www.starpenstacks.com Open in urlscan Pro
2606:4700::6812:b6a Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.starpennystocks.com/2020/08/27/take-a-look-at-the-most-luxurious-houses-of-the-rich-and-famous-celebrities/
Effective URL:
https://www.starpenstacks.com/2020/08/27/take-a-look-at-the-most-luxurious-houses-of-the-rich-and-famous-celebrities/
Submission: On March 13 via api (March 13th 2022, 7:51:03 am UTC) from US — Scanned from DE

Summary HTTP 132 Redirects Behaviour Indicators

Summary

This website contacted 27 IPs in 4 countries across 20 domains to perform 132 HTTP transactions. The main IP is 2606:4700::6812:b6a, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.starpenstacks.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on November 15th 2021. Valid for: a year.

This is the only time www.starpenstacks.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700::68... 2606:4700::6812:30f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	2606:4700::68... 2606:4700::6812:b6a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:830::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82f::2008	15169 (GOOGLE) (GOOGLE)
1	2a04:fa87:fff... 2a04:fa87:fffe::c000:4902	2635 (AUTOMATTIC) (AUTOMATTIC)
19	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
1	2.21.142.172 2.21.142.172	16625 (AKAMAI-AS) (AKAMAI-AS)
3	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
12	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
3	70.42.32.255 70.42.32.255	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
4	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
24	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
1	213.202.235.8 213.202.235.8	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
3 4	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
2 4	104.79.88.202 104.79.88.202	16625 (AKAMAI-AS) (AKAMAI-AS)
2 3	185.33.223.38 185.33.223.38	29990 (ASN-APPNEX) (ASN-APPNEX)
1 2	34.251.147.149 34.251.147.149	16509 (AMAZON-02) (AMAZON-02)
22	2a00:1450:400... 2a00:1450:4001:828::2006	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:135e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2600:9000:215... 2600:9000:2156:cc00:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
8	52.33.195.130 52.33.195.130	16509 (AMAZON-02) (AMAZON-02)
1 2	2a00:1450:400... 2a00:1450:4001:82a::2004	15169 (GOOGLE) (GOOGLE)
132	27

1 2606:4700::6812:30f (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.starpennystocks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2606:4700::6812:b6a (United States)

ASN13335 (CLOUDFLARENET, US)

www.starpenstacks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:fa87:fffe::c000:4902 (Ireland)

ASN2635 (AUTOMATTIC, US)

secure.gravatar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.21.142.172 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-21-142-172.deploy.static.akamaitechnologies.com

amplify.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 70.42.32.255 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com

tr.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.202.235.8 (Düsseldorf, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)

at.bahn.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.186.66 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.79.88.202 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-79-88-202.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.33.223.38 (Amsterdam, Netherlands) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 400.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.251.147.149 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-251-147-149.eu-west-1.compute.amazonaws.com

fw.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2a00:1450:4001:828::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2156:cc00:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 52.33.195.130 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-33-195-130.us-west-2.compute.amazonaws.com

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
43	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 90 tpc.googlesyndication.com — Cisco Umbrella Rank: 122	509 KB
22	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 246	508 KB
19	doubleclick.net 3 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 38 cm.g.doubleclick.net — Cisco Umbrella Rank: 176 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 276	141 KB
12	adsafeprotected.com 1 redirects fw.adsafeprotected.com — Cisco Umbrella Rank: 660 static.adsafeprotected.com — Cisco Umbrella Rank: 500 dt.adsafeprotected.com — Cisco Umbrella Rank: 458	95 KB
10	starpenstacks.com www.starpenstacks.com	354 KB
4	casalemedia.com 2 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 496	4 KB
4	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 147	143 KB
4	google.com 1 redirects adservice.google.com — Cisco Umbrella Rank: 57 www.google.com — Cisco Umbrella Rank: 2	1 KB
4	outbrain.com amplify.outbrain.com — Cisco Umbrella Rank: 1897 tr.outbrain.com — Cisco Umbrella Rank: 1782	4 KB
3	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 205	3 KB
3	gstatic.com fonts.gstatic.com www.gstatic.com	57 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 35 ajax.googleapis.com — Cisco Umbrella Rank: 251	90 KB
2	google.de adservice.google.de — Cisco Umbrella Rank: 8832	957 B
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 31	20 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 54	67 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 194	34 KB
1	bahn.de at.bahn.de — Cisco Umbrella Rank: 83120	1 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 716	649 B
1	gravatar.com secure.gravatar.com — Cisco Umbrella Rank: 1619	1 KB
1	starpennystocks.com 1 redirects www.starpennystocks.com	277 B
132	20

	Domain	Requested by
24	tpc.googlesyndication.com	googleads.g.doubleclick.net tpc.googlesyndication.com www.starpenstacks.com pagead2.googlesyndication.com
22	s0.2mdn.net	www.starpenstacks.com s0.2mdn.net googleads.g.doubleclick.net
19	pagead2.googlesyndication.com	www.starpenstacks.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
12	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net www.starpenstacks.com
10	www.starpenstacks.com	www.starpenstacks.com
8	dt.adsafeprotected.com	googleads.g.doubleclick.net
4	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
4	cm.g.doubleclick.net	3 redirects googleads.g.doubleclick.net
4	www.googletagservices.com	googleads.g.doubleclick.net
3	googleads4.g.doubleclick.net	www.starpenstacks.com
3	ib.adnxs.com	2 redirects googleads.g.doubleclick.net
3	tr.outbrain.com	amplify.outbrain.com www.starpenstacks.com
2	www.google.com	1 redirects tpc.googlesyndication.com
2	static.adsafeprotected.com	googleads.g.doubleclick.net
2	fw.adsafeprotected.com	1 redirects www.starpenstacks.com
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.de	pagead2.googlesyndication.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	fonts.gstatic.com	fonts.googleapis.com
2	www.googletagmanager.com	www.starpenstacks.com
2	fonts.googleapis.com	www.starpenstacks.com googleads.g.doubleclick.net
1	cdnjs.cloudflare.com	s0.2mdn.net
1	at.bahn.de	googleads.g.doubleclick.net
1	www.gstatic.com	googleads.g.doubleclick.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	amplify.outbrain.com	www.starpenstacks.com
1	secure.gravatar.com	www.starpenstacks.com
1	ajax.googleapis.com	www.starpenstacks.com
1	www.starpennystocks.com	1 redirects
132	29

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-11-15` - `2022-11-14`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.gravatar.com Sectigo RSA Domain Validation Secure Server CA	`2020-08-14` - `2022-11-16`	2 years	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.outbrain.com DigiCert SHA2 Secure Server CA	`2021-05-25` - `2022-06-01`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
at.bahn.de GeoTrust TLS RSA CA G1	`2021-12-06` - `2022-12-30`	a year	crt.sh
fw.adsafeprotected.com Amazon	`2021-08-11` - `2022-09-09`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
static.adsafeprotected.com Amazon	`2021-09-05` - `2022-10-04`	a year	crt.sh
dt.adsafeprotected.com Amazon	`2021-11-19` - `2022-12-18`	a year	crt.sh

This page contains 18 frames:

Primary Page: https://www.starpenstacks.com/2020/08/27/take-a-look-at-the-most-luxurious-houses-of-the-rich-and-famous-celebrities/
Frame ID: 86765363D13E33F3C7FC06B361182936
Requests: 33 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220308/r20190131/zrt_lookup.html
Frame ID: 8DA43F097FAA7C670ADFE51804EEEBAB
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9355985142493728&output=html&h=280&slotname=9539990666&adk=1784735162&adf=2227106891&pi=t.ma~as.9539990666&w=400&fwrn=4&fwrnh=100&lmt=1647071471&rafmt=3&psa=0&format=400x280&url=https%3A%2F%2Fwww.starpenstacks.com%2F2020%2F08%2F27%2Ftake-a-look-at-the-most-luxurious-houses-of-the-rich-and-famous-celebrities%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647157856901&bpp=3&bdt=246&idt=66&shv=r20220308&mjsv=m202203080101&ptt=9&saldr=aa&abxe=1&correlator=5329026693178&frm=20&pv=2&ga_vid=92319065.1647157857&ga_sid=1647157857&ga_hid=772546249&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=367&ady=1154&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C42531398%2C44750773%2C21066428%2C31065469%2C31065531%2C31065575&oid=2&pvsid=3903977396705157&pem=1&tmod=582516174&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=fVIf8MNONK&p=https%3A//www.starpenstacks.com&dtd=84
Frame ID: 662DBF508A75D7ECE5B3598CCD735FC2
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9355985142493728&output=html&h=280&slotname=1027493446&adk=2171511035&adf=2908574772&pi=t.ma~as.1027493446&w=349&fwrn=4&fwrnh=100&lmt=1647071471&rafmt=3&psa=0&format=349x280&url=https%3A%2F%2Fwww.starpenstacks.com%2F2020%2F08%2F27%2Ftake-a-look-at-the-most-luxurious-houses-of-the-rich-and-famous-celebrities%2F&flash=0&fwr=0&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647157856905&bpp=1&bdt=249&idt=89&shv=r20220308&mjsv=m202203080101&ptt=9&saldr=aa&abxe=1&prev_fmts=400x280&correlator=5329026693178&frm=20&pv=1&ga_vid=92319065.1647157857&ga_sid=1647157857&ga_hid=772546249&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=938&ady=115&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C42531398%2C44750773%2C21066428%2C31065469%2C31065531%2C31065575&oid=2&pvsid=3903977396705157&pem=1&tmod=582516174&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=c6dSY4MXnB&p=https%3A//www.starpenstacks.com&dtd=92
Frame ID: 98E29FA905FCAD7C95C32A73D36995DF
Requests: 17 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9355985142493728&output=html&h=280&slotname=5482577920&adk=2016359606&adf=1497098137&pi=t.ma~as.5482577920&w=349&fwrn=4&fwrnh=100&lmt=1647071471&rafmt=3&psa=0&format=349x280&url=https%3A%2F%2Fwww.starpenstacks.com%2F2020%2F08%2F27%2Ftake-a-look-at-the-most-luxurious-houses-of-the-rich-and-famous-celebrities%2F&flash=0&fwr=0&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647157856905&bpp=1&bdt=250&idt=95&shv=r20220308&mjsv=m202203080101&ptt=9&saldr=aa&abxe=1&prev_fmts=400x280%2C349x280&correlator=5329026693178&frm=20&pv=1&ga_vid=92319065.1647157857&ga_sid=1647157857&ga_hid=772546249&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=938&ady=447&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C42531398%2C44750773%2C21066428%2C31065469%2C31065531%2C31065575&oid=2&pvsid=3903977396705157&pem=1&tmod=582516174&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=um7L7lmWwD&p=https%3A//www.starpenstacks.com&dtd=98
Frame ID: 52D2CFD764BE300FE1DC0441E44AF258
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9355985142493728&output=html&adk=1812271804&adf=3025194257&lmt=1647071471&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.starpenstacks.com%2F2020%2F08%2F27%2Ftake-a-look-at-the-most-luxurious-houses-of-the-rich-and-famous-celebrities%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647157856915&bpp=1&bdt=260&idt=91&shv=r20220308&mjsv=m202203080101&ptt=9&saldr=aa&abxe=1&prev_fmts=400x280%2C349x280%2C349x280&nras=1&correlator=5329026693178&frm=20&pv=1&ga_vid=92319065.1647157857&ga_sid=1647157857&ga_hid=772546249&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C42531398%2C44750773%2C21066428%2C31065469%2C31065531%2C31065575&oid=2&pvsid=3903977396705157&pem=1&tmod=582516174&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=4&uci=a!4&fsb=1&dtd=96
Frame ID: E05A076FA46EB9DCFC3B4E74855ABD22
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CM6njwIQ8cnEggIYiYC_vQEwAQ&v=APEucNX8CcROZTqV_xkC25erfoOOxZWQnBwbEzo2vyU32LzLXPjGOIFDkUg5uSQT8h5YVGEm5cgMIeqoExvGzdkAfbU0sisSxHPZlmC1SosofQABt9BBMJN6A2KSciDZzcKxjS-fGR90Vh5U8sU4evXQDxoQK88djzCVQYKm9wDymawi2c9NhjM
Frame ID: 914578EE559F0410D43CD8EAA3BD6CC1
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B1UHUDadDlch0KbyIMlsk16pXtaA4jgpXZTgWL2JF2Mkie81lg3FtEu7L89-UifPSyDhgzEWrxlDe-aPXaTwmTFJC_j3w1O6contC9zqOkAUbjDxzTvUJRv-Zb6OkqUIvwyGO7B-MMRWRjeqVHkV5ieurraA&dbm_d=AKAmf-CMijRRp-A5C170nYbWr9ffk90eFO0UqL6l4TlrbuGuM_oowmAGrrp0iBnffoYGLYmrT3NIom7FnRRzuhyOGO7yYu-tn1iq4hooHcI3dKdO3ZfKpwCAADDPBgRZ2SG_u34MGI4iZ0mlPEXUFzz0tUJrlpAF9cr3e2GPC7ZLSdPsUso5OrJS8Z1DIDaNTzMp0OwTDXaxHgnRaoeM-nYDh2EhQOg7nnIpJZ9IeJTVjqpxwoLQ1J909AFfAnS_iYQWNq03u_8IZyK4a5fWeTqHr0hHDA40VmZMJVV7aapXsKrg6R59karPI0vNYIb6sNzQjqIDr_c6FKd9n29WH1aOyFp4Yfa2KfCXZKJrL2JU6N0zyeMYUoi5HhwvSK9RfbP04vvXNlK9KIZW_J76VIcMi3kKIiOK_w4MBESr0BoFq5hHtE7z4TibNzITs43eXGumV-ZbVWCIn-9L5r_uoGZMoOEP5GSa7Vky0wj_ewTpQsqF449wpjXh4G-5XXjWoospA6Vnr72p1BxAQtiIyd4e5xzsrlgXy-Q338Hlj6C-x6Wzvk_Ya6XF2T-lQVvU5pzQoAnuuikms05hex9OukJEHh4DJMwz07iIw8hN2mJzN9Mn_cEVFqHEIXnO-qQQkj6ofqyKGoZ92oq66nySYsO7HTUZLDEhenh3k4vCal4evqKcY-o4lE7GH4WsrnthJiytSM1JH8UdEk-hGUPU3i-879GDBTPZ9YPE_kMawOph57xfQNVIJ0wS67FzT3mnf6Xt5BIPBCyBpgbC46wRuiJwP0KuivazWRz0rP2ub94H6OTl-d6voF_776yKDtpnL97OuqUBtbHe3gNKbwaphUbR2QsNj0jsPVJ-8ITHc_q65oliuB_oRwj4l8fuSEHpIJS4uzjmzNYwQrlEpOhdsrpj9fybjlw8B6UFnmyeLU-WUiJKlr-YSjVksFbive26Dmf23NY33n347QqXUkaRsXeIXDbFlgEHkcGv2Z9CQZDCrpJdJjEOvwZl_HGEepWKy3vgJo-6zYuZhmP8I1N8fiTj07Ysms31B4OJg1Yrp1gF9DyHqX3woBh_1UeDw9gLQUe3JtcKyfB3xqSrZA9HWzXOUVDWgpiItC8UZSVOYHvq8B2Va3GcC7JJmZVzgO6ioJa-HQTrILOLIgajk2PzqMT4YSHcwAn926AfViu8_TSwjBne6j6EKZqMYSqhAHI19UFyQ7w7FkPOqBZP92aOv5RU95CRmEUKvowRdfjriyVp20sPWo1FmgEoVN7exFQ2hzXKQn0FrqbIZIAByj-1YhePmJb5nOqdPrpexubVeeLzez2s7XL-lfvROTlCglCClQh9652coaupUHvs5d13ijOoEXlj2BpQUDFgrdFfmXpMMnfNk3-8Y1GsX6YD1NTczn1Ipp3_UMsCFkB6hKogy5eeDtNFpqp-OR6gzc1QaQmO0PhVBBQ2LoMg87gMzOkpzYsYyjl3Ix0-QGwskF7BZVjcaAeCXVrq-LED8pCKapgQxsSZHBTUuEw4czXq0w854-jeElb5Av6O0BJogJv5hO9o4QD8oKp9zTAtYUyV5Y6yhHzhCTfPsHB6hEXqwZAbEWluPjCGFqG-5fjtbHvdkYeKOiRjrsKyWkVEV59TG3ytH2wI-UAQrwd5aPuoYsV24mrIbJwF0X8emxdRhBx-wBWJ1L2V8jSU3lMOjQ36ADZ2o1mODNZgeK9lkGrD8JqBNjz-SIp6btbKtPNjMy_ONpywUU5GDMKYBlxm9dE7G6qfV9-pjaQniDfLyyXTqQHufU3-lmSEB8PgQBHxotvES8-7TB6TJAp6VvnUPcBMxhm2L3vKpkeo_hl9jkfPcMEr-TD7fHKZ3RAwbBA-mG4K49n-HlWe9nyrcAmOVxskxtfMDqYPEQ7H3-pFsEPOKLRWjEJqZI6XmbqNLIY9WLBSZ9qrh-6uKrfhw6yFfRu9BBD2ECU7VdEHER_eyU5a7Qp4P6L22UYb80eAgC0tBTfH4XBV6IQoZVbwmGA9Wqj9tOKFDE3Sd3MGADRhNqec_gaeIWcGPUnd4ezQOQ9i6cCSfQ99wa22Dkwx-0-4iJepwtEdx1lz-jxnbV1ztMyE24TRLmLqW-tRHhR5zUnI5wirwhTcNJMb1b9OO7FIm7bDvTCkrr2EbW8vMLf-xtcAJGiGZ9cw-nMqwhqoOwEr0JUsk-Pe46RWn5hhNr6sfBxRRxVfsZd5YRZWNUpyzNyiShgdjqvrYsfXgDXRDceoy4uafvlT5FOYzAxazG9NJ2egY0BciXCgwt1LyDxATOfZ8BIh0A3bSyOLDphPmEkuxjaR2p3naGHeQ47iqczwp_TtCBiGFH8SZvIyLcSsNS34h7oqHPEIP_crMcgo9ZtjhsZ4Rd9Dx3iiHKPX7dMdl1vdqk2ycMYacxESaHdxB0Y84v95gRIgUiMx59Ha7cvJk9-SPoLdqHIgCWc2Ov9npxSL6IUgQBgJJQhNdRBomRMsODuPjd3jKgCKUZa0W_rrmkaURmfQXXTjHu0z7rAG_Yolu_jRdm9ReQ-laQbReJ0bI82FFjs9WzGB5uw7roHsE8IroORYtIW2tO2uJJYDJOH-upvVyrKk8c1axcswacaFkXTJY83kgdMv5bOHXMT6NKrrl4beywqGPklVqOSDsP43PedYPuFRMghmWLKALvXlHIobpB6oIsc8ZyYOHrQvGXvxa28qzDPC_PT6O5TaaZ2ogALkBI7K2f8SmKGEFwi5amLStk8q-n9uURGSz3x__xO7ZqPEMJWxtfw89mI5SELwYHaFs9XU5S5cnyaSb-S4NrRR_48nvUgFy_gIDL6pvmJ5wcyl1IF2FLfUpxxO1AUqH8t5YsQRESY7z6qEfL7Z7QiJEmsQW2qVk5v5nswlnEt55P6fRjUWZnAb7yPqE7VTA51cGZQSNrfrXfe9T1RE64udWlI7CU4PPtopMJ2I0cdxInzMfGKBESU8sc5OGI-Xfuv_3qoQenXSXHOscLPATwU8HmFXzxn_rtnTnGTw9u-78x5KLoze01Cz1gGhD0WI63voTXXXt_pa7F2t8r4ZWD7L5GvRDdkQ61Cv-4KJComYIVPl-UXTpHxWP2IexT0EvslXVwFAuMxkQm4&cid=CAASBORoDGQ&rfl=2%2Chttps%253A%252F%252Fwww.starpenstacks.com%252F%240
Frame ID: 83E37BBAB26731758AC99968A9E657BD
Requests: 23 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 95611349B95D6C58EB9E1780E31F236A
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/18379988480276979511/index.html
Frame ID: AFCA512EAFE30C96DFBC3947EDBA4B51
Requests: 21 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 238AD9E3B8BD18C50C61D50CCD18F075
Requests: 2 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.12.js
Frame ID: 21F72517AF32477B8AC082A3110647BF
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/sUHguJaOgo-7uJOhJ406zvaQRdrc_7oCnUaOp60Ji2o.js
Frame ID: B983FF0BE317879F741CABD2AEFC1213
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/sUHguJaOgo-7uJOhJ406zvaQRdrc_7oCnUaOp60Ji2o.js
Frame ID: 032ABB77C4D471F042028ECEE093D711
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220308/r20110914/zrt_lookup.html?fsb=1
Frame ID: C079EFA27260CFC874C371E05D5FA345
Requests: 11 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: F50501BF5A0AB07E7169F0002FFB308D
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 4B236FAD11AFDFF1EB19D68728CF5EF8
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: E85D7E4CF633A06B426A3BB481379A53
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Take A Look At The Most Luxurious Houses Of The Rich And Famous Celebrities - StarPenStacks

Page URL History Show full URLs

https://www.starpennystocks.com/2020/08/27/take-a-look-at-the-most-luxurious-houses-of-the-rich-and-famous-c... HTTP 301
https://www.starpenstacks.com/2020/08/27/take-a-look-at-the-most-luxurious-houses-of-the-rich-and-famous-c... Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

GSAP (JavaScript frameworks) Expand

Overall confidence: 100%
Detected patterns

TweenMax(?:\.min)?\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

132
Requests

96 %
HTTPS

67 %
IPv6

20
Domains

29
Subdomains

27
IPs

4
Countries

2029 kB
Transfer

4165 kB
Size

17
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.starpennystocks.com/2020/08/27/take-a-look-at-the-most-luxurious-houses-of-the-rich-and-famous-celebrities/ HTTP 301
https://www.starpenstacks.com/2020/08/27/take-a-look-at-the-most-luxurious-houses-of-the-rich-and-famous-celebrities/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 46

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPQ5E5zvCJa559OopItVS-c&google_cver=1

Request Chain 47

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Yi2iYXX2j02m2cFJhQ7-SwAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEH7ZlcG9UzoULMhgqohJjms&google_cver=1

Request Chain 48

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEPBlqN58uKMl7VuNx265bos&google_cver=1

Request Chain 49

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTE1MjgxMjY0MTYwMDQ1NTUxNg%3D%3D

Request Chain 93

https://fw.adsafeprotected.com/rfw/st/899486/59154197/4.js?ias_dspID=3&ias_campId=15846430&ias_pubId=pub-9355985142493728&ias_chanId=1&ias_placementId=16539433847&bidurl=https://www.starpenstacks.com/2020/08/27/take-a-look-at-the-most-luxurious-houses-of-the-rich-and-famous-celebrities/&ias_dealId=&adContainerId=brand_safety_YaItYuXYGM2S7_UP4J-BkAg&cbFunctionName=goog_wrapCb_YaItYuXYGM2S7_UP4J-BkAg&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_300x250.js&adsafe_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2F4a.js&adsafe_url=https%3A%2F%2Fwww.starpenstacks.com&adsafe_type=g&adsafe_url=https%3A%2F%2Fwww.starpenstacks.com%2F&adsafe_type=c&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-9355985142493728%26output%3Dhtml%26h%3D280%26slotname%3D5482577920%26adk%3D2016359606%26adf%3D1497098137%26pi%3Dt.ma~as.5482577920%26w%3D349%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1647071471%26rafmt%3D3%26psa%3D0%26format%3D349x280%26url%3Dhttps%253A%252F%252Fwww.starpenstacks.com%252F2020%252F08%252F27%252Ftake-a-look-at-the-most-luxurious-houses-of-the-rich-and-famous-celebrities%252F%26flash%3D0%26fwr%3D0%26rpe%3D1%26resp_fmts%3D1%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.%26dt%3D1647157856905%26bpp%3D1%26bdt%3D250%26idt%3D95%26shv%3Dr20220308%26mjsv%3Dm202203080101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D400x280%252C349x280%26correlator%3D5329026693178%26frm%3D20%26pv%3D1%26ga_vid%3D92319065.1647157857%26ga_sid%3D1647157857%26ga_hid%3D772546249%26ga_fc%3D0%26u_tz%3D0%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D938%26ady%3D447%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759837%252C42531398%252C44750773%252C21066428%252C31065469%252C31065531%252C31065575%26oid%3D2%26pvsid%3D3903977396705157%26pem%3D1%26tmod%3D582516174%26uas%3D0%26nvt%3D1%26eae%3D0%26fc%3D896%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257CoeE%257C%26abl%3DCS%26pfx%3D0%26fu%3D128%26bc%3D31%26ifi%3D3%26uci%3Da!3%26fsb%3D1%26xpc%3Dum7L7lmWwD%26p%3Dhttps%253A%2F%2Fwww.starpenstacks.com%26dtd%3D98&adsafe_type=bd&adsafe_jsinfo=,id:791cfab5-c3ef-1211-4ba0-8428ef9a4432,c:6J3SMY,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-756fbb76bf-7z8f8,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,br:c,abv:na,an:n,oam:0,scm:publ1,nbld:0,mtim:3,fm:sZWGvyN+11%7C121%7C13%7C141*.899486-59154197%7C1411%7C14121%7C1413%7C15,idMap:141*,ex:e2,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:na,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,tt:rjss,et:20,oid:516a10c8-a2a2-11ec-9e16-e2a37f49a88b,v:19.8.299,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://static.adsafeprotected.com/4.js

Request Chain 101

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

132 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.starpenstacks.com/2020/08/27/take-a-look-at-the-most-luxurious-houses-of-the-rich-and-famous-celebrities/
Redirect Chain

https://www.starpennystocks.com/2020/08/27/take-a-look-at-the-most-luxurious-houses-of-the-rich-and-famous-celebrities/
https://www.starpenstacks.com/2020/08/27/take-a-look-at-the-most-luxurious-houses-of-the-rich-and-famous-celebrities/

28 KB
8 KB

81ms
27ms

Document
text/html

2606:4700::6812:b6a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.starpenstacks.com/2020/08/27/take-a-look-at-the-most-luxurious-houses-of-the-rich-and-famous-celebrities/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:b6a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bb8c43e915fa64bbb79e036dca9caa6df77a20513469a60a0b7b06a1509638e7

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Sun, 13 Mar 2022 07:50:56 GMT
content-type: text/html; charset=UTF-8
x-pingback: https://www.starpenstacks.com/xmlrpc.php
link: <https://www.starpenstacks.com/?p=4953>; rel=shortlink
cf-cache-status: HIT
age: 86385
last-modified: Sat, 12 Mar 2022 07:51:11 GMT
expires: Sun, 13 Mar 2022 11:50:56 GMT
cache-control: public, max-age=14400
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
server: cloudflare
cf-ray: 6eb32e7bee4501f0-ZRH
content-encoding: br

Redirect headers

date: Sun, 13 Mar 2022 07:50:56 GMT
location: https://www.starpenstacks.com/2020/08/27/take-a-look-at-the-most-luxurious-houses-of-the-rich-and-famous-celebrities/
cache-control: max-age=3600
expires: Sun, 13 Mar 2022 08:50:56 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
server: cloudflare
cf-ray: 6eb32e7b7afd01eb-ZRH

GET
H2 200 css
fonts.googleapis.com/ 3 KB
1 KB 52ms
27ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans

Requested by

Host: www.starpenstacks.com
URL: https://www.starpenstacks.com/2020/08/27/take-a-look-at-the-most-luxurious-houses-of-the-rich-and-famous-celebrities/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d402b35e6e0d996cc57dfb1f40a87b672f1eb4dfe0744da6d9c40b0d26592815

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.starpenstacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 13 Mar 2022 06:05:26 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 13 Mar 2022 07:50:56 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 13 Mar 2022 07:50:56 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.5.1/ 87 KB
88 KB 33ms
9ms Script
text/javascript 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js

Requested by

Host: www.starpenstacks.com
URL: https://www.starpenstacks.com/2020/08/27/take-a-look-at-the-most-luxurious-houses-of-the-rich-and-famous-celebrities/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.starpenstacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 05:52:10 GMT
x-content-type-options: nosniff
age: 179926
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 89476
x-xss-protection: 0
last-modified: Fri, 08 May 2020 07:05:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 11 Mar 2023 05:52:10 GMT

GET
H2 200 autoptimize_7c6966f76c3f477af241c5493ad4e337.css
www.starpenstacks.com/wp-content/cache/autoptimize/css/ 197 KB
35 KB 42ms
40ms Stylesheet
text/css 2606:4700::6812:b6a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.starpenstacks.com/wp-content/cache/autoptimize/css/autoptimize_7c6966f76c3f477af241c5493ad4e337.css
Requested by: Host: www.starpenstacks.com
URL: https://www.starpenstacks.com/2020/08/27/take-a-look-at-the-most-luxurious-houses-of-the-rich-and-famous-celebrities/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:b6a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d7081b1d0b4c2ca10e4ae7d454d7bd1c23701c31fa4390c99d68efc99b30af51

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.starpenstacks.com/2020/08/27/take-a-look-at-the-most-luxurious-houses-of-the-rich-and-famous-celebrities/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 13 Mar 2022 07:50:56 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 17 Dec 2020 03:35:57 GMT
server: cloudflare
age: 173916
cf-polished: origSize=202489
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
expires: Fri, 03 Mar 2023 07:50:56 GMT
cache-control: public, max-age=30672000
cf-ray: 6eb32e7c3eb501f0-ZRH
cf-bgj: minify

GET
H2 200 autoptimize_b6c6357df97615cbf9cc51f79364d686.css
www.starpenstacks.com/wp-content/cache/autoptimize/css/ 849 B
402 B 31ms
30ms Stylesheet
text/css 2606:4700::6812:b6a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.starpenstacks.com/wp-content/cache/autoptimize/css/autoptimize_b6c6357df97615cbf9cc51f79364d686.css
Requested by: Host: www.starpenstacks.com
URL: https://www.starpenstacks.com/2020/08/27/take-a-look-at-the-most-luxurious-houses-of-the-rich-and-famous-celebrities/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:b6a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 512abfd0af424c443f98064c7a76cb739464f558adccb169f45ac436b13c1e08

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.starpenstacks.com/2020/08/27/take-a-look-at-the-most-luxurious-houses-of-the-rich-and-famous-celebrities/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 13 Mar 2022 07:50:56 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 02 Jun 2020 07:43:29 GMT
server: cloudflare
age: 173916
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
expires: Fri, 03 Mar 2023 07:50:56 GMT
cache-control: public, max-age=30672000
cf-ray: 6eb32e7c3eb701f0-ZRH
cf-bgj: minify

GET
H2 200 jquery-3.4.1.min.js Show response
www.starpenstacks.com/wp-content/plugins/jquery-updater/js/ 86 KB
31 KB 36ms
35ms Script
application/javascript 2606:4700::6812:b6a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.starpenstacks.com/wp-content/plugins/jquery-updater/js/jquery-3.4.1.min.js?ver=3.4.1
Requested by: Host: www.starpenstacks.com
URL: https://www.starpenstacks.com/2020/08/27/take-a-look-at-the-most-luxurious-houses-of-the-rich-and-famous-celebrities/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:b6a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.starpenstacks.com/2020/08/27/take-a-look-at-the-most-luxurious-houses-of-the-rich-and-famous-celebrities/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 13 Mar 2022 07:50:56 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 19 Mar 2020 03:57:43 GMT
server: cloudflare
age: 173916
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 6eb32e7c3eb801f0-ZRH
expires: Sun, 13 Mar 2022 11:50:56 GMT

GET
H2 200 autoptimize_single_c7118e30e58e22e72a0eca8ec9336599.js Show response
www.starpenstacks.com/wp-content/cache/autoptimize/js/ 14 B
181 B 30ms
29ms Script
application/javascript 2606:4700::6812:b6a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.starpenstacks.com/wp-content/cache/autoptimize/js/autoptimize_single_c7118e30e58e22e72a0eca8ec9336599.js?ver=4.9.20+2.4.20
Requested by: Host: www.starpenstacks.com
URL: https://www.starpenstacks.com/2020/08/27/take-a-look-at-the-most-luxurious-houses-of-the-rich-and-famous-celebrities/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:b6a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4b16f328161f671c5374c717a038def5bba21a4f37cdfb3509cda60ec262cf5f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.starpenstacks.com/2020/08/27/take-a-look-at-the-most-luxurious-houses-of-the-rich-and-famous-celebrities/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 13 Mar 2022 07:50:56 GMT
cf-cache-status: HIT
last-modified: Tue, 02 Jun 2020 07:43:27 GMT
server: cloudflare
age: 173916
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
expires: Fri, 03 Mar 2023 07:50:56 GMT
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6eb32e7c3eb901f0-ZRH
content-length: 14
cf-bgj: minify

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 92 KB
36 KB 49ms
26ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-137392462-9

Requested by

Host: www.starpenstacks.com
URL: https://www.starpenstacks.com/2020/08/27/take-a-look-at-the-most-luxurious-houses-of-the-rich-and-famous-celebrities/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

148a7fa5d798e1ab7524244a13fac661e71db6665eeeb6cd63dbe7b2b78ea8c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.starpenstacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 13 Mar 2022 07:50:56 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36956
x-xss-protection: 0
last-modified: Sun, 13 Mar 2022 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 13 Mar 2022 07:50:56 GMT

GET
H2 200 STARPENSTACKS-SMALL.png
www.starpenstacks.com/wp-content/uploads/2021/01/ 2 KB
2 KB 27ms
27ms Image
image/webp 2606:4700::6812:b6a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.starpenstacks.com/wp-content/uploads/2021/01/STARPENSTACKS-SMALL.png
Requested by: Host: www.starpenstacks.com
URL: https://www.starpenstacks.com/2020/08/27/take-a-look-at-the-most-luxurious-houses-of-the-rich-and-famous-celebrities/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:b6a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 34cd6ca5ac2b03924176600b5d9c754403d06665a5731eb279515d542cc4ff95

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.starpenstacks.com/2020/08/27/take-a-look-at-the-most-luxurious-houses-of-the-rich-and-famous-celebrities/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 13 Mar 2022 07:50:56 GMT
cf-cache-status: HIT
age: 173916
cf-polished: origFmt=png, origSize=4767
last-modified: Tue, 05 Jan 2021 10:04:25 GMT
content-disposition: inline; filename="STARPENSTACKS-SMALL.webp"
content-length: 2062
cf-bgj: imgq:85,h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 6eb32e7c9f3401f0-ZRH
expires: Sun, 13 Mar 2022 11:50:56 GMT

GET
H2 200 11.jpg
www.starpenstacks.com/wp-content/uploads/2018/11/ 142 KB
142 KB 30ms
28ms Image
image/webp 2606:4700::6812:b6a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.starpenstacks.com/wp-content/uploads/2018/11/11.jpg
Requested by: Host: www.starpenstacks.com
URL: https://www.starpenstacks.com/2020/08/27/take-a-look-at-the-most-luxurious-houses-of-the-rich-and-famous-celebrities/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:b6a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a73d801397f92a7d16ebb9f11e7aef3f7529c70abafab9e08ddfbf632df3162b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.starpenstacks.com/2020/08/27/take-a-look-at-the-most-luxurious-houses-of-the-rich-and-famous-celebrities/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 13 Mar 2022 07:50:56 GMT
cf-cache-status: HIT
age: 86384
cf-polished: qual=85, origFmt=jpeg, origSize=188818
last-modified: Thu, 03 Jan 2019 09:59:36 GMT
content-disposition: inline; filename="11.webp"
content-length: 145594
cf-bgj: imgq:85,h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 6eb32e7caf5f01f0-ZRH
expires: Sun, 13 Mar 2022 11:50:56 GMT

GET
H2 200 8db64465bbe66bf9c844d59d713c466d
secure.gravatar.com/avatar/ 1 KB
1 KB 31ms
8ms Image
image/jpeg 2a04:fa87:fffe::c000:4902
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.gravatar.com/avatar/8db64465bbe66bf9c844d59d713c466d?s=50&d=mm&r=g
Requested by: Host: www.starpenstacks.com
URL: https://www.starpenstacks.com/2020/08/27/take-a-look-at-the-most-luxurious-houses-of-the-rich-and-famous-celebrities/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ec626d1355ef5d84689c88b2ec9e383fa16b0be9c068fe5fc913be061542edbc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.starpenstacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-nc: HIT hhn 2
date: Sun, 13 Mar 2022 07:50:56 GMT
last-modified: Wed, 11 Jan 1984 08:00:00 GMT
server: nginx
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=300
content-disposition: inline; filename="8db64465bbe66bf9c844d59d713c466d.png"
accept-ranges: bytes
link: <https://www.gravatar.com/avatar/8db64465bbe66bf9c844d59d713c466d?s=50&d=mm&r=g>; rel="canonical"
content-length: 1128
expires: Sun, 13 Mar 2022 07:55:56 GMT

GET
H2 200 page-44-CHUCK-LIDDELL.jpg
www.starpenstacks.com/wp-content/uploads/2018/12/ 77 KB
77 KB 81ms
80ms Image
image/webp 2606:4700::6812:b6a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.starpenstacks.com/wp-content/uploads/2018/12/page-44-CHUCK-LIDDELL.jpg
Requested by: Host: www.starpenstacks.com
URL: https://www.starpenstacks.com/2020/08/27/take-a-look-at-the-most-luxurious-houses-of-the-rich-and-famous-celebrities/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:b6a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 444bd40a61b1ed0490f6cbbdf3301892bf8ef0715a48e1e2393f6fd1d21042b7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.starpenstacks.com/2020/08/27/take-a-look-at-the-most-luxurious-houses-of-the-rich-and-famous-celebrities/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 13 Mar 2022 07:50:56 GMT
cf-cache-status: HIT
age: 86384
cf-polished: qual=85, origFmt=jpeg, origSize=95833
last-modified: Fri, 21 Dec 2018 08:37:45 GMT
content-disposition: inline; filename="page-44-CHUCK-LIDDELL.webp"
content-length: 78954
cf-bgj: imgq:85,h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 6eb32e7caf6301f0-ZRH
expires: Sun, 13 Mar 2022 11:50:56 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 155 KB
54 KB 98ms
45ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.starpenstacks.com
URL: https://www.starpenstacks.com/2020/08/27/take-a-look-at-the-most-luxurious-houses-of-the-rich-and-famous-celebrities/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d03cccb153f5ff0c43b64be73b8c5bfff8b899101e4330409579c14dd8e4089f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.starpenstacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 13 Mar 2022 07:50:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54700
x-xss-protection: 0
server: cafe
etag: 2815228033555810446
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 13 Mar 2022 07:50:56 GMT

GET
H2 200 autoptimize_9ef9e84a199daf85209ab04ae5566b85.js Show response
www.starpenstacks.com/wp-content/cache/autoptimize/js/ 174 KB
49 KB 81ms
80ms Script
application/javascript 2606:4700::6812:b6a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.starpenstacks.com/wp-content/cache/autoptimize/js/autoptimize_9ef9e84a199daf85209ab04ae5566b85.js
Requested by: Host: www.starpenstacks.com
URL: https://www.starpenstacks.com/2020/08/27/take-a-look-at-the-most-luxurious-houses-of-the-rich-and-famous-celebrities/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:b6a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 458fe424a737af83d485e3394e48fd16ffa75628add301b13e9d761f014d7254

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.starpenstacks.com/2020/08/27/take-a-look-at-the-most-luxurious-houses-of-the-rich-and-famous-celebrities/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 13 Mar 2022 07:50:56 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 15 Apr 2021 05:08:13 GMT
server: cloudflare
age: 173916
cf-polished: origSize=177868
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
expires: Fri, 03 Mar 2023 07:50:56 GMT
cache-control: public, max-age=30672000
cf-ray: 6eb32e7caf6401f0-ZRH
cf-bgj: minify

GET
H2 200 /
www.starpenstacks.com/2020/08/27/take-a-look-at-the-most-luxurious-houses-of-the-rich-and-famous-celebrities/2/ 0
8 KB 22ms
22ms Other
text/html 2606:4700::6812:b6a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.starpenstacks.com/2020/08/27/take-a-look-at-the-most-luxurious-houses-of-the-rich-and-famous-celebrities/2/
Requested by: Host: www.starpenstacks.com
URL: https://www.starpenstacks.com/2020/08/27/take-a-look-at-the-most-luxurious-houses-of-the-rich-and-famous-celebrities/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:b6a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.starpenstacks.com/2020/08/27/take-a-look-at-the-most-luxurious-houses-of-the-rich-and-famous-celebrities/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-pingback: https://www.starpenstacks.com/xmlrpc.php
date: Sun, 13 Mar 2022 07:50:56 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 12 Mar 2022 07:51:12 GMT
server: cloudflare
age: 86384
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
cache-control: public, max-age=14400
cf-ray: 6eb32e7caf6601f0-ZRH
link: <https://www.starpenstacks.com/?p=4953>; rel=shortlink
expires: Sun, 13 Mar 2022 11:50:56 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 77 KB
31 KB 20ms
16ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MR5SQCC

Requested by

Host: www.starpenstacks.com
URL: https://www.starpenstacks.com/2020/08/27/take-a-look-at-the-most-luxurious-houses-of-the-rich-and-famous-celebrities/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

47c1bf3e915bada134665a4b468200c4293035d08fed2dd86c59eb263fdac7a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.starpenstacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 13 Mar 2022 07:50:56 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31183
x-xss-protection: 0
last-modified: Sun, 13 Mar 2022 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 13 Mar 2022 07:50:56 GMT

GET
H/1.1 200
OK obtp.js Show response
amplify.outbrain.com/cp/ 8 KB
3 KB 118ms
8ms Script
application/x-javascript 2.21.142.172
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://amplify.outbrain.com/cp/obtp.js
Requested by: Host: www.starpenstacks.com
URL: https://www.starpenstacks.com/2020/08/27/take-a-look-at-the-most-luxurious-houses-of-the-rich-and-famous-celebrities/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.142.172 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-142-172.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 7e8ef05a55eafab5277e6449520107db94dfb01b497a52f283e7ffa6ee49363d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.starpenstacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 13 Mar 2022 07:50:56 GMT
Content-Encoding: gzip
Last-Modified: Wed, 09 Feb 2022 12:30:38 GMT
Server: AkamaiNetStorage
ETag: "23b34d08f648c3f51b232443afced826:1644409863.170279"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=1200
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3150
Expires: Sun, 13 Mar 2022 08:10:56 GMT

GET
H2 200 memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
fonts.gstatic.com/s/opensans/v28/ 16 KB
17 KB 59ms
36ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v28/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cce577471c2586f3e0c2518fff84a970d33f61491fb8c629341b86f238cf07c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.starpenstacks.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 22:46:04 GMT
x-content-type-options: nosniff
age: 378292
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16692
x-xss-protection: 0
last-modified: Tue, 01 Mar 2022 22:06:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 08 Mar 2023 22:46:04 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 285ms
9ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-137392462-9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.starpenstacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 6365
date: Sun, 13 Mar 2022 06:04:52 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Sun, 13 Mar 2022 08:04:52 GMT

GET
H2 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203080101/ 294 KB
106 KB 36ms
36ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203080101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9355985142493728&plah=www.starpenstacks.com&bust=31065575

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

754c0c5c601794d13d7fae6c43e2bd7618190a1abd358bacdb1275b8c84b8fc7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.starpenstacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 13 Mar 2022 07:50:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 108388
x-xss-protection: 0
server: cafe
etag: 7127549866840692014
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 13 Mar 2022 07:50:56 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220308/r20190131/ Frame 8DA4 10 KB
5 KB 31ms
7ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220308/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0ce5fc08d0f617e71e1d61bcd79fc7cc1855f4221945b0c09ac774685fe7f52c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.starpenstacks.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4502
x-xss-protection: 0
date: Sun, 13 Mar 2022 00:08:55 GMT
expires: Sun, 27 Mar 2022 00:08:55 GMT
cache-control: public, max-age=1209600
age: 27721
etag: 4044455266028820542
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK cachedClickId Show response
tr.outbrain.com/ 35 B
239 B 685ms
402ms Script
application/javascript 70.42.32.255
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL: https://tr.outbrain.com/cachedClickId?marketerId=00f735510dc960290610c963674757a995
Requested by: Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.255 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.starpenstacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 13 Mar 2022 07:50:57 GMT
content-encoding: gzip
X-TraceId: 1d162274cf1ad546f537ee3298b5e701
Content-Length: 56
Content-Type: application/javascript

GET
H/1.1 200
OK unifiedPixel
tr.outbrain.com/ 43 B
256 B 373ms
86ms Image
image/gif 70.42.32.255
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.outbrain.com/unifiedPixel?marketerId=00f735510dc960290610c963674757a995&obApiVersion=1.1&obtpVersion=1.6.0&name=PAGE_VIEW&dl=https%3A%2F%2Fwww.starpenstacks.com%2F2020%2F08%2F27%2Ftake-a-look-at-the-most-luxurious-houses-of-the-rich-and-famous-celebrities%2F&optOut=false&bust=078862893022647
Requested by: Host: www.starpenstacks.com
URL: https://www.starpenstacks.com/2020/08/27/take-a-look-at-the-most-luxurious-houses-of-the-rich-and-famous-celebrities/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.255 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.starpenstacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 13 Mar 2022 07:50:57 GMT
Cache-Control: no-cache
X-TraceId: 396eb04fda225e86d35368e9fbde039b
content-encoding: gzip
Content-Length: 60
Content-Type: image/gif;

GET
H/1.1 200
OK unifiedPixel
tr.outbrain.com/ 43 B
256 B 381ms
88ms Image
image/gif 70.42.32.255
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.outbrain.com/unifiedPixel?marketerId=00f735510dc960290610c963674757a995&obApiVersion=1.1&obtpVersion=1.6.0&name=viewcontent&dl=https%3A%2F%2Fwww.starpenstacks.com%2F2020%2F08%2F27%2Ftake-a-look-at-the-most-luxurious-houses-of-the-rich-and-famous-celebrities%2F&optOut=false&bust=06616665442060343
Requested by: Host: www.starpenstacks.com
URL: https://www.starpenstacks.com/2020/08/27/take-a-look-at-the-most-luxurious-houses-of-the-rich-and-famous-celebrities/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.255 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.starpenstacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 13 Mar 2022 07:50:57 GMT
Cache-Control: no-cache
X-TraceId: 5473112cf250bc86c2c54e22ec43a1b3
content-encoding: gzip
Content-Length: 60
Content-Type: image/gif;

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 221 B
649 B 52ms
15ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.starpenstacks.com&callback=_gfp_s_&client=ca-pub-9355985142493728

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203080101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9355985142493728&plah=www.starpenstacks.com&bust=31065575

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

ff9dca0f110aa2877281fe1d0806e732008c78cc4f14a4b517d6601f96e85fcf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.starpenstacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 13 Mar 2022 07:50:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 294ms
19ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.starpenstacks.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.starpenstacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 13 Mar 2022 07:50:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 246ms
15ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.starpenstacks.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.starpenstacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 13 Mar 2022 07:50:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 662D 70 KB
28 KB 583ms
568ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9355985142493728&output=html&h=280&slotname=9539990666&adk=1784735162&adf=2227106891&pi=t.ma~as.9539990666&w=400&fwrn=4&fwrnh=100&lmt=1647071471&rafmt=3&psa=0&format=400x280&url=https%3A%2F%2Fwww.starpenstacks.com%2F2020%2F08%2F27%2Ftake-a-look-at-the-most-luxurious-houses-of-the-rich-and-famous-celebrities%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647157856901&bpp=3&bdt=246&idt=66&shv=r20220308&mjsv=m202203080101&ptt=9&saldr=aa&abxe=1&correlator=5329026693178&frm=20&pv=2&ga_vid=92319065.1647157857&ga_sid=1647157857&ga_hid=772546249&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=367&ady=1154&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C42531398%2C44750773%2C21066428%2C31065469%2C31065531%2C31065575&oid=2&pvsid=3903977396705157&pem=1&tmod=582516174&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=fVIf8MNONK&p=https%3A//www.starpenstacks.com&dtd=84

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6b8392173ca44f34c4d5f09ab5e5c64977d66df93688bd9485575794f13c0ee4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.starpenstacks.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sun, 13 Mar 2022 07:50:57 GMT
server: cafe
content-length: 28879
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 13 Mar 2022 07:50:57 GMT
cache-control: private

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 98E2 86 KB
30 KB 395ms
390ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9355985142493728&output=html&h=280&slotname=1027493446&adk=2171511035&adf=2908574772&pi=t.ma~as.1027493446&w=349&fwrn=4&fwrnh=100&lmt=1647071471&rafmt=3&psa=0&format=349x280&url=https%3A%2F%2Fwww.starpenstacks.com%2F2020%2F08%2F27%2Ftake-a-look-at-the-most-luxurious-houses-of-the-rich-and-famous-celebrities%2F&flash=0&fwr=0&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647157856905&bpp=1&bdt=249&idt=89&shv=r20220308&mjsv=m202203080101&ptt=9&saldr=aa&abxe=1&prev_fmts=400x280&correlator=5329026693178&frm=20&pv=1&ga_vid=92319065.1647157857&ga_sid=1647157857&ga_hid=772546249&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=938&ady=115&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C42531398%2C44750773%2C21066428%2C31065469%2C31065531%2C31065575&oid=2&pvsid=3903977396705157&pem=1&tmod=582516174&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=c6dSY4MXnB&p=https%3A//www.starpenstacks.com&dtd=92

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ba4ac7bdb58b8cbf3b42d2b739618d2b176597ce9d35322f56cb6d6ddbf6662e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.starpenstacks.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sun, 13 Mar 2022 07:50:57 GMT
server: cafe
content-length: 30896
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 13 Mar 2022 07:50:57 GMT
cache-control: private

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 52D2 17 KB
8 KB 363ms
362ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9355985142493728&output=html&h=280&slotname=5482577920&adk=2016359606&adf=1497098137&pi=t.ma~as.5482577920&w=349&fwrn=4&fwrnh=100&lmt=1647071471&rafmt=3&psa=0&format=349x280&url=https%3A%2F%2Fwww.starpenstacks.com%2F2020%2F08%2F27%2Ftake-a-look-at-the-most-luxurious-houses-of-the-rich-and-famous-celebrities%2F&flash=0&fwr=0&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647157856905&bpp=1&bdt=250&idt=95&shv=r20220308&mjsv=m202203080101&ptt=9&saldr=aa&abxe=1&prev_fmts=400x280%2C349x280&correlator=5329026693178&frm=20&pv=1&ga_vid=92319065.1647157857&ga_sid=1647157857&ga_hid=772546249&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=938&ady=447&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C42531398%2C44750773%2C21066428%2C31065469%2C31065531%2C31065575&oid=2&pvsid=3903977396705157&pem=1&tmod=582516174&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=um7L7lmWwD&p=https%3A//www.starpenstacks.com&dtd=98

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

05f0b1a045b59b9c77582261d49937559ca2b145958b131af08efde2acc74add

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.starpenstacks.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sun, 13 Mar 2022 07:50:57 GMT
server: cafe
content-length: 8190
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 13 Mar 2022 07:50:57 GMT
cache-control: private

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame E05A 67 KB
29 KB 780ms
780ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9355985142493728&output=html&adk=1812271804&adf=3025194257&lmt=1647071471&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.starpenstacks.com%2F2020%2F08%2F27%2Ftake-a-look-at-the-most-luxurious-houses-of-the-rich-and-famous-celebrities%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647157856915&bpp=1&bdt=260&idt=91&shv=r20220308&mjsv=m202203080101&ptt=9&saldr=aa&abxe=1&prev_fmts=400x280%2C349x280%2C349x280&nras=1&correlator=5329026693178&frm=20&pv=1&ga_vid=92319065.1647157857&ga_sid=1647157857&ga_hid=772546249&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C42531398%2C44750773%2C21066428%2C31065469%2C31065531%2C31065575&oid=2&pvsid=3903977396705157&pem=1&tmod=582516174&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=4&uci=a!4&fsb=1&dtd=96

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d42f479fee0d02648e199d47016e3c53261cdcef145bbcc9bc33fb3b6da8574f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.starpenstacks.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sun, 13 Mar 2022 07:50:57 GMT
server: cafe
content-length: 29634
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 13 Mar 2022 07:50:57 GMT
cache-control: private

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 32ms
16ms XHR
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=772546249&t=pageview&_s=1&dl=https%3A%2F%2Fwww.starpenstacks.com%2F2020%2F08%2F27%2Ftake-a-look-at-the-most-luxurious-houses-of-the-rich-and-famous-celebrities%2F&ul=en-us&de=UTF-8&dt=Take%20A%20Look%20At%20The%20Most%20Luxurious%20Houses%20Of%20The%20Rich%20And%20Famous%20Celebrities%20-%20StarPenStacks&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAUABAAAAAC~&jid=2004072041&gjid=2010418142&cid=92319065.1647157857&tid=UA-137392462-9&_gid=1865158769.1647157857&_r=1&gtm=2ou370&z=525255159

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.starpenstacks.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 13 Mar 2022 07:50:57 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.starpenstacks.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 9145 624 B
300 B 21ms
19ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CM6njwIQ8cnEggIYiYC_vQEwAQ&v=APEucNX8CcROZTqV_xkC25erfoOOxZWQnBwbEzo2vyU32LzLXPjGOIFDkUg5uSQT8h5YVGEm5cgMIeqoExvGzdkAfbU0sisSxHPZlmC1SosofQABt9BBMJN6A2KSciDZzcKxjS-fGR90Vh5U8sU4evXQDxoQK88djzCVQYKm9wDymawi2c9NhjM

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9355985142493728&output=html&h=280&slotname=5482577920&adk=2016359606&adf=1497098137&pi=t.ma~as.5482577920&w=349&fwrn=4&fwrnh=100&lmt=1647071471&rafmt=3&psa=0&format=349x280&url=https%3A%2F%2Fwww.starpenstacks.com%2F2020%2F08%2F27%2Ftake-a-look-at-the-most-luxurious-houses-of-the-rich-and-famous-celebrities%2F&flash=0&fwr=0&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647157856905&bpp=1&bdt=250&idt=95&shv=r20220308&mjsv=m202203080101&ptt=9&saldr=aa&abxe=1&prev_fmts=400x280%2C349x280&correlator=5329026693178&frm=20&pv=1&ga_vid=92319065.1647157857&ga_sid=1647157857&ga_hid=772546249&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=938&ady=447&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C42531398%2C44750773%2C21066428%2C31065469%2C31065531%2C31065575&oid=2&pvsid=3903977396705157&pem=1&tmod=582516174&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=um7L7lmWwD&p=https%3A//www.starpenstacks.com&dtd=98

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9355985142493728&output=html&h=280&slotname=5482577920&adk=2016359606&adf=1497098137&pi=t.ma~as.5482577920&w=349&fwrn=4&fwrnh=100&lmt=1647071471&rafmt=3&psa=0&format=349x280&url=https%3A%2F%2Fwww.starpenstacks.com%2F2020%2F08%2F27%2Ftake-a-look-at-the-most-luxurious-houses-of-the-rich-and-famous-celebrities%2F&flash=0&fwr=0&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647157856905&bpp=1&bdt=250&idt=95&shv=r20220308&mjsv=m202203080101&ptt=9&saldr=aa&abxe=1&prev_fmts=400x280%2C349x280&correlator=5329026693178&frm=20&pv=1&ga_vid=92319065.1647157857&ga_sid=1647157857&ga_hid=772546249&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=938&ady=447&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C42531398%2C44750773%2C21066428%2C31065469%2C31065531%2C31065575&oid=2&pvsid=3903977396705157&pem=1&tmod=582516174&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=um7L7lmWwD&p=https%3A//www.starpenstacks.com&dtd=98

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Sun, 13 Mar 2022 07:50:57 GMT
server: cafe
cache-control: private
content-length: 276
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 13 Mar 2022 07:50:57 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 83E3 89 KB
35 KB 61ms
60ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B1UHUDadDlch0KbyIMlsk16pXtaA4jgpXZTgWL2JF2Mkie81lg3FtEu7L89-UifPSyDhgzEWrxlDe-aPXaTwmTFJC_j3w1O6contC9zqOkAUbjDxzTvUJRv-Zb6OkqUIvwyGO7B-MMRWRjeqVHkV5ieurraA&dbm_d=AKAmf-CMijRRp-A5C170nYbWr9ffk90eFO0UqL6l4TlrbuGuM_oowmAGrrp0iBnffoYGLYmrT3NIom7FnRRzuhyOGO7yYu-tn1iq4hooHcI3dKdO3ZfKpwCAADDPBgRZ2SG_u34MGI4iZ0mlPEXUFzz0tUJrlpAF9cr3e2GPC7ZLSdPsUso5OrJS8Z1DIDaNTzMp0OwTDXaxHgnRaoeM-nYDh2EhQOg7nnIpJZ9IeJTVjqpxwoLQ1J909AFfAnS_iYQWNq03u_8IZyK4a5fWeTqHr0hHDA40VmZMJVV7aapXsKrg6R59karPI0vNYIb6sNzQjqIDr_c6FKd9n29WH1aOyFp4Yfa2KfCXZKJrL2JU6N0zyeMYUoi5HhwvSK9RfbP04vvXNlK9KIZW_J76VIcMi3kKIiOK_w4MBESr0BoFq5hHtE7z4TibNzITs43eXGumV-ZbVWCIn-9L5r_uoGZMoOEP5GSa7Vky0wj_ewTpQsqF449wpjXh4G-5XXjWoospA6Vnr72p1BxAQtiIyd4e5xzsrlgXy-Q338Hlj6C-x6Wzvk_Ya6XF2T-lQVvU5pzQoAnuuikms05hex9OukJEHh4DJMwz07iIw8hN2mJzN9Mn_cEVFqHEIXnO-qQQkj6ofqyKGoZ92oq66nySYsO7HTUZLDEhenh3k4vCal4evqKcY-o4lE7GH4WsrnthJiytSM1JH8UdEk-hGUPU3i-879GDBTPZ9YPE_kMawOph57xfQNVIJ0wS67FzT3mnf6Xt5BIPBCyBpgbC46wRuiJwP0KuivazWRz0rP2ub94H6OTl-d6voF_776yKDtpnL97OuqUBtbHe3gNKbwaphUbR2QsNj0jsPVJ-8ITHc_q65oliuB_oRwj4l8fuSEHpIJS4uzjmzNYwQrlEpOhdsrpj9fybjlw8B6UFnmyeLU-WUiJKlr-YSjVksFbive26Dmf23NY33n347QqXUkaRsXeIXDbFlgEHkcGv2Z9CQZDCrpJdJjEOvwZl_HGEepWKy3vgJo-6zYuZhmP8I1N8fiTj07Ysms31B4OJg1Yrp1gF9DyHqX3woBh_1UeDw9gLQUe3JtcKyfB3xqSrZA9HWzXOUVDWgpiItC8UZSVOYHvq8B2Va3GcC7JJmZVzgO6ioJa-HQTrILOLIgajk2PzqMT4YSHcwAn926AfViu8_TSwjBne6j6EKZqMYSqhAHI19UFyQ7w7FkPOqBZP92aOv5RU95CRmEUKvowRdfjriyVp20sPWo1FmgEoVN7exFQ2hzXKQn0FrqbIZIAByj-1YhePmJb5nOqdPrpexubVeeLzez2s7XL-lfvROTlCglCClQh9652coaupUHvs5d13ijOoEXlj2BpQUDFgrdFfmXpMMnfNk3-8Y1GsX6YD1NTczn1Ipp3_UMsCFkB6hKogy5eeDtNFpqp-OR6gzc1QaQmO0PhVBBQ2LoMg87gMzOkpzYsYyjl3Ix0-QGwskF7BZVjcaAeCXVrq-LED8pCKapgQxsSZHBTUuEw4czXq0w854-jeElb5Av6O0BJogJv5hO9o4QD8oKp9zTAtYUyV5Y6yhHzhCTfPsHB6hEXqwZAbEWluPjCGFqG-5fjtbHvdkYeKOiRjrsKyWkVEV59TG3ytH2wI-UAQrwd5aPuoYsV24mrIbJwF0X8emxdRhBx-wBWJ1L2V8jSU3lMOjQ36ADZ2o1mODNZgeK9lkGrD8JqBNjz-SIp6btbKtPNjMy_ONpywUU5GDMKYBlxm9dE7G6qfV9-pjaQniDfLyyXTqQHufU3-lmSEB8PgQBHxotvES8-7TB6TJAp6VvnUPcBMxhm2L3vKpkeo_hl9jkfPcMEr-TD7fHKZ3RAwbBA-mG4K49n-HlWe9nyrcAmOVxskxtfMDqYPEQ7H3-pFsEPOKLRWjEJqZI6XmbqNLIY9WLBSZ9qrh-6uKrfhw6yFfRu9BBD2ECU7VdEHER_eyU5a7Qp4P6L22UYb80eAgC0tBTfH4XBV6IQoZVbwmGA9Wqj9tOKFDE3Sd3MGADRhNqec_gaeIWcGPUnd4ezQOQ9i6cCSfQ99wa22Dkwx-0-4iJepwtEdx1lz-jxnbV1ztMyE24TRLmLqW-tRHhR5zUnI5wirwhTcNJMb1b9OO7FIm7bDvTCkrr2EbW8vMLf-xtcAJGiGZ9cw-nMqwhqoOwEr0JUsk-Pe46RWn5hhNr6sfBxRRxVfsZd5YRZWNUpyzNyiShgdjqvrYsfXgDXRDceoy4uafvlT5FOYzAxazG9NJ2egY0BciXCgwt1LyDxATOfZ8BIh0A3bSyOLDphPmEkuxjaR2p3naGHeQ47iqczwp_TtCBiGFH8SZvIyLcSsNS34h7oqHPEIP_crMcgo9ZtjhsZ4Rd9Dx3iiHKPX7dMdl1vdqk2ycMYacxESaHdxB0Y84v95gRIgUiMx59Ha7cvJk9-SPoLdqHIgCWc2Ov9npxSL6IUgQBgJJQhNdRBomRMsODuPjd3jKgCKUZa0W_rrmkaURmfQXXTjHu0z7rAG_Yolu_jRdm9ReQ-laQbReJ0bI82FFjs9WzGB5uw7roHsE8IroORYtIW2tO2uJJYDJOH-upvVyrKk8c1axcswacaFkXTJY83kgdMv5bOHXMT6NKrrl4beywqGPklVqOSDsP43PedYPuFRMghmWLKALvXlHIobpB6oIsc8ZyYOHrQvGXvxa28qzDPC_PT6O5TaaZ2ogALkBI7K2f8SmKGEFwi5amLStk8q-n9uURGSz3x__xO7ZqPEMJWxtfw89mI5SELwYHaFs9XU5S5cnyaSb-S4NrRR_48nvUgFy_gIDL6pvmJ5wcyl1IF2FLfUpxxO1AUqH8t5YsQRESY7z6qEfL7Z7QiJEmsQW2qVk5v5nswlnEt55P6fRjUWZnAb7yPqE7VTA51cGZQSNrfrXfe9T1RE64udWlI7CU4PPtopMJ2I0cdxInzMfGKBESU8sc5OGI-Xfuv_3qoQenXSXHOscLPATwU8HmFXzxn_rtnTnGTw9u-78x5KLoze01Cz1gGhD0WI63voTXXXt_pa7F2t8r4ZWD7L5GvRDdkQ61Cv-4KJComYIVPl-UXTpHxWP2IexT0EvslXVwFAuMxkQm4&cid=CAASBORoDGQ&rfl=2%2Chttps%253A%252F%252Fwww.starpenstacks.com%252F%240

Requested by

Host: www.starpenstacks.com
URL: https://www.starpenstacks.com/2020/08/27/take-a-look-at-the-most-luxurious-houses-of-the-rich-and-famous-celebrities/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

19348368fcda9f6e4294df9178e1bf1bddfa15524823d40de77fe1a0d13051ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9355985142493728&output=html&h=280&slotname=5482577920&adk=2016359606&adf=1497098137&pi=t.ma~as.5482577920&w=349&fwrn=4&fwrnh=100&lmt=1647071471&rafmt=3&psa=0&format=349x280&url=https%3A%2F%2Fwww.starpenstacks.com%2F2020%2F08%2F27%2Ftake-a-look-at-the-most-luxurious-houses-of-the-rich-and-famous-celebrities%2F&flash=0&fwr=0&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647157856905&bpp=1&bdt=250&idt=95&shv=r20220308&mjsv=m202203080101&ptt=9&saldr=aa&abxe=1&prev_fmts=400x280%2C349x280&correlator=5329026693178&frm=20&pv=1&ga_vid=92319065.1647157857&ga_sid=1647157857&ga_hid=772546249&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=938&ady=447&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C42531398%2C44750773%2C21066428%2C31065469%2C31065531%2C31065575&oid=2&pvsid=3903977396705157&pem=1&tmod=582516174&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=um7L7lmWwD&p=https%3A//www.starpenstacks.com&dtd=98
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Mar 2022 07:50:57 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35400
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220308/r20110914/client/ Frame 83E3 2 KB
1 KB 59ms
21ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220308/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 13 Mar 2022 07:47:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 178
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1233
x-xss-protection: 0
server: cafe
etag: 16517525077337815633
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 27 Mar 2022 07:47:59 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 83E3 117 KB
36 KB 54ms
30ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ec068031a38f2d97255ddf90e6d75a5538a3b0ea29510482d1909c5a1a10ad74

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 13 Mar 2022 07:50:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36343
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1646830771070120"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 13 Mar 2022 07:50:57 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220308/r20110914/client/ Frame 83E3 15 KB
7 KB 53ms
16ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220308/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fdecda5ee87b28e579c5b61ef0f86e7fff85c838ff0a06450feee13a5877ed0b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 13 Mar 2022 07:48:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 122
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6397
x-xss-protection: 0
server: cafe
etag: 14404976697706490601
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 27 Mar 2022 07:48:55 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 83E3 42 B
63 B 28ms
28ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DthaL2sAbswUgUh78oFC-_QpMK7i96AzIr0wZ2ltg6J9YNoztBHHsbaW6nEedTI0RsimqpAnwdTsgcoLGLtWAp7YR9jJFtuFX9Yd8SNu-bFiWfnek

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Mar 2022 07:50:57 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 98E2 8 KB
988 B 325ms
25ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9355985142493728&output=html&h=280&slotname=1027493446&adk=2171511035&adf=2908574772&pi=t.ma~as.1027493446&w=349&fwrn=4&fwrnh=100&lmt=1647071471&rafmt=3&psa=0&format=349x280&url=https%3A%2F%2Fwww.starpenstacks.com%2F2020%2F08%2F27%2Ftake-a-look-at-the-most-luxurious-houses-of-the-rich-and-famous-celebrities%2F&flash=0&fwr=0&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647157856905&bpp=1&bdt=249&idt=89&shv=r20220308&mjsv=m202203080101&ptt=9&saldr=aa&abxe=1&prev_fmts=400x280&correlator=5329026693178&frm=20&pv=1&ga_vid=92319065.1647157857&ga_sid=1647157857&ga_hid=772546249&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=938&ady=115&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C42531398%2C44750773%2C21066428%2C31065469%2C31065531%2C31065575&oid=2&pvsid=3903977396705157&pem=1&tmod=582516174&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=c6dSY4MXnB&p=https%3A//www.starpenstacks.com&dtd=92

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1e046a89bb90f44dadb24f5fdfbe412b5f6d320b790f7317fad956b193234726

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 13 Mar 2022 05:58:05 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 13 Mar 2022 07:50:57 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 13 Mar 2022 07:50:57 GMT

GET
H2 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220308/r20110914/client/ Frame 98E2 2 KB
984 B 45ms
25ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220308/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 13 Mar 2022 07:34:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 968
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 877
x-xss-protection: 0
server: cafe
etag: 13035868154101442325
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 27 Mar 2022 07:34:49 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220308/r20110914/ Frame 98E2 19 KB
8 KB 37ms
17ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220308/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d7e3f3f9a87439492d58ee8a90cdc8741bd44e9f5ebc5a1be461ded2df7a155e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 13 Mar 2022 07:48:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 143
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7865
x-xss-protection: 0
server: cafe
etag: 17470246482903461409
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 27 Mar 2022 07:48:34 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220308/r20110914/client/ Frame 98E2 2 KB
1 KB 42ms
26ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220308/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 13 Mar 2022 07:47:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 178
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1233
x-xss-protection: 0
server: cafe
etag: 16517525077337815633
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 27 Mar 2022 07:47:59 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 98E2 117 KB
36 KB 27ms
21ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ec068031a38f2d97255ddf90e6d75a5538a3b0ea29510482d1909c5a1a10ad74

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 13 Mar 2022 07:50:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36343
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1646830771070120"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 13 Mar 2022 07:50:57 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220308/r20110914/client/ Frame 98E2 15 KB
6 KB 38ms
18ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220308/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fdecda5ee87b28e579c5b61ef0f86e7fff85c838ff0a06450feee13a5877ed0b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 13 Mar 2022 07:48:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 122
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6397
x-xss-protection: 0
server: cafe
etag: 14404976697706490601
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 27 Mar 2022 07:48:55 GMT

GET
H2 200 35849274faa25b88196bf3c3ff2d72d2.js Show response
www.gstatic.com/mysidia/ Frame 98E2 28 KB
12 KB 30ms
8ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/35849274faa25b88196bf3c3ff2d72d2.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e4b4d396700e065d5d37bde974840cf2bf19565f8450785f0a869079b86bce9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 08:32:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 256707
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11831
x-xss-protection: 0
last-modified: Mon, 07 Mar 2022 07:55:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 08 Jun 2022 08:32:30 GMT

GET
H/1.1 200
OK ai.aspx Show response
at.bahn.de/ Frame 98E2 43 B
1 KB 100ms
26ms Fetch
image/gif 213.202.235.8
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL

https://at.bahn.de/ai.aspx?extProvId=5&extPu=14058-gaw&extLi=16437573307&cb=3212830385

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

213.202.235.8 Düsseldorf, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),

Reverse DNS

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
P3P: policyref="https://at.bahn.de/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
Connection: close
X-ET-Monitoring: 1
Content-Length: 43
Pragma: no-cache
X-ET-Code: 0
Last-Modified: So, 13 Mrz 2022 07:50:57 GMT
Server: Microsoft-IIS/8.5
Date: Sun, 13 Mar 2022 07:50:56 GMT
Access-Control-Max-Age: 1000
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: https://googleads.g.doubleclick.net
Cache-Control: private
Access-Control-Allow-Credentials: true
X-ET-Camp: 1053
Access-Control-Allow-Headers: *
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 98E2 0
0 49ms
49ms Fetch
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CSCdVYaItYoOjAuXGmweBlaToB-ys2udoq6_K6tUPv-EeEAEg6I6kN2CV4pCCoAegAazN46QByAEBqQIY8YtEyE6yPqgDAcgDywSqBKsCT9DDNYXkj9WQRCrfB1VQOrt88WBGj6-OSKsyGCdRfIrfMzaJGL4ONU1_g2YX6SsKEz8GjZKdfOXvS2kEE-0FvkEnn6reA6a_850iu9Z93elJtES33Y7-bjRyNQUYPDu5vlLZeVtLTiyzYldowViSqgtNJieu5uk_MuI2VE8pjiof3HtA24rDycwUghUFviAC-ucktD5cjbY1MIG2ROYERuEBVnwSnyrttCNA2ATdQBtyFKt0_Z72SdFTBAISmRr7BYA_3KBZjclOP1rF0mV9MjVU_jSJYi3hZxNTbpvUjFOdR_ZD6wnyT3aDc_6rhjPIHadOiFixQYZI7UStcbtm8viMVCZSeaUCfybgQvxl9iJbj5zM3-GUcug4Rbm8FP0evP7iYiVaumk_FMLABP304LjnA5IFBAgEGAGSBQQIBRgEoAYugAe8spzbAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEOyjJ9IICQiA4YAQEAEYH4AKAcgLAbgTnSfYEw3QFQGAFwGyFxwKGggAEhRwdWItOTM1NTk4NTE0MjQ5MzcyOBgA&sigh=k69U46lfjIE&uach_m=[UACH]&template_id=5021

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9355985142493728&output=html&h=280&slotname=1027493446&adk=2171511035&adf=2908574772&pi=t.ma~as.1027493446&w=349&fwrn=4&fwrnh=100&lmt=1647071471&rafmt=3&psa=0&format=349x280&url=https%3A%2F%2Fwww.starpenstacks.com%2F2020%2F08%2F27%2Ftake-a-look-at-the-most-luxurious-houses-of-the-rich-and-famous-celebrities%2F&flash=0&fwr=0&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647157856905&bpp=1&bdt=249&idt=89&shv=r20220308&mjsv=m202203080101&ptt=9&saldr=aa&abxe=1&prev_fmts=400x280&correlator=5329026693178&frm=20&pv=1&ga_vid=92319065.1647157857&ga_sid=1647157857&ga_hid=772546249&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=938&ady=115&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C42531398%2C44750773%2C21066428%2C31065469%2C31065531%2C31065575&oid=2&pvsid=3903977396705157&pem=1&tmod=582516174&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=c6dSY4MXnB&p=https%3A//www.starpenstacks.com&dtd=92
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sun, 13 Mar 2022 07:50:57 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 9145
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPQ5E5zvCJa559OopItVS-c&google_cver=1

43 B
1014 B

32ms
22ms

Image
image/gif

104.79.88.202
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPQ5E5zvCJa559OopItVS-c&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CM6njwIQ8cnEggIYiYC_vQEwAQ&v=APEucNX8CcROZTqV_xkC25erfoOOxZWQnBwbEzo2vyU32LzLXPjGOIFDkUg5uSQT8h5YVGEm5cgMIeqoExvGzdkAfbU0sisSxHPZlmC1SosofQABt9BBMJN6A2KSciDZzcKxjS-fGR90Vh5U8sU4evXQDxoQK88djzCVQYKm9wDymawi2c9NhjM
Protocol: HTTP/1.1
Server: 104.79.88.202 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-79-88-202.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 13 Mar 2022 07:50:57 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sun, 13 Mar 2022 07:50:57 GMT

Redirect headers

pragma: no-cache
date: Sun, 13 Mar 2022 07:50:57 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPQ5E5zvCJa559OopItVS-c&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 9145
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Yi2iYXX2j02m2cFJhQ7-SwAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEH7ZlcG9UzoULMhgqohJjms&google_cver=1

43 B
894 B

17ms
16ms

Image
image/gif

104.79.88.202
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEH7ZlcG9UzoULMhgqohJjms&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CM6njwIQ8cnEggIYiYC_vQEwAQ&v=APEucNX8CcROZTqV_xkC25erfoOOxZWQnBwbEzo2vyU32LzLXPjGOIFDkUg5uSQT8h5YVGEm5cgMIeqoExvGzdkAfbU0sisSxHPZlmC1SosofQABt9BBMJN6A2KSciDZzcKxjS-fGR90Vh5U8sU4evXQDxoQK88djzCVQYKm9wDymawi2c9NhjM
Protocol: HTTP/1.1
Server: 104.79.88.202 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-79-88-202.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 13 Mar 2022 07:50:57 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sun, 13 Mar 2022 07:50:57 GMT

Redirect headers

pragma: no-cache
date: Sun, 13 Mar 2022 07:50:57 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEH7ZlcG9UzoULMhgqohJjms&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 9145
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEPBlqN58uKMl7VuNx265bos&google_cver=1

43 B
1014 B

25ms
17ms

Image
image/gif

185.33.223.38
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEPBlqN58uKMl7VuNx265bos&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CM6njwIQ8cnEggIYiYC_vQEwAQ&v=APEucNX8CcROZTqV_xkC25erfoOOxZWQnBwbEzo2vyU32LzLXPjGOIFDkUg5uSQT8h5YVGEm5cgMIeqoExvGzdkAfbU0sisSxHPZlmC1SosofQABt9BBMJN6A2KSciDZzcKxjS-fGR90Vh5U8sU4evXQDxoQK88djzCVQYKm9wDymawi2c9NhjM

Protocol

HTTP/1.1

Server

185.33.223.38 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

400.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 13 Mar 2022 07:50:57 GMT
X-Proxy-Origin: 193.27.14.42; 193.27.14.42; 400.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: ab1e75ae-d86f-45ad-991d-c77748f45d94
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 13 Mar 2022 07:50:57 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEPBlqN58uKMl7VuNx265bos&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9145
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTE1MjgxMjY0MTYwMDQ1NTUxNg%3D%3D

170 B
188 B

18ms
18ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTE1MjgxMjY0MTYwMDQ1NTUxNg%3D%3D

Requested by

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Mar 2022 07:50:57 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 13 Mar 2022 07:50:57 GMT
X-Proxy-Origin: 193.27.14.42; 193.27.14.42; 400.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 57a9dd3c-d1b9-4b17-a6fb-69ec1ffcced2
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTE1MjgxMjY0MTYwMDQ1NTUxNg%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/14775772125290011308/ Frame 98E2 955 B
1 KB 31ms
26ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14775772125290011308/downsize_200k_v1?w=100&h=100

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7ba0149c0886d813343423a8e417a6cdc7d0eaecd65f6524cbba3721ec8a9e4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 12 Mar 2022 21:57:18 GMT
x-content-type-options: nosniff
age: 35619
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 955
x-xss-protection: 0
last-modified: Tue, 29 Jun 2021 07:29:42 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 12 Mar 2023 21:57:18 GMT

GET
H2 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/13029989445426462040/ Frame 98E2 13 KB
14 KB 31ms
26ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13029989445426462040/downsize_200k_v1?w=400&h=209

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f34de0128557d4cadd7f148902f52b28129833dcf92586863cd6bec113fd7a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 08:01:39 GMT
x-content-type-options: nosniff
age: 517758
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13813
x-xss-protection: 0
last-modified: Thu, 03 Mar 2022 14:22:01 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 07 Mar 2023 08:01:39 GMT

GET
DATA 200
OK truncated
/ Frame 98E2 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e955dbd79cdc15285253abeb8a555d34edfde9c9b307160194fad01907ba93c4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 98E2 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 372a3186cdfa2b7a80c939a0496851ab0519c9b8cb656609fb902168ee053a8b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 98E2 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 17269903bacd549c59f37d2547b6d691da3eb6226eef233c089d9f3841cf312d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 skeleton.js Show response
fw.adsafeprotected.com/rjss/st/899486/59154197/ Frame 83E3 232 KB
71 KB 129ms
35ms Script
application/javascript 34.251.147.149
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/st/899486/59154197/skeleton.js?ias_dspID=3&ias_campId=15846430&ias_pubId=pub-9355985142493728&ias_chanId=1&ias_placementId=16539433847&bidurl=https://www.starpenstacks.com/2020/08/27/take-a-look-at-the-most-luxurious-houses-of-the-rich-and-famous-celebrities/&ias_dealId=
Requested by: Host: www.starpenstacks.com
URL: https://www.starpenstacks.com/2020/08/27/take-a-look-at-the-most-luxurious-houses-of-the-rich-and-famous-celebrities/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.251.147.149 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-251-147-149.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 49a260cd0b490d057e3dac3a99be4e68bb464803268a24484a29dd6cb2fa4dda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Mar 2022 07:50:57 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_275.js Show response
s0.2mdn.net/879366/ Frame 83E3 106 KB
38 KB 64ms
7ms Script
text/javascript 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js

Requested by

Host: www.starpenstacks.com
URL: https://www.starpenstacks.com/2020/08/27/take-a-look-at-the-most-luxurious-houses-of-the-rich-and-famous-celebrities/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 12 Mar 2022 12:47:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 68595
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37892
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:44:52 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 13 Mar 2022 12:47:42 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220308/r20110914/elements/html/ Frame 83E3 8 KB
3 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220308/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B1UHUDadDlch0KbyIMlsk16pXtaA4jgpXZTgWL2JF2Mkie81lg3FtEu7L89-UifPSyDhgzEWrxlDe-aPXaTwmTFJC_j3w1O6contC9zqOkAUbjDxzTvUJRv-Zb6OkqUIvwyGO7B-MMRWRjeqVHkV5ieurraA&dbm_d=AKAmf-CMijRRp-A5C170nYbWr9ffk90eFO0UqL6l4TlrbuGuM_oowmAGrrp0iBnffoYGLYmrT3NIom7FnRRzuhyOGO7yYu-tn1iq4hooHcI3dKdO3ZfKpwCAADDPBgRZ2SG_u34MGI4iZ0mlPEXUFzz0tUJrlpAF9cr3e2GPC7ZLSdPsUso5OrJS8Z1DIDaNTzMp0OwTDXaxHgnRaoeM-nYDh2EhQOg7nnIpJZ9IeJTVjqpxwoLQ1J909AFfAnS_iYQWNq03u_8IZyK4a5fWeTqHr0hHDA40VmZMJVV7aapXsKrg6R59karPI0vNYIb6sNzQjqIDr_c6FKd9n29WH1aOyFp4Yfa2KfCXZKJrL2JU6N0zyeMYUoi5HhwvSK9RfbP04vvXNlK9KIZW_J76VIcMi3kKIiOK_w4MBESr0BoFq5hHtE7z4TibNzITs43eXGumV-ZbVWCIn-9L5r_uoGZMoOEP5GSa7Vky0wj_ewTpQsqF449wpjXh4G-5XXjWoospA6Vnr72p1BxAQtiIyd4e5xzsrlgXy-Q338Hlj6C-x6Wzvk_Ya6XF2T-lQVvU5pzQoAnuuikms05hex9OukJEHh4DJMwz07iIw8hN2mJzN9Mn_cEVFqHEIXnO-qQQkj6ofqyKGoZ92oq66nySYsO7HTUZLDEhenh3k4vCal4evqKcY-o4lE7GH4WsrnthJiytSM1JH8UdEk-hGUPU3i-879GDBTPZ9YPE_kMawOph57xfQNVIJ0wS67FzT3mnf6Xt5BIPBCyBpgbC46wRuiJwP0KuivazWRz0rP2ub94H6OTl-d6voF_776yKDtpnL97OuqUBtbHe3gNKbwaphUbR2QsNj0jsPVJ-8ITHc_q65oliuB_oRwj4l8fuSEHpIJS4uzjmzNYwQrlEpOhdsrpj9fybjlw8B6UFnmyeLU-WUiJKlr-YSjVksFbive26Dmf23NY33n347QqXUkaRsXeIXDbFlgEHkcGv2Z9CQZDCrpJdJjEOvwZl_HGEepWKy3vgJo-6zYuZhmP8I1N8fiTj07Ysms31B4OJg1Yrp1gF9DyHqX3woBh_1UeDw9gLQUe3JtcKyfB3xqSrZA9HWzXOUVDWgpiItC8UZSVOYHvq8B2Va3GcC7JJmZVzgO6ioJa-HQTrILOLIgajk2PzqMT4YSHcwAn926AfViu8_TSwjBne6j6EKZqMYSqhAHI19UFyQ7w7FkPOqBZP92aOv5RU95CRmEUKvowRdfjriyVp20sPWo1FmgEoVN7exFQ2hzXKQn0FrqbIZIAByj-1YhePmJb5nOqdPrpexubVeeLzez2s7XL-lfvROTlCglCClQh9652coaupUHvs5d13ijOoEXlj2BpQUDFgrdFfmXpMMnfNk3-8Y1GsX6YD1NTczn1Ipp3_UMsCFkB6hKogy5eeDtNFpqp-OR6gzc1QaQmO0PhVBBQ2LoMg87gMzOkpzYsYyjl3Ix0-QGwskF7BZVjcaAeCXVrq-LED8pCKapgQxsSZHBTUuEw4czXq0w854-jeElb5Av6O0BJogJv5hO9o4QD8oKp9zTAtYUyV5Y6yhHzhCTfPsHB6hEXqwZAbEWluPjCGFqG-5fjtbHvdkYeKOiRjrsKyWkVEV59TG3ytH2wI-UAQrwd5aPuoYsV24mrIbJwF0X8emxdRhBx-wBWJ1L2V8jSU3lMOjQ36ADZ2o1mODNZgeK9lkGrD8JqBNjz-SIp6btbKtPNjMy_ONpywUU5GDMKYBlxm9dE7G6qfV9-pjaQniDfLyyXTqQHufU3-lmSEB8PgQBHxotvES8-7TB6TJAp6VvnUPcBMxhm2L3vKpkeo_hl9jkfPcMEr-TD7fHKZ3RAwbBA-mG4K49n-HlWe9nyrcAmOVxskxtfMDqYPEQ7H3-pFsEPOKLRWjEJqZI6XmbqNLIY9WLBSZ9qrh-6uKrfhw6yFfRu9BBD2ECU7VdEHER_eyU5a7Qp4P6L22UYb80eAgC0tBTfH4XBV6IQoZVbwmGA9Wqj9tOKFDE3Sd3MGADRhNqec_gaeIWcGPUnd4ezQOQ9i6cCSfQ99wa22Dkwx-0-4iJepwtEdx1lz-jxnbV1ztMyE24TRLmLqW-tRHhR5zUnI5wirwhTcNJMb1b9OO7FIm7bDvTCkrr2EbW8vMLf-xtcAJGiGZ9cw-nMqwhqoOwEr0JUsk-Pe46RWn5hhNr6sfBxRRxVfsZd5YRZWNUpyzNyiShgdjqvrYsfXgDXRDceoy4uafvlT5FOYzAxazG9NJ2egY0BciXCgwt1LyDxATOfZ8BIh0A3bSyOLDphPmEkuxjaR2p3naGHeQ47iqczwp_TtCBiGFH8SZvIyLcSsNS34h7oqHPEIP_crMcgo9ZtjhsZ4Rd9Dx3iiHKPX7dMdl1vdqk2ycMYacxESaHdxB0Y84v95gRIgUiMx59Ha7cvJk9-SPoLdqHIgCWc2Ov9npxSL6IUgQBgJJQhNdRBomRMsODuPjd3jKgCKUZa0W_rrmkaURmfQXXTjHu0z7rAG_Yolu_jRdm9ReQ-laQbReJ0bI82FFjs9WzGB5uw7roHsE8IroORYtIW2tO2uJJYDJOH-upvVyrKk8c1axcswacaFkXTJY83kgdMv5bOHXMT6NKrrl4beywqGPklVqOSDsP43PedYPuFRMghmWLKALvXlHIobpB6oIsc8ZyYOHrQvGXvxa28qzDPC_PT6O5TaaZ2ogALkBI7K2f8SmKGEFwi5amLStk8q-n9uURGSz3x__xO7ZqPEMJWxtfw89mI5SELwYHaFs9XU5S5cnyaSb-S4NrRR_48nvUgFy_gIDL6pvmJ5wcyl1IF2FLfUpxxO1AUqH8t5YsQRESY7z6qEfL7Z7QiJEmsQW2qVk5v5nswlnEt55P6fRjUWZnAb7yPqE7VTA51cGZQSNrfrXfe9T1RE64udWlI7CU4PPtopMJ2I0cdxInzMfGKBESU8sc5OGI-Xfuv_3qoQenXSXHOscLPATwU8HmFXzxn_rtnTnGTw9u-78x5KLoze01Cz1gGhD0WI63voTXXXt_pa7F2t8r4ZWD7L5GvRDdkQ61Cv-4KJComYIVPl-UXTpHxWP2IexT0EvslXVwFAuMxkQm4&cid=CAASBORoDGQ&rfl=2%2Chttps%253A%252F%252Fwww.starpenstacks.com%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 13 Mar 2022 07:47:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 209
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3159
x-xss-protection: 0
server: cafe
etag: 1394524276809619753
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 27 Mar 2022 07:47:28 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220308/r20110914/ Frame 83E3 25 KB
9 KB 10ms
10ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220308/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

947e22d9ed05fbe3f5ed3c4ee35618a1910a85968f48a22c0277f9936f2eb769

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 13 Mar 2022 07:48:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 149
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9657
x-xss-protection: 0
server: cafe
etag: 5177785407398320510
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 27 Mar 2022 07:48:28 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 83E3 41 KB
15 KB 24ms
7ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 13:19:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 153095
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 11 Mar 2023 13:19:22 GMT

GET
DATA 200
OK truncated
/ Frame 83E3 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dfc3051af05af9c5512a82d2a98666e1ee8ebc2d0f52f5e5ab6ad095ea6fc758

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 9561 22 KB
8 KB 7ms
7ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 11 Mar 2022 13:19:22 GMT
expires: Sat, 11 Mar 2023 13:19:22 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: text/html
age: 153095
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 sUHguJaOgo-7uJOhJ406zvaQRdrc_7oCnUaOp60Ji2o.js Show response
pagead2.googlesyndication.com/bg/ Frame 9561 35 KB
14 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/sUHguJaOgo-7uJOhJ406zvaQRdrc_7oCnUaOp60Ji2o.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b141e0b8968e828fbbb893a1278d3acef69045dadcffba029d468ea7ad098b6a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 12 Mar 2022 19:55:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 42906
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13820
x-xss-protection: 0
last-modified: Tue, 01 Mar 2022 17:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 12 Mar 2023 19:55:51 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/18379988480276979511/ Frame AFCA 4 KB
1 KB 23ms
7ms Document
text/html 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/18379988480276979511/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

80a54548354e5b41ccba1a9959b22f19156b25c17cd7bd6c7b8c38394e973b86

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
content-length: 1366
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
date: Mon, 07 Mar 2022 11:50:36 GMT
expires: Tue, 07 Mar 2023 11:50:36 GMT
cache-control: public, max-age=31536000
age: 504021
last-modified: Tue, 24 Aug 2021 16:58:35 GMT
content-type: text/html
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 83E3 0
107 B 490ms
447ms Ping
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjst3ejSCX9MdGmHKGKwHb-j4sPp3TnqQeAO77FmVZD4jFYsEyI0kZi4UHPImj8BRPCf72_wlNiXNyuulUuGiT3VHkuIIN_Ey7CZo9uMU00MYlKEan7pTZ5U-kRtTbR0Cnmnk0BO-o0dtRQ2lZZNgX9V947pP025UMxG-gej8OSGimpJrkMRtRVu3lyDatm79y72D18x2MtHWfXv9nRBn-24n4pcvyqvetoIu53e6rPAskKgb_L4P4ID2WntcfXxK_Wj8jlgLnZ3THNgUsv37LQBEZxbRShNMvubgXidsingfY5fz6XmRo4NXxMtbKZpjuayQawsebvntWaFghHSCYY2s34FxKsTYK63cvXfE0PYpuhRHqN1h0FXWjwH9CHkKMs1VTKQmQDV2A190nxvRvydy2E9ufQc8_pL0XsJJHNIJlE8x3xEnURwnUtbRdtGhScposRj1ixtAzyC1liEkX9k1MFcNMvSrju7yNqGAd6-yKrnv1_Hj4rRhSH6PzUTnn1Q_F9wuH3G6PhgdDlcvwkWbkPb7G68yaZ__kzMkfYGYJkZ5qdERPtkCAULz-___mKG8Q3QL9B9Gay28338CikKlPB518_SrSl-tSD7UugS6Zn8EcTXtcmWWMy-7_wgKn7sYbHKCYBSkWGI03437BFfbELugdjusWKEXZxlPbOhXh5MMo0qPUBner6tSEOaYj5og_GxejB0pTDdlb-gjuq_ciBhTgJki5DLPTkPdoMUvFxhdSuzB6OftHXg62wlhQfypVrYUkMNADBhlDTPhdGcleEg2xjiCyXPUXstXitFHu4bC1xSjEseaxJBpc3ZVgRsMmWEuGyo3ElGSiAALzG62r9Z8vX5RTimHwjFu7c2YDKWBJOUAz3lt4sJzdJvxMHIv94mGP-IsajfmWqW3fIJAAe_zvRiNagYlf1p0j2JpojAjwvQMEZOLUuzHdtvPrFfn85hgcn1Vc6ZEW-Gu2mT72wQK9R8VYCNSS5S71v8BKMD8loVcz0idsB9z4Iz7M7uJvCR1x4Uj-DkiF3i93e6coq0OWMYXAdy5iAIcH99ehHlF6m659ZsgO81_6M1GHW_0bUVLsiISUdW2GwAxIc3xDbAxHwYJKbeG8JwHGJ7GUf4Y1IStaMKPxO-6npkX_CG3vpuc_FQqLHQiU0WJtu4EnY_03mb2aqMlF2HLqZb_IjbD4e6mwpackoN0sg&sai=AMfl-YSrRoEH0dWVEHt6zugrKO7dKC4gauR-7B_a1vvDcxTuxwwbuUYruTj3uSCzuDyipTqzg2wTAXN3uqXXh7XyAUPZQVX2resKt5SNN1-jI8lYRyDwlRN0SoGrLGM0q6TP6w_8&sig=Cg0ArKJSzNjCqVLtMcP1EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=104&cbvp=1&cstd=86&cisv=r20220308.88581&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&adurl=

Requested by

Host: www.starpenstacks.com
URL: https://www.starpenstacks.com/2020/08/27/take-a-look-at-the-most-luxurious-houses-of-the-rich-and-famous-celebrities/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Sun, 13 Mar 2022 07:50:58 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 5805991212027813712
tpc.googlesyndication.com/simgad/ Frame 662D 53 KB
53 KB 20ms
20ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/5805991212027813712?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qlT35FI_ww9cwkjPEYvNFp0_aj_bA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9355985142493728&output=html&h=280&slotname=9539990666&adk=1784735162&adf=2227106891&pi=t.ma~as.9539990666&w=400&fwrn=4&fwrnh=100&lmt=1647071471&rafmt=3&psa=0&format=400x280&url=https%3A%2F%2Fwww.starpenstacks.com%2F2020%2F08%2F27%2Ftake-a-look-at-the-most-luxurious-houses-of-the-rich-and-famous-celebrities%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647157856901&bpp=3&bdt=246&idt=66&shv=r20220308&mjsv=m202203080101&ptt=9&saldr=aa&abxe=1&correlator=5329026693178&frm=20&pv=2&ga_vid=92319065.1647157857&ga_sid=1647157857&ga_hid=772546249&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=367&ady=1154&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C42531398%2C44750773%2C21066428%2C31065469%2C31065531%2C31065575&oid=2&pvsid=3903977396705157&pem=1&tmod=582516174&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=fVIf8MNONK&p=https%3A//www.starpenstacks.com&dtd=84

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2dc5aa0c92c65f2872da99c36c43b2dd869b34bfaba5b089e85a0a697fddfbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 09:14:08 GMT
x-content-type-options: nosniff
age: 340609
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54340
x-xss-protection: 0
last-modified: Tue, 07 Sep 2021 08:25:42 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 09 Mar 2023 09:14:08 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220308/r20110914/ Frame 662D 19 KB
8 KB 18ms
18ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220308/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d7e3f3f9a87439492d58ee8a90cdc8741bd44e9f5ebc5a1be461ded2df7a155e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 13 Mar 2022 07:48:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 143
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7865
x-xss-protection: 0
server: cafe
etag: 17470246482903461409
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 27 Mar 2022 07:48:34 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220308/r20110914/client/ Frame 662D 2 KB
1 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220308/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 13 Mar 2022 07:45:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 338
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1233
x-xss-protection: 0
server: cafe
etag: 16517525077337815633
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 27 Mar 2022 07:45:19 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 662D 117 KB
36 KB 66ms
50ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ec068031a38f2d97255ddf90e6d75a5538a3b0ea29510482d1909c5a1a10ad74

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 13 Mar 2022 07:50:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36343
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1646830771070120"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 13 Mar 2022 07:50:57 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220308/r20110914/client/ Frame 662D 15 KB
6 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220308/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fdecda5ee87b28e579c5b61ef0f86e7fff85c838ff0a06450feee13a5877ed0b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 13 Mar 2022 07:26:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1481
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6397
x-xss-protection: 0
server: cafe
etag: 14404976697706490601
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 27 Mar 2022 07:26:16 GMT

GET
H3 200 one_click_handler_one_afma_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220308/r20110914/client/ Frame 662D 28 KB
12 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220308/r20110914/client/one_click_handler_one_afma_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca7f23edc5a250dd23a0e499b3aa451f9dbc6bafc91faf8da2c7245bb05de1f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 13 Mar 2022 05:03:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 10053
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11802
x-xss-protection: 0
server: cafe
etag: 8307557220395963033
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 27 Mar 2022 05:03:24 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 662D 0
0 37ms
37ms Fetch
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=COl1yYaItYsrlAeT_7_UPp4WNiAuahbr1aN3nr5e3D7_hHhABIOiOpDdgleKQgqAHoAGVmOnHAsgBAqgDAcgDyQSqBK4CT9CX2WkFQk2s_k59AMxJuCkzYHpZiV20bNsZpDhEkpyInL93AsIJi8j5zkQDvCuOdLClGRGPTWaH1pdxWrlpf-VzS9F83myseMINb4oBmLU41rYaVzXJfL9MEwUH3NlP2oij9F4YaFf_Sn7QLcy2gahyXyzV4zA2gbU-fPgwTIiegnBwjk3dPeva9dKkFfSd5FFXhth39whTuFTwwFrp6Z-p1lN_RuOpwpqZiatyu84UzYMWbDiZTLd6ApamOu3FRYXhp8_C6IcwOOpfvzd1zXGd3-3RdnVhmGX8S6iDeoQfVd4HseN6IGKWI7Yz4mfSu0TN5-b00zODTv_FyqFevKJP-FwXdYH6ZUEEm-sg8QfMZ9Bbb4FIgBNGdoq0CSN6KJyWvnVTbnPdmMQwibnABMaB1vaABJIFBAgEGAGSBQQIBRgEoAYCgAfXxum1AagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEIfsDNIICQiA4YAQEAEYH4AKAcgLAdgTAtAVAYAXAbIXHAoaCAASFHB1Yi05MzU1OTg1MTQyNDkzNzI4GAA&sigh=nz6vddYtAds&uach_m=[UACH]

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9355985142493728&output=html&h=280&slotname=9539990666&adk=1784735162&adf=2227106891&pi=t.ma~as.9539990666&w=400&fwrn=4&fwrnh=100&lmt=1647071471&rafmt=3&psa=0&format=400x280&url=https%3A%2F%2Fwww.starpenstacks.com%2F2020%2F08%2F27%2Ftake-a-look-at-the-most-luxurious-houses-of-the-rich-and-famous-celebrities%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647157856901&bpp=3&bdt=246&idt=66&shv=r20220308&mjsv=m202203080101&ptt=9&saldr=aa&abxe=1&correlator=5329026693178&frm=20&pv=2&ga_vid=92319065.1647157857&ga_sid=1647157857&ga_hid=772546249&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=367&ady=1154&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C42531398%2C44750773%2C21066428%2C31065469%2C31065531%2C31065575&oid=2&pvsid=3903977396705157&pem=1&tmod=582516174&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=fVIf8MNONK&p=https%3A//www.starpenstacks.com&dtd=84
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sun, 13 Mar 2022 07:50:57 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 style.css
s0.2mdn.net/sadbundle/18379988480276979511/stylesheets/ Frame AFCA 3 KB
873 B 8ms
7ms Stylesheet
text/css 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/18379988480276979511/stylesheets/style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18379988480276979511/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

187bd91eb486aeaf273b28c386e84075a9e8795067067a7216e357a16c27d571

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18379988480276979511/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 11:50:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 504020
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 844
x-xss-protection: 0
last-modified: Tue, 24 Aug 2021 16:58:35 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 07 Mar 2023 11:50:37 GMT

GET
H2 200 TweenMax.min.js Show response
cdnjs.cloudflare.com/ajax/libs/gsap/1.20.4/ Frame AFCA 113 KB
34 KB 50ms
20ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/gsap/1.20.4/TweenMax.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18379988480276979511/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4ba1b9960f6bcc2d49080931ddd405a8fda579f905c7094d567d2b5823ae7970

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 13 Mar 2022 07:50:57 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 5142290
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 33534
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:10:25 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e71-1c274"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tLNaa04tivH1H9sfHkHCf%2Ft1zyMuyzdK%2BK3f9IR58YnnkIRtCRfwIag79%2B9Q2ePt5k6d8MV%2FB6yBr%2BcmD27ApWRD%2BSmwJBFHqStY64K0v8rQBhR%2FT2%2BtJcbxrpPgcCNjFMmI1Is%2FcPaFP3VGUMm98QmO"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6eb32e8279b82325-ZRH
expires: Fri, 03 Mar 2023 07:50:57 GMT

GET
H3 200 main.js Show response
s0.2mdn.net/sadbundle/18379988480276979511/javascripts/ Frame AFCA 3 KB
797 B 8ms
8ms Script
application/x-javascript 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/18379988480276979511/javascripts/main.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18379988480276979511/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e16a85bcdcc33ee5244d26c899c81c138d20288163f584962c910802e1f82be9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18379988480276979511/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 11:50:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 504020
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 768
x-xss-protection: 0
last-modified: Tue, 24 Aug 2021 16:58:35 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 07 Mar 2023 11:50:37 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 238A 143 B
163 B 56ms
56ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9355985142493728&output=html&h=280&slotname=9539990666&adk=1784735162&adf=2227106891&pi=t.ma~as.9539990666&w=400&fwrn=4&fwrnh=100&lmt=1647071471&rafmt=3&psa=0&format=400x280&url=https%3A%2F%2Fwww.starpenstacks.com%2F2020%2F08%2F27%2Ftake-a-look-at-the-most-luxurious-houses-of-the-rich-and-famous-celebrities%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647157856901&bpp=3&bdt=246&idt=66&shv=r20220308&mjsv=m202203080101&ptt=9&saldr=aa&abxe=1&correlator=5329026693178&frm=20&pv=2&ga_vid=92319065.1647157857&ga_sid=1647157857&ga_hid=772546249&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=367&ady=1154&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C42531398%2C44750773%2C21066428%2C31065469%2C31065531%2C31065575&oid=2&pvsid=3903977396705157&pem=1&tmod=582516174&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=fVIf8MNONK&p=https%3A//www.starpenstacks.com&dtd=84

Response headers

x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 145
x-xss-protection: 0
date: Sun, 13 Mar 2022 07:03:19 GMT
cache-control: public, max-age=3600
content-type: text/html; charset=UTF-8
age: 2858
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 bg.jpg
s0.2mdn.net/sadbundle/18379988480276979511/images/ Frame AFCA 47 KB
48 KB 8ms
7ms Image
image/jpeg 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/18379988480276979511/images/bg.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18379988480276979511/stylesheets/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

00293f3bd14708696dd01108ef21f379e67d72b47e1bc81fd8e5f6c75ba67265

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18379988480276979511/stylesheets/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 11:49:56 GMT
x-content-type-options: nosniff
age: 504061
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48615
x-xss-protection: 0
last-modified: Tue, 24 Aug 2021 16:58:35 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 07 Mar 2023 11:49:56 GMT

GET
H3 200 push1.png
s0.2mdn.net/sadbundle/18379988480276979511/images/ Frame AFCA 3 KB
3 KB 15ms
14ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/18379988480276979511/images/push1.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18379988480276979511/stylesheets/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

91e73282e24acb3d20167e89e890f18353b36d29d64b1733c2af6374b3b2abfd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18379988480276979511/stylesheets/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 11:50:41 GMT
x-content-type-options: nosniff
age: 504016
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3364
x-xss-protection: 0
last-modified: Tue, 24 Aug 2021 16:58:35 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 07 Mar 2023 11:50:41 GMT

GET
H3 200 bg2.jpg
s0.2mdn.net/sadbundle/18379988480276979511/images/ Frame AFCA 103 KB
103 KB 17ms
15ms Image
image/jpeg 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/18379988480276979511/images/bg2.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18379988480276979511/stylesheets/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

95acd35195b8cc427db9752bac21f184190fb6f9e25b41863c5c83899c1b5ad7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18379988480276979511/stylesheets/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 11:49:56 GMT
x-content-type-options: nosniff
age: 504061
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 105825
x-xss-protection: 0
last-modified: Tue, 24 Aug 2021 16:58:35 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 07 Mar 2023 11:49:56 GMT

GET
H3 200 push2.png
s0.2mdn.net/sadbundle/18379988480276979511/images/ Frame AFCA 4 KB
4 KB 16ms
14ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/18379988480276979511/images/push2.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18379988480276979511/stylesheets/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d522a5298325cc61cb4110b44769bbcf6cb921d4421446b4580e91e217f9bd18

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18379988480276979511/stylesheets/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 09:35:10 GMT
x-content-type-options: nosniff
age: 166547
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3912
x-xss-protection: 0
last-modified: Tue, 24 Aug 2021 16:58:35 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 11 Mar 2023 09:35:10 GMT

GET
H3 200 bg3.jpg
s0.2mdn.net/sadbundle/18379988480276979511/images/ Frame AFCA 64 KB
64 KB 24ms
22ms Image
image/jpeg 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/18379988480276979511/images/bg3.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18379988480276979511/stylesheets/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d498c861fc4b869322cb7379fa35e27e4a8ab0c0823db818eedfc4c6a2c2ceda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18379988480276979511/stylesheets/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 11:49:56 GMT
x-content-type-options: nosniff
age: 504061
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 65515
x-xss-protection: 0
last-modified: Tue, 24 Aug 2021 16:58:35 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 07 Mar 2023 11:49:56 GMT

GET
H3 200 push3.png
s0.2mdn.net/sadbundle/18379988480276979511/images/ Frame AFCA 3 KB
3 KB 31ms
29ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/18379988480276979511/images/push3.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18379988480276979511/stylesheets/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

70cf98ba561293bef6950034448e399a4688e219f5b10d8ba7f511c12a860f5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18379988480276979511/stylesheets/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 11:50:39 GMT
x-content-type-options: nosniff
age: 504018
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3289
x-xss-protection: 0
last-modified: Tue, 24 Aug 2021 16:58:35 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 07 Mar 2023 11:50:39 GMT

GET
H3 200 bg4.jpg
s0.2mdn.net/sadbundle/18379988480276979511/images/ Frame AFCA 52 KB
52 KB 28ms
26ms Image
image/jpeg 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/18379988480276979511/images/bg4.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18379988480276979511/stylesheets/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c26f1d037a17f6e2f7eb655176a309fcb1496f970788caed199fe32b98603164

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18379988480276979511/stylesheets/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 11:49:56 GMT
x-content-type-options: nosniff
age: 504061
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53670
x-xss-protection: 0
last-modified: Tue, 24 Aug 2021 16:58:35 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 07 Mar 2023 11:49:56 GMT

GET
H3 200 push4.png
s0.2mdn.net/sadbundle/18379988480276979511/images/ Frame AFCA 144 B
171 B 31ms
29ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/18379988480276979511/images/push4.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18379988480276979511/stylesheets/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bd8a46d15401b5a78ce7720333fce0c0a669b28846bf9d73c30ce3673ea75a02

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18379988480276979511/stylesheets/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 11:50:38 GMT
x-content-type-options: nosniff
age: 504019
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 144
x-xss-protection: 0
last-modified: Tue, 24 Aug 2021 16:58:35 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 07 Mar 2023 11:50:38 GMT

GET
H3 200 push5.png
s0.2mdn.net/sadbundle/18379988480276979511/images/ Frame AFCA 2 KB
2 KB 31ms
29ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/18379988480276979511/images/push5.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18379988480276979511/stylesheets/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

639c4b3a34dd57330d9591241094e01869fbeb6a004e9a09ef6402a6248f1900

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18379988480276979511/stylesheets/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 11:50:39 GMT
x-content-type-options: nosniff
age: 504018
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2310
x-xss-protection: 0
last-modified: Tue, 24 Aug 2021 16:58:35 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 07 Mar 2023 11:50:39 GMT

GET
H3 200 bg5.jpg
s0.2mdn.net/sadbundle/18379988480276979511/images/ Frame AFCA 121 KB
121 KB 24ms
23ms Image
image/jpeg 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/18379988480276979511/images/bg5.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18379988480276979511/stylesheets/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f3aeb634608eb94f37c1d8b1425fbb1b02dff11128c38686f0a4b8259bb39511

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18379988480276979511/stylesheets/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 11:49:56 GMT
x-content-type-options: nosniff
age: 504061
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 123512
x-xss-protection: 0
last-modified: Tue, 24 Aug 2021 16:58:35 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 07 Mar 2023 11:49:56 GMT

GET
H3 200 push6.png
s0.2mdn.net/sadbundle/18379988480276979511/images/ Frame AFCA 3 KB
3 KB 16ms
14ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/18379988480276979511/images/push6.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18379988480276979511/stylesheets/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fdd751409b454509052bdc7cc47cd555d3ca7a43991c8764a06c31c6f75fc76f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18379988480276979511/stylesheets/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 11:50:38 GMT
x-content-type-options: nosniff
age: 504019
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2637
x-xss-protection: 0
last-modified: Tue, 24 Aug 2021 16:58:35 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 07 Mar 2023 11:50:38 GMT

GET
H3 200 push_end.png
s0.2mdn.net/sadbundle/18379988480276979511/images/ Frame AFCA 3 KB
3 KB 16ms
14ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/18379988480276979511/images/push_end.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18379988480276979511/stylesheets/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

932bbf3aa18bc1562e858568516383d0a6a896fc2ffad8a6eb1dc82738cbf2d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18379988480276979511/stylesheets/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 11:50:38 GMT
x-content-type-options: nosniff
age: 504019
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3261
x-xss-protection: 0
last-modified: Tue, 24 Aug 2021 16:58:35 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 07 Mar 2023 11:50:38 GMT

GET
H3 200 mask.png
s0.2mdn.net/sadbundle/18379988480276979511/images/ Frame AFCA 37 KB
37 KB 16ms
14ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/18379988480276979511/images/mask.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18379988480276979511/stylesheets/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

af1f5cb3d1e915243b98f6cf21eae0d65619cc35aeac806b5ecde99d5618d623

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18379988480276979511/stylesheets/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 11:49:56 GMT
x-content-type-options: nosniff
age: 504061
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38266
x-xss-protection: 0
last-modified: Tue, 24 Aug 2021 16:58:35 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 07 Mar 2023 11:49:56 GMT

GET
H3 200 push7.png
s0.2mdn.net/sadbundle/18379988480276979511/images/ Frame AFCA 3 KB
3 KB 19ms
18ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/18379988480276979511/images/push7.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18379988480276979511/stylesheets/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c62bfa88f9f0a4618c18d6e6d8fe48cd899662e2d8626b6c34810548ff1d8418

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18379988480276979511/stylesheets/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 11:50:39 GMT
x-content-type-options: nosniff
age: 504018
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3352
x-xss-protection: 0
last-modified: Tue, 24 Aug 2021 16:58:35 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 07 Mar 2023 11:50:39 GMT

GET
H3 200 cta.png
s0.2mdn.net/sadbundle/18379988480276979511/images/ Frame AFCA 2 KB
2 KB 19ms
17ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/18379988480276979511/images/cta.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18379988480276979511/stylesheets/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a2c20d7d2f5f203300ad6ad2e1c761bf2caf86d55545698712178b669b3917c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18379988480276979511/stylesheets/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 11:50:39 GMT
x-content-type-options: nosniff
age: 504018
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1622
x-xss-protection: 0
last-modified: Tue, 24 Aug 2021 16:58:35 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 07 Mar 2023 11:50:39 GMT

GET
H3 200 cta_hover.png
s0.2mdn.net/sadbundle/18379988480276979511/images/ Frame AFCA 99 B
126 B 18ms
16ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/18379988480276979511/images/cta_hover.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18379988480276979511/stylesheets/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ae829f91c5894fabf92675d9ccf31d618cd5e4d9a518274c532a727d71e8b3ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18379988480276979511/stylesheets/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 11:50:39 GMT
x-content-type-options: nosniff
age: 504018
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 99
x-xss-protection: 0
last-modified: Tue, 24 Aug 2021 16:58:35 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 07 Mar 2023 11:50:39 GMT

GET
H3 200 logo.png
s0.2mdn.net/sadbundle/18379988480276979511/images/ Frame AFCA 6 KB
6 KB 18ms
17ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/18379988480276979511/images/logo.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18379988480276979511/stylesheets/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

15f2f1cf899516c0d7d5a0c71c74b610c2f69c68b4de81503903062c37291ede

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18379988480276979511/stylesheets/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 11:50:38 GMT
x-content-type-options: nosniff
age: 504019
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5895
x-xss-protection: 0
last-modified: Tue, 24 Aug 2021 16:58:35 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 07 Mar 2023 11:50:38 GMT

GET
H2

200

4.js Show response
static.adsafeprotected.com/ Frame 83E3
Redirect Chain

https://fw.adsafeprotected.com/rfw/st/899486/59154197/4.js?ias_dspID=3&ias_campId=15846430&ias_pubId=pub-9355985142493728&ias_chanId=1&ias_placementId=16539433847&bidurl=https://www.starpenstacks.c...
https://static.adsafeprotected.com/4.js

1 KB
1 KB

17ms
10ms

Script
application/javascript

2600:9000:2156:cc00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/4.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9355985142493728&output=html&h=280&slotname=5482577920&adk=2016359606&adf=1497098137&pi=t.ma~as.5482577920&w=349&fwrn=4&fwrnh=100&lmt=1647071471&rafmt=3&psa=0&format=349x280&url=https%3A%2F%2Fwww.starpenstacks.com%2F2020%2F08%2F27%2Ftake-a-look-at-the-most-luxurious-houses-of-the-rich-and-famous-celebrities%2F&flash=0&fwr=0&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647157856905&bpp=1&bdt=250&idt=95&shv=r20220308&mjsv=m202203080101&ptt=9&saldr=aa&abxe=1&prev_fmts=400x280%2C349x280&correlator=5329026693178&frm=20&pv=1&ga_vid=92319065.1647157857&ga_sid=1647157857&ga_hid=772546249&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=938&ady=447&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C42531398%2C44750773%2C21066428%2C31065469%2C31065531%2C31065575&oid=2&pvsid=3903977396705157&pem=1&tmod=582516174&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=um7L7lmWwD&p=https%3A//www.starpenstacks.com&dtd=98
Protocol: H2
Server: 2600:9000:2156:cc00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 460ff0b1da5bacd95df6905ad1c8df05bdda30aa4189e2fef38b53b6318e42ff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: Un_.8Vp_TKwliNJVsYlZHVB1x_sghLWA
content-encoding: gzip
etag: W/"96e16e7453ae2e6952bc6d2a20ea29f7"
age: 391209
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: PENDING
last-modified: Tue, 01 Mar 2022 19:10:48 GMT
server: AmazonS3
date: Tue, 08 Mar 2022 19:10:49 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
cache-control: max-age=604800
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: CMVUNEQdHNTSac8lbAmQZqvZQmqgW7IQBZVbnvtRXVVmoX_BnSXRgQ==

Redirect headers

pragma: no-cache
date: Sun, 13 Mar 2022 07:50:57 GMT
x-server-name: app13.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/4.js
cache-control: no-cache
content-length: 0
server: nginx

GET
H2 200 sca.17.5.12.js Show response
static.adsafeprotected.com/ Frame 21F7 80 KB
21 KB 77ms
9ms Script
application/javascript 2600:9000:2156:cc00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.5.12.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9355985142493728&output=html&h=280&slotname=5482577920&adk=2016359606&adf=1497098137&pi=t.ma~as.5482577920&w=349&fwrn=4&fwrnh=100&lmt=1647071471&rafmt=3&psa=0&format=349x280&url=https%3A%2F%2Fwww.starpenstacks.com%2F2020%2F08%2F27%2Ftake-a-look-at-the-most-luxurious-houses-of-the-rich-and-famous-celebrities%2F&flash=0&fwr=0&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647157856905&bpp=1&bdt=250&idt=95&shv=r20220308&mjsv=m202203080101&ptt=9&saldr=aa&abxe=1&prev_fmts=400x280%2C349x280&correlator=5329026693178&frm=20&pv=1&ga_vid=92319065.1647157857&ga_sid=1647157857&ga_hid=772546249&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=938&ady=447&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C42531398%2C44750773%2C21066428%2C31065469%2C31065531%2C31065575&oid=2&pvsid=3903977396705157&pem=1&tmod=582516174&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=um7L7lmWwD&p=https%3A//www.starpenstacks.com&dtd=98
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:cc00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 13:58:04 GMT
content-encoding: gzip
age: 2224374
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Thu, 19 Aug 2021 16:31:24 GMT
server: AmazonS3
etag: W/"9304f57298c3834ff107ea7ccb547996"
vary: Accept-Encoding
x-amz-version-id: 9YodSBhG3Q8HTUbQ_WDUpcPK09tSZ5ja
via: 1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: FRA50-C1
content-type: application/javascript
x-amz-cf-id: eWgRzc-150ChKaWs0i-s7YhZSpZa7t_e6R2B1N_ilaRzLRox7597_w==

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 83E3 43 B
216 B 520ms
156ms Image
image/gif 52.33.195.130
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=899486&asId=791cfab5-c3ef-1211-4ba0-8428ef9a4432&tv=%7Bc:6J3SNP,pingTime:-3,time:72,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:19%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:72,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:18,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B66~0%5D,as:%5B66~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:sZWGvyN+11%7C121%7C13%7C141*.899486-59154197%7C1411%7C14121%7C1413%7C15,idMap:141*,rmeas:1,rend:0,renddet:na%7D&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9355985142493728&output=html&h=280&slotname=5482577920&adk=2016359606&adf=1497098137&pi=t.ma~as.5482577920&w=349&fwrn=4&fwrnh=100&lmt=1647071471&rafmt=3&psa=0&format=349x280&url=https%3A%2F%2Fwww.starpenstacks.com%2F2020%2F08%2F27%2Ftake-a-look-at-the-most-luxurious-houses-of-the-rich-and-famous-celebrities%2F&flash=0&fwr=0&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647157856905&bpp=1&bdt=250&idt=95&shv=r20220308&mjsv=m202203080101&ptt=9&saldr=aa&abxe=1&prev_fmts=400x280%2C349x280&correlator=5329026693178&frm=20&pv=1&ga_vid=92319065.1647157857&ga_sid=1647157857&ga_hid=772546249&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=938&ady=447&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C42531398%2C44750773%2C21066428%2C31065469%2C31065531%2C31065575&oid=2&pvsid=3903977396705157&pem=1&tmod=582516174&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=um7L7lmWwD&p=https%3A//www.starpenstacks.com&dtd=98
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.33.195.130 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-33-195-130.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Mar 2022 07:50:58 GMT
x-server-name: dt03.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 83E3 43 B
215 B 518ms
157ms Image
image/gif 52.33.195.130
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=899486&asId=791cfab5-c3ef-1211-4ba0-8428ef9a4432&tv=%7Bc:6J3SNQ,pingTime:-6,time:73,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:73,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:18,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B67~0%5D,as:%5B67~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:sZWGvyN+11%7C121%7C13%7C141*.899486-59154197%7C1411%7C14121%7C1413%7C15,idMap:141*,rmeas:1,rend:0,renddet:na%7D&tpiLookup=ao:www.starpenstacks.com*%2Cgoogleads.g.doubleclick.net*&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9355985142493728&output=html&h=280&slotname=5482577920&adk=2016359606&adf=1497098137&pi=t.ma~as.5482577920&w=349&fwrn=4&fwrnh=100&lmt=1647071471&rafmt=3&psa=0&format=349x280&url=https%3A%2F%2Fwww.starpenstacks.com%2F2020%2F08%2F27%2Ftake-a-look-at-the-most-luxurious-houses-of-the-rich-and-famous-celebrities%2F&flash=0&fwr=0&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647157856905&bpp=1&bdt=250&idt=95&shv=r20220308&mjsv=m202203080101&ptt=9&saldr=aa&abxe=1&prev_fmts=400x280%2C349x280&correlator=5329026693178&frm=20&pv=1&ga_vid=92319065.1647157857&ga_sid=1647157857&ga_hid=772546249&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=938&ady=447&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C42531398%2C44750773%2C21066428%2C31065469%2C31065531%2C31065575&oid=2&pvsid=3903977396705157&pem=1&tmod=582516174&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=um7L7lmWwD&p=https%3A//www.starpenstacks.com&dtd=98
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.33.195.130 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-33-195-130.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Mar 2022 07:50:58 GMT
x-server-name: dt09.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
DATA 200
OK truncated
/ Frame 662D 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bf3b39ff0610db277a53aa832b4ce5170504c9e5f545a669dcf74b1061429fac

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v42/ Frame 98E2 28 KB
28 KB 24ms
9ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v42/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a67d07f733785876b3192826e76f537e2b9dc0be172ce52c773d30d65f712a07

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 22:46:42 GMT
x-content-type-options: nosniff
age: 378255
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28328
x-xss-protection: 0
last-modified: Tue, 01 Mar 2022 21:57:43 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 08 Mar 2023 22:46:42 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 83E3 43 B
215 B 492ms
158ms Image
image/gif 52.33.195.130
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=899486&asId=791cfab5-c3ef-1211-4ba0-8428ef9a4432&tv=%7Bc:6J3SOj,pingTime:-2,time:102,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:308,beZ:310,mfA:311,cmA:313,inA:313,inZ:317,prA:317,prZ:322,si:328,poA:329,poZ:348,cmZ:348,mfZ:348,loA:381,loZ:383,ltA:410,ltZ:410%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:300.250,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:19%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:102,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:18,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B96~0%5D,as:%5B96~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:sZWGvyN+11%7C121%7C13%7C141*.899486-59154197%7C1411%7C14121%7C1413%7C15,idMap:141*,pd:0YtC.internal-nacl-plugin,rmeas:1,rend:0,renddet:na,sinceFw:80,readyFired:true%7D&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9355985142493728&output=html&h=280&slotname=5482577920&adk=2016359606&adf=1497098137&pi=t.ma~as.5482577920&w=349&fwrn=4&fwrnh=100&lmt=1647071471&rafmt=3&psa=0&format=349x280&url=https%3A%2F%2Fwww.starpenstacks.com%2F2020%2F08%2F27%2Ftake-a-look-at-the-most-luxurious-houses-of-the-rich-and-famous-celebrities%2F&flash=0&fwr=0&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647157856905&bpp=1&bdt=250&idt=95&shv=r20220308&mjsv=m202203080101&ptt=9&saldr=aa&abxe=1&prev_fmts=400x280%2C349x280&correlator=5329026693178&frm=20&pv=1&ga_vid=92319065.1647157857&ga_sid=1647157857&ga_hid=772546249&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=938&ady=447&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C42531398%2C44750773%2C21066428%2C31065469%2C31065531%2C31065575&oid=2&pvsid=3903977396705157&pem=1&tmod=582516174&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=um7L7lmWwD&p=https%3A//www.starpenstacks.com&dtd=98
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.33.195.130 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-33-195-130.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Mar 2022 07:50:58 GMT
x-server-name: dt10.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 83E3 0
524 B 245ms
245ms Ping
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjst3ejSCX9MdGmHKGKwHb-j4sPp3TnqQeAO77FmVZD4jFYsEyI0kZi4UHPImj8BRPCf72_wlNiXNyuulUuGiT3VHkuIIN_Ey7CZo9uMU00MYlKEan7pTZ5U-kRtTbR0Cnmnk0BO-o0dtRQ2lZZNgX9V947pP025UMxG-gej8OSGimpJrkMRtRVu3lyDatm79y72D18x2MtHWfXv9nRBn-24n4pcvyqvetoIu53e6rPAskKgb_L4P4ID2WntcfXxK_Wj8jlgLnZ3THNgUsv37LQBEZxbRShNMvubgXidsingfY5fz6XmRo4NXxMtbKZpjuayQawsebvntWaFghHSCYY2s34FxKsTYK63cvXfE0PYpuhRHqN1h0FXWjwH9CHkKMs1VTKQmQDV2A190nxvRvydy2E9ufQc8_pL0XsJJHNIJlE8x3xEnURwnUtbRdtGhScposRj1ixtAzyC1liEkX9k1MFcNMvSrju7yNqGAd6-yKrnv1_Hj4rRhSH6PzUTnn1Q_F9wuH3G6PhgdDlcvwkWbkPb7G68yaZ__kzMkfYGYJkZ5qdERPtkCAULz-___mKG8Q3QL9B9Gay28338CikKlPB518_SrSl-tSD7UugS6Zn8EcTXtcmWWMy-7_wgKn7sYbHKCYBSkWGI03437BFfbELugdjusWKEXZxlPbOhXh5MMo0qPUBner6tSEOaYj5og_GxejB0pTDdlb-gjuq_ciBhTgJki5DLPTkPdoMUvFxhdSuzB6OftHXg62wlhQfypVrYUkMNADBhlDTPhdGcleEg2xjiCyXPUXstXitFHu4bC1xSjEseaxJBpc3ZVgRsMmWEuGyo3ElGSiAALzG62r9Z8vX5RTimHwjFu7c2YDKWBJOUAz3lt4sJzdJvxMHIv94mGP-IsajfmWqW3fIJAAe_zvRiNagYlf1p0j2JpojAjwvQMEZOLUuzHdtvPrFfn85hgcn1Vc6ZEW-Gu2mT72wQK9R8VYCNSS5S71v8BKMD8loVcz0idsB9z4Iz7M7uJvCR1x4Uj-DkiF3i93e6coq0OWMYXAdy5iAIcH99ehHlF6m659ZsgO81_6M1GHW_0bUVLsiISUdW2GwAxIc3xDbAxHwYJKbeG8JwHGJ7GUf4Y1IStaMKPxO-6npkX_CG3vpuc_FQqLHQiU0WJtu4EnY_03mb2aqMlF2HLqZb_IjbD4e6mwpackoN0sg&sai=AMfl-YSrRoEH0dWVEHt6zugrKO7dKC4gauR-7B_a1vvDcxTuxwwbuUYruTj3uSCzuDyipTqzg2wTAXN3uqXXh7XyAUPZQVX2resKt5SNN1-jI8lYRyDwlRN0SoGrLGM0q6TP6w_8&sig=Cg0ArKJSzNjCqVLtMcP1EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=342&vt=11&dtpt=238&dett=3&cstd=86&cisv=r20220308.88581&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&adurl=

Requested by

Host: www.starpenstacks.com
URL: https://www.starpenstacks.com/2020/08/27/take-a-look-at-the-most-luxurious-houses-of-the-rich-and-famous-celebrities/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 13 Mar 2022 07:50:58 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 238A
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

44ms
44ms

Document
text/html

2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sun, 13 Mar 2022 07:50:58 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 13 Mar 2022 07:50:58 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sun, 13 Mar 2022 07:50:57 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 sUHguJaOgo-7uJOhJ406zvaQRdrc_7oCnUaOp60Ji2o.js Show response
pagead2.googlesyndication.com/bg/ Frame B983 35 KB
14 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/sUHguJaOgo-7uJOhJ406zvaQRdrc_7oCnUaOp60Ji2o.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b141e0b8968e828fbbb893a1278d3acef69045dadcffba029d468ea7ad098b6a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 12 Mar 2022 19:55:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 42906
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13820
x-xss-protection: 0
last-modified: Tue, 01 Mar 2022 17:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 12 Mar 2023 19:55:51 GMT

GET
H3 200 sUHguJaOgo-7uJOhJ406zvaQRdrc_7oCnUaOp60Ji2o.js Show response
pagead2.googlesyndication.com/bg/ Frame 032A 35 KB
14 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/sUHguJaOgo-7uJOhJ406zvaQRdrc_7oCnUaOp60Ji2o.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b141e0b8968e828fbbb893a1278d3acef69045dadcffba029d468ea7ad098b6a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 12 Mar 2022 19:55:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 42906
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13820
x-xss-protection: 0
last-modified: Tue, 01 Mar 2022 17:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 12 Mar 2023 19:55:51 GMT

GET
H3 200 reactive_library_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203080101/ 151 KB
54 KB 45ms
44ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203080101/reactive_library_fy2019.js?bust=31065575

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

889110aba20f2c1be48d2cb7f96de23f03d878c0975ea43b92b56429c0727125

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.starpenstacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 13 Mar 2022 07:50:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54939
x-xss-protection: 0
server: cafe
etag: 17893245201782012494
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sun, 13 Mar 2022 07:50:57 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9561 0
20 B 29ms
29ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BsFpNYaItYuXYGM2S7_UP4J-BkAgAAAAAOAHgBAI&bg=!GhmlGV3NAAb7UztL-1M7ACkAdvg8WvdgQNWo03ZGWc8Kx6IPDSHcNNlQE96ByUozmG5k14RhpLXiRwIAAADoUgAAAAFoAQeZA0F1xpUMbs_cmjq3u9kPKd_hCGKlWtbgqSmvgt8ZgOFPbTrobm6yyqaa6EdawnhllKwlP3K_dZeA3pmGIXZP8is5jSzfHzBqcfKb4M5EQAkw74HpRVigcCeElwDcVF34Zc5j3aecrVkwtzZ3gl-k38NgDx75raDV46xrJUWL7Xh50yrRoadSD0RdcFim0fm-dMkiYVQXggeAgrnsgZgdUtvq38UWECiUO2UhZnUJTVmWA-UF6EK8220Lo5C-iygLVbNoFGVsOpMZyxZKd9nfRaA2YSZzJh11aFpP_QGY6USzLEojmFrJ8Z3vpBaPc61s-6TggSBfZmV2P2dXfgJDwYmkhioeoaLg3f6NjQQ7Dck3vSCaXQ_eqx2Aw9XmOgAEFq-ii41pwAnrIvfrOFo8eV5lzZ1sqvgWjJ_Pl-cL0RLCW88pZhAF0mPpVXcggqIRJ3znFuKlPSo1bS0WlB397dXdMnsviyjaazBP_aLpPa1khLzQWQ7kIvoaMpvBOjVi9on8u4mvo33gzrULT_igMrEA0v7hTVGh0xOGfjOpOVtvyylEPZxUnZNmKk0vkGogM-_QIYJJUuhkB2qZbUbLssMtxBEjUkGGuMMD1iLyhp9GEqvoskIeSnXJE8Nn2Vcc2oa3xOen8c349JBcgd2CvlbswTeLu7HUbAZo94OzDVSuow_x3Uu_QZM8u_22tWhUyXx8vP9MdavRCYZWYNEfZUdet3n7QuAuf3T8HWLpzQcffa9h6QGFFDIVJy30Sb4nFerYhXMy3UMFZ_YDuam3-5EzOGnLq1gDyl2mBujqXhhXNExPob0oNbt5xxcrb8GLpYTFRotOnRe03HmdWV-H1yJDyXQEjh-qc8Q3gXpzOvTmSrBEwiZpw2aE6khNBBrCSadb3ZdLh9Mbq8LpK8zTjDu4IZB16gJifgC2QHkNff6uwVKEBz0pZ8YFbgIzbWd9ZufRcnAhFjhl3xj2Q3hq-9Np9S_LnBczYSws_YPinNXs24B7LwTXj8Ni5kCkPOfgW10nGcYUdecu5sAp4zK_0-rnezYFzeiHQvNB5cs4-xK34uPBh1xY9nEFM4qHBh3qETsHyWl0NlllgFts0yRX32bioA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Mar 2022 07:50:57 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 316ms
15ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.starpenstacks.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.starpenstacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 13 Mar 2022 07:50:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 34ms
18ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.starpenstacks.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.starpenstacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 13 Mar 2022 07:50:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220308/r20110914/ Frame C079 10 KB
4 KB 7ms
6ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220308/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0ce5fc08d0f617e71e1d61bcd79fc7cc1855f4221945b0c09ac774685fe7f52c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.starpenstacks.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4502
x-xss-protection: 0
date: Sun, 13 Mar 2022 01:30:53 GMT
expires: Sun, 27 Mar 2022 01:30:53 GMT
cache-control: public, max-age=1209600
age: 22805
etag: 4044455266028820542
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame C079 0
0 57ms
57ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstoHjhcZKIGrIqWXcUrEXHDq_qoh-g3BrmN1ijL6vK7Mik1KGrp_17e71XY5HKsOLiXBT26N5Rwa1huQFZm7AtswNUNOp1BVRA83_VQ33EooWBgj1dK1fWSPcEc9v2cEM24OLayIORzYBdHByX5N-_31F7ZVBs72VdDj_X4GbGYz8iuDWZrBONoXOnQi3H1L3ZkLtZVResYBzKU180q21MbqIJNNkFlSat6qcdii7M_O_nxL92PTHHHPDHCdzKcEtI51Vk2rIKyoCzXlGSduI7KFME5bCuGhzBQWdqBI0mgtVfmg37nFjXU1dsCNwa_RdxCisvWL2BduiAUBzKmg5XGYgrsqSVyKiZHMtFuz2nwhEguYH14cFm-DBfmpRnBfu1B34bdb9sxj7bVHuXb8HHcH4q4-2vsW-GKOY7rEjImbdllwlwsb8n6CfGsq16kvpYCLVMDbZ5Pq7SvdRONWC8hwk24WI7aQoecWwECHcpJW3oC2mJjdlUYXs4Xzi-9K9Inyg8OqEL1ad_qJ6yl6pzcAJTRYrD9_wGblwjVOabJwwTqlgVK8OG0FcVPtkQkY7rYK6umTW-7A0PKvDR_VcdouHRc2JkFaGXCiJy8gosanhsRR0nK9QNwwTfnTYUENoBzbHr6KyGM6jPRu7zHN6OViutWDEF_BAF807R4lz-BUTWFIL1LEfPtzsBGaZQB1OBKQ4N-xTavET9JbeP9_gzhiv2w8IrfHJHQnLP8vhLHaTlFsG97Z4XFtuM7_4OFCjQEw945FScEhCszGP0TRA_xoP_zaO5awD5SYiScqa0Ddij7lUbqWi4UTS1Khnl5IBm_citsG270QoCFYvpl4NUTat-Dm48WRnXJq8LniqHgMyHDjV7BJnLkOuXB9gfkhN4SoaPr-jNnQl39Cp3s9UTC0kH93eUj3NBb00zzHqbfyAdHzlE3Dl1bnW-SfJH6dfboXJabsQuO8fK53Zprgm_3IPx4zN7LqmsbVZoMiUMlbT_pHLlHoAjWOPQ9IZlN8cgQqqwX8hr3cAamgQ6G-ulJ1B8uorEiLsViU-MRvfaUzeni9KhcpAHbgV2uAcYUDNzL8OgjSH-xKuacDXaMNj6Eze-lkNAcg7EpW-Jq9EdKEp2IXB2J2UKgZodRbXg_IjM0Uqf8ZQ&sai=AMfl-YTmfu9HlrojjWX-PwvcYCte0LThD-rahHoWZBUh2SZ54M8GmcjJ8h0koA&sig=Cg0ArKJSzDA4753YrhBhEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=

Requested by

Host: www.starpenstacks.com
URL: https://www.starpenstacks.com/2020/08/27/take-a-look-at-the-most-luxurious-houses-of-the-rich-and-famous-celebrities/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Sun, 13 Mar 2022 07:50:58 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame C079 41 KB
15 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: www.starpenstacks.com
URL: https://www.starpenstacks.com/2020/08/27/take-a-look-at-the-most-luxurious-houses-of-the-rich-and-famous-celebrities/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 13:19:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 153096
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 11 Mar 2023 13:19:22 GMT

GET
H3 200 m_js_controller_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220308/r20110914/client/ Frame C079 32 KB
13 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220308/r20110914/client/m_js_controller_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220308/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

684506d9d8135537d90392d008a89c4b57a6878ab17f88d66153a630bbe773dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 13 Mar 2022 07:25:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1530
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13100
x-xss-protection: 0
server: cafe
etag: 17326570059298415575
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 27 Mar 2022 07:25:28 GMT

GET
H3 200 6203344233233535073
s0.2mdn.net/simgad/ Frame C079 12 KB
12 KB 8ms
8ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/6203344233233535073

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220308/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a4f2f49549fbb5721574523e7861740eac3ce89da67816caeac20aa96ff84ee9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 12 Mar 2022 07:42:15 GMT
x-content-type-options: nosniff
age: 86923
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12298
x-xss-protection: 0
last-modified: Tue, 03 Aug 2021 22:12:28 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 12 Mar 2023 07:42:15 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220308/r20110914/client/ Frame C079 2 KB
1 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220308/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220308/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 13 Mar 2022 07:45:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 339
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1233
x-xss-protection: 0
server: cafe
etag: 16517525077337815633
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 27 Mar 2022 07:45:19 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220308/r20110914/client/ Frame C079 15 KB
6 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220308/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220308/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fdecda5ee87b28e579c5b61ef0f86e7fff85c838ff0a06450feee13a5877ed0b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 13 Mar 2022 07:26:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1482
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6397
x-xss-protection: 0
server: cafe
etag: 14404976697706490601
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 27 Mar 2022 07:26:16 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C079 117 KB
36 KB 25ms
25ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220308/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ec068031a38f2d97255ddf90e6d75a5538a3b0ea29510482d1909c5a1a10ad74

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 13 Mar 2022 07:50:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36343
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1646830771070120"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 13 Mar 2022 07:50:58 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220308/r20110914/ Frame C079 19 KB
8 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220308/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220308/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d7e3f3f9a87439492d58ee8a90cdc8741bd44e9f5ebc5a1be461ded2df7a155e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 13 Mar 2022 07:48:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 144
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7865
x-xss-protection: 0
server: cafe
etag: 17470246482903461409
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 27 Mar 2022 07:48:34 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 83E3 43 B
215 B 241ms
158ms Image
image/gif 52.33.195.130
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=899486&asId=791cfab5-c3ef-1211-4ba0-8428ef9a4432&tv=%7Bc:6J3SSl,time:352,type:e,im:%7Bpci:%7Btdr:129%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:352,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:18,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B346~0%5D,as:%5B346~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:sZWGvyN+11%7C121%7C13%7C141*.899486-59154197%7C1411%7C14121%7C1413%7C15,idMap:141*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf%7D&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9355985142493728&output=html&h=280&slotname=5482577920&adk=2016359606&adf=1497098137&pi=t.ma~as.5482577920&w=349&fwrn=4&fwrnh=100&lmt=1647071471&rafmt=3&psa=0&format=349x280&url=https%3A%2F%2Fwww.starpenstacks.com%2F2020%2F08%2F27%2Ftake-a-look-at-the-most-luxurious-houses-of-the-rich-and-famous-celebrities%2F&flash=0&fwr=0&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647157856905&bpp=1&bdt=250&idt=95&shv=r20220308&mjsv=m202203080101&ptt=9&saldr=aa&abxe=1&prev_fmts=400x280%2C349x280&correlator=5329026693178&frm=20&pv=1&ga_vid=92319065.1647157857&ga_sid=1647157857&ga_hid=772546249&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=938&ady=447&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C42531398%2C44750773%2C21066428%2C31065469%2C31065531%2C31065575&oid=2&pvsid=3903977396705157&pem=1&tmod=582516174&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=um7L7lmWwD&p=https%3A//www.starpenstacks.com&dtd=98
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.33.195.130 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-33-195-130.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Mar 2022 07:50:58 GMT
x-server-name: dt08.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame F505 22 KB
8 KB 7ms
7ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 11 Mar 2022 13:19:22 GMT
expires: Sat, 11 Mar 2023 13:19:22 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: text/html
age: 153096
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame C079 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44c2f5dbeaa1b33eea2377ac66043400b36a1f748f0b58fd2580dccab1954091

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 sUHguJaOgo-7uJOhJ406zvaQRdrc_7oCnUaOp60Ji2o.js Show response
pagead2.googlesyndication.com/bg/ Frame F505 35 KB
14 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/sUHguJaOgo-7uJOhJ406zvaQRdrc_7oCnUaOp60Ji2o.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b141e0b8968e828fbbb893a1278d3acef69045dadcffba029d468ea7ad098b6a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 12 Mar 2022 19:55:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 42907
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13820
x-xss-protection: 0
last-modified: Tue, 01 Mar 2022 17:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 12 Mar 2023 19:55:51 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 83E3 43 B
215 B 284ms
283ms Image
image/gif 52.33.195.130
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=899486&asId=791cfab5-c3ef-1211-4ba0-8428ef9a4432&tv=%7Bc:6J3SU8,pingTime:-10,time:463,type:s,mvn:ZnNjPTEyLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNS4xMnYxMjAwfHwxNjAwfHwxfHwxfHwyNHx8MTIwMHx8MHx8MHx8MXx8bGFuZHNjYXBlLXByaW1hcnl8fDI0fHw0LzN8fDQvM3x8MHx8MTYwMA--,no:MTcuNS4xMnZNb3ppbGxhfHxOZXRzY2FwZXx8bnx8bnx8MHx8bnx8TGludXggeDg2XzY0fHxHZWNrb3x8MjAwMzAxMDd8fDB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS85OS4wLjQ4NDQuNTEgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.5.12v220002022000220000022002220000022220200000222200022220002022022022222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022202220020222202000220000222202222202222000002002002222222202220022202200022002220222202,asp:1647157858152%7C%7C571b65ba268cafeb03e9ffef630cb75e%7C%7C6b9a00393fb1607b0ada13520f814ab5%7C%7Ca5c59897f5f50a831edc3c7d8c35432e%7C%7C6caae4e5492e520a57eb3f57f9c411f9%7C%7C151c867117a89b593b20c3be615b7294%7C%7C26494a377febc3914844057d05632037%7C%7C260addeac8584972266b631e1bfccde0%7C%7C1629390669%7D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9355985142493728&output=html&h=280&slotname=5482577920&adk=2016359606&adf=1497098137&pi=t.ma~as.5482577920&w=349&fwrn=4&fwrnh=100&lmt=1647071471&rafmt=3&psa=0&format=349x280&url=https%3A%2F%2Fwww.starpenstacks.com%2F2020%2F08%2F27%2Ftake-a-look-at-the-most-luxurious-houses-of-the-rich-and-famous-celebrities%2F&flash=0&fwr=0&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647157856905&bpp=1&bdt=250&idt=95&shv=r20220308&mjsv=m202203080101&ptt=9&saldr=aa&abxe=1&prev_fmts=400x280%2C349x280&correlator=5329026693178&frm=20&pv=1&ga_vid=92319065.1647157857&ga_sid=1647157857&ga_hid=772546249&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=938&ady=447&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C42531398%2C44750773%2C21066428%2C31065469%2C31065531%2C31065575&oid=2&pvsid=3903977396705157&pem=1&tmod=582516174&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=um7L7lmWwD&p=https%3A//www.starpenstacks.com&dtd=98
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.33.195.130 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-33-195-130.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Mar 2022 07:50:58 GMT
x-server-name: dt12.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame F505 0
20 B 31ms
31ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bcdg-YaItYoGIAqbD7_UP_eWDsAkAAAAAOAHgBAI&bg=!kZKlktbNAAb7UztL-1M7ACkAdvg8Wh6phqXkq1X2UKP7sa_sQAURZCeqw-3bXdJc2ISFqKWrEFGlEAIAAAB7UgAAAANoAQeZAxDB0xJ46JuVuTHGNspBK6YBmjGgxrmSVptYx-qiv4mJV4AThZiLvb2mV1FfQKAm5j-RdfZKn0H_FXsbqtbYAlHy2TD-k864sjBX23Z8Q-R-Vw1DWWbCnaczWRcZsrS9D-4UzETutjQ9L64CoYXLxuJ9tomNoFOq4xlawrZRHk-uBylYuDcJKV5pV4DTAIJkZGxs_pmTQDTdIJW2oUq9SA8N8JU06P3Hzah1orK_KemFW4B2lTQaLYbfEKh9KzLWn8rGAz0OXYYP2uSiEhnbOfF8q3aVa7IEmfRbbGOgM91UQLQQkhBp39nYjGK9EsT7TFEzZtvjdpbde4NNV8hwZ-6a9t4L7sHe4j53VYhX7saIBgpZhpsLXNaLnSXo6cDqk9HWz_KMLIhatEjuJ43aWYP3cistfdFWz38j4CVLx6ezshCWyBPoLSRFg9H24rJ9J92-QCkcc_LoyJG-EysN08urBGgWVNiUdM8NgENtZnESeFXWizLYbgTVYOyMokWt-CoDdzknmpfa3fp9G5oe1gXpjgcE7XmqDeLxhDJxXyo-mgfYs2RAilsCHj9OSfvTHewkOKHuXMHC7pXdWDjgmXErwssFw9_mwI2FpU3A-GDDOTPKCLQBsQup76gVojI8YRlCIuoEv8F1wcTa-Xl7DsvZd1pa56_1PN3iEvFOtuYQmDVsM0NtPnwaxkAtfQvNa3w46ff-jQdNXNbLSdcsH9KluT27kP_IogIc7_wYuNZBe2ryIYspYtVVy4DUP3qMRV3ZznL3t0paMuyw7HW_eK9SMSqBhYp02RdWrvnHd17rEwmecO1-NqH7vI848IPHyY9gYKMYSEcQXMGBcwkiZuj9l7-jDCGgELjxchwCtNfHTRyz1wk21dufKg_KTazEaiPZbuBUhTyEPIm5q-6kQ85b_P2lm9KJFaApPev_xHADizq84zUtn2v85vuYBJ25CBVQTEiwfCmznRnQy-Fq29jl0BN9oCMUXQHTKjuS6OLzrppjBnyLerr5xhTtPoZdBMKBGxebvPJ43CHjX4Ac5ruA

Requested by

Host: www.starpenstacks.com
URL: https://www.starpenstacks.com/2020/08/27/take-a-look-at-the-most-luxurious-houses-of-the-rich-and-famous-celebrities/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Mar 2022 07:50:58 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
10 KB 39ms
23ms XHR
application/json 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220308&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18027607a04ff035eb716b5be37160a43d70b7bda0c1ac99cd16d398935b7de4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.starpenstacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 13 Mar 2022 07:50:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10526
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 27ms
26ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.starpenstacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 13 Mar 2022 07:50:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 13 Mar 2022 07:50:58 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 4B23 13 KB
5 KB 7ms
7ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.starpenstacks.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 12 Mar 2022 22:53:01 GMT
expires: Sun, 12 Mar 2023 22:53:01 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
content-type: text/html
age: 32277
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame E85D 783 B
535 B 35ms
18ms Document
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

aad17f9884a4a46739ebd5a69c898961b08e671f86c29088b8c2df4f377da1aa

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Hm3Rw/PJLzDSc7xeJoi+XA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.starpenstacks.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Sun, 13 Mar 2022 07:50:58 GMT
date: Sun, 13 Mar 2022 07:50:58 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-Hm3Rw/PJLzDSc7xeJoi+XA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 sUHguJaOgo-7uJOhJ406zvaQRdrc_7oCnUaOp60Ji2o.js Show response
pagead2.googlesyndication.com/bg/ Frame 4B23 35 KB
14 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/sUHguJaOgo-7uJOhJ406zvaQRdrc_7oCnUaOp60Ji2o.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b141e0b8968e828fbbb893a1278d3acef69045dadcffba029d468ea7ad098b6a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 12 Mar 2022 19:55:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 42907
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13820
x-xss-protection: 0
last-modified: Tue, 01 Mar 2022 17:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 12 Mar 2023 19:55:51 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame E85D 0
0 61ms
60ms Image
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220308&jk=3903977396705157&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 4B23 0
9 B 7ms
6ms Image
text/plain 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?VE_45A
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 13 Mar 2022 07:50:58 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 98E2 42 B
64 B 29ms
29ms Fetch
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvdqexRDwT8YgG-WJoGmzbUdB54606-iiNp3n6WjBBBp50KZDDG139TJq8s-QkhmR9l7A1VQPJ3xzQRj2J-nSFppjbSYl-ILbADfLZsZgUMXgJgpuJL4g&sai=AMfl-YSrDe2cTEB-mE-CN-bTemI3QgWPwPcbLULY1zmJL5bhYm31LwvDhM2iM9PU1yIy2wgc4K4PUINE8sio&sig=Cg0ArKJSzAICTXxVS3X3EAE&id=lidar2&mcvt=1000&p=0,0,280,349&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220309&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=2171511035&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1647157856998&rpt=854&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Mar 2022 07:50:58 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 83E3 42 B
64 B 30ms
29ms Fetch
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstvDohRfdF1AckxHzZ0nFAR8vxr9ag0vf0BbTaTjv4g3Y-Y0n8t7LUZEzEgKfHvBYMxPpSLoELcjszZzEcb-FlIrQJQKT30D9QFEZ_8nIedMa1Z_AWjFw&sai=AMfl-YRkaSx-eZtiPI26ownS_9QDcKEyXlN1Xzw5qCchDSrQHVdUek55zgiMeUQM_tGB3tp1MNXPQXPbf_81&sig=Cg0ArKJSzIGrf7-e6CotEAE&cid=CAASBORoDGQ&id=lidar2&mcvt=1001&p=0,0,250,300&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20220309&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=2016359606&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1647157857381&rpt=478&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Mar 2022 07:50:58 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 30ms
29ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gda_r20220308&jk=3903977396705157&bg=!6eql6q7NAAb7UztL-1M7ACkAdvg8Wm1p3uBSxFsKiS0Btv8Jt8Jt8l6YTQ2Qst8PbReGUBAfQakDJAIAAABtUgAAAANoAQeZAujaeXuKN3KsVfdEEEpcIxu07lEIsiX7qo0Q2t2C89EtrWuVMPamuOjNh4x07SVqmtwiScTTqmnrAS1z-YzSSRWlPRZAYQXQts8jANpZ5ZxDePTTAdAYFeMHcFmiwO63vp44Um5p-A-1QhXnxHQQa2VX8O6WG9OawdeRwcZO_AXRkuXjuJ5NVf34jek5n6HCBNxnvfINq2ocxPf9Ajss17RNNFkoHc6PwgcDuxn16h52u9RP3P9INIktscaMiOLVytsMvvJooHtZWS48TSROlmudnQjKHTKHHZTERd_hTZo_XzUhak_HMBmW0oqmYXTU1naLlPdf5gGPKN9ygFa92KeCKcMkFrctqWGl4uKkd7x4GpXbROKCNHu1uFJY8U67cHvXj4G1U9fpcM3OX-qrjuxUZbFupGA6mptgl47N8cKoayFCkYqXOmCXHGFtNdXTChJ3YRWHjulrhsZqRkvIF3F7A5iaGKIRWYWVbPX5lLkImwwiESfpUStrgg7P7PzKBmFaVlsHX52F--A12DdU10VVWsowAOU_aAJ9UDMg879drwLprf4qObm823OVIqyC9RR1U9tNDV3cYoYsnAHZIhchyNzlI99uSsLf-04X-idxhfczVtuE6ilDimZy29JQCHDrb2_dh_ebIMbHbGijj7-nOutRv-lgzh3jQsZyLyV0gDBPYWl3d6nv6nus7K2gG50VZ_L81HP0JuT7OEJ0Dh54QaxrCbYMKr9eszSxGvi61EisK97U6cs02CsAFSxVFn52QB1kCpNGj5HwljDOMxEQQxKD0_hTEZ4ZVfU4oU2s-KJiStqtdNcwwQcvAVwFUdZHIxIpQJPBpFZIF3vVXOLitf1x3i5cYq-HlMQe4AhXmWs4VONy-Sid9mzIbzbBZ9JjJ4D991QQeOBS2FnPRja9_MLBqnCUzIV5X5xeJptJM32433t_CjXqFt6cGOil_xYPAo7BoS5NV5RvUKuilVDlqkJwPy89U0U

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.starpenstacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Mar 2022 07:50:59 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame C079 42 B
64 B 29ms
29ms Fetch
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssi-cMj9f4KAajtnJ9mZmd9OedhDtrmZcHFUcYSgU0oFtU5O6IeeyTS7ENlPeznz9l6UGmNE7mBwW4OiTp2osBadTRCUNofRQTK1kweIbvdEGE3QYCU7YRHOyoCeRpxvsfNAR99n7ueWwiOehuBklrirTEdHJGX3GmtJpy1wDJr8Q&sai=AMfl-YT9UldGL6OS38fLwdBr2YUEeNYcmTHixKHNgmyWs6lePKap3H4wCe9Z0D27cztc7wGcWCG7OVQpoKyD&sig=Cg0ArKJSzIK35IF1NHFiEAE&id=lidar2&mcvt=1000&p=0,1,124.25,1006&mtos=0,753,1000,1132,1285&tos=0,753,247,132,153&v=20220309&bin=7&avms=nio&bs=0,0&mc=0.76&if=1&app=0&itpl=20&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1647157858006&rpt=74&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Mar 2022 07:50:59 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 83E3 43 B
215 B 156ms
156ms Image
image/gif 52.33.195.130
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=899486&asId=791cfab5-c3ef-1211-4ba0-8428ef9a4432&tv=%7Bc:6J3TkP,pingTime:1,time:2118,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:19%7D,%7Bpiv:100,vs:i,r:,t:1117%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1001,o:1117,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:18,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1111~0,1~100%5D,as:%5B1112~300.250%5D%7D%7D,%7Bsl:i,t:1117,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1000~100%5D,as:%5B1000~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:288,fm:sZWGvyN+11%7C121%7C13%7C141*.899486-59154197%7C1411%7C14121%7C1413%7C15,idMap:141*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.33.195.130 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-33-195-130.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Mar 2022 07:50:59 GMT
x-server-name: dt01.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 83E3 43 B
215 B 157ms
156ms Image
image/gif 52.33.195.130
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=899486&asId=791cfab5-c3ef-1211-4ba0-8428ef9a4432&tv=%7Bc:6J3TkQ,pingTime:1,time:2119,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:19%7D,%7Bpiv:100,vs:i,r:,t:1117%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1002,o:1117,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:18,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1111~0,1~100%5D,as:%5B1112~300.250%5D%7D%7D,%7Bsl:i,t:1117,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1001~100%5D,as:%5B1001~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:288,fm:sZWGvyN+11%7C121%7C13%7C141*.899486-59154197%7C1411%7C14121%7C1413%7C15,idMap:141*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.33.195.130 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-33-195-130.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Mar 2022 07:50:59 GMT
x-server-name: dt05.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 83E3 43 B
215 B 157ms
157ms Image
image/gif 52.33.195.130
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=899486&asId=791cfab5-c3ef-1211-4ba0-8428ef9a4432&tv=%7Bc:6J3TkQ,pingTime:1,time:2119,type:c,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:19%7D,%7Bpiv:100,vs:i,r:,t:1117%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1002,o:1117,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:18,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1111~0,1~100%5D,as:%5B1112~300.250%5D%7D%7D,%7Bsl:i,t:1117,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1001~100%5D,as:%5B1001~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:288,fm:sZWGvyN+11%7C121%7C13%7C141*.899486-59154197%7C1411%7C14121%7C1413%7C15,idMap:141*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,metricId:publ1,cmr:t%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.33.195.130 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-33-195-130.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Mar 2022 07:50:59 GMT
x-server-name: dt04.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

Verdicts & Comments Add Verdict or Comment

84 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

17 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.starpenstacks.com/	1970-01-20 10:54:13	Name: __gads Value: ID=20963e119436b289-22ef9fc259cd0051:T=1647157857:RT=1647157857:S=ALNI_MY5DIfmo7Atu2PVwIjWocCRECui2w
.starpenstacks.com/	1970-01-20 19:03:49	Name: _ga Value: GA1.2.92319065.1647157857
.starpenstacks.com/	1970-01-20 01:34:04	Name: _gid Value: GA1.2.1865158769.1647157857
.starpenstacks.com/	1970-01-20 01:32:37	Name: _gat_gtag_UA_137392462_9 Value: 1
.doubleclick.net/	1970-01-20 10:54:13	Name: IDE Value: AHWqTUluF_7ao-XBYcD_Hbt7oV8e7dDTWk6s3HdkQmMYNw0nyHB6FVTED26o2kWzSzs
.adnxs.com/	1970-01-20 03:42:13	Name: uuid2 Value: 1152812641600455516
.casalemedia.com/	1970-01-20 10:18:13	Name: CMID Value: Yi2iYXX2j02m2cFJhQ7-SwAA
.casalemedia.com/	1970-01-20 03:42:13	Name: CMPS Value: 3236
.adnxs.com/	1970-01-20 03:42:13	Name: anj Value: dTM7k!M41.D>6NRF']wIg2E>ztFidG!@wnfH8K6pQK`!5=E<L5>xj'1EyTAjAyMM5tj'cjCCf4gZYheAU(2$H'pWNbpRzqF1`b_AP***%E
.casalemedia.com/	1970-01-20 03:42:13	Name: CMPRO Value: 1131
.casalemedia.com/	1970-01-20 01:34:04	Name: CMST Value: Yi2iYWItomEA
at.bahn.de/	1970-01-20 03:42:13	Name: exactag_new_gk Value: f5e3f6819765467b876ea6e927a35b25%7c12.05.2022+07%3a50%3a57
at.bahn.de/	1970-01-20 05:51:49	Name: exactag_new_uk Value: a9fd43ae51c446c6ae17bb02c203c989%7c
at.bahn.de/	1969-12-31 23:59:59	Name: session_session Value: 0b0a19ea2f594e098616ac2e
.casalemedia.com/	1970-01-20 10:18:13	Name: CMRUM3 Value: 2d622da2612760CAESEH7ZlcG9UzoULMhgqohJjms
www.starpenstacks.com/	1970-01-20 01:32:38	Name: outbrain_cid_fetch Value: true
.doubleclick.net/	1970-01-20 01:32:41	Name: DSID Value: NO_DATA

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
ajax.googleapis.com
amplify.outbrain.com
at.bahn.de
cdnjs.cloudflare.com
cm.g.doubleclick.net
dsum-sec.casalemedia.com
dt.adsafeprotected.com
fonts.googleapis.com
fonts.gstatic.com
fw.adsafeprotected.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
pagead2.googlesyndication.com
partner.googleadservices.com
s0.2mdn.net
secure.gravatar.com
static.adsafeprotected.com
tpc.googlesyndication.com
tr.outbrain.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.starpennystocks.com
www.starpenstacks.com
104.79.88.202
142.250.181.226
142.250.186.66
185.33.223.38
2.21.142.172
213.202.235.8
2600:9000:2156:cc00:8:48e:53c0:93a1
2606:4700::6810:135e
2606:4700::6812:30f
2606:4700::6812:b6a
2a00:1450:4001:808::200e
2a00:1450:4001:809::2002
2a00:1450:4001:80e::2002
2a00:1450:4001:80e::200a
2a00:1450:4001:812::2002
2a00:1450:4001:827::2003
2a00:1450:4001:828::2002
2a00:1450:4001:828::2006
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2001
2a00:1450:4001:82a::2004
2a00:1450:4001:82f::2008
2a00:1450:4001:830::200a
2a04:fa87:fffe::c000:4902
34.251.147.149
52.33.195.130
70.42.32.255
00293f3bd14708696dd01108ef21f379e67d72b47e1bc81fd8e5f6c75ba67265
05f0b1a045b59b9c77582261d49937559ca2b145958b131af08efde2acc74add
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0ce5fc08d0f617e71e1d61bcd79fc7cc1855f4221945b0c09ac774685fe7f52c
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
148a7fa5d798e1ab7524244a13fac661e71db6665eeeb6cd63dbe7b2b78ea8c9
15f2f1cf899516c0d7d5a0c71c74b610c2f69c68b4de81503903062c37291ede
17269903bacd549c59f37d2547b6d691da3eb6226eef233c089d9f3841cf312d
18027607a04ff035eb716b5be37160a43d70b7bda0c1ac99cd16d398935b7de4
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
187bd91eb486aeaf273b28c386e84075a9e8795067067a7216e357a16c27d571
19348368fcda9f6e4294df9178e1bf1bddfa15524823d40de77fe1a0d13051ce
1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580
1e046a89bb90f44dadb24f5fdfbe412b5f6d320b790f7317fad956b193234726
1f34de0128557d4cadd7f148902f52b28129833dcf92586863cd6bec113fd7a6
233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c
34cd6ca5ac2b03924176600b5d9c754403d06665a5731eb279515d542cc4ff95
372a3186cdfa2b7a80c939a0496851ab0519c9b8cb656609fb902168ee053a8b
3e4b4d396700e065d5d37bde974840cf2bf19565f8450785f0a869079b86bce9
444bd40a61b1ed0490f6cbbdf3301892bf8ef0715a48e1e2393f6fd1d21042b7
44c2f5dbeaa1b33eea2377ac66043400b36a1f748f0b58fd2580dccab1954091
458fe424a737af83d485e3394e48fd16ffa75628add301b13e9d761f014d7254
460ff0b1da5bacd95df6905ad1c8df05bdda30aa4189e2fef38b53b6318e42ff
47c1bf3e915bada134665a4b468200c4293035d08fed2dd86c59eb263fdac7a0
49a260cd0b490d057e3dac3a99be4e68bb464803268a24484a29dd6cb2fa4dda
4b16f328161f671c5374c717a038def5bba21a4f37cdfb3509cda60ec262cf5f
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4ba1b9960f6bcc2d49080931ddd405a8fda579f905c7094d567d2b5823ae7970
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
512abfd0af424c443f98064c7a76cb739464f558adccb169f45ac436b13c1e08
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
639c4b3a34dd57330d9591241094e01869fbeb6a004e9a09ef6402a6248f1900
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
684506d9d8135537d90392d008a89c4b57a6878ab17f88d66153a630bbe773dc
6b8392173ca44f34c4d5f09ab5e5c64977d66df93688bd9485575794f13c0ee4
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
70cf98ba561293bef6950034448e399a4688e219f5b10d8ba7f511c12a860f5a
754c0c5c601794d13d7fae6c43e2bd7618190a1abd358bacdb1275b8c84b8fc7
7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb
7ba0149c0886d813343423a8e417a6cdc7d0eaecd65f6524cbba3721ec8a9e4f
7e8ef05a55eafab5277e6449520107db94dfb01b497a52f283e7ffa6ee49363d
80a54548354e5b41ccba1a9959b22f19156b25c17cd7bd6c7b8c38394e973b86
889110aba20f2c1be48d2cb7f96de23f03d878c0975ea43b92b56429c0727125
91e73282e24acb3d20167e89e890f18353b36d29d64b1733c2af6374b3b2abfd
932bbf3aa18bc1562e858568516383d0a6a896fc2ffad8a6eb1dc82738cbf2d0
947e22d9ed05fbe3f5ed3c4ee35618a1910a85968f48a22c0277f9936f2eb769
95acd35195b8cc427db9752bac21f184190fb6f9e25b41863c5c83899c1b5ad7
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73
a2c20d7d2f5f203300ad6ad2e1c761bf2caf86d55545698712178b669b3917c2
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4f2f49549fbb5721574523e7861740eac3ce89da67816caeac20aa96ff84ee9
a67d07f733785876b3192826e76f537e2b9dc0be172ce52c773d30d65f712a07
a73d801397f92a7d16ebb9f11e7aef3f7529c70abafab9e08ddfbf632df3162b
aad17f9884a4a46739ebd5a69c898961b08e671f86c29088b8c2df4f377da1aa
ae829f91c5894fabf92675d9ccf31d618cd5e4d9a518274c532a727d71e8b3ef
af1f5cb3d1e915243b98f6cf21eae0d65619cc35aeac806b5ecde99d5618d623
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b141e0b8968e828fbbb893a1278d3acef69045dadcffba029d468ea7ad098b6a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
ba4ac7bdb58b8cbf3b42d2b739618d2b176597ce9d35322f56cb6d6ddbf6662e
bb8c43e915fa64bbb79e036dca9caa6df77a20513469a60a0b7b06a1509638e7
bd8a46d15401b5a78ce7720333fce0c0a669b28846bf9d73c30ce3673ea75a02
bf3b39ff0610db277a53aa832b4ce5170504c9e5f545a669dcf74b1061429fac
c26f1d037a17f6e2f7eb655176a309fcb1496f970788caed199fe32b98603164
c62bfa88f9f0a4618c18d6e6d8fe48cd899662e2d8626b6c34810548ff1d8418
ca7f23edc5a250dd23a0e499b3aa451f9dbc6bafc91faf8da2c7245bb05de1f7
cce577471c2586f3e0c2518fff84a970d33f61491fb8c629341b86f238cf07c0
d03cccb153f5ff0c43b64be73b8c5bfff8b899101e4330409579c14dd8e4089f
d402b35e6e0d996cc57dfb1f40a87b672f1eb4dfe0744da6d9c40b0d26592815
d42f479fee0d02648e199d47016e3c53261cdcef145bbcc9bc33fb3b6da8574f
d498c861fc4b869322cb7379fa35e27e4a8ab0c0823db818eedfc4c6a2c2ceda
d522a5298325cc61cb4110b44769bbcf6cb921d4421446b4580e91e217f9bd18
d7081b1d0b4c2ca10e4ae7d454d7bd1c23701c31fa4390c99d68efc99b30af51
d7e3f3f9a87439492d58ee8a90cdc8741bd44e9f5ebc5a1be461ded2df7a155e
dfc3051af05af9c5512a82d2a98666e1ee8ebc2d0f52f5e5ab6ad095ea6fc758
e16a85bcdcc33ee5244d26c899c81c138d20288163f584962c910802e1f82be9
e2dc5aa0c92c65f2872da99c36c43b2dd869b34bfaba5b089e85a0a697fddfbf
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e955dbd79cdc15285253abeb8a555d34edfde9c9b307160194fad01907ba93c4
ec068031a38f2d97255ddf90e6d75a5538a3b0ea29510482d1909c5a1a10ad74
ec626d1355ef5d84689c88b2ec9e383fa16b0be9c068fe5fc913be061542edbc
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3aeb634608eb94f37c1d8b1425fbb1b02dff11128c38686f0a4b8259bb39511
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
fdd751409b454509052bdc7cc47cd555d3ca7a43991c8764a06c31c6f75fc76f
fdecda5ee87b28e579c5b61ef0f86e7fff85c838ff0a06450feee13a5877ed0b
ff9dca0f110aa2877281fe1d0806e732008c78cc4f14a4b517d6601f96e85fcf

www.starpenstacks.com Open in urlscan Pro 2606:4700::6812:b6a Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

132 Requests

96 %HTTPS

67 %IPv6

20 Domains

29 Subdomains

27 IPs

4 Countries

2029 kBTransfer

4165 kBSize

17 Cookies

0 Outgoing links

Page URL History

Redirected requests

132 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.starpenstacks.com Open in urlscan Pro
2606:4700::6812:b6a Public Scan

Screenshot
Live screenshot

Full Image

132
Requests

96 %
HTTPS

67 %
IPv6

20
Domains

29
Subdomains

27
IPs

4
Countries

2029 kB
Transfer

4165 kB
Size

17
Cookies

132 HTTP transactions
6 data transactions