530ee9979fc72f0bb96a79da4122c
c1a476b3442043756f97fc98c480c06c65c74207e12ae6ba150eee21d7eed067
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c29518a081f4d4929523a86c29ee3b49ef2d3174c663c15dd42ebacbee783e6d
c32f6d59451b0d7f467ca522d2c309ada7fe3af76f8020217a59ba43ffcfdc02
c553969bd23285a744d2600c4009882596fa8efa3f3de875119861701d636c2f
c58c36c98447d189b8bdd65f5c404698bbd42b671a98e47473695c2b04328ccb
c67f294f5ae43267fd9ab4bfed7346b69c9581dcfb51d058d64a3ba202339780
c6d229fd71143f36b3de274a7457709f8e268bdd2a303f232aa005a5aa358d5c
c6d36a345aad21002e4db0c4578eba8e9979a61c22f112f55ac95c166cabdaf9
c7ed7ef9182dc5206d1b7a8038bcfe2b57fc1be96d78b75152e9b713ca4ef2d6
c81f31509d82f49a3b104252b29b829a96acb10a478e8d0da5e1cb2645f53b17
c8316715915993407c58faed4be61e06446a0ff04a70733c9bd26752f74a6fa1
c8973d0c17f0197328db2b887c2208f9a331fc0f56ab2b5f2a7f93ecd7cecefb
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
c97324da5ec664861b5e49d4fe8ea58958429cba5f1475de839b15ce4f970146
c98566cf4501541514c7cabaf8b654bea066d820793e6496791d1f6913415001
c9fcabd6766d79a49d07a82461fed0b6e2a9bde6bd066d5107c4aabc9a7cbf36
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cadc72dc81a8e767b3da7e015267c1ed4eb439249277937a2e83f7d29876350e
cadfcaca4a9c47625fb8672234a17a72a7f3c1d1142ddd659bde24221d208c10
cae897bdde94867960ad284a56b1631296eaceddf5710a2857127ca0aa2777d3
caf2650aa985d277b2dd131a6261888bc64e6c9bc15e5564bfb9b380bcf82a10
cb16845f3c28284255639a36b2d6fed7a0f10aad38ac166cb8a7c90ee07b4372
cb7aa6b06aa5a8eea3670662c4b0c37104041c14575fc170dc48677a0506a33a
cbff952e8c47bf976906662ac210c3ae9aaf8e10820d404e8f760bc273bcb4fb
cc67f48afa808c8c8f95c8e8c11cf7f8d57d96fb901e8548a2dd2b61f9b1c2fa
cd3a01f808c4fdad4e053bb22e9b786426906560a7a707819fa43884b44c1058
cdb4ee2aea69cc6a83331bbe96dc2caa9a299d21329efb0336fc02a82e1839a8
cdf42a5d7b2de4a7c346f7b8f18d1206a2e99352fd71760a7f9edb784abce92b
ce0ec241bc51412fbaf5169a514f991cacf1a11d3860fe123cdeea422035f9ca
ceac59c57563e396505d8250e2de7a33186b50d5fc86632382d2806bea857a3d
cebdf07b17721c086eeb3135a9367f97f17da9650cafd06f5b10e9d5eaff2315
cf12ee84c417cbb401083f27253d0541a64dd8605c7442f8ce8a22fe3026bbad
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfac6241dd3aabb5f1552c17501790093015c006a8e13671823c1ff4872beaae
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d114053b0734a32984149e572c5886d065dfe4bcc4c0ab76334dcc6d3662ccc5
d1a0a1b6d83366106e152f1703e7a4762df4f2a95bcd45dda95c362e27c64fa0
d1d05642e23866a6d7fb1b165615355e7c01fffaf89c61e9c14c0beecb96ae23
d1fad3cccf4dd54107288231c65bd65f1b0096295128d25de812b6de54ddb9a1
d1fd346908d8a8f026e8974fb61c587e62eaf2a35675f8ed015c9e1eca0fa463
d2a9b93458c8585d80a3d1d19b15d785aa5930a1cf337489c3112f463c0f176c
d2be56cea1a4dcdfe58a21865c56188678e70e0cb288a965f649829ad71d467d
d2cdb4f2ed4b585d772068df75c01d0a360d45d27294188fccf5ceb4255fdc83
d2e47ce9d709494e8a4c5d4bf47774a0dbaeaa17c259a429f18372e36777578e
d420ee64cb607d68e208a3105b39934807ed2e4d43ced2542f7b6b0cd153ca43
d43f8c46a66a4d7ee79dd714bb6464d91ec7634f547f2aa485e353839a146d19
d5af0c3b61d90e5c62659b628a82afb92e2c02183fa535bf22c04d642e314144
d6a5789ddcefcde65aca42763fdf458a4df543f92f13d903aab39e05918971cc
d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
d80b9ba4d9ed354519644fd9d90aa446ec818d52a9b98395c80a43159dc0e887
d862ec0d2b72e9f1575615db28f4196cbf0f586adb2208c605c691d6e06ee6ed
d86f3c3baecdbb9ce3be42bc9474af56136ea185412a8c7c6c396310059d75ac
d8921a0fcfd2507826836106dcc06e0612c413bf3797cab39402171724b32df0
d8a34aeacc4054bd4e119e538c7eb4956421014f48a9b603d3f9314a7435b5a6
d8f14ad34a712b8e053487c63dcb52721155d3eb717a064fc4165f7f5387c05b
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
d997fba7832cb78b0933a9eb2ce191d53234c978e25c6c8fc50c75923ea8405e
d9fd8548782ebdcb2dd99ff91bac5d397807a6ef8d57e14289226a4d29507e86
da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c
dca48f3a946bbfa6545510ed71076aa805c1b8a84bba5ecc79fa39ccfcd088f5
dda36ab0dda2b7ba616e824e0dd455eb222bf9fee24984c74e19df9fa962758e
ddf89cdacf98bb3a625393cc6301c0e57d1a40b9aab4e246c21c9a37301580dc
ded83dfad5386763df9b7180e4df61811351bbdb196a2d8d5f9f255debf59b9d
deee137a6dfa1f234d7ac0a3e2a41ad36e4351c4f24df0be7bd608332d969dd1
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7
df861097109f6796e59883ff419d4844a6ff2dae0d619a0d33b9b942bec0cf68
e0409be36290c1cf05ab13c3381cacc11136520c0f01f7aae79fb7359d348991
e04a56ad7a9b4d9ff57c4ba0203045adbbb08341e6e629a352be098dc54623a4
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e0f9afd978bd46213b0bf16a6ddd54ef257e84dde88e9b428c373b501a2b0b74
e18c273d7ef0826878f4159bf2b9809263e0765ca2d28c6955e9f62726ca1da1
e257df7266563e157bb7df93fd09c6d13afb1c9554468b21c7378e09a94d3250
e2e53e528694d0489b0452944f6e47f8a45448d351cf30513cfa4ff6e5815312
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
e2f2597386660b972fe84faa90af129a353e7e8f9990df6f3b14d0165468350f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e44684a48d596b56cba6492df2821b18b56fd0b488a77240d415f0eae918abe1
e5d3f7cad9534723e28aed704f7f5bcbb7f6a2323b2c29f01aa09bc3a46c930d
e6969b69570c743952ab51b9fba22410be503db91b0566753d6da10894e76dad
e6d7dcb1bdc01c6fd1fd133429882a4a2fb6b2cf9c441ec90a29bb469b0a288a
e6fb3705dfdba91943e9a56216620f519f68584c8a16d0536f0ad6e95a361d17
e72a4d605e3d5af4047f1f34af4008981be221e0809e57805c6011c451f81c14
e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b
e816178593024f8ebef4c12cd2617b3ed3bed8bb5a1089caaed71104f0bd74a3
e8178f9a7be273f7ed39b229a22c3d3ffc0566f61a3adcdcb09a1c24a8bd74a9
e85578ed90d67f3670527831ae5251c881093a9818b4dd50b930a2adf8e74ca2
e8562087317b34c4b2ac60e28e272b7b33e37523aacd5f2adba7a4f108e415c6
e9b8906a8b7540b8accfd2a491c0821d6bd6d8ccbd4ab53a56da8906ff028423
e9dd44c4db17fa875c48669fa923da0417d648f805e1fbed67daabc70b55fcde
ea61548e9d5031954bac5839724821f0aa82d3a6ad15440cd592c551f21fa3b9
ea7e9857bba3f434fd1b8f8d7c35e0485bfe1f5b4b7cf5c677b1560a48550873
eb1f38d6efa01fc4a32ef0d377de743466e88ed6e38b2e706faca81f2c1d3788
ec34cd386427fe6deacf99f4fdbeea4b1d1ed25f505411650d7ceaa843a7fc63
edf77ee39ae244062a1940991c0782b8d61798908ceb9baeedd81419e63416da
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117
ee61ec65bd3bc8cc949991393cfd5aca248620bc53e8ac94f9afe44c30961c0f
ee9b895c8560809e966643e37bdc17b885ed55e53472d3b5e9082c22b271a71d
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
eee64e7a420c5e70f9c636da84110997eb85bf5e55e56a003ff4b448d4889897
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f10134f63012891e9e259c48919da02a150be23f97892cae445acec7c1e8e00f
f3c0fa2cd71bb91d0e3acf5d77b93c49a184e9ad941532ca8c07c82eb0bd6a6c
f41d8890e440c3b4f07f855dcd352252478e09ae5f382e8cb060709a82e72c6c
f495ac1e9a9cebad6450c7aa75f1091520cba8e8b812708477bc8a077d53b2a9
f51938710e179807bbf1be9a1e9d7e3441fa74e7dfe9f46841914fb12ca7de3c
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f5b318376c54a718bcb2422a99b9a38435b3021e0871d7a0c1c4ad6a9f017b3d
f69b20025bce19118dc32040133cbdfaaa31b4ec09d91ca885e8fc46d9f4b36d
f6d529bc087c14855a22d6ffcd851d552b21bd16f644c46c566c88c3f43729ff
f7008fb6ed25a1eedb24388fa3f2024f7be118b310d492699dcb6b3ccf06cead
f7280b9d3162438ba4d6b613c36aa57e97c55667542c9013412a91130c84dea8
f77f406f01df46ee189f24c29a2fa6221bb29100ae2ce1eea3d69f8c4c2bf8bf
f78e3422084b9a403f0d1fe0657cc8464a8b9ed4535a374608974e70539422a3
f824000649b12b68a220a0120c606932d0740bd5332770a244473db773185e4a
f82f6cf1599100b7836d8b8aa4bd5394e997849487dd6110d70908440c97fa64
fa2b165b3b8c9f255ecfd337c5f9e829fa6880c4d4236a8b19e5e7311f85dbda
fbb27e565552558c3ac390c844df239fb6e649cad97fa1877472e53eb91f6dd2
fbdd4d922e6965b09f7cbea19f448b49623e79845e757f095e97a8aac72524e8
fc358de901e4d8771d27fff7a31da2e98ff5e4a0cd71a955bb698dbbe09f4e39
fc8b0df18d9f40b3999fe8e1343c2fbd3c2e1ec95220e8cb9c86b9adc347af7d
fd7cc564571e24e885d1abb3462de54fb0b0322a4949d835bbcafc0eae57cfa4
fdf1766dfc28991ac8e4fb5acc48cabe1e6c8905dfb69a5f4b033cb58c1d62c8
ffe1e5759238cc893baf9e9b81c6be58868c8babf130a4e35ae6c2965ce132c1
fff15b94aca6e5009fa59ef79f4d1b49fdc7fa9e3e4c646debde8e6d6e24703b