urlscan.io logo urlscan.io
SecurityTrails logo

www.staradvertiser.com Open in urlscan Pro
34.68.132.100  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.staradvertiser.com/
Submission: On February 20 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 135 IPs in 11 countries across 106 domains to perform 797 HTTP transactions. The main IP is 34.68.132.100, located in Council Bluffs, United States and belongs to GOOGLE, US. The main domain is www.staradvertiser.com. The Cisco Umbrella rank of the primary domain is 112242.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on January 28th 2021. Valid for: a year.
This is the only time www.staradvertiser.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
114 34.68.132.100 15169 (GOOGLE)
15 2600:9000:214... 16509 (AMAZON-02)
6 2606:4700::68... 13335 (CLOUDFLAR...)
11 2a03:5f80:a::... 50952 (DATAIX-AS...)
12 2a06:98c1:312... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
2 2600:9000:213... 16509 (AMAZON-02)
1 2600:9000:231... 16509 (AMAZON-02)
1 104.102.29.148 20940 (AKAMAI-ASN1)
2 2a04:4e42:e00... 54113 (FASTLY)
15 2a00:1450:400... 15169 (GOOGLE)
1 54.221.248.213 14618 (AMAZON-AES)
8 52.217.196.89 16509 (AMAZON-02)
13 34.96.77.232 15169 (GOOGLE)
1 2606:2800:233... 15133 (EDGECAST)
3 99.86.4.125 16509 (AMAZON-02)
2 35.184.218.133 15169 (GOOGLE)
1 19 2a00:1450:400... 15169 (GOOGLE)
2 8 2606:4700::68... 13335 (CLOUDFLAR...)
12 2606:4700::68... 13335 (CLOUDFLAR...)
3 2.18.233.180 16625 (AKAMAI-AS)
16 13.35.250.78 16509 (AMAZON-02)
18 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:224... 16509 (AMAZON-02)
1 18.66.242.20 16509 (AMAZON-02)
1 3 99.86.4.3 16509 (AMAZON-02)
3 2a03:2880:f01... 32934 (FACEBOOK)
3 35.201.96.133 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
9 2a00:1450:400... 15169 (GOOGLE)
10 2a04:4e42::626 54113 (FASTLY)
5 6 2600:9000:214... 16509 (AMAZON-02)
1 2a04:4e42:600... 54113 (FASTLY)
4 34.231.120.176 14618 (AMAZON-AES)
2 4 2a02:2638::1c 44788 (ASN-CRITE...)
4 178.250.0.157 44788 (ASN-CRITE...)
9 2a00:1450:400... 15169 (GOOGLE)
1 143.204.215.116 16509 (AMAZON-02)
4 18.66.248.121 16509 (AMAZON-02)
6 14 52.20.115.1 14618 (AMAZON-AES)
5 99.86.4.86 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
8 2a00:1450:400... 15169 (GOOGLE)
40 142.250.184.226 15169 (GOOGLE)
1 35.166.4.28 16509 (AMAZON-02)
2 35.244.184.131 15169 (GOOGLE)
2 2a04:4e42:200... 54113 (FASTLY)
4 2606:4700::68... 13335 (CLOUDFLAR...)
1 44.194.49.161 14618 (AMAZON-AES)
2 2 185.59.220.193 60068 (CDN77 ^_^)
4 2606:4700:303... 13335 (CLOUDFLAR...)
1 52.160.40.218 8075 (MICROSOFT...)
1 2a00:1450:400... 15169 (GOOGLE)
3 2600:9000:214... 16509 (AMAZON-02)
2 34.202.78.124 14618 (AMAZON-AES)
4 2600:9000:218... 16509 (AMAZON-02)
2 2a04:4e42:200... 54113 (FASTLY)
1 142.250.185.162 15169 (GOOGLE)
1 142.250.185.70 15169 (GOOGLE)
1 2.18.234.190 16625 (AKAMAI-AS)
2 2a00:1450:400... 15169 (GOOGLE)
1 18.65.25.44 16509 (AMAZON-02)
1 2600:9000:224... 16509 (AMAZON-02)
4 3.210.11.204 14618 (AMAZON-AES)
1 54.236.178.185 14618 (AMAZON-AES)
1 3.234.103.215 14618 (AMAZON-AES)
2 2600:9000:231... 16509 (AMAZON-02)
8 151.101.1.194 54113 (FASTLY)
3 99.86.4.124 16509 (AMAZON-02)
1 13 2a00:1450:400... 15169 (GOOGLE)
6 2a03:2880:f11... 32934 (FACEBOOK)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 108.157.4.91 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
10 2a00:1450:400... 15169 (GOOGLE)
1 2a02:26f0:fb:... 20940 (AKAMAI-ASN1)
2 104.111.219.144 16625 (AKAMAI-AS)
2 46.105.202.126 16276 (OVH)
4 2a00:1450:400... 15169 (GOOGLE)
3 2001:4860:480... 15169 (GOOGLE)
1 99.86.4.31 16509 (AMAZON-02)
1 108.157.4.53 16509 (AMAZON-02)
64 2a00:1450:400... 15169 (GOOGLE)
2 2a04:4e42:3::720 54113 (FASTLY)
1 178.250.0.165 44788 (ASN-CRITE...)
1 35.158.25.241 16509 (AMAZON-02)
3 185.33.221.90 29990 (ASN-APPNEX)
1 2602:803:c003... 26667 (RUBICONPR...)
1 213.19.147.42 26120 (RHYTHMONE)
2 216.52.2.39 30282 (AS-INAPCD...)
2 184.31.84.150 16625 (AKAMAI-AS)
1 35.244.159.8 15169 (GOOGLE)
17 20.60.81.107 8075 (MICROSOFT...)
14 2606:4700:303... 13335 (CLOUDFLAR...)
2 141.95.3.9 16276 (OVH)
1 52.30.140.199 16509 (AMAZON-02)
4 3.33.220.150 16509 (AMAZON-02)
1 34.120.133.55 15169 (GOOGLE)
3 2600:1901:0:7... 15169 (GOOGLE)
42 2606:4700:20:... 13335 (CLOUDFLAR...)
25 2a00:1450:400... 15169 (GOOGLE)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
1 1 151.101.130.49 54113 (FASTLY)
4 18 142.250.186.98 15169 (GOOGLE)
1 1 35.186.193.173 15169 (GOOGLE)
2 2 35.190.0.66 15169 (GOOGLE)
6 6 18.156.0.31 16509 (AMAZON-02)
1 2 51.89.9.254 16276 (OVH)
1 2 2001:678:cb4:... 56396 (AMOBEE)
2 2 198.47.127.19 3257 (GTT-BACKB...)
1 1 2600:9000:205... 16509 (AMAZON-02)
2 2 3.127.158.112 16509 (AMAZON-02)
3 2606:4700:20:... 13335 (CLOUDFLAR...)
1 34.120.58.62 15169 (GOOGLE)
1 1 145.239.193.130 16276 (OVH)
1 88.198.250.30 24940 (HETZNER-AS)
1 104.111.239.217 16625 (AKAMAI-AS)
10 46.236.13.147 12703 (PULSANT-AS)
3 143.204.215.33 16509 (AMAZON-02)
1 172.255.62.200 36483 (GOSSAMERT...)
1 2a02:2638::2 44788 (ASN-CRITE...)
1 2a02:2638::18 44788 (ASN-CRITE...)
10 34.242.207.34 16509 (AMAZON-02)
8 2a02:2638:1::3 44788 (ASN-CRITE...)
1 178.250.0.160 44788 (ASN-CRITE...)
3 178.250.0.139 44788 (ASN-CRITE...)
1 178.250.0.162 44788 (ASN-CRITE...)
2 172.217.18.98 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 35.157.246.167 16509 (AMAZON-02)
1 178.162.133.150 60781 (LEASEWEB-...)
1 18.192.208.234 16509 (AMAZON-02)
1 2a02:fa8:8806... 41041 (VCLK-EU-SE)
1 1 185.29.134.244 30419 (MEDIAMATH...)
2 2 37.157.4.25 198622 (ADFORM)
1 35.186.253.211 15169 (GOOGLE)
4 4 84.200.5.215 31400 (ACCELERAT...)
1 78.46.85.162 24940 (HETZNER-AS)
1 46.4.41.145 24940 (HETZNER-AS)
2 3 185.64.190.79 62713 (AS-PUBMATIC)
2 2 104.36.113.107 62713 (AS-PUBMATIC)
1 1 52.46.132.238 16509 (AMAZON-02)
1 52.94.230.46 16509 (AMAZON-02)
1 2a02:26f0:fb:... 20940 (AKAMAI-ASN1)
2 52.94.237.66 16509 (AMAZON-02)
797 135
114    34.68.132.100 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: 100.132.68.34.bc.googleusercontent.com
www.staradvertiser.com
15    2600:9000:214f:da00:13:a391:88c0:21 (United States)

ASN16509 (AMAZON-02, US)
d3plfjw9uod7ab.cloudfront.net
6    2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)
maxcdn.bootstrapcdn.com
11    2a03:5f80:a::b212:e7c0 (Russian Federation)

ASN50952 (DATAIX-AS Peering Ltd., RU)
use.typekit.net
p.typekit.net
12    2a06:98c1:3120::7 (United States)

ASN13335 (CLOUDFLARENET, US)
use.fontawesome.com
2    2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
2    2600:9000:2134:c000:18:1fcd:34f:cdc1 (United States)

ASN16509 (AMAZON-02, US)
static.chartbeat.com
1    2600:9000:2315:8000:1:a3fa:7cc0:93a1 (United States)

ASN16509 (AMAZON-02, US)
content.jwplatform.com
1    104.102.29.148 (Milan, Italy)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a104-102-29-148.deploy.static.akamaitechnologies.com
s.ntv.io
2    2a04:4e42:e00::282 (United States)

ASN54113 (FASTLY, US)
polyfill.io
15    2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    54.221.248.213 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-221-248-213.compute-1.amazonaws.com
staradvertiser-hi.newsmemory.com
8    52.217.196.89 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com
sa-media.s3.amazonaws.com
recruitology-static.s3.amazonaws.com
13    34.96.77.232 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 232.77.96.34.bc.googleusercontent.com
origami.secure.ownlocal.com
1    2606:2800:233:1cb7:261b:1f9c:2074:3c (United States)

ASN15133 (EDGECAST, US)
cdn.cityspark.com
3    99.86.4.125 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-125.fra6.r.cloudfront.net
widgets.recruitology.com
2    35.184.218.133 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: 133.218.184.35.bc.googleusercontent.com
dining.staradvertiser.com
hawaiirenovation.staradvertiser.com
19    2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
8    2606:4700::6810:5814 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
12    2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
3    2.18.233.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com
ads.pubmatic.com
16    13.35.250.78 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-250-78.fra6.r.cloudfront.net
c.amazon-adsystem.com
18    2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
2    2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2600:9000:224a:6600:14:c3e7:6780:93a1 (United States)

ASN16509 (AMAZON-02, US)
aamcftag.aamsitecertifier.com
1    18.66.242.20 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-242-20.dus51.r.cloudfront.net
d2na2p72vtqyok.cloudfront.net
3    99.86.4.3 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-3.fra6.r.cloudfront.net
sb.scorecardresearch.com
3    2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
3    35.201.96.133 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 133.96.201.35.bc.googleusercontent.com
lorenzourban.com
2    2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
9    2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube.com
10    2a04:4e42::626 (United States)

ASN54113 (FASTLY, US)
ssl.p.jwpcdn.com
assets-jpcust.jwpsrv.com
prd.jwpltx.com
6    2600:9000:214f:2e00:1:a3fa:7cc0:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.jwplayer.com
1    2a04:4e42:600::714 (United States)

ASN54113 (FASTLY, US)
mab.chartbeat.com
4    34.231.120.176 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-231-120-176.compute-1.amazonaws.com
jadserve.postrelease.com
4    2a02:2638::1c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
4    178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
9    2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    143.204.215.116 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-116.fra53.r.cloudfront.net
ecdn.analysis.fi
4    18.66.248.121 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-248-121.dus51.r.cloudfront.net
ecdn.firstimpression.io
14    52.20.115.1 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-20-115-1.compute-1.amazonaws.com
trkn.us
5    99.86.4.86 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-86.fra6.r.cloudfront.net
ats.rlcdn.com
3    2a00:1450:4001:827::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
i.ytimg.com
8    2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
40    142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net
securepubads.g.doubleclick.net
partner.googleadservices.com
1    35.166.4.28 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-166-4-28.us-west-2.compute.amazonaws.com
aamcf.aamsitecertifier.com
2    35.244.184.131 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 131.184.244.35.bc.googleusercontent.com
snowplow.ownlocal.com
2    2a04:4e42:200::282 (United States)

ASN54113 (FASTLY, US)
cdn.polyfill.io
4    2606:4700::6810:7eaf (United States)

ASN13335 (CLOUDFLARENET, US)
unpkg.com
1    44.194.49.161 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-194-49-161.compute-1.amazonaws.com
ping.chartbeat.net
2    185.59.220.193 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
PTR: edge-601.bunnyinfra.net
cdn.materialdesignicons.com
4    2606:4700:3036::ac43:9e2a (United States)

ASN13335 (CLOUDFLARENET, US)
rsms.me
1    52.160.40.218 (San Jose, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
p.cityspark.com
1    2a00:1450:400c:c06::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
3    2600:9000:214f:8800:1c:386f:ec80:21 (United States)

ASN16509 (AMAZON-02, US)
d3lcz8vpax4lo2.cloudfront.net
2    34.202.78.124 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-202-78-124.compute-1.amazonaws.com
geoip.instiengage.com
4    2600:9000:2182:8a00:9:78a:e540:93a1 (United States)

ASN16509 (AMAZON-02, US)
auth.instiengage.com
2    2a04:4e42:200::626 (United States)

ASN54113 (FASTLY, US)
assets-jpcust.jwpsrv.com
1    142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net
www.googleadservices.com
1    142.250.185.70 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f6.1e100.net
ad.doubleclick.net
1    2.18.234.190 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-190.deploy.static.akamaitechnologies.com
widgets.outbrain.com
2    2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
1    18.65.25.44 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-65-25-44.lax53.r.cloudfront.net
geo.privacymanager.io
1    2600:9000:224a:e00:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.adsafeprotected.com
4    3.210.11.204 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-210-11-204.compute-1.amazonaws.com
geoip.insticator.com
event.insticator.com
1    54.236.178.185 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-236-178-185.compute-1.amazonaws.com
h99w9l39sa.execute-api.us-east-1.amazonaws.com
1    3.234.103.215 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-234-103-215.compute-1.amazonaws.com
b2c.insticator.com
2    2600:9000:2315:3c00:10:3422:3f00:21 (United States)

ASN16509 (AMAZON-02, US)
df80k0z3fi8zg.cloudfront.net
8    151.101.1.194 (United States)

ASN54113 (FASTLY, US)
confiant-integrations.global.ssl.fastly.net
3    99.86.4.124 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-124.fra6.r.cloudfront.net
cdn.firstimpression.io
13    2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
adservice.google.de
6    2a03:2880:f11c:8083:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    2a00:1450:4001:812::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
static.doubleclick.net
1    2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
yt3.ggpht.com
2    108.157.4.91 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-157-4-91.dus51.r.cloudfront.net
get.s-onetag.com
1    2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
5    2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
10    2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com
ad5918b77947989cf665778909eed784.safeframe.googlesyndication.com
1    2a02:26f0:fb::5f65:5949 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
csp.azureedge.net
2    104.111.219.144 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-219-144.deploy.static.akamaitechnologies.com
secure.cdn.fastclick.net
2    46.105.202.126 (France)

ASN16276 (OVH, FR)
cdn.id5-sync.com
4    2a00:1450:4001:810::2010 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
storage.googleapis.com
3    2001:4860:4802:36::36 (United States)

ASN15169 (GOOGLE, US)
us-central1-kube-ownlocal.cloudfunctions.net
1    99.86.4.31 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-31.fra6.r.cloudfront.net
onetag-geo.s-onetag.com
1    108.157.4.53 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-157-4-53.dus51.r.cloudfront.net
signal-beacon.s-onetag.com
64    2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
cdn.ampproject.org
2    2a04:4e42:3::720 (United States)

ASN54113 (FASTLY, US)
images.unsplash.com
1    178.250.0.165 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.par.vip.prod.criteo.com
bidder.criteo.com
1    35.158.25.241 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-158-25-241.eu-central-1.compute.amazonaws.com
hb.emxdgt.com
3    185.33.221.90 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ib.adnxs.com
1    2602:803:c003:200::31 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
1    213.19.147.42 (United Kingdom)

ASN26120 (RHYTHMONE, US)
tag.1rx.io
2    216.52.2.39 (United States)

ASN30282 (AS-INAPCDN-OCY, US)
ap.lijit.com
2    184.31.84.150 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-31-84-150.deploy.static.akamaitechnologies.com
htlb.casalemedia.com
1    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
firstimpression-d.openx.net
17    20.60.81.107 (San Jose, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
citysparkstorage.blob.core.windows.net
14    2606:4700:3030::6815:251b (United States)

ASN13335 (CLOUDFLARENET, US)
analyticssystems.net
2    141.95.3.9 (France)

ASN16276 (OVH, FR)
PTR: p32.id5-sync.com
id5-sync.com
1    52.30.140.199 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-140-199.eu-west-1.compute.amazonaws.com
id.crwdcntrl.net
4    3.33.220.150 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
1    34.120.133.55 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 55.133.120.34.bc.googleusercontent.com
api.rlcdn.com
3    2600:1901:0:76b9:: (Kansas City, United States)

ASN15169 (GOOGLE, US)
prod-rtb.ad4mat.net
42    2606:4700:20::681a:ad1 (United States)

ASN13335 (CLOUDFLARENET, US)
as.ad4m.at
ad4m.at
assets.ad4m.at
25    2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
2    2606:4700::6812:c05 (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
1    151.101.130.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
18    142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net
cm.g.doubleclick.net
1    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com
gcm.ctnsnet.com
2    35.190.0.66 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com
ads.travelaudience.com
6    18.156.0.31 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
2    51.89.9.254 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip254.ip-51-89-9.eu
onetag-sys.com
2    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
r.turn.com
2    198.47.127.19 (United States)

ASN3257 (GTT-BACKBONE GTT, US)
image6.pubmatic.com
1    2600:9000:2057:9800:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)
s.ad.smaato.net
2    3.127.158.112 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-127-158-112.eu-central-1.compute.amazonaws.com
pixel.advertising.com
3    2606:4700:20::681a:71b (United States)

ASN13335 (CLOUDFLARENET, US)
static-de.ad4mat.net
1    34.120.58.62 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 62.58.120.34.bc.googleusercontent.com
americanhometownmedia.com
1    145.239.193.130 (France)

ASN16276 (OVH, FR)
pv.medialead.de
1    88.198.250.30 (Baienfurt, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.88-198-250-30.clients.your-server.de
pb.media01.eu
1    104.111.239.217 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-239-217.deploy.static.akamaitechnologies.com
www.awin1.com
10    46.236.13.147 (United Kingdom)

ASN12703 (PULSANT-AS, GB)
PTR: 46-236-13-147.servers.dedipower.net
track.webgains.com
3    143.204.215.33 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-33.fra53.r.cloudfront.net
analytics.webgains.io
1    172.255.62.200 (London, United Kingdom)

ASN36483 (GOSSAMERTHREADS, CA)
tradehouse.advertserve.com
1    2a02:2638::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
rtb.fr.eu.criteo.com
1    2a02:2638::18 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
ads.eu.criteo.com
10    34.242.207.34 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-242-207-34.eu-west-1.compute.amazonaws.com
api.webgains.io
8    2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
1    178.250.0.160 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
cat.fr.eu.criteo.com
3    178.250.0.139 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: pix.par.vip.prod.criteo.com
pix.eu.criteo.net
1    178.250.0.162 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
csm.eu.criteo.net
2    172.217.18.98 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s05-in-f98.1e100.net
googleads4.g.doubleclick.net
1    2a00:1450:4001:828::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
1    35.157.246.167 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
c2shb.ssp.yahoo.com
1    178.162.133.150 (Rijswijk, Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-apex.go.sonobi.com
apex.go.sonobi.com
1    18.192.208.234 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-192-208-234.eu-central-1.compute.amazonaws.com
protected-by.clarium.io
1    2a02:fa8:8806:12::1400 (Singapore)

ASN41041 (VCLK-EU-SE, US)
dclk-match.dotomi.com
1    185.29.134.244 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
2    37.157.4.25 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
1    35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com
rtb.openx.net
4    84.200.5.215 (Germany)

ASN31400 (ACCELERATED-IT, DE)
www.telefonica-partner.de
www.lead-alliance.net
1    78.46.85.162 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: nonstopads1.sunbonet.de
partner.o2online.de
1    46.4.41.145 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: nonstopads2.sunbonet.de
partner.blau.de
3    185.64.190.79 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image8.pubmatic.com
2    104.36.113.107 (United States)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
1    52.46.132.238 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
rcm-na.amazon-adsystem.com
1    52.94.230.46 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
ws-na.assoc-amazon.com
1    2a02:26f0:fb:5b5::108 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
images-na.ssl-images-amazon.com
2    52.94.237.66 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
fls-na.amazon-adsystem.com
Apex Domain
Subdomains		 Transfer
116 staradvertiser.com
www.staradvertiser.com — Cisco Umbrella Rank: 112242
dining.staradvertiser.com — Cisco Umbrella Rank: 506142
hawaiirenovation.staradvertiser.com — Cisco Umbrella Rank: 503132
1 MB
94 googlesyndication.com
05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 120
pagead2.googlesyndication.com — Cisco Umbrella Rank: 92
ad5918b77947989cf665778909eed784.safeframe.googlesyndication.com
936 KB
71 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 159
stats.g.doubleclick.net — Cisco Umbrella Rank: 67
ad.doubleclick.net — Cisco Umbrella Rank: 167
googleads.g.doubleclick.net — Cisco Umbrella Rank: 37
static.doubleclick.net — Cisco Umbrella Rank: 309
cm.g.doubleclick.net — Cisco Umbrella Rank: 175
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 276
440 KB
42 ad4m.at
as.ad4m.at — Cisco Umbrella Rank: 1936
ad4m.at — Cisco Umbrella Rank: 1613
assets.ad4m.at — Cisco Umbrella Rank: 33179
2 MB
24 google.com
www.google.com — Cisco Umbrella Rank: 2
adservice.google.com — Cisco Umbrella Rank: 59
38 KB
21 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 250
fonts.googleapis.com — Cisco Umbrella Rank: 35
storage.googleapis.com — Cisco Umbrella Rank: 411
194 KB
21 cloudfront.net
d3plfjw9uod7ab.cloudfront.net
d2na2p72vtqyok.cloudfront.net
d3lcz8vpax4lo2.cloudfront.net
df80k0z3fi8zg.cloudfront.net
643 KB
19 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 263
rcm-na.amazon-adsystem.com — Cisco Umbrella Rank: 24186
fls-na.amazon-adsystem.com — Cisco Umbrella Rank: 5675
200 KB
18 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 146
671 KB
17 windows.net
citysparkstorage.blob.core.windows.net — Cisco Umbrella Rank: 32603
1 MB
17 gstatic.com
www.gstatic.com
fonts.gstatic.com
553 KB
15 ownlocal.com
origami.secure.ownlocal.com — Cisco Umbrella Rank: 52831
snowplow.ownlocal.com — Cisco Umbrella Rank: 71002
555 KB
14 analyticssystems.net
analyticssystems.net — Cisco Umbrella Rank: 9722
8 KB
14 trkn.us
trkn.us — Cisco Umbrella Rank: 2325
10 KB
13 webgains.io
analytics.webgains.io — Cisco Umbrella Rank: 19741
api.webgains.io — Cisco Umbrella Rank: 54493
154 KB
12 criteo.net
static.criteo.net — Cisco Umbrella Rank: 638
pix.eu.criteo.net — Cisco Umbrella Rank: 7678
csm.eu.criteo.net — Cisco Umbrella Rank: 7893
55 KB
12 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 355
mug.criteo.com — Cisco Umbrella Rank: 3197
bidder.criteo.com — Cisco Umbrella Rank: 736
rtb.fr.eu.criteo.com — Cisco Umbrella Rank: 14241
ads.eu.criteo.com — Cisco Umbrella Rank: 7942
cat.fr.eu.criteo.com — Cisco Umbrella Rank: 10187
46 KB
12 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 197
95 KB
12 fontawesome.com
use.fontawesome.com — Cisco Umbrella Rank: 800
273 KB
11 typekit.net
use.typekit.net — Cisco Umbrella Rank: 399
p.typekit.net — Cisco Umbrella Rank: 510
76 KB
10 webgains.com
track.webgains.com — Cisco Umbrella Rank: 41085
388 KB
10 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 429
hbopenbid.pubmatic.com Failed
image6.pubmatic.com — Cisco Umbrella Rank: 582
image8.pubmatic.com — Cisco Umbrella Rank: 543
image2.pubmatic.com — Cisco Umbrella Rank: 752
184 KB
9 youtube.com
www.youtube.com — Cisco Umbrella Rank: 87
760 KB
9 amazonaws.com
sa-media.s3.amazonaws.com — Cisco Umbrella Rank: 300708
recruitology-static.s3.amazonaws.com — Cisco Umbrella Rank: 173547
h99w9l39sa.execute-api.us-east-1.amazonaws.com
348 KB
8 fastly.net
confiant-integrations.global.ssl.fastly.net — Cisco Umbrella Rank: 1485
306 KB
8 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 401
608 KB
7 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 269
c2shb.ssp.yahoo.com — Cisco Umbrella Rank: 654
3 KB
7 google.de
www.google.de — Cisco Umbrella Rank: 6342
adservice.google.de — Cisco Umbrella Rank: 9027
2 KB
7 firstimpression.io
ecdn.firstimpression.io — Cisco Umbrella Rank: 18802
cdn.firstimpression.io — Cisco Umbrella Rank: 19200
374 KB
6 ad4mat.net
prod-rtb.ad4mat.net — Cisco Umbrella Rank: 102176
static-de.ad4mat.net — Cisco Umbrella Rank: 139961
12 KB
6 facebook.com
www.facebook.com — Cisco Umbrella Rank: 97
705 B
6 jwpsrv.com
assets-jpcust.jwpsrv.com — Cisco Umbrella Rank: 2922
137 KB
6 instiengage.com
geoip.instiengage.com — Cisco Umbrella Rank: 22058
auth.instiengage.com — Cisco Umbrella Rank: 18299
51 KB
6 rlcdn.com
ats.rlcdn.com — Cisco Umbrella Rank: 1336
api.rlcdn.com — Cisco Umbrella Rank: 739
188 KB
6 jwplayer.com
cdn.jwplayer.com — Cisco Umbrella Rank: 2192
4 KB
6 bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 610
131 KB
5 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 346
111 KB
5 insticator.com
geoip.insticator.com — Cisco Umbrella Rank: 18637
b2c.insticator.com — Cisco Umbrella Rank: 15780
event.insticator.com — Cisco Umbrella Rank: 15334
4 KB
5 jwpcdn.com
ssl.p.jwpcdn.com — Cisco Umbrella Rank: 2468
235 KB
4 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 295
2 KB
4 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 1505
id5-sync.com — Cisco Umbrella Rank: 493
22 KB
4 s-onetag.com
get.s-onetag.com — Cisco Umbrella Rank: 3054
onetag-geo.s-onetag.com — Cisco Umbrella Rank: 3645
signal-beacon.s-onetag.com — Cisco Umbrella Rank: 3742
23 KB
4 rsms.me
rsms.me — Cisco Umbrella Rank: 14222
449 KB
4 unpkg.com
unpkg.com — Cisco Umbrella Rank: 802
70 KB
4 postrelease.com
jadserve.postrelease.com — Cisco Umbrella Rank: 900
3 KB
4 polyfill.io
polyfill.io — Cisco Umbrella Rank: 1195
cdn.polyfill.io — Cisco Umbrella Rank: 1921
2 KB
3 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 210
3 KB
3 cloudfunctions.net
us-central1-kube-ownlocal.cloudfunctions.net — Cisco Umbrella Rank: 70266
542 B
3 ytimg.com
i.ytimg.com — Cisco Umbrella Rank: 103
47 KB
3 lorenzourban.com
lorenzourban.com — Cisco Umbrella Rank: 231895
27 KB
3 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 126
203 KB
3 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 129
2 KB
3 recruitology.com
widgets.recruitology.com — Cisco Umbrella Rank: 125727
12 KB
3 chartbeat.com
static.chartbeat.com — Cisco Umbrella Rank: 1242
mab.chartbeat.com — Cisco Umbrella Rank: 2250
24 KB
2 lead-alliance.net
www.lead-alliance.net — Cisco Umbrella Rank: 56115
774 B
2 telefonica-partner.de
www.telefonica-partner.de — Cisco Umbrella Rank: 57667
576 B
2 adform.net
c1.adform.net — Cisco Umbrella Rank: 529
1 KB
2 advertising.com
pixel.advertising.com — Cisco Umbrella Rank: 307
934 B
2 turn.com
ad.turn.com — Cisco Umbrella Rank: 653
r.turn.com — Cisco Umbrella Rank: 2694
869 B
2 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 865
483 B
2 travelaudience.com
ads.travelaudience.com — Cisco Umbrella Rank: 21278
760 B
2 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 683
s.tribalfusion.com — Cisco Umbrella Rank: 1640
1 KB
2 openx.net
firstimpression-d.openx.net — Cisco Umbrella Rank: 55494
rtb.openx.net — Cisco Umbrella Rank: 1330
734 B
2 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 427
671 B
2 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 598
1 KB
2 unsplash.com
images.unsplash.com — Cisco Umbrella Rank: 3486
131 KB
2 fastclick.net
secure.cdn.fastclick.net — Cisco Umbrella Rank: 1595
34 KB
2 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 99
partner.googleadservices.com — Cisco Umbrella Rank: 741
16 KB
2 materialdesignicons.com
cdn.materialdesignicons.com — Cisco Umbrella Rank: 19886
1 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 50
79 KB
2 aamsitecertifier.com
aamcftag.aamsitecertifier.com — Cisco Umbrella Rank: 51337
aamcf.aamsitecertifier.com — Cisco Umbrella Rank: 29475
26 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 31
20 KB
2 cityspark.com
cdn.cityspark.com — Cisco Umbrella Rank: 31258
p.cityspark.com — Cisco Umbrella Rank: 19877
23 KB
1 ssl-images-amazon.com
images-na.ssl-images-amazon.com — Cisco Umbrella Rank: 841
74 KB
1 assoc-amazon.com
ws-na.assoc-amazon.com — Cisco Umbrella Rank: 21611
44 KB
1 blau.de
partner.blau.de — Cisco Umbrella Rank: 78720
1 KB
1 o2online.de
partner.o2online.de — Cisco Umbrella Rank: 61847
1 KB
1 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 387
861 B
1 dotomi.com
dclk-match.dotomi.com — Cisco Umbrella Rank: 2478
104 B
1 clarium.io
protected-by.clarium.io — Cisco Umbrella Rank: 1750
345 B
1 jwpltx.com
prd.jwpltx.com — Cisco Umbrella Rank: 2733
82 B
1 sonobi.com
apex.go.sonobi.com — Cisco Umbrella Rank: 1414
851 B
1 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 246
14 KB
1 advertserve.com
tradehouse.advertserve.com — Cisco Umbrella Rank: 68813
1 awin1.com
www.awin1.com — Cisco Umbrella Rank: 14416
702 B
1 media01.eu
pb.media01.eu — Cisco Umbrella Rank: 65528
629 B
1 medialead.de
pv.medialead.de — Cisco Umbrella Rank: 46456
680 B
1 americanhometownmedia.com
americanhometownmedia.com — Cisco Umbrella Rank: 44737
104 KB
1 smaato.net
s.ad.smaato.net — Cisco Umbrella Rank: 659
440 B
1 ctnsnet.com
gcm.ctnsnet.com — Cisco Umbrella Rank: 36433
511 B
1 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 491
537 B
1 crwdcntrl.net
id.crwdcntrl.net — Cisco Umbrella Rank: 1645
342 B
1 1rx.io
tag.1rx.io — Cisco Umbrella Rank: 1196
178 B
1 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 436
1 KB
1 emxdgt.com
hb.emxdgt.com — Cisco Umbrella Rank: 1568
164 B
1 azureedge.net
csp.azureedge.net — Cisco Umbrella Rank: 29080
61 KB
1 ggpht.com
yt3.ggpht.com — Cisco Umbrella Rank: 213
6 KB
1 adsafeprotected.com
static.adsafeprotected.com — Cisco Umbrella Rank: 502
482 B
1 privacymanager.io
geo.privacymanager.io — Cisco Umbrella Rank: 1451
591 B
1 outbrain.com
widgets.outbrain.com — Cisco Umbrella Rank: 1281
3 KB
1 chartbeat.net
ping.chartbeat.net — Cisco Umbrella Rank: 1099
201 B
1 analysis.fi
ecdn.analysis.fi — Cisco Umbrella Rank: 22291
2 KB
1 newsmemory.com
staradvertiser-hi.newsmemory.com — Cisco Umbrella Rank: 276221
38 KB
1 ntv.io
s.ntv.io — Cisco Umbrella Rank: 3166
115 KB
1 jwplatform.com
content.jwplatform.com — Cisco Umbrella Rank: 3014
43 KB
0 insiderdata360online.com Failed
insiderdata360online.com Failed
797 106
Domain Requested by
114 www.staradvertiser.com www.staradvertiser.com
cdnjs.cloudflare.com
59 tpc.googlesyndication.com securepubads.g.doubleclick.net
05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com
www.staradvertiser.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
ad5918b77947989cf665778909eed784.safeframe.googlesyndication.com
39 securepubads.g.doubleclick.net www.googletagservices.com
cdnjs.cloudflare.com
www.staradvertiser.com
05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com
d3lcz8vpax4lo2.cloudfront.net
securepubads.g.doubleclick.net
25 pagead2.googlesyndication.com 05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com
ecdn.firstimpression.io
pagead2.googlesyndication.com
tpc.googlesyndication.com
www.staradvertiser.com
www.googletagservices.com
googleads.g.doubleclick.net
securepubads.g.doubleclick.net
ad5918b77947989cf665778909eed784.safeframe.googlesyndication.com
cdnjs.cloudflare.com
19 www.google.com 1 redirects www.staradvertiser.com
www.gstatic.com
www.youtube.com
www.google.com
securepubads.g.doubleclick.net
05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
ad5918b77947989cf665778909eed784.safeframe.googlesyndication.com
18 assets.ad4m.at as.ad4m.at
18 cm.g.doubleclick.net 4 redirects 05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com
www.staradvertiser.com
ad5918b77947989cf665778909eed784.safeframe.googlesyndication.com
18 www.googletagservices.com www.staradvertiser.com
securepubads.g.doubleclick.net
05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com
googleads.g.doubleclick.net
ad5918b77947989cf665778909eed784.safeframe.googlesyndication.com
17 citysparkstorage.blob.core.windows.net www.staradvertiser.com
16 c.amazon-adsystem.com www.staradvertiser.com
c.amazon-adsystem.com
cdnjs.cloudflare.com
srcdoc
ecdn.firstimpression.io
15 fonts.googleapis.com www.staradvertiser.com
widgets.recruitology.com
cdnjs.cloudflare.com
origami.secure.ownlocal.com
client
05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com
15 d3plfjw9uod7ab.cloudfront.net www.staradvertiser.com
securepubads.g.doubleclick.net
05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com
14 analyticssystems.net www.staradvertiser.com
05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com
14 trkn.us 6 redirects www.staradvertiser.com
13 origami.secure.ownlocal.com www.staradvertiser.com
origami.secure.ownlocal.com
cdnjs.cloudflare.com
12 ad4m.at as.ad4m.at
ad4m.at
12 as.ad4m.at 05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com
as.ad4m.at
ad4m.at
ad5918b77947989cf665778909eed784.safeframe.googlesyndication.com
12 cdnjs.cloudflare.com www.staradvertiser.com
origami.secure.ownlocal.com
widgets.recruitology.com
cdnjs.cloudflare.com
cdn.cityspark.com
ads.eu.criteo.com
12 use.fontawesome.com www.staradvertiser.com
use.fontawesome.com
cdnjs.cloudflare.com
10 api.webgains.io analytics.webgains.io
10 track.webgains.com as.ad4m.at
9 googleads.g.doubleclick.net 1 redirects www.googleadservices.com
www.youtube.com
www.staradvertiser.com
pagead2.googlesyndication.com
googleads.g.doubleclick.net
9 www.gstatic.com www.google.com
www.gstatic.com
www.youtube.com
05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com
9 www.youtube.com www.staradvertiser.com
www.youtube.com
8 static.criteo.net ads.eu.criteo.com
8 05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com securepubads.g.doubleclick.net
confiant-integrations.global.ssl.fastly.net
www.staradvertiser.com
8 confiant-integrations.global.ssl.fastly.net d3lcz8vpax4lo2.cloudfront.net
confiant-integrations.global.ssl.fastly.net
www.staradvertiser.com
8 fonts.gstatic.com fonts.googleapis.com
www.youtube.com
www.google.com
8 cdn.jsdelivr.net 2 redirects www.staradvertiser.com
origami.secure.ownlocal.com
ecdn.firstimpression.io
cdn.jsdelivr.net
8 use.typekit.net www.staradvertiser.com
use.typekit.net
cdnjs.cloudflare.com
6 ups.analytics.yahoo.com 6 redirects
6 www.facebook.com www.staradvertiser.com
6 assets-jpcust.jwpsrv.com www.staradvertiser.com
6 cdn.jwplayer.com 5 redirects content.jwplatform.com
6 maxcdn.bootstrapcdn.com www.staradvertiser.com
cdnjs.cloudflare.com
5 cdn.ampproject.org confiant-integrations.global.ssl.fastly.net
5 adservice.google.com securepubads.g.doubleclick.net
pagead2.googlesyndication.com
www.staradvertiser.com
5 adservice.google.de securepubads.g.doubleclick.net
pagead2.googlesyndication.com
www.staradvertiser.com
5 ats.rlcdn.com www.staradvertiser.com
ads.pubmatic.com
5 ssl.p.jwpcdn.com content.jwplatform.com
5 sa-media.s3.amazonaws.com www.staradvertiser.com
4 match.adsrvr.org cdnjs.cloudflare.com
05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com
ad5918b77947989cf665778909eed784.safeframe.googlesyndication.com
ads.pubmatic.com
4 storage.googleapis.com www.staradvertiser.com
4 auth.instiengage.com d2na2p72vtqyok.cloudfront.net
auth.instiengage.com
d3lcz8vpax4lo2.cloudfront.net
4 rsms.me origami.secure.ownlocal.com
rsms.me
4 unpkg.com origami.secure.ownlocal.com
4 ecdn.firstimpression.io www.staradvertiser.com
ecdn.firstimpression.io
4 mug.criteo.com www.staradvertiser.com
4 gum.criteo.com 2 redirects
4 jadserve.postrelease.com s.ntv.io
www.staradvertiser.com
3 image8.pubmatic.com 2 redirects www.staradvertiser.com
3 pix.eu.criteo.net ads.eu.criteo.com
3 analytics.webgains.io track.webgains.com
3 static-de.ad4mat.net as.ad4m.at
3 prod-rtb.ad4mat.net 05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com
www.staradvertiser.com
3 ib.adnxs.com ecdn.firstimpression.io
cdnjs.cloudflare.com
3 us-central1-kube-ownlocal.cloudfunctions.net www.staradvertiser.com
3 cdn.firstimpression.io cdnjs.cloudflare.com
ecdn.firstimpression.io
3 d3lcz8vpax4lo2.cloudfront.net d2na2p72vtqyok.cloudfront.net
www.staradvertiser.com
d3lcz8vpax4lo2.cloudfront.net
3 i.ytimg.com www.staradvertiser.com
www.youtube.com
3 recruitology-static.s3.amazonaws.com www.staradvertiser.com
3 lorenzourban.com www.staradvertiser.com
cdnjs.cloudflare.com
3 connect.facebook.net www.staradvertiser.com
connect.facebook.net
3 sb.scorecardresearch.com 1 redirects www.staradvertiser.com
3 p.typekit.net use.typekit.net
client
3 ads.pubmatic.com www.staradvertiser.com
d3lcz8vpax4lo2.cloudfront.net
3 widgets.recruitology.com www.staradvertiser.com
widgets.recruitology.com
cdnjs.cloudflare.com
2 fls-na.amazon-adsystem.com ws-na.assoc-amazon.com
2 image2.pubmatic.com 2 redirects
2 www.lead-alliance.net 2 redirects
2 www.telefonica-partner.de 2 redirects
2 c1.adform.net 2 redirects
2 ad5918b77947989cf665778909eed784.safeframe.googlesyndication.com securepubads.g.doubleclick.net
confiant-integrations.global.ssl.fastly.net
2 googleads4.g.doubleclick.net googleads.g.doubleclick.net
2 pixel.advertising.com 2 redirects
2 image6.pubmatic.com 2 redirects
2 onetag-sys.com 1 redirects 05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com
2 ads.travelaudience.com 2 redirects
2 event.insticator.com cdnjs.cloudflare.com
2 id5-sync.com cdn.id5-sync.com
cdnjs.cloudflare.com
2 htlb.casalemedia.com ecdn.firstimpression.io
cdnjs.cloudflare.com
2 ap.lijit.com ecdn.firstimpression.io
cdnjs.cloudflare.com
2 images.unsplash.com www.staradvertiser.com
2 cdn.id5-sync.com www.staradvertiser.com
2 secure.cdn.fastclick.net www.staradvertiser.com
2 get.s-onetag.com d3lcz8vpax4lo2.cloudfront.net
2 df80k0z3fi8zg.cloudfront.net d3lcz8vpax4lo2.cloudfront.net
2 geoip.insticator.com cdnjs.cloudflare.com
d3lcz8vpax4lo2.cloudfront.net
2 www.google.de www.staradvertiser.com
2 geoip.instiengage.com cdnjs.cloudflare.com
d3lcz8vpax4lo2.cloudfront.net
2 cdn.materialdesignicons.com 2 redirects
2 cdn.polyfill.io origami.secure.ownlocal.com
2 snowplow.ownlocal.com www.staradvertiser.com
2 www.googletagmanager.com www.staradvertiser.com
2 www.google-analytics.com www.staradvertiser.com
www.google-analytics.com
2 polyfill.io www.staradvertiser.com
2 static.chartbeat.com www.staradvertiser.com
2 ajax.googleapis.com www.staradvertiser.com
1 images-na.ssl-images-amazon.com ws-na.assoc-amazon.com
1 ws-na.assoc-amazon.com 05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com
1 rcm-na.amazon-adsystem.com 1 redirects
1 partner.blau.de as.ad4m.at
1 partner.o2online.de as.ad4m.at
1 rtb.openx.net ad5918b77947989cf665778909eed784.safeframe.googlesyndication.com
1 sync.mathtag.com 1 redirects
1 dclk-match.dotomi.com ad5918b77947989cf665778909eed784.safeframe.googlesyndication.com
1 protected-by.clarium.io ad5918b77947989cf665778909eed784.safeframe.googlesyndication.com
1 prd.jwpltx.com www.staradvertiser.com
1 apex.go.sonobi.com cdnjs.cloudflare.com
1 c2shb.ssp.yahoo.com cdnjs.cloudflare.com
1 s0.2mdn.net googleads.g.doubleclick.net
1 csm.eu.criteo.net ads.eu.criteo.com
1 cat.fr.eu.criteo.com ads.eu.criteo.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 ads.eu.criteo.com 05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com
1 rtb.fr.eu.criteo.com 05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com
1 tradehouse.advertserve.com www.staradvertiser.com
1 www.awin1.com as.ad4m.at
1 pb.media01.eu as.ad4m.at
1 pv.medialead.de 1 redirects
1 americanhometownmedia.com www.googletagmanager.com
1 s.ad.smaato.net 1 redirects
1 r.turn.com 05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com
1 ad.turn.com 1 redirects
1 gcm.ctnsnet.com 1 redirects
1 sync-tm.everesttech.net 1 redirects
1 s.tribalfusion.com 05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com
1 a.tribalfusion.com 1 redirects
1 api.rlcdn.com cdnjs.cloudflare.com
1 id.crwdcntrl.net cdnjs.cloudflare.com
1 firstimpression-d.openx.net ecdn.firstimpression.io
1 tag.1rx.io ecdn.firstimpression.io
1 fastlane.rubiconproject.com ecdn.firstimpression.io
1 hb.emxdgt.com ecdn.firstimpression.io
1 bidder.criteo.com ecdn.firstimpression.io
1 signal-beacon.s-onetag.com get.s-onetag.com
1 onetag-geo.s-onetag.com cdnjs.cloudflare.com
1 csp.azureedge.net cdn.cityspark.com
1 yt3.ggpht.com www.youtube.com
1 static.doubleclick.net www.youtube.com
1 b2c.insticator.com d3lcz8vpax4lo2.cloudfront.net
1 h99w9l39sa.execute-api.us-east-1.amazonaws.com cdnjs.cloudflare.com
1 static.adsafeprotected.com www.staradvertiser.com
1 geo.privacymanager.io cdnjs.cloudflare.com
1 widgets.outbrain.com www.staradvertiser.com
1 ad.doubleclick.net www.staradvertiser.com
1 www.googleadservices.com www.googletagmanager.com
1 stats.g.doubleclick.net cdnjs.cloudflare.com
1 p.cityspark.com cdn.cityspark.com
1 ping.chartbeat.net www.staradvertiser.com
1 aamcf.aamsitecertifier.com www.staradvertiser.com
1 ecdn.analysis.fi www.staradvertiser.com
1 mab.chartbeat.com static.chartbeat.com
1 d2na2p72vtqyok.cloudfront.net www.staradvertiser.com
1 aamcftag.aamsitecertifier.com www.staradvertiser.com
1 hawaiirenovation.staradvertiser.com www.staradvertiser.com
1 dining.staradvertiser.com www.staradvertiser.com
1 cdn.cityspark.com www.staradvertiser.com
1 staradvertiser-hi.newsmemory.com www.staradvertiser.com
1 s.ntv.io www.staradvertiser.com
1 content.jwplatform.com www.staradvertiser.com
0 hbopenbid.pubmatic.com Failed cdnjs.cloudflare.com
ecdn.firstimpression.io
0 insiderdata360online.com Failed www.staradvertiser.com
797 163
Subject Issuer Validity Valid
*.staradvertiser.com
Go Daddy Secure Certificate Authority - G2		 2021-01-28 -
2022-03-01		 a year crt.sh
*.cloudfront.net
Amazon		 2021-03-19 -
2022-03-17		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-01-29 -
2023-01-29		 a year crt.sh
use.typekit.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-08-16 -
2022-08-16		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-02-07 -
2022-05-02		 3 months crt.sh
*.chartbeat.com
Thawte RSA CA 2018		 2021-05-20 -
2022-06-03		 a year crt.sh
jwplayer.com
Amazon		 2021-12-29 -
2023-01-25		 a year crt.sh
*.ntv.io
DigiCert SHA2 Secure Server CA		 2021-12-04 -
2022-12-06		 a year crt.sh
polyfill.io
GlobalSign Atlas R3 DV TLS CA 2020		 2021-06-04 -
2022-07-06		 a year crt.sh
*.newsmemory.com
Sectigo RSA Domain Validation Secure Server CA		 2020-03-31 -
2022-03-31		 2 years crt.sh
*.s3.amazonaws.com
DigiCert Baltimore CA-2 G2		 2021-12-13 -
2022-12-13		 a year crt.sh
widget.secure.ownlocal.com
GTS CA 1D4		 2022-01-07 -
2022-04-07		 3 months crt.sh
sni0f49gl.wpc.edgecastcdn.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-23 -
2022-10-24		 a year crt.sh
*.recruitology.com
Amazon		 2021-06-13 -
2022-07-12		 a year crt.sh
www.google.com
GTS CA 1C3		 2022-02-07 -
2022-05-02		 3 months crt.sh
*.pubmatic.com
DigiCert SHA2 Secure Server CA		 2022-02-04 -
2023-02-03		 a year crt.sh
c.amazon-adsystem.com
Amazon		 2021-07-06 -
2022-06-27		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-02-07 -
2022-05-02		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-02-07 -
2022-05-02		 3 months crt.sh
*.aamsitecertifier.com
Amazon		 2021-06-28 -
2022-07-27		 a year crt.sh
*.scorecardresearch.com
Amazon		 2022-01-29 -
2023-02-27		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-11-29 -
2022-02-27		 3 months crt.sh
lorenzourban.com
R3		 2022-01-14 -
2022-04-14		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-02-07 -
2022-05-02		 3 months crt.sh
*.jwplayer.com
GlobalSign Atlas R3 DV TLS CA 2020		 2021-04-20 -
2022-05-22		 a year crt.sh
*.postrelease.com
Amazon		 2021-12-28 -
2023-01-25		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2022-02-07 -
2022-05-02		 3 months crt.sh
analysis.fi
Amazon		 2021-12-04 -
2023-01-01		 a year crt.sh
*.firstimpression.io
Sectigo RSA Domain Validation Secure Server CA		 2021-11-21 -
2022-12-05		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2021-02-25 -
2022-03-28		 a year crt.sh
edgestatic.com
GTS CA 1C3		 2022-02-07 -
2022-05-02		 3 months crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-02-04 -
2022-05-03		 3 months crt.sh
snowplow.ownlocal.com
GTS CA 1D4		 2022-02-18 -
2022-05-19		 3 months crt.sh
*.chartbeat.net
Thawte RSA CA 2018		 2021-12-01 -
2022-12-30		 a year crt.sh
*.cityspark.com
Sectigo RSA Domain Validation Secure Server CA		 2022-02-08 -
2023-03-11		 a year crt.sh
*.instiengage.com
Sectigo RSA Organization Validation Secure Server CA		 2021-05-28 -
2022-05-28		 a year crt.sh
www.googleadservices.com
GTS CA 1C3		 2022-02-07 -
2022-05-02		 3 months crt.sh
trkn.us
Go Daddy Secure Certificate Authority - G2		 2022-01-19 -
2023-02-20		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-02-07 -
2022-05-02		 3 months crt.sh
*.outbrain.com
DigiCert SHA2 Secure Server CA		 2021-05-25 -
2022-06-01		 a year crt.sh
www.google.de
GTS CA 1C3		 2022-02-07 -
2022-05-02		 3 months crt.sh
*.privacymanager.io
Amazon		 2021-09-25 -
2022-10-24		 a year crt.sh
static.adsafeprotected.com
Amazon		 2021-09-05 -
2022-10-04		 a year crt.sh
*.insticator.com
Sectigo RSA Organization Validation Secure Server CA		 2021-08-11 -
2022-08-25		 a year crt.sh
*.execute-api.us-east-1.amazonaws.com
Amazon		 2021-07-22 -
2022-08-20		 a year crt.sh
*.freetls.fastly.net
GlobalSign Atlas R3 DV TLS CA 2020		 2021-04-27 -
2022-05-29		 a year crt.sh
*.googleusercontent.com
GTS CA 1C3		 2022-02-07 -
2022-05-02		 3 months crt.sh
*.s-onetag.com
Amazon		 2022-01-04 -
2023-02-01		 a year crt.sh
*.google.de
GTS CA 1C3		 2022-02-07 -
2022-05-02		 3 months crt.sh
*.azureedge.net
Microsoft RSA TLS CA 01		 2021-10-28 -
2022-10-28		 a year crt.sh
secure.cdn.fastclick.net
DigiCert SHA2 Secure Server CA		 2022-01-15 -
2023-01-17		 a year crt.sh
cdn.id5-sync.com
R3		 2022-02-02 -
2022-05-03		 3 months crt.sh
*.storage.googleapis.com
GTS CA 1C3		 2022-02-07 -
2022-05-02		 3 months crt.sh
misc.google.com
GTS CA 1C3		 2022-02-07 -
2022-05-02		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-02-07 -
2022-05-02		 3 months crt.sh
*.camp-fire.jp
GlobalSign Atlas R3 DV TLS CA 2020		 2021-05-20 -
2022-06-21		 a year crt.sh
*.emxdgt.com
Amazon		 2021-07-02 -
2022-07-31		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-03-30 -
2022-04-04		 a year crt.sh
*.1rx.io
Sectigo RSA Domain Validation Secure Server CA		 2021-06-01 -
2022-07-02		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2021-03-11 -
2022-04-12		 a year crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-12-12 -
2022-12-13		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2021-07-08 -
2022-08-08		 a year crt.sh
*.blob.core.windows.net
Microsoft RSA TLS CA 02		 2021-12-21 -
2022-12-21		 a year crt.sh
*.analyticssystems.net
E1		 2022-02-05 -
2022-05-06		 3 months crt.sh
*.id5-sync.com
R3		 2021-12-20 -
2022-03-20		 3 months crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2		 2021-04-29 -
2022-05-31		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2021-03-18 -
2022-04-19		 a year crt.sh
prod-rtb.ad4mat.net
GTS CA 1D4		 2022-02-19 -
2022-05-20		 3 months crt.sh
www.americanhometownmedia.com
Go Daddy Secure Certificate Authority - G2		 2020-05-10 -
2022-07-09		 2 years crt.sh
www.awin1.com
DigiCert SHA2 Secure Server CA		 2021-06-11 -
2022-06-16		 a year crt.sh
*.webgains.com
Sectigo RSA Domain Validation Secure Server CA		 2021-05-20 -
2022-06-20		 a year crt.sh
*.webgains.io
Amazon		 2022-02-10 -
2023-03-11		 a year crt.sh
misc-sni.google.com
GTS CA 1C3		 2022-02-07 -
2022-05-02		 3 months crt.sh
*.advertserve.com
Go Daddy Secure Certificate Authority - G2		 2021-03-02 -
2022-04-03		 a year crt.sh
*.fr.eu.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-09 -
2022-04-04		 3 months crt.sh
*.eu.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-09 -
2022-04-10		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2022-02-07 -
2022-05-02		 3 months crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-02-02 -
2022-05-03		 3 months crt.sh
*.eu.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-02-03 -
2022-05-02		 3 months crt.sh
web.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-10-14 -
2022-04-06		 6 months crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2		 2021-12-08 -
2023-01-09		 a year crt.sh
protected-by.clarium.io
Gandi Standard SSL CA 2		 2020-04-03 -
2022-04-26		 2 years crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2021-08-10 -
2022-09-11		 a year crt.sh
ws-na.assoc-amazon.com
Amazon		 2022-01-17 -
2023-01-16		 a year crt.sh
images-fe.ssl-images-amazon.com
GeoTrust RSA CA 2018		 2021-09-07 -
2022-09-07		 a year crt.sh
fls-na.amazon-adsystem.com
Amazon		 2021-10-07 -
2022-09-20		 a year crt.sh

This page contains 56 frames:

Primary Page: https://www.staradvertiser.com/
Frame ID: AA2912FF578CE7F888EFBF06D40463AD
Requests: 289 HTTP requests in this frame

Frame: https://www.staradvertiser.com/covid-19-statistics-box/?version=1.20
Frame ID: BEF0CC444B38A0DAB02D15848EFF24A7
Requests: 52 HTTP requests in this frame

Frame: https://www.youtube.com/embed/videoseries?list=PL4hYTOAQ-Qk4ksml-4NKgz3JafpO-tfY-
Frame ID: 429E12B3221A845D421848660D0B14B9
Requests: 18 HTTP requests in this frame

Frame: https://origami.secure.ownlocal.com/origami_unit/production/ares-unit.css
Frame ID: 42E64367872088DFBBE2B5FF16001F30
Requests: 19 HTTP requests in this frame

Frame: https://origami.secure.ownlocal.com/origami_unit/production/ares-unit.css
Frame ID: EA32A5B3DE36B66ED6EACB14C104E2C6
Requests: 19 HTTP requests in this frame

Frame: https://auth.instiengage.com/auth/index.html
Frame ID: 426131F8A1DB5154B3FC80D532658326
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdAlLwUAAAAABkgsamHb8lqNqVqvZQKWYXKl57b&co=aHR0cHM6Ly93d3cuc3RhcmFkdmVydGlzZXIuY29tOjQ0Mw..&hl=de&v=1B_yv3CBEV10KtI2HJ6eEXhJ&size=invisible&cb=3qvs80ej9gs1
Frame ID: 5CF487958BA1015261688EB9D4DA64ED
Requests: 7 HTTP requests in this frame

Frame: https://b2c.insticator.com/v3/pages/usertracking
Frame ID: 6BA0B1B5BF50D79761F1D86C277E0052
Requests: 1 HTTP requests in this frame

Frame: https://c.amazon-adsystem.com/aax2/apstag.js
Frame ID: 6412A6E909566CFAB79BBF47F65BCB96
Requests: 10 HTTP requests in this frame

Frame: https://ecdn.firstimpression.io/static/js/fiamp.js
Frame ID: 6C9F8091194A562F66E6075635E63871
Requests: 17 HTTP requests in this frame

Frame: https://05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 997EE49A6732B727192FFF1A03672233
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 014A6B53BFA3177A67C3486266E9B20D
Requests: 1 HTTP requests in this frame

Frame: https://d3plfjw9uod7ab.cloudfront.net/ad/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Frame ID: 4B2F145E94EDE50AE73EEA168DF6A670
Requests: 11 HTTP requests in this frame

Frame: https://05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: C54B4A4C339A1241258CA8A5DD654238
Requests: 12 HTTP requests in this frame

Frame: https://05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 8641D4C94F572ADED4DD826494E1B9BF
Requests: 12 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 9DDCD625AE92EEF5DBFD6D39F9106380
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1gm74aafdtkg3gh22a7ff0ra6fm4qvhh9t9yfehx8b9p6d8z2hd94grj8m6nk90syfjb8k1gjawzz348x6gzmxqahrp1jaysnts8cng4rzsz8fta4navcbvpvpn16ra0pfej8qkv2h54077kd5cyzc2fcde4sdj3n1crmn68m7wsj2fbn3mcgfj644259f0b1b2tmc9r79s6k00wy8k7kd769dze22vyyv55r1dr00f7var11tc677sv96mdvme0p7ese894vk696m7etfr64ya8b8w0v8vfgdfhad29m6mw6bscc61pvrrhaj1zq6hhpwzczfy2tztndhr3p8ebrymbppxer8dhg50xe85bhe7fp7dkv3v4654ppq8s7a0kjjywe9e7m0w4dbkgkqxsf4dc3c7e229hcvdezy1j0bwksggmk37ebzfrqcv4yw20vc&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCtacfcewRYvavFJGtrASy078okOGBhFy2qMKK8ALAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItMjY5NzY3OTUxODUxNTg4NqABwq7o3QPIAQmpAp0pDB5p_rI-4AIAqAMBqgSeAk_QczSlLdcBlsF-mkzUz9sJadjP1bbZMu-SJiErm0Ekgcgx7gaf_JiipaxC40u6fGOCL7osbGiUwxFGo-mcNGQ0u3Xaj4a7NKeEB9vY7GAF9v20gaOQa1uzod7i4UUB-1SUJEGMqLyEklKC_NYToma5WnT9C--MsaTMvAFr0TsazeJDxEzpz6hED3hj-pwKaEQN6qJx0eJVI0TWPligNQipOvff4z9c62asDrYDe5MDEF8qMpE7m8zj6Ykl3NT0osUtZoeWE2U20SkLYfsNzcm--EkqGrqOu6Jx23g8ZFn3qoWmm9T99EihGo99LBZ8zPDP038kIe8BfTEhTw2uerl04Tj0QtuqfV7NMUuuwOHD_iuuxsS_aozvQ7AlWozgBAGABpmr2p2-gM3fP6AGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0KhLFFwm7eYzkBLWJ74jgP9N0K9w%26client%3Dca-pub-2697679518515886%26adurl%3D
Frame ID: D27A54ACF4033F167728E7AD3A852495
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 684F3C5D8DEAB76CF54EFF5F52A77AFD
Requests: 9 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1ke16xgvvqf80jxazjhvydvva1sa6xzmggxyn4qmfhbyq7q024pjrcpcpsh4wpqy8m917fkyvesp8mvcxjpdn6z8nap49eza5yxwh58v9fgmrzyxcfz1qppmm9hjnqyh6j6j5q6sqa2wr828g7n95ndr4vb3fajmqraet4j3z4w845tqzpqkzzdexses0efzz14aww0efb28tz8mjyh1js4v3hgna4xbfzn0nn5sk7c6zntjfp3c49s7j12wy6x4dkt9yeyttyvbbbd29r5q8dp6qzwfw5ry2acm322fcz2nnzxj9szrbtkbntmvb59m3tzr1pcf7dneyjwd01d0bbqm3xat3vks31m8nkpd3m2xa3v4bdw27z4jzbfyxqbcaqtbfkgkae7c1z02yqjh87y46jnb5ewcpz57a1e5f0w1czxr09b9zh07z4rj65he8d3g&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC0UWocewRYv28FKKhrAS1mIDYDZDhgYRctqjCivACwI23ARABIABglfrwgYwHggEXY2EtcHViLTI2OTc2Nzk1MTg1MTU4ODagAcKu6N0DyAEJqQKdKQweaf6yPuACAKgDAaoEowJP0LTAGp1eMAjeA7AxWk6Ldftu1E0u9r29_BTiBeCDaZbYErho4rF5pVW3kfCmZu7CI5UzL7nmaNrNAAjs7GOxHNez1DXpOJApSezLkQqukjm9iuFrdj2bQNMxYIozCN9N0E5qCbvxwidDuUykfNFDNiQvH6lok3SDxUr1UFheR56cXf2MDg8Y7Vql3AF3BphWFdsaX7MQinNQwBSB39pvrXLl8WNRqj2JoP89C-dD3zMiqJPIPT7MFwe9kuW7AxLK6mMv36zi77ZfBLulg8v5XbGycFMbm8askJCoodH9bG12ZXaB8sAUeXU954OV6hHxVB0EENqi4S3k6JX3ZmvUNfylHn09r23Vooprw44wLBoLOalImA-Uyu_3RfhowDPgSWHgBAGABvCxjeX2iL7sb6AGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2srrs_Ri6zCxnrr-Jf6E0tw1sukw%26client%3Dca-pub-2697679518515886%26adurl%3D
Frame ID: A68524B9B91DB18FE2EDDC1FCBA6FB57
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: C81F1F96D35390B70C0C99F2EF9198C1
Requests: 9 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: E9595F2BEA81A709F35287AB2E94C214
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 1DEE46A6D71FA819BFF59DE08D3659B0
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=15579%2C14044%2C24673&b=RA2hgfQfD4pTkHwH3tQtJgDS9SzTqxTG9x%2CeYET3fVfxBVcjHZHet1teW3swSQT81s7Ew%2CrW4FQf9fd3jTAH7HjtqtBwxuYS8TxmhX4R&f=QM4U4fjf4gRHxH5HYt9CXkWc6S4TqjTj9Y%2CDXEH3fwfbqPS3HmH9twCwAmFxSmT8jsRQE%2CP6rTBfbfRbzh9HjHbtgCPzEHJS9TMYH73A&c=728&d=90&e=Zpz8aSoukkW_pyH7AsfO1rcmHMpMAN9i&g=4270ac2e58bc27e735c845527c0fd0d6%2F16158092447222966745&i=26474%2C25007%2C20430&j=41%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach09_PRIVATKREDIT&r=1645341810790&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1g3za2m7svrm918csnxtczcqpqx7ef43twzbsbnkyg9xcdgnebe65r3yexn5esybksftr51ajtrqsg4yrc4s25dbdb7q7hx9bbvgs2f8z0191hs95c54pr7m1pbsadp3hqzaymp6jwxyqg53134gy0ekhkke3n13bww3z2dg1t3ce2ktbrja7ya69jcscf1kcdvh2e2yh966rzybxk9g2113r8d693jdzfzmdjdmjsj21cyq070q2bt9a4mtzspp99n0n2jq6p4bypg5f7tmntmp%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCtacfcewRYvavFJGtrASy078okOGBhFy2qMKK8ALAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItMjY5NzY3OTUxODUxNTg4NqABwq7o3QPIAQmpAp0pDB5p_rI-4AIAqAMBqgSeAk_QczSlLdcBlsF-mkzUz9sJadjP1bbZMu-SJiErm0Ekgcgx7gaf_JiipaxC40u6fGOCL7osbGiUwxFGo-mcNGQ0u3Xaj4a7NKeEB9vY7GAF9v20gaOQa1uzod7i4UUB-1SUJEGMqLyEklKC_NYToma5WnT9C--MsaTMvAFr0TsazeJDxEzpz6hED3hj-pwKaEQN6qJx0eJVI0TWPligNQipOvff4z9c62asDrYDe5MDEF8qMpE7m8zj6Ykl3NT0osUtZoeWE2U20SkLYfsNzcm--EkqGrqOu6Jx23g8ZFn3qoWmm9T99EihGo99LBZ8zPDP038kIe8BfTEhTw2uerl04Tj0QtuqfV7NMUuuwOHD_iuuxsS_aozvQ7AlWozgBAGABpmr2p2-gM3fP6AGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_0KhLFFwm7eYzkBLWJ74jgP9N0K9w%252526client%25253Dca-pub-2697679518515886%252526adurl%25253D&y=1&z=0
Frame ID: CCECFEAF6E95F6D204B110599FE0BCCC
Requests: 14 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=177536%2C61651%2C175059&b=jEJhEfGfq9Z1TYHEH2t6t4e3QSZSzTRWc8gx%2Cg6mT8frfkpAGaPHbH8t5tzDPhmSQT7Ecdzq%2C6qxtef3fMQx3ueHmHYtkt9VZ6SYS1TqxTVYP&f=x2xsQfAfEJ8VTPHdHztDCmEX9u7S6TkEhVx6%2CBgMSgfPfMJpAaxH6H3tgC37KsjSeTVQSbqg%2CXJjuzfrfKkdJH6H4Het1Cw8APCQSkTK2tKP4&c=300&d=250&e=Zpz8aSoukkW_pyH7AsfO1rcmHMpMAN9i&g=f456c846e026287696fc94f0302a7029%2F12485168588469646935&i=69751%2C24905%2C65915&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach09_PRIVATKREDIT&r=1645341810795&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jjj57z5e3sjcfgxjs0nzsnk5z171k8cgydx4pbzq1mc6h0ch6dwr0vnghxrqnp69ay0ve39jhkkf5raqbqd3m1sz1r5mada8fjhv88y0r2faq44ydxt1gpae07daz5fq006x7shj4za6j8jvjas2vqdg0tz16j827sw4nnw4w8pwe5mrdfm3yp036wk40bkhfwc12x77hd1a0e8semv1rwp3wb72vd7rpksdj22gnjfdcw82frpwket21qtcxxpmvf3jsd3v2cxsvjwr1750pek%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC0UWocewRYv28FKKhrAS1mIDYDZDhgYRctqjCivACwI23ARABIABglfrwgYwHggEXY2EtcHViLTI2OTc2Nzk1MTg1MTU4ODagAcKu6N0DyAEJqQKdKQweaf6yPuACAKgDAaoEowJP0LTAGp1eMAjeA7AxWk6Ldftu1E0u9r29_BTiBeCDaZbYErho4rF5pVW3kfCmZu7CI5UzL7nmaNrNAAjs7GOxHNez1DXpOJApSezLkQqukjm9iuFrdj2bQNMxYIozCN9N0E5qCbvxwidDuUykfNFDNiQvH6lok3SDxUr1UFheR56cXf2MDg8Y7Vql3AF3BphWFdsaX7MQinNQwBSB39pvrXLl8WNRqj2JoP89C-dD3zMiqJPIPT7MFwe9kuW7AxLK6mMv36zi77ZfBLulg8v5XbGycFMbm8askJCoodH9bG12ZXaB8sAUeXU954OV6hHxVB0EENqi4S3k6JX3ZmvUNfylHn09r23Vooprw44wLBoLOalImA-Uyu_3RfhowDPgSWHgBAGABvCxjeX2iL7sb6AGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_2srrs_Ri6zCxnrr-Jf6E0tw1sukw%252526client%25253Dca-pub-2697679518515886%252526adurl%25253D&y=1&z=0
Frame ID: 5179C367F224306D576FA6081D6DC117
Requests: 18 HTTP requests in this frame

Frame: https://05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: DAAB32C5BBD2F2214DDB7E9942072F2B
Requests: 15 HTTP requests in this frame

Frame: https://05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 0F0A16AA64C4B16E5D54160D737DEC09
Requests: 17 HTTP requests in this frame

Frame: https://d3plfjw9uod7ab.cloudfront.net/ad/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Frame ID: 854477C1791FC5C69B7B03861C5889CE
Requests: 12 HTTP requests in this frame

Frame: https://d3plfjw9uod7ab.cloudfront.net/ad/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Frame ID: 12BB8FEFFA32F0025F65D7D07FDBF8CB
Requests: 11 HTTP requests in this frame

Frame: https://d3plfjw9uod7ab.cloudfront.net/ad/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Frame ID: 729FD79A02C2DE8B3271C76B3599D656
Requests: 27 HTTP requests in this frame

Frame: https://d3plfjw9uod7ab.cloudfront.net/ad/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Frame ID: F2453D0D8AFC2C1CB5363122EBCBB80F
Requests: 11 HTTP requests in this frame

Frame: https://05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: E07B4A32A634F91128310B82279BF565
Requests: 16 HTTP requests in this frame

Frame: https://d3plfjw9uod7ab.cloudfront.net/ad/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Frame ID: A51E23DBB89DBF791EBC0BF190ADE834
Requests: 10 HTTP requests in this frame

Frame: https://d3plfjw9uod7ab.cloudfront.net/ad/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Frame ID: ECB4279DE39A5993A9D7FA9C79461E13
Requests: 8 HTTP requests in this frame

Frame: https://d3plfjw9uod7ab.cloudfront.net/ad/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Frame ID: 0A6421968069565960F97683C6897763
Requests: 11 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012202072236000/amp4ads-v0.mjs
Frame ID: E858E7103617539E8FBF2CE7100CD678
Requests: 12 HTTP requests in this frame

Frame: https://05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: B1E94E8254EEBFE50EC0471A5FA5A74F
Requests: 11 HTTP requests in this frame

Frame: https://auth.instiengage.com/auth/index.html
Frame ID: 25C52CD66FB5A1B96E29CAA34BC21D5D
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220216/r20190131/zrt_lookup.html
Frame ID: E548A1BDDFE7BE539482568BE0345407
Requests: 1 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=YhHscgANEGsKd_JPAAcXUKaNS-Su82-AAaMWow&u=%7C3Ae6XUVM5YsCZvO9ZfwGRLGqcLFowTnHs6qvc1hSm2A%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy4hWcTbYRg2vYoe_NV4-wFy2V2s43upahrm1qeVDeAQKUiYWqHKCPkZge7omYNjoQnM8fBorwc3VblsKUOcbG3WjmHU41i2x10lFMkQsgBqx1g0ALP2TEXDFZxMZUSEWn5hMax-Mj0jcaWr06qi9GrPbk3osEm_Yk2wlAohmCyJat5m2S2tx7yN39tr4dtdaqBTfvOchfGX61eW5hHHR-Fap3XFhRoKT6-v1VglpMRZD26lIEq35V7w-7d-Kz6j92a-nDjpjhlQtrztxjKmKCFGkSArKm1-Xei4S-agYp6XTqpOKKuapjBGK9toQXG7CHqYq5o1R6ERhVN0EWGBmcZ2dPMe2VXjDOd4McLhAnwWIf4JuQxq2iMB7AXHw-PahRqHg5D1p5b8w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCkRYXcuwRYuugNM_k3wPQrpzYDcme0rFc1Z2R93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItMzIzODU1NTIxODU4ODQzOaAB1bbS6gPIAQmpAp0pDB5p_rI-4AIAqAMBqgSQAk_QIiYDpTOAkFDpln5z5S7ZETsjP4J7OuTppKobjfeTQxRa8pza14T92YsexYQj7EWCSjGJ4LkL0H1xZj-SdzwUFfS-E949nhTDsxcp4O6iHmPSJ03UruD6xMZdOZAnq7NjgffOSofrw-aB2XwCXof5ZjuO61tP9hNevOlRqey-Audo_YSyoEjbZIl3NO0ENErQPPRSoDcm9ESYnoeTOdOVd5sMwBIn7I1Hl6FmVYNvvBpVnjHSoH1xi0P582OtbAw9WWQRQryi5AEM8wO8aW9kFg1_Dt8jHknEnXWKhBHfBod-GuGWJQ0kOcnahVuVf7iVMaMBKn-j4Z5A4-cb8sQUhP8V71caPjhGYv6_X0xH4AQBgAbVhOaA36Xa8e8BoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YBwEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1vQhiVqWRwKWjZN99kGFLpVSl_og%26client%3Dca-pub-3238555218588439%26adurl%3D
Frame ID: A493704796DDE6DF0BBCB5827B30E336
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-3622156405313063&output=html&h=90&slotname=e1c6b69.f9e07fc&adk=139176089&adf=3713705667&pi=t.ma~as.e1c6b69.f9e07fc&w=728&lmt=1645341812&psa=0&format=728x90&url=https%3A%2F%2Fwww.staradvertiser.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645341812162&bpp=4&bdt=5178&idt=587&shv=r20220216&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5ce8b7f408438eaa%3AT%3D1645341809%3AS%3DALNI_MYPTfGaIPvuRDooZfs1nJVx84JKUQ&correlator=6178148257708&frm=20&pv=2&ga_vid=565048288.1645341808&ga_sid=1645341809&ga_hid=907291583&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=140&ady=3427&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C44756084&oid=2&pvsid=3369027831208136&pem=161&tmod=1865825641&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CpoeEbr%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=33&uci=a!x&btvi=1&fsb=1&xpc=XdTEsGSshm&p=https%3A//www.staradvertiser.com&dtd=601
Frame ID: 3E87F500655D43D2E3161728DB2EDC46
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-3622156405313063&output=html&adk=1812271804&adf=3025194257&lmt=1645341812&plat=1%3A16777216%2C2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&plas=123x990_l%7C123x990_r&format=0x0&url=https%3A%2F%2Fwww.staradvertiser.com%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645341812179&bpp=2&bdt=5195&idt=660&shv=r20220216&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5ce8b7f408438eaa%3AT%3D1645341809%3AS%3DALNI_MYPTfGaIPvuRDooZfs1nJVx84JKUQ&prev_fmts=728x90&nras=1&correlator=6178148257708&frm=20&pv=1&ga_vid=565048288.1645341808&ga_sid=1645341809&ga_hid=907291583&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C44756084&oid=2&pvsid=3369027831208136&pem=161&tmod=1865825641&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=34&uci=a!y&fsb=1&dtd=725
Frame ID: D3E74C2005DB442BB43180CCBA8BF40B
Requests: 1 HTTP requests in this frame

Frame: https://c.amazon-adsystem.com/aax2/apstag.js
Frame ID: AC6710EBC90EF982CA60B99890C3EC0C
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMT39QIQv8Sq9wEYtsXXvgEwAQ&v=APEucNXxZpdfBvHsH7EsIarX9Zj7_TlGgkpiPy7aie5rC1f9HopED2t08NVh6CGf-IQmDRzP72CGZRuDkGVxuJdE2GNURp4xiQ
Frame ID: 4FDFC28F3DBF1A984CD79E9CB504E16D
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 61A7654225A4D793A4E4CB77F5CBC316
Requests: 3 HTTP requests in this frame

Frame: https://ad5918b77947989cf665778909eed784.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: F4EA204D354CEA3B4FCECD3CD4A3E8DE
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: E1FF19EF50D31AFFAC8A59B27C75BF0E
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 0A6744C1ADDB60DADDD7953E29AC403B
Requests: 2 HTTP requests in this frame

Frame: https://ad5918b77947989cf665778909eed784.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 3D390DF3DC6E78B1C07C4EA4517A612A
Requests: 10 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1jnx77bjsg9p9jgfxygamxf4gbkredrex34ryk8azttpx5g6vppq1mfq944m76wpeanz2156h2yjjqvrzzs1rezf126swjf9x28rnzqak6h3be4r6hcxtxafs7hbac38ztjgm5fdh2b38n6kjgeskbtrq7m1n42ehxjp3p1h5ahhw4bg8pxq4mpms8zeq9dzmn871y118syppq53v3g1pw36h87g0nd1qtecbkzc0m0jz6h5xksq7azaaqzqpcca3ws33agshfjkm7f02xa1dbhts5s6x3qnzz4pyt39m0fpaj7gmxqs32m5m405b73y2yb526p5n7fya96cmqvn3c7ts285sf7cht8msvgmcx4pmtfpf83avammeg7dpbvt5v13cbvch5jdrq5kw236n94gvnsn4a4p6vp6q0jmw1c4vsn546sg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC55sidewRYqeBE9fr3wPV2YpIkOGBhFy2qMKK8ALAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItMjY5NzY3OTUxODUxNTg4NqABwq7o3QPIAQmpAp0pDB5p_rI-4AIAqAMBqgSeAk_QJ_dmV3k6IS9mdjaV7dnQPGpVKvhJFWdLAIjKqDPEruad0NgVjBfA9n1z83LkrXNNB4E7VvjrD-Q8h09LzzlEnphiAC0Stq_28y4tzmFvxxk0Vi8F2OniD4aw1O-glwEENjxobgx0V4gbxqSJq_2x0sALmVfCpgwNL7tVSxqUGXHDgae4JN2cSKhnZwK6tlod_9oBIO6rp6x667mmr37wEqRlUWt1SN9gEUi0DQ1ENXXJEAE7JFEiKoakdweWPN0yknAGpCthICTrsitnBC4p0tqWEFvXoxVOPIXc5bN2BGF_el-vtbXBc7B73uxOtM6SavMDvhaLPLlXJob9CSmyo7iNP0-3PdWV9KGjiZHZbOSkM1UHxHgCU6v0Y2zgBAGABoKGjrL8sNmW-gGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_17ZBsO6KkLD31sZCLcM7Ts6926_w%26client%3Dca-pub-2697679518515886%26adurl%3D
Frame ID: E1E48FB446F11D145E7C088994AEFF26
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 9F6E75F8B60C1D2E7AD0B002E13F7BB6
Requests: 9 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: E2E164ED8323EA32F77C2B1BF6D4728A
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=23576%2C167497%2C24673&b=YX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2Cj83uEfZeSqx2KSYHEH2t6tRRJUKTzTxJc9%2CEbGSDfqQSmEDszHAHjt4t48eTqTVT1dc7&f=qDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2CxDwUQfgPSEApdaPHdHztDCRRBUJT6T8ZsA%2CApEhYf9muK2PaAHRH4tMCMA2T7T4T1Ec9&c=728&d=90&e=Zpz8aSoukkW_pyH7AsfO1rcmHMpMAN9i&g=d4383d9a29e6a1a875e6df6bbbde8ebf%2F7468970434274980616&i=20774%2C20773%2C20430&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1645341813823&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jsy4b2r5ve6a337vg5c9fkkxgnq2htmmnztk82x3svyaah64pfcmkt5mc26ctw6a290jjka5wp8xj0cjq7w1cqbgrpgqjpn993w0py2ybj6k6r5faq6qwbmmv82zt9cbfhem8aqym2cxv3b2m90s396502x12fq9ajqxzrj4xea5mjbeaz8n739f3w6cgsyeaj02rzz9p1x9j5d66y5q462fj2g14hkamp3rd1yjnnwy8tf3xd00qm9q0e2r002y60a3xehmf9t3n813rgg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC55sidewRYqeBE9fr3wPV2YpIkOGBhFy2qMKK8ALAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItMjY5NzY3OTUxODUxNTg4NqABwq7o3QPIAQmpAp0pDB5p_rI-4AIAqAMBqgSeAk_QJ_dmV3k6IS9mdjaV7dnQPGpVKvhJFWdLAIjKqDPEruad0NgVjBfA9n1z83LkrXNNB4E7VvjrD-Q8h09LzzlEnphiAC0Stq_28y4tzmFvxxk0Vi8F2OniD4aw1O-glwEENjxobgx0V4gbxqSJq_2x0sALmVfCpgwNL7tVSxqUGXHDgae4JN2cSKhnZwK6tlod_9oBIO6rp6x667mmr37wEqRlUWt1SN9gEUi0DQ1ENXXJEAE7JFEiKoakdweWPN0yknAGpCthICTrsitnBC4p0tqWEFvXoxVOPIXc5bN2BGF_el-vtbXBc7B73uxOtM6SavMDvhaLPLlXJob9CSmyo7iNP0-3PdWV9KGjiZHZbOSkM1UHxHgCU6v0Y2zgBAGABoKGjrL8sNmW-gGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_17ZBsO6KkLD31sZCLcM7Ts6926_w%252526client%25253Dca-pub-2697679518515886%252526adurl%25253D&y=1&z=0
Frame ID: 82BFD4336CFFBC14457804D73FE4394C
Requests: 14 HTTP requests in this frame

Frame: https://05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: FC1B1917705182E71501FBE749113AAB
Requests: 9 HTTP requests in this frame

Frame: https://ws-na.assoc-amazon.com/widgets/cm?o=1&p=12&l=ur1&category=electronics&banner=1RJ5QAT5B55ECPXSXB82&f=ifr&linkID=2315e72a794f1cd0d83054eea5a6da5f&t=cityspark-20&tracking_id=cityspark-20
Frame ID: AEDDB49637E0AD5671C6008A60FD8551
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 0221DCCEBE901883C3C5244D2F0A8BEB
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 8ECBE561C555C5E75A102F8F6728CFF6
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Hawaii News | Honolulu Star-Advertiser

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
  • wp-embed\.min\.js\?ver=([\d.]+)
Overall confidence: 100%
Detected patterns
  • rollbar\.js/([0-9.]+)
Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • chartbeat\.js
Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googleapis\.com/.+webfont
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • /polyfill\.min\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • (?:/([\d.]+))?/slick(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • underscore.*\.js(?:\?ver=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • analytics\.webgains\.io
Overall confidence: 100%
Detected patterns
  • <iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
  • \.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

797
Requests

93 %
HTTPS

43 %
IPv6

106
Domains

163
Subdomains

135
IPs

11
Countries

14843 kB
Transfer

32767 kB
Size

82
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 116
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.staradvertiser.com%2F&domain=www.staradvertiser.com&cw=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=DPMAxXx5OS9pUVVWaUp1MmVZY2szUlJxNTA0Ulk0b3RtL0pES1RuSnFaNUdMYjgxMCtVTFBCZTUrNkhlb0VaeFRzSW8vMXJNcHhYMnZBcGVTeGxGaEZZSURVSnZVWU15Yys1SEZUZi93MzM3QSs0SWpnd0dmd29la2VmN2VvK254aWptT0h0NHRicy9MTHpESlMxS0JneFdTc0ZpQUtvUlVhR1prMGp6S0U1ZldhZTBOUis4TE4vNUpZMlJrd3I1dFY1b0hmeDdlK0xYMmM4czVrYVN0TjM0Qmg2eEx3cDBiYnlwVlZyVU03cTIzdmwxODJJNlpFdDlmZEY2NE9aa2VwTEE3fA&cppv=2
Request Chain 122
  • https://trkn.us/pixel/conv/ppt=10159;g=hsa_formers_jan-2021;gid=31282;ord=7867330276711.124;v=120 HTTP 302
  • https://trkn.us/pixel/conv/ppt=10159;g=hsa_formers_jan-2021;gid=31282;ord=7867330276711.124;v=120;ip=217.64.151.29;cuidchk=1
Request Chain 207
  • https://cdn.materialdesignicons.com/4.5.95/css/materialdesignicons.min.css HTTP 301
  • https://cdn.jsdelivr.net/mdi/4.5.95/css/materialdesignicons.min.css HTTP 301
  • https://cdn.jsdelivr.net/npm/@mdi/font@4.5.95/css/materialdesignicons.min.css
Request Chain 222
  • https://sb.scorecardresearch.com/b?c1=2&c2=6035032&ns__t=1645341808398&ns_c=UTF-8&cv=3.5&c8=Hawaii%20News%20%7C%20Honolulu%20Star-Advertiser&c7=https%3A%2F%2Fwww.staradvertiser.com%2F&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=2&c2=6035032&ns__t=1645341808398&ns_c=UTF-8&cv=3.5&c8=Hawaii%20News%20%7C%20Honolulu%20Star-Advertiser&c7=https%3A%2F%2Fwww.staradvertiser.com%2F&c9=
Request Chain 227
  • https://cdn.jwplayer.com/strips/Ct9V6Euv-120.vtt HTTP 301
  • https://assets-jpcust.jwpsrv.com/strips/Ct9V6Euv-120.vtt
Request Chain 229
  • https://cdn.jwplayer.com/v2/media/Ct9V6Euv/poster.jpg?width=720 HTTP 302
  • https://assets-jpcust.jwpsrv.com/thumbnails/0wtdz9yr-720.jpg
Request Chain 230
  • https://cdn.jwplayer.com/v2/media/xS1UI2RY/poster.jpg?width=720 HTTP 302
  • https://assets-jpcust.jwpsrv.com/thumbnails/st0aa5ei-720.jpg
Request Chain 231
  • https://cdn.jwplayer.com/strips/xS1UI2RY-120.vtt HTTP 301
  • https://assets-jpcust.jwpsrv.com/strips/xS1UI2RY-120.vtt
Request Chain 232
  • https://cdn.materialdesignicons.com/4.5.95/css/materialdesignicons.min.css HTTP 301
  • https://cdn.jsdelivr.net/mdi/4.5.95/css/materialdesignicons.min.css HTTP 301
  • https://cdn.jsdelivr.net/npm/@mdi/font@4.5.95/css/materialdesignicons.min.css
Request Chain 237
  • https://trkn.us/pixel/conv/ppt=15374;g=hsa_formers_sep-2021;gid=38087;cv1=https://www.staradvertiser.com/;ord=7450338050189.917;v=120 HTTP 302
  • https://trkn.us/pixel/conv/ppt=15374;g=hsa_formers_sep-2021;gid=38087;cv1=https://www.staradvertiser.com/;ord=7450338050189.917;v=120;ip=217.64.151.29;cuidchk=1
Request Chain 238
  • https://trkn.us/pixel/conv/ppt=16599;g=hsa_formers_oct-2021_v1;gid=39554;cv1=https://www.staradvertiser.com/;ord=3577991719263.66;v=120 HTTP 302
  • https://trkn.us/pixel/conv/ppt=16599;g=hsa_formers_oct-2021_v1;gid=39554;cv1=https://www.staradvertiser.com/;ord=3577991719263.66;v=120;ip=217.64.151.29;cuidchk=1
Request Chain 239
  • https://trkn.us/pixel/conv/ppt=16603;g=hsa_formers_oct-2021_v2;gid=39558;cv1=https://www.staradvertiser.com/;ord=1526270816990.7957;v=120 HTTP 302
  • https://trkn.us/pixel/conv/ppt=16603;g=hsa_formers_oct-2021_v2;gid=39558;cv1=https://www.staradvertiser.com/;ord=1526270816990.7957;v=120;ip=217.64.151.29;cuidchk=1
Request Chain 240
  • https://trkn.us/pixel/conv/ppt=16605;g=hsa_formers_oct-2021_v3;gid=39561;cv1=https://www.staradvertiser.com/;ord=3520096720155.299;v=120 HTTP 302
  • https://trkn.us/pixel/conv/ppt=16605;g=hsa_formers_oct-2021_v3;gid=39561;cv1=https://www.staradvertiser.com/;ord=3520096720155.299;v=120;ip=217.64.151.29;cuidchk=1
Request Chain 241
  • https://trkn.us/pixel/conv/ppt=17603;g=hsa_formers_nov-2021_v1;gid=40542;cv1=https://www.staradvertiser.com/;ord=9714825776117.402;v=120 HTTP 302
  • https://trkn.us/pixel/conv/ppt=17603;g=hsa_formers_nov-2021_v1;gid=40542;cv1=https://www.staradvertiser.com/;ord=9714825776117.402;v=120;ip=217.64.151.29;cuidchk=1
Request Chain 282
  • https://googleads.g.doubleclick.net/pagead/id HTTP 302
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
Request Chain 349
  • https://cdn.jwplayer.com/v2/media/ReiuWYBP/poster.jpg?width=120 HTTP 302
  • https://assets-jpcust.jwpsrv.com/thumbnails/99sa2obd-120.jpg
Request Chain 449
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEBLCuk3sWka4P6fwVDdya7s&google_cver=1&google_push=AYg5qPIIe_ipgHUb-dvlspguFQWFUJ5XrqsXNsExRAk5Y8rfiEqHQmvMGtqR-koJDstTwVvEws8op36m9YLvYknVu-hI1JrcGLos&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPIIe_ipgHUb-dvlspguFQWFUJ5XrqsXNsExRAk5Y8rfiEqHQmvMGtqR-koJDstTwVvEws8op36m9YLvYknVu-hI1JrcGLos%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEBLCuk3sWka4P6fwVDdya7s&google_cver=1&google_push=AYg5qPIIe_ipgHUb-dvlspguFQWFUJ5XrqsXNsExRAk5Y8rfiEqHQmvMGtqR-koJDstTwVvEws8op36m9YLvYknVu-hI1JrcGLos&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPIIe_ipgHUb-dvlspguFQWFUJ5XrqsXNsExRAk5Y8rfiEqHQmvMGtqR-koJDstTwVvEws8op36m9YLvYknVu-hI1JrcGLos%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Request Chain 450
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEB5rlrhpQaoZxLFj7ta8NR8&google_cver=1&google_push=AYg5qPIbXzNHbBoWQQ0pZ9G3ZuMJXG4vvXHGepHnm-ddbUc1wv0Xbls6obYwc6usZgwVEuA0OZWLD9vxcXRsWyoP5Eu_H7TXyfU HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEB5rlrhpQaoZxLFj7ta8NR8&google_push=AYg5qPIbXzNHbBoWQQ0pZ9G3ZuMJXG4vvXHGepHnm-ddbUc1wv0Xbls6obYwc6usZgwVEuA0OZWLD9vxcXRsWyoP5Eu_H7TXyfU
Request Chain 451
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESECPkBtPkZQodKrrM2VHRN8w&google_cver=1&google_push=AYg5qPL-yHdvN2s1U8VORFOxlCGXk_SNCnPgd5mLUHp5FzTs89fCohVMwc_5RlROh--EaWRHQwdaMh8EZ69N5STpaRnidh2hkON7 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AYg5qPL-yHdvN2s1U8VORFOxlCGXk_SNCnPgd5mLUHp5FzTs89fCohVMwc_5RlROh--EaWRHQwdaMh8EZ69N5STpaRnidh2hkON7&google_hm=uzAvxmVKSs6ouj1ABrlaeh0
Request Chain 452
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEF3DqQ3dRzjHiS2rtMuImBc&google_cver=1&google_push=AYg5qPLCqB3xvYqIYD5U1gwe46FcgjBGGSHzifdnS3Cm-uZzcGQEfc0_hHcCa3jIm3Zf8CDuCm2OeblfuBP10sKdOsz3Cpw0Ch4 HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=y4jiZrZpTOyhA5ZBpwFvfQ2&google_push=AYg5qPLCqB3xvYqIYD5U1gwe46FcgjBGGSHzifdnS3Cm-uZzcGQEfc0_hHcCa3jIm3Zf8CDuCm2OeblfuBP10sKdOsz3Cpw0Ch4
Request Chain 453
  • https://onetag-sys.com/sync/i,19/?google_gid=CAESEN9bMmeLi-KMB356UWz9obU&google_cver=1&google_push=AYg5qPIEoAXPDPrMxk60bDmQiH59_Q2GUe69vHv2A80LphZW_GxMwZ2WW1Z8G1UVduh3pqMrHhM8GBN_M62pYlzqMxX_1Csn08w HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIEoAXPDPrMxk60bDmQiH59_Q2GUe69vHv2A80LphZW_GxMwZ2WW1Z8G1UVduh3pqMrHhM8GBN_M62pYlzqMxX_1Csn08w HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIEoAXPDPrMxk60bDmQiH59_Q2GUe69vHv2A80LphZW_GxMwZ2WW1Z8G1UVduh3pqMrHhM8GBN_M62pYlzqMxX_1Csn08w HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIEoAXPDPrMxk60bDmQiH59_Q2GUe69vHv2A80LphZW_GxMwZ2WW1Z8G1UVduh3pqMrHhM8GBN_M62pYlzqMxX_1Csn08w HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIEoAXPDPrMxk60bDmQiH59_Q2GUe69vHv2A80LphZW_GxMwZ2WW1Z8G1UVduh3pqMrHhM8GBN_M62pYlzqMxX_1Csn08w HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIEoAXPDPrMxk60bDmQiH59_Q2GUe69vHv2A80LphZW_GxMwZ2WW1Z8G1UVduh3pqMrHhM8GBN_M62pYlzqMxX_1Csn08w HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIEoAXPDPrMxk60bDmQiH59_Q2GUe69vHv2A80LphZW_GxMwZ2WW1Z8G1UVduh3pqMrHhM8GBN_M62pYlzqMxX_1Csn08w HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIEoAXPDPrMxk60bDmQiH59_Q2GUe69vHv2A80LphZW_GxMwZ2WW1Z8G1UVduh3pqMrHhM8GBN_M62pYlzqMxX_1Csn08w HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIEoAXPDPrMxk60bDmQiH59_Q2GUe69vHv2A80LphZW_GxMwZ2WW1Z8G1UVduh3pqMrHhM8GBN_M62pYlzqMxX_1Csn08w HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIEoAXPDPrMxk60bDmQiH59_Q2GUe69vHv2A80LphZW_GxMwZ2WW1Z8G1UVduh3pqMrHhM8GBN_M62pYlzqMxX_1Csn08w HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIEoAXPDPrMxk60bDmQiH59_Q2GUe69vHv2A80LphZW_GxMwZ2WW1Z8G1UVduh3pqMrHhM8GBN_M62pYlzqMxX_1Csn08w HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIEoAXPDPrMxk60bDmQiH59_Q2GUe69vHv2A80LphZW_GxMwZ2WW1Z8G1UVduh3pqMrHhM8GBN_M62pYlzqMxX_1Csn08w HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIEoAXPDPrMxk60bDmQiH59_Q2GUe69vHv2A80LphZW_GxMwZ2WW1Z8G1UVduh3pqMrHhM8GBN_M62pYlzqMxX_1Csn08w HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIEoAXPDPrMxk60bDmQiH59_Q2GUe69vHv2A80LphZW_GxMwZ2WW1Z8G1UVduh3pqMrHhM8GBN_M62pYlzqMxX_1Csn08w HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIEoAXPDPrMxk60bDmQiH59_Q2GUe69vHv2A80LphZW_GxMwZ2WW1Z8G1UVduh3pqMrHhM8GBN_M62pYlzqMxX_1Csn08w HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIEoAXPDPrMxk60bDmQiH59_Q2GUe69vHv2A80LphZW_GxMwZ2WW1Z8G1UVduh3pqMrHhM8GBN_M62pYlzqMxX_1Csn08w HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIEoAXPDPrMxk60bDmQiH59_Q2GUe69vHv2A80LphZW_GxMwZ2WW1Z8G1UVduh3pqMrHhM8GBN_M62pYlzqMxX_1Csn08w HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIEoAXPDPrMxk60bDmQiH59_Q2GUe69vHv2A80LphZW_GxMwZ2WW1Z8G1UVduh3pqMrHhM8GBN_M62pYlzqMxX_1Csn08w HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIEoAXPDPrMxk60bDmQiH59_Q2GUe69vHv2A80LphZW_GxMwZ2WW1Z8G1UVduh3pqMrHhM8GBN_M62pYlzqMxX_1Csn08w HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIEoAXPDPrMxk60bDmQiH59_Q2GUe69vHv2A80LphZW_GxMwZ2WW1Z8G1UVduh3pqMrHhM8GBN_M62pYlzqMxX_1Csn08w HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIEoAXPDPrMxk60bDmQiH59_Q2GUe69vHv2A80LphZW_GxMwZ2WW1Z8G1UVduh3pqMrHhM8GBN_M62pYlzqMxX_1Csn08w
Request Chain 454
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEBXx2VuHQNf2wJGAl_qMrnA&google_cver=1&google_push=AYg5qPJw1aN1Ev101yn_ALTMI2HjKhsiHQKTOyzjM4NDRi3Efc22HQIlfSoCHdPH9JnhqhXJJ4eBJ1lZxHYLQpTa_larI9_QFLuidA HTTP 302
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEBXx2VuHQNf2wJGAl_qMrnA&google_cver=1&google_push=AYg5qPJw1aN1Ev101yn_ALTMI2HjKhsiHQKTOyzjM4NDRi3Efc22HQIlfSoCHdPH9JnhqhXJJ4eBJ1lZxHYLQpTa_larI9_QFLuidA&verify=true HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1TS1ZBU0hGRTJ1RnFGbFN1VUJ3VEVfcXBsLklvWVJ4UX5B&google_push=AYg5qPJw1aN1Ev101yn_ALTMI2HjKhsiHQKTOyzjM4NDRi3Efc22HQIlfSoCHdPH9JnhqhXJJ4eBJ1lZxHYLQpTa_larI9_QFLuidA
Request Chain 455
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEN9bMmeLi-KMB356UWz9obU&google_cver=1&google_push=AYg5qPLL-3lqju87cwEvpJXEyKZh9Q-SrykEl5aqqOQWZ0MmkLIGONR-0m1cATLlA7PoZ0xcxQLoTiZWrgl9-8AzNOgOFGbzIi1k HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AYg5qPLL-3lqju87cwEvpJXEyKZh9Q-SrykEl5aqqOQWZ0MmkLIGONR-0m1cATLlA7PoZ0xcxQLoTiZWrgl9-8AzNOgOFGbzIi1k HTTP 302
  • https://onetag-sys.com/sync/i,19/?google_error=5
Request Chain 457
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEJ4C7l7xx4E1slWrZzMlXeQ&google_cver=1&google_push=AYg5qPINcxPf-iOvOM4kmF1Axqu49dzC__76SxHElrsAGnpcJJyUYtgMK-Cl4JVV40IfDvJiVAUOZaGQu20Q0RBRvbHvI64uxCAW HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=ODAxNjYwNzQyODU4MDAzMzMyMA==&gdpr=&gdpr_consent= HTTP 302
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEJ4C7l7xx4E1slWrZzMlXeQ&google_cver=1
Request Chain 459
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEIcCIgUtuVAkBoG44bZ_jlg&google_cver=1&google_push=AYg5qPL2CxvYw3w_RTkZloU1jWPaqX3Nm8-EqDQvQ9rnDtRR8ZMm9SryvGKWubMSWxyW3d6WPkMx1Yp6-PExxo7dz0DBr9tCKajb HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEIcCIgUtuVAkBoG44bZ_jlg&google_cver=1&google_push=AYg5qPL2CxvYw3w_RTkZloU1jWPaqX3Nm8-EqDQvQ9rnDtRR8ZMm9SryvGKWubMSWxyW3d6WPkMx1Yp6-PExxo7dz0DBr9tCKajb&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=5_S9koB7RU29F37CTvoJwg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPL2CxvYw3w_RTkZloU1jWPaqX3Nm8-EqDQvQ9rnDtRR8ZMm9SryvGKWubMSWxyW3d6WPkMx1Yp6-PExxo7dz0DBr9tCKajb
Request Chain 460
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEOVONMwug-bSUVcnpg6ygbI&google_cver=1&google_push=AYg5qPLtpS8gCuI1-56Vp045kEPYA46GeP5MlHc7tm7nF8HmUArtcfIljeQrUOQymuqHzCMeTxDzf8VOn0KIfW7kENNWtaU23YF0 HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEOVONMwug-bSUVcnpg6ygbI&google_push=AYg5qPLtpS8gCuI1-56Vp045kEPYA46GeP5MlHc7tm7nF8HmUArtcfIljeQrUOQymuqHzCMeTxDzf8VOn0KIfW7kENNWtaU23YF0&s=184023&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YhHsco7XKNMGdNzVCN0FYgAABHwAAAAB&google_push=AYg5qPLtpS8gCuI1-56Vp045kEPYA46GeP5MlHc7tm7nF8HmUArtcfIljeQrUOQymuqHzCMeTxDzf8VOn0KIfW7kENNWtaU23YF0&google_gid=CAESEOVONMwug-bSUVcnpg6ygbI&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YhHsco7XKNMGdNzVCN0FYgAABHwAAAAB&google_push=AYg5qPLtpS8gCuI1-56Vp045kEPYA46GeP5MlHc7tm7nF8HmUArtcfIljeQrUOQymuqHzCMeTxDzf8VOn0KIfW7kENNWtaU23YF0&google_gid=CAESEOVONMwug-bSUVcnpg6ygbI&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YhHsco7XKNMGdNzVCN0FYgAABHwAAAAB&google_push=AYg5qPLtpS8gCuI1-56Vp045kEPYA46GeP5MlHc7tm7nF8HmUArtcfIljeQrUOQymuqHzCMeTxDzf8VOn0KIfW7kENNWtaU23YF0&google_gid=CAESEOVONMwug-bSUVcnpg6ygbI&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YhHsco7XKNMGdNzVCN0FYgAABHwAAAAB&google_push=AYg5qPLtpS8gCuI1-56Vp045kEPYA46GeP5MlHc7tm7nF8HmUArtcfIljeQrUOQymuqHzCMeTxDzf8VOn0KIfW7kENNWtaU23YF0&google_gid=CAESEOVONMwug-bSUVcnpg6ygbI&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YhHsco7XKNMGdNzVCN0FYgAABHwAAAAB&google_push=AYg5qPLtpS8gCuI1-56Vp045kEPYA46GeP5MlHc7tm7nF8HmUArtcfIljeQrUOQymuqHzCMeTxDzf8VOn0KIfW7kENNWtaU23YF0&google_gid=CAESEOVONMwug-bSUVcnpg6ygbI&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YhHsco7XKNMGdNzVCN0FYgAABHwAAAAB&google_push=AYg5qPLtpS8gCuI1-56Vp045kEPYA46GeP5MlHc7tm7nF8HmUArtcfIljeQrUOQymuqHzCMeTxDzf8VOn0KIfW7kENNWtaU23YF0&google_gid=CAESEOVONMwug-bSUVcnpg6ygbI&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YhHsco7XKNMGdNzVCN0FYgAABHwAAAAB&google_push=AYg5qPLtpS8gCuI1-56Vp045kEPYA46GeP5MlHc7tm7nF8HmUArtcfIljeQrUOQymuqHzCMeTxDzf8VOn0KIfW7kENNWtaU23YF0&google_gid=CAESEOVONMwug-bSUVcnpg6ygbI&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YhHsco7XKNMGdNzVCN0FYgAABHwAAAAB&google_push=AYg5qPLtpS8gCuI1-56Vp045kEPYA46GeP5MlHc7tm7nF8HmUArtcfIljeQrUOQymuqHzCMeTxDzf8VOn0KIfW7kENNWtaU23YF0&google_gid=CAESEOVONMwug-bSUVcnpg6ygbI&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YhHsco7XKNMGdNzVCN0FYgAABHwAAAAB&google_push=AYg5qPLtpS8gCuI1-56Vp045kEPYA46GeP5MlHc7tm7nF8HmUArtcfIljeQrUOQymuqHzCMeTxDzf8VOn0KIfW7kENNWtaU23YF0&google_gid=CAESEOVONMwug-bSUVcnpg6ygbI&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YhHsco7XKNMGdNzVCN0FYgAABHwAAAAB&google_push=AYg5qPLtpS8gCuI1-56Vp045kEPYA46GeP5MlHc7tm7nF8HmUArtcfIljeQrUOQymuqHzCMeTxDzf8VOn0KIfW7kENNWtaU23YF0&google_gid=CAESEOVONMwug-bSUVcnpg6ygbI&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YhHsco7XKNMGdNzVCN0FYgAABHwAAAAB&google_push=AYg5qPLtpS8gCuI1-56Vp045kEPYA46GeP5MlHc7tm7nF8HmUArtcfIljeQrUOQymuqHzCMeTxDzf8VOn0KIfW7kENNWtaU23YF0&google_gid=CAESEOVONMwug-bSUVcnpg6ygbI&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YhHsco7XKNMGdNzVCN0FYgAABHwAAAAB&google_push=AYg5qPLtpS8gCuI1-56Vp045kEPYA46GeP5MlHc7tm7nF8HmUArtcfIljeQrUOQymuqHzCMeTxDzf8VOn0KIfW7kENNWtaU23YF0&google_gid=CAESEOVONMwug-bSUVcnpg6ygbI&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YhHsco7XKNMGdNzVCN0FYgAABHwAAAAB&google_push=AYg5qPLtpS8gCuI1-56Vp045kEPYA46GeP5MlHc7tm7nF8HmUArtcfIljeQrUOQymuqHzCMeTxDzf8VOn0KIfW7kENNWtaU23YF0&google_gid=CAESEOVONMwug-bSUVcnpg6ygbI&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YhHsco7XKNMGdNzVCN0FYgAABHwAAAAB&google_push=AYg5qPLtpS8gCuI1-56Vp045kEPYA46GeP5MlHc7tm7nF8HmUArtcfIljeQrUOQymuqHzCMeTxDzf8VOn0KIfW7kENNWtaU23YF0&google_gid=CAESEOVONMwug-bSUVcnpg6ygbI&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YhHsco7XKNMGdNzVCN0FYgAABHwAAAAB&google_push=AYg5qPLtpS8gCuI1-56Vp045kEPYA46GeP5MlHc7tm7nF8HmUArtcfIljeQrUOQymuqHzCMeTxDzf8VOn0KIfW7kENNWtaU23YF0&google_gid=CAESEOVONMwug-bSUVcnpg6ygbI&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YhHsco7XKNMGdNzVCN0FYgAABHwAAAAB&google_push=AYg5qPLtpS8gCuI1-56Vp045kEPYA46GeP5MlHc7tm7nF8HmUArtcfIljeQrUOQymuqHzCMeTxDzf8VOn0KIfW7kENNWtaU23YF0&google_gid=CAESEOVONMwug-bSUVcnpg6ygbI&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YhHsco7XKNMGdNzVCN0FYgAABHwAAAAB&google_push=AYg5qPLtpS8gCuI1-56Vp045kEPYA46GeP5MlHc7tm7nF8HmUArtcfIljeQrUOQymuqHzCMeTxDzf8VOn0KIfW7kENNWtaU23YF0&google_gid=CAESEOVONMwug-bSUVcnpg6ygbI&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YhHsco7XKNMGdNzVCN0FYgAABHwAAAAB&google_push=AYg5qPLtpS8gCuI1-56Vp045kEPYA46GeP5MlHc7tm7nF8HmUArtcfIljeQrUOQymuqHzCMeTxDzf8VOn0KIfW7kENNWtaU23YF0&google_gid=CAESEOVONMwug-bSUVcnpg6ygbI&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YhHsco7XKNMGdNzVCN0FYgAABHwAAAAB&google_push=AYg5qPLtpS8gCuI1-56Vp045kEPYA46GeP5MlHc7tm7nF8HmUArtcfIljeQrUOQymuqHzCMeTxDzf8VOn0KIfW7kENNWtaU23YF0&google_gid=CAESEOVONMwug-bSUVcnpg6ygbI&google_cver=1
Request Chain 461
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEKrNVOWBoPuh2Ove3UQuMz0&google_cver=1&google_push=AYg5qPJHRenBCOH4gbXPUDYquqqTsIWgGSOgssqS8de4zagWp1mARZ0vpliBhPJgHCajbqa0ZGPDSicuEQ586BwqqggXNXNqZGq8 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPJHRenBCOH4gbXPUDYquqqTsIWgGSOgssqS8de4zagWp1mARZ0vpliBhPJgHCajbqa0ZGPDSicuEQ586BwqqggXNXNqZGq8
Request Chain 462
  • https://pixel.advertising.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESECOIkcvro1jk-EQ4BQ58UoQ&google_cver=1&google_push=AYg5qPLxEVaQ0aa-3sFoAKTeBHXaGkOc-MOQ8uR9CNGzD2JgEify46Yd-jR72-3nkXuR8GZgkFflr2wezF_B6oeuNJNHxWYTk_F8 HTTP 302
  • https://pixel.advertising.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESECOIkcvro1jk-EQ4BQ58UoQ&google_cver=1&google_push=AYg5qPLxEVaQ0aa-3sFoAKTeBHXaGkOc-MOQ8uR9CNGzD2JgEify46Yd-jR72-3nkXuR8GZgkFflr2wezF_B6oeuNJNHxWYTk_F8&verify=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESECOIkcvro1jk-EQ4BQ58UoQ&google_cver=1&google_push=AYg5qPLxEVaQ0aa-3sFoAKTeBHXaGkOc-MOQ8uR9CNGzD2JgEify46Yd-jR72-3nkXuR8GZgkFflr2wezF_B6oeuNJNHxWYTk_F8&apid=UP00d9caa5-921e-11ec-8b9a-0654c439bdde HTTP 302
  • https://ups.analytics.yahoo.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESECOIkcvro1jk-EQ4BQ58UoQ&google_cver=1&google_push=AYg5qPLxEVaQ0aa-3sFoAKTeBHXaGkOc-MOQ8uR9CNGzD2JgEify46Yd-jR72-3nkXuR8GZgkFflr2wezF_B6oeuNJNHxWYTk_F8&apid=UP00d9caa5-921e-11ec-8b9a-0654c439bdde&verify=true HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVAwMGQ5Y2FhNS05MjFlLTExZWMtOGI5YS0wNjU0YzQzOWJkZGU%3D&google_push=AYg5qPLxEVaQ0aa-3sFoAKTeBHXaGkOc-MOQ8uR9CNGzD2JgEify46Yd-jR72-3nkXuR8GZgkFflr2wezF_B6oeuNJNHxWYTk_F8
Request Chain 463
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEHevLVqd7jijXsOTrTNfyHA&google_cver=1&google_push=AYg5qPLEe9SlnwKFuusdUVIv1NgFMcywfk9usD5mH137XLjE5CiOjBXokqqkuwGHWgVSp6svKNXOhoK5DFFWTlluI6zJ7C6ugu0XHw HTTP 302
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEHevLVqd7jijXsOTrTNfyHA&google_cver=1&google_push=AYg5qPLEe9SlnwKFuusdUVIv1NgFMcywfk9usD5mH137XLjE5CiOjBXokqqkuwGHWgVSp6svKNXOhoK5DFFWTlluI6zJ7C6ugu0XHw&verify=true HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS13T0V0MzNoRTJ1RXpUVEQxbXRZYjVid1c5eFlieDhLZX5B&google_push=AYg5qPLEe9SlnwKFuusdUVIv1NgFMcywfk9usD5mH137XLjE5CiOjBXokqqkuwGHWgVSp6svKNXOhoK5DFFWTlluI6zJ7C6ugu0XHw
Request Chain 488
  • https://pv.medialead.de/trck/epv/2aed39855b5f46b7d90f959867be60f8?t=htlp&subid=oneidRA2hgfQfD4pTkHwH3tQtJgDS9SzTqxTG9xoneid__asuidZpz8aSoukkW_pyH7AsfO1rcmHMpMAN9iasuid__suite_Netmix_Reach09_PRIVATKREDIT&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=57372&dt_subid2=oneidRA2hgfQfD4pTkHwH3tQtJgDS9SzTqxTG9xoneid__asuidZpz8aSoukkW_pyH7AsfO1rcmHMpMAN9iasuid__suite_Netmix_Reach09_PRIVATKREDIT&actionid=981741&produktid=&dt_url=
Request Chain 623
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 693
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.staradvertiser.com%2F&domain=www.staradvertiser.com&bundle=2rX7QV84Rkl2dVZuVjNnRXlMZWtFQlhwQmVyYTFkTWx6TENNTG1IUmclMkZUZyUyRmpJS3VqS3NDZXBLbzFSODhBdWtCS1BBQlFxMEtUaUhNJTJGSHZOVXJoTk5ENG5raVBRNnFobDlScEJMVHhRRHdjeVZqT2kzWjJRenh1SkZpbVlDZGhPeks4eg&cw=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=ChfMNHxPb3o5ZC9vU3ZwajU2TGVMZFFBUE5Id3BKZmFEZldkZitWeHNxQUp0SXQ4WGRqTjFuZldLZzYrWXlZa0VKLzNEbDFDWWF1WXJNRjYrS2FKa1o0NmdFWFJTVVNmMlRJaGE4ZW1ieXRQY2dLZm9hNERDdmVaTStKbE52STlUOTBOSFd4dTJKZGZQZGwxOEZEY2V4S1NWNEFjRkYvQUQvRmgzRjQzeEtSQWI0Wm83a0NyRlhkZjR5bWR5MDhLbnJaNWxGUGc5MVQwZWdOT2NhNy9CMW5adGhYQzRrVG8vY3lBa0kweW8wc3BFVk5oU1ZvcHRqenNHejkvaGlPeExRbysyVHpYTmRIRXk3ajVuUWNQN1Axb25hUT09fA&cppv=2
Request Chain 750
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESELTaMp1IdrmmHm2jZD3ZPR8&google_cver=1&google_push=AYg5qPLXdp-NZNEV9lDIt9Xufkbvi33SLlmxqGcbmknf4Rx37b5f2iib6viPAxgBEPyiqQLqBF3lqCpKUsbDskc942ZsyFGNzMow HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AYg5qPLXdp-NZNEV9lDIt9Xufkbvi33SLlmxqGcbmknf4Rx37b5f2iib6viPAxgBEPyiqQLqBF3lqCpKUsbDskc942ZsyFGNzMow
Request Chain 752
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEBAo3r0pLwdvi2Q6Lj3Uf0Y&google_cver=1&google_push=AYg5qPLlgyTPDq2tE5WmPNAIoE5m0zwAc_HwMUL974MyY6rIkblnjmcU3XlYpXApdDNRn4PhUuFGPevU6RPjHVR2qlzh3wpwOl9J HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=y4jiZrZpTOyhA5ZBpwFvfQ2&google_push=AYg5qPLlgyTPDq2tE5WmPNAIoE5m0zwAc_HwMUL974MyY6rIkblnjmcU3XlYpXApdDNRn4PhUuFGPevU6RPjHVR2qlzh3wpwOl9J
Request Chain 753
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEDLz3nRevzMIKEGT9z6pKAc&google_cver=1&google_push=AYg5qPJb44ln1Qtf2XHdQEdm8gvlaEdBAM1GerP5imfMcA2EsgjAw_u8J9zcoh1942niHtRcDD9N1S13Y3vjXoyD1KS8ucAeH70C HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEDLz3nRevzMIKEGT9z6pKAc&google_cver=1&google_push=AYg5qPJb44ln1Qtf2XHdQEdm8gvlaEdBAM1GerP5imfMcA2EsgjAw_u8J9zcoh1942niHtRcDD9N1S13Y3vjXoyD1KS8ucAeH70C HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjIxNjQ3NDc4NDE3Mzg2NDc2&google_push=AYg5qPJb44ln1Qtf2XHdQEdm8gvlaEdBAM1GerP5imfMcA2EsgjAw_u8J9zcoh1942niHtRcDD9N1S13Y3vjXoyD1KS8ucAeH70C
Request Chain 755
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEOVONMwug-bSUVcnpg6ygbI&google_cver=1&google_push=AYg5qPKJBlDrTCTC0GRoUQa0u0UXprK3dZtGqcJcJoWpw8rOGFQhMEX9xLgT6_92b3yWZCWpDzf6NDFGj167DPGk3zMTZxiOHJTZ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YhHsco7XKNMGdNzVCN0FYgAABHwAAAAB&google_push=AYg5qPKJBlDrTCTC0GRoUQa0u0UXprK3dZtGqcJcJoWpw8rOGFQhMEX9xLgT6_92b3yWZCWpDzf6NDFGj167DPGk3zMTZxiOHJTZ&google_cver=1&google_gid=CAESEOVONMwug-bSUVcnpg6ygbI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YhHsco7XKNMGdNzVCN0FYgAABHwAAAAB&google_push=AYg5qPKJBlDrTCTC0GRoUQa0u0UXprK3dZtGqcJcJoWpw8rOGFQhMEX9xLgT6_92b3yWZCWpDzf6NDFGj167DPGk3zMTZxiOHJTZ&google_cver=1&google_gid=CAESEOVONMwug-bSUVcnpg6ygbI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YhHsco7XKNMGdNzVCN0FYgAABHwAAAAB&google_push=AYg5qPKJBlDrTCTC0GRoUQa0u0UXprK3dZtGqcJcJoWpw8rOGFQhMEX9xLgT6_92b3yWZCWpDzf6NDFGj167DPGk3zMTZxiOHJTZ&google_cver=1&google_gid=CAESEOVONMwug-bSUVcnpg6ygbI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YhHsco7XKNMGdNzVCN0FYgAABHwAAAAB&google_push=AYg5qPKJBlDrTCTC0GRoUQa0u0UXprK3dZtGqcJcJoWpw8rOGFQhMEX9xLgT6_92b3yWZCWpDzf6NDFGj167DPGk3zMTZxiOHJTZ&google_cver=1&google_gid=CAESEOVONMwug-bSUVcnpg6ygbI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YhHsco7XKNMGdNzVCN0FYgAABHwAAAAB&google_push=AYg5qPKJBlDrTCTC0GRoUQa0u0UXprK3dZtGqcJcJoWpw8rOGFQhMEX9xLgT6_92b3yWZCWpDzf6NDFGj167DPGk3zMTZxiOHJTZ&google_cver=1&google_gid=CAESEOVONMwug-bSUVcnpg6ygbI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YhHsco7XKNMGdNzVCN0FYgAABHwAAAAB&google_push=AYg5qPKJBlDrTCTC0GRoUQa0u0UXprK3dZtGqcJcJoWpw8rOGFQhMEX9xLgT6_92b3yWZCWpDzf6NDFGj167DPGk3zMTZxiOHJTZ&google_cver=1&google_gid=CAESEOVONMwug-bSUVcnpg6ygbI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YhHsco7XKNMGdNzVCN0FYgAABHwAAAAB&google_push=AYg5qPKJBlDrTCTC0GRoUQa0u0UXprK3dZtGqcJcJoWpw8rOGFQhMEX9xLgT6_92b3yWZCWpDzf6NDFGj167DPGk3zMTZxiOHJTZ&google_cver=1&google_gid=CAESEOVONMwug-bSUVcnpg6ygbI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YhHsco7XKNMGdNzVCN0FYgAABHwAAAAB&google_push=AYg5qPKJBlDrTCTC0GRoUQa0u0UXprK3dZtGqcJcJoWpw8rOGFQhMEX9xLgT6_92b3yWZCWpDzf6NDFGj167DPGk3zMTZxiOHJTZ&google_cver=1&google_gid=CAESEOVONMwug-bSUVcnpg6ygbI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YhHsco7XKNMGdNzVCN0FYgAABHwAAAAB&google_push=AYg5qPKJBlDrTCTC0GRoUQa0u0UXprK3dZtGqcJcJoWpw8rOGFQhMEX9xLgT6_92b3yWZCWpDzf6NDFGj167DPGk3zMTZxiOHJTZ&google_cver=1&google_gid=CAESEOVONMwug-bSUVcnpg6ygbI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YhHsco7XKNMGdNzVCN0FYgAABHwAAAAB&google_push=AYg5qPKJBlDrTCTC0GRoUQa0u0UXprK3dZtGqcJcJoWpw8rOGFQhMEX9xLgT6_92b3yWZCWpDzf6NDFGj167DPGk3zMTZxiOHJTZ&google_cver=1&google_gid=CAESEOVONMwug-bSUVcnpg6ygbI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YhHsco7XKNMGdNzVCN0FYgAABHwAAAAB&google_push=AYg5qPKJBlDrTCTC0GRoUQa0u0UXprK3dZtGqcJcJoWpw8rOGFQhMEX9xLgT6_92b3yWZCWpDzf6NDFGj167DPGk3zMTZxiOHJTZ&google_cver=1&google_gid=CAESEOVONMwug-bSUVcnpg6ygbI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YhHsco7XKNMGdNzVCN0FYgAABHwAAAAB&google_push=AYg5qPKJBlDrTCTC0GRoUQa0u0UXprK3dZtGqcJcJoWpw8rOGFQhMEX9xLgT6_92b3yWZCWpDzf6NDFGj167DPGk3zMTZxiOHJTZ&google_cver=1&google_gid=CAESEOVONMwug-bSUVcnpg6ygbI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YhHsco7XKNMGdNzVCN0FYgAABHwAAAAB&google_push=AYg5qPKJBlDrTCTC0GRoUQa0u0UXprK3dZtGqcJcJoWpw8rOGFQhMEX9xLgT6_92b3yWZCWpDzf6NDFGj167DPGk3zMTZxiOHJTZ&google_cver=1&google_gid=CAESEOVONMwug-bSUVcnpg6ygbI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YhHsco7XKNMGdNzVCN0FYgAABHwAAAAB&google_push=AYg5qPKJBlDrTCTC0GRoUQa0u0UXprK3dZtGqcJcJoWpw8rOGFQhMEX9xLgT6_92b3yWZCWpDzf6NDFGj167DPGk3zMTZxiOHJTZ&google_cver=1&google_gid=CAESEOVONMwug-bSUVcnpg6ygbI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YhHsco7XKNMGdNzVCN0FYgAABHwAAAAB&google_push=AYg5qPKJBlDrTCTC0GRoUQa0u0UXprK3dZtGqcJcJoWpw8rOGFQhMEX9xLgT6_92b3yWZCWpDzf6NDFGj167DPGk3zMTZxiOHJTZ&google_cver=1&google_gid=CAESEOVONMwug-bSUVcnpg6ygbI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YhHsco7XKNMGdNzVCN0FYgAABHwAAAAB&google_push=AYg5qPKJBlDrTCTC0GRoUQa0u0UXprK3dZtGqcJcJoWpw8rOGFQhMEX9xLgT6_92b3yWZCWpDzf6NDFGj167DPGk3zMTZxiOHJTZ&google_cver=1&google_gid=CAESEOVONMwug-bSUVcnpg6ygbI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YhHsco7XKNMGdNzVCN0FYgAABHwAAAAB&google_push=AYg5qPKJBlDrTCTC0GRoUQa0u0UXprK3dZtGqcJcJoWpw8rOGFQhMEX9xLgT6_92b3yWZCWpDzf6NDFGj167DPGk3zMTZxiOHJTZ&google_cver=1&google_gid=CAESEOVONMwug-bSUVcnpg6ygbI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YhHsco7XKNMGdNzVCN0FYgAABHwAAAAB&google_push=AYg5qPKJBlDrTCTC0GRoUQa0u0UXprK3dZtGqcJcJoWpw8rOGFQhMEX9xLgT6_92b3yWZCWpDzf6NDFGj167DPGk3zMTZxiOHJTZ&google_cver=1&google_gid=CAESEOVONMwug-bSUVcnpg6ygbI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YhHsco7XKNMGdNzVCN0FYgAABHwAAAAB&google_push=AYg5qPKJBlDrTCTC0GRoUQa0u0UXprK3dZtGqcJcJoWpw8rOGFQhMEX9xLgT6_92b3yWZCWpDzf6NDFGj167DPGk3zMTZxiOHJTZ&google_cver=1&google_gid=CAESEOVONMwug-bSUVcnpg6ygbI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YhHsco7XKNMGdNzVCN0FYgAABHwAAAAB&google_push=AYg5qPKJBlDrTCTC0GRoUQa0u0UXprK3dZtGqcJcJoWpw8rOGFQhMEX9xLgT6_92b3yWZCWpDzf6NDFGj167DPGk3zMTZxiOHJTZ&google_cver=1&google_gid=CAESEOVONMwug-bSUVcnpg6ygbI
Request Chain 766
  • https://www.telefonica-partner.de/tpv.php?t=120211V1226132702M&subid=oneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__asuidZpz8aSoukkW_pyH7AsfO1rcmHMpMAN9iasuid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://www.lead-alliance.net/tpv.php?t=120211V1226132702M&subid=oneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__asuidZpz8aSoukkW_pyH7AsfO1rcmHMpMAN9iasuid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=120211&s_id=2022022008233364228447533X120211V1226132702MSoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__asuidZpz8aSoukkW_pyH7AsfO1rcmHMpMAN9iasuid__suite_Netmix_Reach13_BlackFridayPush&spid=2022022008233364228447533X120211V1226132702MSoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__asuidZpz8aSoukkW_pyH7AsfO1rcmHMpMAN9iasuid__suite_Netmix_Reach13_BlackFridayPush&wfid=120211
Request Chain 769
  • https://www.telefonica-partner.de/tpv.php?t=113752V1225131106M&subid=oneidj83uEfZeSqx2KSYHEH2t6tRRJUKTzTxJc9oneid__asuidZpz8aSoukkW_pyH7AsfO1rcmHMpMAN9iasuid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://www.lead-alliance.net/tpv.php?t=113752V1225131106M&subid=oneidj83uEfZeSqx2KSYHEH2t6tRRJUKTzTxJc9oneid__asuidZpz8aSoukkW_pyH7AsfO1rcmHMpMAN9iasuid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=113752&s_id=2022022008233364228447535X113752V1225131106MSoneidj83uEfZeSqx2KSYHEH2t6tRRJUKTzTxJc9oneid__asuidZpz8aSoukkW_pyH7AsfO1rcmHMpMAN9iasuid__suite_Netmix_Reach13_BlackFridayPush
Request Chain 780
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160074 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RTdGNEJEOTItODA3Qi00NTRELUJEMTctN0VDMjRFRkEwOUMy&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEOQng9549nWWVg9ZNhlYzKs&google_cver=1 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Request Chain 793
  • https://rcm-na.amazon-adsystem.com/e/cm?o=1&p=12&l=ur1&category=electronics&banner=1RJ5QAT5B55ECPXSXB82&f=ifr&linkID=2315e72a794f1cd0d83054eea5a6da5f&t=cityspark-20&tracking_id=cityspark-20 HTTP 302
  • https://ws-na.assoc-amazon.com/widgets/cm?o=1&p=12&l=ur1&category=electronics&banner=1RJ5QAT5B55ECPXSXB82&f=ifr&linkID=2315e72a794f1cd0d83054eea5a6da5f&t=cityspark-20&tracking_id=cityspark-20

797 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.staradvertiser.com/ 		365 KB
47 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx / WP Engine
Resource Hash
b0b5553c8c13275dab9dbd8c4ab595592099aa8b297f4e7b65ba0659d61fc744

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 20 Feb 2022 07:23:26 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding Accept-Encoding Accept-Encoding,Cookie
expires
Thu, 19 Nov 1981 08:52:00 GMT
pragma
no-cache
link
<https://www.staradvertiser.com/wp-api/>; rel="https://api.w.org/" <https://www.staradvertiser.com/wp-json>; rel="https://github.com/WP-API/WP-API"
x-powered-by
WP Engine
x-cacheable
SHORT
cache-control
max-age=600, must-revalidate
x-cache
HIT: 225
x-cache-group
normal
content-encoding
br
41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
d3plfjw9uod7ab.cloudfront.net/ 		112 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3plfjw9uod7ab.cloudfront.net/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:da00:13:a391:88c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6959d051b212b334ab0726817194d078d87744ff5474a1420757e4a0904c21f0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id
smPtPoK5WKwASyoc.BkudNl6t_T5svWv
content-encoding
gzip
last-modified
Thu, 17 Feb 2022 17:56:17 GMT
server
AmazonS3
age
56
etag
W/"2b524b97f9fe7b453d103520f65bbbf2"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 f8895de4463e8d120a0f4b4a1f7703e4.cloudfront.net (CloudFront)
cache-control
max-age=3600, public
date
Sun, 20 Feb 2022 07:23:27 GMT
x-amz-cf-pop
FRA53-C1
x-amz-cf-id
gJzpak3iY0p6GvbrtjtvC4g1DibrhOWh5r3LRUrXHMk8Bvt72ModcQ==
pubcid.min.js
www.staradvertiser.com/wp-content/themes/staradvertiser/js/ 		57 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.staradvertiser.com/wp-content/themes/staradvertiser/js/pubcid.min.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
afd2447f77118df6fd4b8710c2b23e7bb4edb557795c643e3d8a7c12df4e6586

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:27 GMT
content-encoding
br
last-modified
Fri, 13 Nov 2020 19:41:56 GMT
server
nginx
etag
W/"5faee184-e358"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/ 		141 KB
22 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/bootstrap.min.css
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c0f3dcfe93d7e380c290fe4ab838ed8cadff1596d62697f5444be460d1f876d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.staradvertiser.com/
Origin
https://www.staradvertiser.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:27 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
601, 617, 617
age
26190404
cdn-cachedat
2021-04-23 05:58:16
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
timing-allow-origin
*
access-control-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:04 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css; charset=utf-8
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
a2cdf6002e5898310bcc2c0b2e47a44c
cf-ray
6e05fd560fb8839a-MXP
cdn-requestcountrycode
EG
cdn-requestpullsuccess
True
sa-style-2018.css
www.staradvertiser.com/wp-content/themes/staradvertiser/css/ 		67 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.staradvertiser.com/wp-content/themes/staradvertiser/css/sa-style-2018.css?version=1.88
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
cb8b1419780ed6f78469a86d286c2668ab0a9e78582797defafc1d7f2762ffb5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:27 GMT
content-encoding
br
last-modified
Tue, 15 Jun 2021 01:44:26 GMT
server
nginx
etag
W/"60c805fa-10c45"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
wsl8gsu.css
use.typekit.net/ 		6 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/wsl8gsu.css
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:5f80:a::b212:e7c0 , Russian Federation, ASN50952 (DATAIX-AS Peering Ltd., RU),
Reverse DNS
Software
nginx /
Resource Hash
bf78c9bad3b9a376810a5a12afa3d5a7a3ec5199228f34ee33d8ae13536a5f1f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains;
content-encoding
gzip
server
nginx
date
Sun, 20 Feb 2022 07:23:27 GMT
vary
Accept-Encoding
content-type
text/css;charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
922
all.css
use.fontawesome.com/releases/v5.0.10/css/ 		36 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.0.10/css/all.css
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cfac6241dd3aabb5f1552c17501790093015c006a8e13671823c1ff4872beaae

Request headers

Referer
https://www.staradvertiser.com/
Origin
https://www.staradvertiser.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:27 GMT
content-encoding
br
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
12756850
access-control-allow-methods
GET
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
B36X1BCHCQ732ADZ
x-amz-id-2
20uffz1kDj+aqh3fOgw+IcBHEkwif8F90uXiEgrQdOM9jvm/W6jTyG/26uvoUregVDavczVZqQc=
last-modified
Wed, 30 Jun 2021 15:26:49 GMT
server
cloudflare
etag
W/"d1acb8ad33b1526acbfd3f0028b859b0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d7W5OVm1V4wAzfc%2B4aUo6%2BE%2B0oxTGpTFYLHkaTObIHxjoosww1Cox0lB52AYoTIIo0bDkm2mUmUHvRbWiA4UqsvuCDKi4XT4Up77Vekj2ugMjri54kjfdoZLHroB9g0Wpam9DzbyCdCizbXnfCNYVEm0"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31556926
cf-ray
6e05fd56081c83ba-MXP
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/2.1.1/ 		82 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/2.1.1/jquery.min.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 17 Feb 2022 15:41:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
229338
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29671
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 17 Feb 2023 15:41:09 GMT
chartbeat_mab.js
static.chartbeat.com/js/ 		22 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.chartbeat.com/js/chartbeat_mab.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2134:c000:18:1fcd:34f:cdc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
3d54d65d1a3e03ee57b6b3bea623447a1d39393610bdd51bb389fe20c0b17f78

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 06:35:21 GMT
content-encoding
gzip
last-modified
Fri, 14 Jan 2022 02:25:43 GMT
server
nginx
age
2885
etag
W/"61e0df27-59c1"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
via
1.1 69f8ad486723f285e484ce57919faf2e.cloudfront.net (CloudFront)
cache-control
max-age=7200
cross-origin-resource-policy
cross-origin
x-amz-cf-pop
MXP64-C2
x-amz-cf-id
ICNS78IcrGmlnHwueZWkc177lh4aJEWKfeeqoN3zb05A8V9mj7C36Q==
expires
Sun, 20 Feb 2022 08:35:21 GMT
ZoPFXSjg.js
content.jwplatform.com/libraries/ 		126 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://content.jwplatform.com/libraries/ZoPFXSjg.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2315:8000:1:a3fa:7cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty /
Resource Hash
aa4b31008b7b03a32fdcf70497969c51801ddcf8606f1e480b4a3207f8270288

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:21:28 GMT
content-encoding
gzip
server
openresty
age
119
x-cache
Hit from cloudfront
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=150, max-stale=180
x-amz-cf-pop
DUS51-P2
content-length
43861
via
1.1 ba922c695b86542cbfc03c782d8776d4.cloudfront.net (CloudFront)
x-amz-cf-id
OhP8-w4cOhWOHYUnWQzI2FQuTiH3ETOb4f2eCouXlXCh4VPy8J0g9Q==
expires
Sun, 20 Feb 2022 07:21:26 GMT
hsa-jwplayer.cmd-hsa-minified.1601588720.js
www.staradvertiser.com/wp-content/themes/staradvertiser/js/ 		12 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.staradvertiser.com/wp-content/themes/staradvertiser/js/hsa-jwplayer.cmd-hsa-minified.1601588720.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
0159831273549544cb9ff04cb7f31edfa5797d9aa4bf1666636bdca542479b76

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:27 GMT
content-encoding
br
last-modified
Thu, 01 Oct 2020 21:45:24 GMT
server
nginx
etag
W/"5f764df4-2eb2"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
sa-jwplayer.css
www.staradvertiser.com/wp-content/themes/staradvertiser/css/ 		2 KB
869 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.staradvertiser.com/wp-content/themes/staradvertiser/css/sa-jwplayer.css?version=1.0
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
6e206304ef613bb43bbad63baeeef8a0fa2c96dc7295c45f025131467c14aee8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:27 GMT
content-encoding
br
last-modified
Mon, 23 Sep 2019 21:22:01 GMT
server
nginx
etag
W/"5d893779-603"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
load.js
s.ntv.io/serve/ 		392 KB
115 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.ntv.io/serve/load.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.102.29.148 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-102-29-148.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
36a588822bfb9e3d351da79c492ed62f9d98275d59f611a50b0f37ae11731a34

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Sun, 20 Feb 2022 07:23:27 GMT
Content-Encoding
gzip
x-amz-request-id
Z0CN0RNNNCRB33W5
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
Connection
keep-alive, Transfer-Encoding
x-amz-id-2
o5uNcsz7RA6HOgiuVDQWBbEpD3brsPWc47iBGsg0E7rBQk0IxK6jzqg6M5r53tc9BL1wtPxv+dk=
Last-Modified
Thu, 10 Feb 2022 22:27:22 GMT
Server
AmazonS3
ETag
"93a3fdf08b1a28e64ac925822f0cc789"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=3600
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
usprivacy-string.js
www.staradvertiser.com/wp-content/themes/staradvertiser/iab_ccpa/src/ 		1 KB
817 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.staradvertiser.com/wp-content/themes/staradvertiser/iab_ccpa/src/usprivacy-string.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
e5d3f7cad9534723e28aed704f7f5bcbb7f6a2323b2c29f01aa09bc3a46c930d

Request headers

Referer
https://www.staradvertiser.com/
Origin
https://www.staradvertiser.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:27 GMT
content-encoding
br
last-modified
Fri, 24 Jan 2020 19:14:59 GMT
server
nginx
etag
W/"5e2b4233-4e0"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
uspapi.js
www.staradvertiser.com/wp-content/themes/staradvertiser/iab_ccpa/src/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.staradvertiser.com/wp-content/themes/staradvertiser/iab_ccpa/src/uspapi.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
d8921a0fcfd2507826836106dcc06e0612c413bf3797cab39402171724b32df0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:27 GMT
content-encoding
br
last-modified
Fri, 24 Jan 2020 19:14:59 GMT
server
nginx
etag
W/"5e2b4233-1158"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
uspapi_call.js
www.staradvertiser.com/wp-content/themes/staradvertiser/iab_ccpa/src/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.staradvertiser.com/wp-content/themes/staradvertiser/iab_ccpa/src/uspapi_call.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
87228b5246ece9b12bac05b438794791bb67239aab563dafb7e43eb4ddfc8fa9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:27 GMT
content-encoding
br
last-modified
Fri, 24 Jan 2020 19:14:59 GMT
server
nginx
etag
W/"5e2b4233-899"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
polyfill.min.js
polyfill.io/v2/ 		222 B
606 B 		Script
General
Check archive.org
Download Go to
Full URL
https://polyfill.io/v2/polyfill.min.js?features=IntersectionObserver
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:e00::282 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
cae897bdde94867960ad284a56b1631296eaceddf5710a2857127ca0aa2777d3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains; preload
content-encoding
br
x-content-type-options
nosniff
content-type
text/javascript; charset=utf-8
age
503708
detected-user-agent
Chrome/98.0.4758
server-timing
HIT, fastly;desc="Edge time";dur=0, HIT, fastly;desc="Edge time";dur=1
content-length
126
referrer-policy
origin-when-cross-origin
last-modified
Mon, 14 Feb 2022 10:57:33 GMT
date
Sun, 20 Feb 2022 07:23:27 GMT
vary
User-Agent, Accept-Encoding
access-control-allow-methods
GET,HEAD,OPTIONS
normalized-user-agent
chrome/98.0.0
access-control-allow-origin
*
cache-control
public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges
bytes
timing-allow-origin
*
common.cmd-hsa-minified.1569273721.css
www.staradvertiser.com/wp-content/plugins/hsa-polls/css/ 		502 B
460 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.staradvertiser.com/wp-content/plugins/hsa-polls/css/common.cmd-hsa-minified.1569273721.css?ver=5.8.3
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
0e2a560f13627bee0925e5e49243f611d9a4cef76f56f4c96d3d3a6510a1d29c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:27 GMT
content-encoding
br
last-modified
Tue, 04 Feb 2020 19:56:12 GMT
server
nginx
etag
W/"5e39cc5c-1f6"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
style.min.css
www.staradvertiser.com/wp-includes/css/dist/block-library/ 		79 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.staradvertiser.com/wp-includes/css/dist/block-library/style.min.css?ver=5.8.3
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:27 GMT
content-encoding
br
last-modified
Wed, 01 Sep 2021 04:05:58 GMT
server
nginx
etag
W/"612efc26-13abe"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
vfb-style.min.css
www.staradvertiser.com/wp-content/plugins/vfb-pro/public/assets/css/ 		66 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.staradvertiser.com/wp-content/plugins/vfb-pro/public/assets/css/vfb-style.min.css?ver=2019.05.10
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
2a03771453248c5eb3ee390d87edddd490ac37484b6a6c95567ffc222fccd107

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:27 GMT
content-encoding
br
last-modified
Wed, 10 Feb 2021 19:20:25 GMT
server
nginx
etag
W/"602431f9-108dd"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
css
fonts.googleapis.com/ 		16 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Source+Sans+Pro%3A300%2C400%2C700%2C300italic%2C400italic%2C700italic%7CBitter%3A400%2C700&subset=latin%2Clatin-ext
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d5502471827af86b745c40e045c7ffa3e58fa7ced50fb20ed7e37025a9abfdaf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 20 Feb 2022 06:22:52 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sun, 20 Feb 2022 07:23:27 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 20 Feb 2022 07:23:27 GMT
genericons.css
www.staradvertiser.com/wp-content/themes/staradvertiser/genericons/ 		30 KB
19 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.staradvertiser.com/wp-content/themes/staradvertiser/genericons/genericons.css?ver=3.03
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
4d5679eb4ffe764c49e2fb1386bf3ef04139e7a5a9e867da46aa1045374d6925

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:27 GMT
content-encoding
br
last-modified
Mon, 23 Sep 2019 21:22:01 GMT
server
nginx
etag
W/"5d893779-7945"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
style.css
www.staradvertiser.com/wp-content/themes/staradvertiser/ 		0
188 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.staradvertiser.com/wp-content/themes/staradvertiser/style.css?ver=2015-12-08
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:27 GMT
last-modified
Mon, 23 Sep 2019 21:22:01 GMT
server
nginx
etag
"5d893779-0"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
0
facets.min.css
www.staradvertiser.com/wp-content/plugins/elasticpress/features/facets/assets/css/ 		789 B
479 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.staradvertiser.com/wp-content/plugins/elasticpress/features/facets/assets/css/facets.min.css?ver=2.5.2
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
125b1c5f96e7bd6829d8ce638c463f14c0a78f7cadee45d6ea4584b897aaf1e3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:27 GMT
content-encoding
br
last-modified
Mon, 23 Sep 2019 21:22:01 GMT
server
nginx
etag
W/"5d893779-315"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
jquery.min.js
www.staradvertiser.com/wp-includes/js/jquery/ 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.staradvertiser.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:27 GMT
content-encoding
br
last-modified
Wed, 10 Mar 2021 15:07:24 GMT
server
nginx
etag
W/"6048e0ac-15db1"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
jquery-migrate.min.js
www.staradvertiser.com/wp-includes/js/jquery/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.staradvertiser.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:27 GMT
content-encoding
br
last-modified
Wed, 18 Nov 2020 09:06:06 GMT
server
nginx
etag
W/"5fb4e3fe-2bd8"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
common.cmd-hsa-minified.1569273721.js
www.staradvertiser.com/wp-content/plugins/hsa-polls/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.staradvertiser.com/wp-content/plugins/hsa-polls/js/common.cmd-hsa-minified.1569273721.js?ver=5.8.3
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
3596c8db4dfd165d2fa4af70f72fbb7d22caab7c9b7aa1cd7e91af4a663e6a8d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:27 GMT
content-encoding
br
last-modified
Tue, 04 Feb 2020 19:56:12 GMT
server
nginx
etag
W/"5e39cc5c-100a"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
sa-logo-white-small.png
www.staradvertiser.com/wp-content/themes/staradvertiser/images/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.staradvertiser.com/wp-content/themes/staradvertiser/images/sa-logo-white-small.png
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
cadc72dc81a8e767b3da7e015267c1ed4eb439249277937a2e83f7d29876350e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:27 GMT
last-modified
Mon, 23 Sep 2019 21:22:01 GMT
server
nginx
etag
"5d893779-19dc"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
6620
longs-drugs-logo-v2.png
www.staradvertiser.com/wp-content/themes/staradvertiser/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.staradvertiser.com/wp-content/themes/staradvertiser/images/longs-drugs-logo-v2.png
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
e0f9afd978bd46213b0bf16a6ddd54ef257e84dde88e9b428c373b501a2b0b74

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:27 GMT
last-modified
Tue, 15 Jun 2021 01:44:26 GMT
server
nginx
etag
"60c805fa-914"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
2324
sa-logo-large.png
www.staradvertiser.com/wp-content/themes/staradvertiser/images/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.staradvertiser.com/wp-content/themes/staradvertiser/images/sa-logo-large.png
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
0a2176bad5be68ea7fe742d9ea76084443f8891101898e212361a057b291ca62

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:27 GMT
last-modified
Mon, 23 Sep 2019 21:22:01 GMT
server
nginx
etag
"5d893779-4056"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
16470
partly_cloudy_rain.png
www.staradvertiser.com/wp-content/themes/staradvertiser/images/small-icons/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.staradvertiser.com/wp-content/themes/staradvertiser/images/small-icons/partly_cloudy_rain.png
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
317411aa4ace0961a35e28f5a79c28dd52b28cdda84efa46f80d697fbf695b02

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:27 GMT
last-modified
Mon, 23 Sep 2019 21:22:01 GMT
server
nginx
etag
"5d893779-597"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
1431
getprima.php
staradvertiser-hi.newsmemory.com/ 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://staradvertiser-hi.newsmemory.com/getprima.php
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.221.248.213 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-221-248-213.compute-1.amazonaws.com
Software
Apache /
Resource Hash
5965f82ddf197d8faf1530c477553d1e86d5f7a8f23d3c502b63e45345878d56

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Sun, 20 Feb 2022 07:23:28 GMT
Cache-Control
max-age=900,s-maxage=900
Expires
Sun, 20 Feb 2022 07:38:28 GMT
Server
Apache
Transfer-Encoding
chunked
Content-Type
image/png
thumbnail-223x150.jpg
www.staradvertiser.com/wp-content/plugins/cmd-hsa-news-thumbnails/class/images/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.staradvertiser.com/wp-content/plugins/cmd-hsa-news-thumbnails/class/images/thumbnail-223x150.jpg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
0f108d2c3e7133c2c1a890275e48a6e131cf7d4b1ec44a753a9916a9fd3a2a47

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:27 GMT
last-modified
Fri, 05 Jun 2020 19:51:42 GMT
server
nginx
etag
"5edaa24e-11ba"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
4538
big-q-logo.png
www.staradvertiser.com/wp-content/plugins/cmd-hsa-big-q/class/images/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.staradvertiser.com/wp-content/plugins/cmd-hsa-big-q/class/images/big-q-logo.png
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
42197f868c8a022a8f36574a2ce910d007c7254e7282742500154471ca82408d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:27 GMT
last-modified
Mon, 23 Sep 2019 21:22:01 GMT
server
nginx
etag
"5d893779-2806"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
10246
SA-LocalBusinessGuide-982x300.gif
sa-media.s3.amazonaws.com/sa_ads/localbusinessguide/ 		269 KB
270 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sa-media.s3.amazonaws.com/sa_ads/localbusinessguide/SA-LocalBusinessGuide-982x300.gif
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.196.89 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
09dc0765a9dd7efe2c16814e023c0509771ef4cf8dd880a306c59b765942d983

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Sun, 20 Feb 2022 07:23:29 GMT
Last-Modified
Thu, 16 Jul 2020 21:43:25 GMT
Server
AmazonS3
x-amz-request-id
CRSCK13W87RR8AKZ
ETag
"1b3f2c17628b6f0face0aba72b58a731"
Content-Type
image/gif
x-amz-version-id
N.oxyDEQv3OEdP44ADgABZ71w4.UpJZ_
Accept-Ranges
bytes
Content-Length
275925
x-amz-id-2
XQbP1O/lrg5Ns3YRInfFgQFMvqtVYAisnI0PxFFoAjxeqx/NsGMmY3hcWBVT+IxS5LM0mxMMK+4=
fv-play-btn-1.png
www.staradvertiser.com/wp-content/themes/staradvertiser/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.staradvertiser.com/wp-content/themes/staradvertiser/images/fv-play-btn-1.png
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
dca48f3a946bbfa6545510ed71076aa805c1b8a84bba5ecc79fa39ccfcd088f5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:27 GMT
last-modified
Mon, 23 Sep 2019 21:22:01 GMT
server
nginx
etag
"5d893779-d24"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
3364
loader-sa.gif
sa-media.s3.amazonaws.com/images/redesign/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sa-media.s3.amazonaws.com/images/redesign/loader-sa.gif
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.196.89 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
0697912270d4ad04615851261fa60a3db4bc88e3c0316d1c97fdd3a5a7c68931

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Sun, 20 Feb 2022 07:23:29 GMT
Last-Modified
Thu, 09 Jan 2020 19:44:41 GMT
Server
AmazonS3
x-amz-request-id
CRS2J8JBKCF18JPE
ETag
"5482571331280690fa02f6d418610e2f"
x-amz-version-id
GPY34XsOEB_u0Uf8iwc7gZbkwoeYJPhF
Cache-Control
31556952
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
16428
x-amz-id-2
thFt/zqK4mPD9BmNpwhF0rzcFZd8ay0H4AnGguv6Tf3xxs+VgEd1hjZVNUNji0UL/xBs5DnxtT0=
origami-widget.js
origami.secure.ownlocal.com/ 		13 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://origami.secure.ownlocal.com/origami-widget.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.77.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.77.96.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
d6a5789ddcefcde65aca42763fdf458a4df543f92f13d903aab39e05918971cc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 03:07:41 GMT
age
15346
x-guploader-uploadid
ADPycdszRssnKuseSYSQMn2wo_QEhL1ZxVlpUhQ3L-9ZX8hisC4SCbFmsGzvvLbbAHxjCXFVPAZq_UV2bbTAW4SWv_c
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13289
last-modified
Mon, 19 Oct 2020 18:40:43 GMT
server
UploadServer
etag
"f5183a07384a657e61aaaeba0fc72448"
x-goog-hash
crc32c=FHVKdg==, md5=9Rg6BzhKZX5hqq66D8ckSA==
x-goog-generation
1603132843078573
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=86400
x-goog-stored-content-length
13289
accept-ranges
bytes
content-type
application/javascript
expires
Mon, 21 Feb 2022 03:07:41 GMT
get.js
cdn.cityspark.com/wid/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cityspark.com/wid/get.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6BB8) /
Resource Hash
948c224783bfc65ebe57eaca98e5968a10717272ed8120746501997509fa564c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 20 Feb 2022 07:23:27 GMT
content-encoding
gzip
content-md5
DgH26NwpVpUJ7mY3mCxUbA==
age
391061
x-cache
HIT
content-length
919
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Thu, 07 May 2020 14:25:32 GMT
server
ECAcc (mil/6BB8)
etag
"0x8D7F2927FD84964+gzip"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
fec0b373-301e-008b-7d9c-22fc60000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
x-ms-version
2014-02-14
gD12H3oM9Iqch4Y2IgeBpEqQnAvfOv.js
widgets.recruitology.com/scripts/ 		42 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.recruitology.com/scripts/gD12H3oM9Iqch4Y2IgeBpEqQnAvfOv.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-125.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4e3d0c1a29d170faef517706dcb30b339ecd93eb48be33783139f6e1c5e8c204

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:28 GMT
content-encoding
br
last-modified
Thu, 10 Feb 2022 07:07:50 GMT
server
AmazonS3
x-amz-cf-pop
FRA6-C1
etag
W/"4cf02e8d5f1d8227b4b0042b6fe6f08a"
vary
Accept-Encoding, Origin
x-cache
RefreshHit from cloudfront
content-type
text/javascript
via
1.1 21da0a66bafe2c8de8be4a4d8039346a.cloudfront.net (CloudFront)
cache-control
max-age=60, public
x-amz-cf-id
F6pRFpxIsHp543C_qIOWyNXtYHQh10jfYkMPV14lmjr40MeI-LzwyQ==
expires
Sun, 20 Feb 2022 07:21:08 GMT
DO-020721-Cover-Big-City-Diner-afc--180x180.jpg
dining.staradvertiser.com/wp-content/uploads/2022/02/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dining.staradvertiser.com/wp-content/uploads/2022/02/DO-020721-Cover-Big-City-Diner-afc--180x180.jpg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.184.218.133 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
133.218.184.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
65c2f65aaef6f2b3b834ec69d322424aad3d2904ab22e17dbc330239818f5cd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:28 GMT
last-modified
Tue, 15 Feb 2022 00:45:28 GMT
server
nginx
etag
"620af7a8-3d5f"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
15711
crop-out-shower-curtain-use-as-main-photo-150x150.jpg
hawaiirenovation.staradvertiser.com/wp-content/uploads/2022/02/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hawaiirenovation.staradvertiser.com/wp-content/uploads/2022/02/crop-out-shower-curtain-use-as-main-photo-150x150.jpg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.184.218.133 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
133.218.184.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
0cbc45bb2105b7b487ea7200431abc2263c9bdadd1d4bf81f374b21838594b04

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:28 GMT
last-modified
Mon, 14 Feb 2022 21:59:10 GMT
server
nginx
etag
"620ad0ae-1945"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
6469
2022-Year-Of-The-Tiger-240x250.jpg
www.staradvertiser.com/wp-content/uploads/2022/01/ 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.staradvertiser.com/wp-content/uploads/2022/01/2022-Year-Of-The-Tiger-240x250.jpg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
b426330e7356578186744fc43edcf2ddf9380c8ed9d42a36fd77ba3ca81b8b57

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:27 GMT
last-modified
Mon, 31 Jan 2022 18:34:26 GMT
server
nginx
etag
"61f82bb2-4594"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
17812
2022-Super-Bowl-288x250.jpg
www.staradvertiser.com/wp-content/uploads/2022/02/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.staradvertiser.com/wp-content/uploads/2022/02/2022-Super-Bowl-288x250.jpg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
a1bcd09518ee81a6a1f2b799ec5003619198761289be5cd44b8528cf89683c5b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:27 GMT
last-modified
Mon, 14 Feb 2022 18:31:06 GMT
server
nginx
etag
"620a9fea-536c"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
21356
SA-LocalBusinessGuide-RightRail.gif
sa-media.s3.amazonaws.com/sa_ads/localbusinessguide/ 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sa-media.s3.amazonaws.com/sa_ads/localbusinessguide/SA-LocalBusinessGuide-RightRail.gif
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.196.89 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
b9992e87acdce0b56ae06a416a40ba5b4771a9cd7701d97e9487044dbf1b65e0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Sun, 20 Feb 2022 07:23:29 GMT
Last-Modified
Fri, 17 Jul 2020 01:10:19 GMT
Server
AmazonS3
x-amz-request-id
CRSCW81CR6ZVF8VZ
ETag
"4de67d2a7b83c7aa57c53c16e04f45fe"
Content-Type
image/gif
x-amz-version-id
6IbaSWxCO7LzRPA4INzeWwcVLvh1Iht9
Accept-Ranges
bytes
Content-Length
33694
x-amz-id-2
f32d1BFZr/VkiLSKcr+JmOq7wspF6A5vyHH1E0oDxP//TUHj5v96P98EjHX7gL8DFDUDc6iiln0=
20220203-WEB-HSA-A1-Feb-27-2020.jpg
www.staradvertiser.com/wp-content/uploads/2022/02/ 		131 KB
131 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.staradvertiser.com/wp-content/uploads/2022/02/20220203-WEB-HSA-A1-Feb-27-2020.jpg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
da1aa56ad7ee2ec7feb73ce90eece099adfa6774a5f4e417371ac72037ba02c9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:27 GMT
last-modified
Thu, 03 Feb 2022 21:56:42 GMT
server
nginx
etag
"61fc4f9a-20b44"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
133956
api.js
www.google.com/recaptcha/ 		884 B
1000 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?render=6LdAlLwUAAAAABkgsamHb8lqNqVqvZQKWYXKl57b
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
68ab0344cdcfdc5447aa23b5158c42b5aabf1825e326097d71092fa5cbf08a34
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
587
x-xss-protection
1; mode=block
expires
Sun, 20 Feb 2022 07:23:27 GMT
newsletter-signup.js
www.staradvertiser.com/resources/newsletter/ 		2 KB
947 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.staradvertiser.com/resources/newsletter/newsletter-signup.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
d1a0a1b6d83366106e152f1703e7a4762df4f2a95bcd45dda95c362e27c64fa0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:27 GMT
content-encoding
br
last-modified
Sat, 12 Oct 2019 01:57:07 GMT
server
nginx
etag
W/"5da132f3-7ed"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
frontend.js
www.staradvertiser.com/wp-content/plugins/ad-refresh-control/dist/js/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.staradvertiser.com/wp-content/plugins/ad-refresh-control/dist/js/frontend.js?ver=1.0.5
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
3cd0f7339e3fe1e7228f087ed90b78e9fdcbcc1db30e4f228e510ce6bb220f46

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:27 GMT
content-encoding
br
last-modified
Fri, 23 Jul 2021 07:01:13 GMT
server
nginx
etag
W/"60fa6939-3583"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
functions.js
www.staradvertiser.com/wp-content/themes/staradvertiser/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.staradvertiser.com/wp-content/themes/staradvertiser/js/functions.js?ver=20200320
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
3cab875a2a392985fb6bc7269ea092a6b16d208b2ba247cba8bfc0f626d9caac

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:27 GMT
content-encoding
br
last-modified
Tue, 24 Mar 2020 19:28:26 GMT
server
nginx
etag
W/"5e7a5f5a-10af"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
underscore.min.js
www.staradvertiser.com/wp-includes/js/ 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.staradvertiser.com/wp-includes/js/underscore.min.js?ver=1.13.1
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
5dacc86b8a64742e60d70192353e5643da219a3f84c0b26cf6116b06b67fff32

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:27 GMT
content-encoding
br
last-modified
Thu, 27 May 2021 19:33:19 GMT
server
nginx
etag
W/"60aff3ff-4a84"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
facets.min.js
www.staradvertiser.com/wp-content/plugins/elasticpress/features/facets/assets/js/ 		399 B
476 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.staradvertiser.com/wp-content/plugins/elasticpress/features/facets/assets/js/facets.min.js?ver=2.5.2
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
842542e571b27f1586b2472b0f927e13973b6b47e5d9fe345abfd2436eb24fe6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:27 GMT
content-encoding
br
last-modified
Mon, 23 Sep 2019 21:22:01 GMT
server
nginx
etag
W/"5d893779-18f"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
wp-embed.min.js
www.staradvertiser.com/wp-includes/js/ 		1 KB
947 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.staradvertiser.com/wp-includes/js/wp-embed.min.js?ver=5.8.3
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:27 GMT
content-encoding
br
last-modified
Wed, 06 Jan 2021 15:29:24 GMT
server
nginx
etag
W/"5ff5d754-592"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
slick.js
cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/ 		87 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/slick.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9baa573e4378873b7ac81ccb1d954ce9bb2b1a933947ad3012263ddc604d8505
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:27 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
555999
x-jsd-version
1.8.1
x-cache
HIT, MISS
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19167-FRA, cache-mxp6941-MXP
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"15b7b-XpZQCGXagm+FCTNPA0QivnZitG0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
cf-ray
6e05fd598d5e83a9-MXP
popper.min.js
www.staradvertiser.com/wp-content/themes/staradvertiser/js/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.staradvertiser.com/wp-content/themes/staradvertiser/js/popper.min.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
a52f7aa54d7bcaafa056ee0a050262dfc5694ae28dee8b4cac3429af37ff0d66

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:27 GMT
content-encoding
br
last-modified
Mon, 23 Sep 2019 21:22:01 GMT
server
nginx
etag
W/"5d893779-4af4"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
bootstrap.min.js
cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.0.0/js/ 		48 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.0.0/js/bootstrap.min.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:27 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1419678
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
11522
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:17:20 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb04010-bf30"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PTJOAOHazFnvva5GXNqTmfn7qVrSOzvSULkeagvnvNL%2FydqDRAnEEsgRCAHpGwZ697aaKHlaDnwBfjYdXaA6aI8DSGZdrzmOiT1bij24JfvThjOcTxDAmdxFJEFoBP0v1vbwUovuxCWbXZatyIuvehOo"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6e05fd598bb359e9-MXP
expires
Fri, 10 Feb 2023 07:23:27 GMT
prefixfree.min.js
cdnjs.cloudflare.com/ajax/libs/prefixfree/1.0.7/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/prefixfree/1.0.7/prefixfree.min.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
19a28e2d74e7eee25716e5a9e7bba44191ae28ada05995a5107d7a85cea3054f
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:27 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
5726724
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2135
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:15:38 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03faa-16f4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=djgRqbPmzcuB6%2Bg0SPQ14KD0pBJvphfFBPiI0V0tNbjrP1ke3OrbegTu8P8P3qweIqbo%2BjBAB2%2Bdp8F7LWH0TXspB2PQ4MgxUokT4QIK9k5xdazNMrHlJmt%2FJhht2F1lsF80ODM0OdlOdAOxyghoKahp"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6e05fd598bb459e9-MXP
expires
Fri, 10 Feb 2023 07:23:27 GMT
hawaiian-text.js
www.staradvertiser.com/wp-content/themes/staradvertiser/js/ 		915 B
427 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.staradvertiser.com/wp-content/themes/staradvertiser/js/hawaiian-text.js?v3
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
27a248eda1fdeed115a09b6721edd068770883206d013e5b493a12aab50a7c41

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:27 GMT
content-encoding
br
last-modified
Mon, 23 Sep 2019 21:22:01 GMT
server
nginx
etag
W/"5d893779-393"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
custom-author.cmd-hsa-minified.1642203097.js
www.staradvertiser.com/wp-content/themes/staradvertiser/js/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.staradvertiser.com/wp-content/themes/staradvertiser/js/custom-author.cmd-hsa-minified.1642203097.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
33c002e144d2f01a2b5ed89a40dca710f0ac4d04fe7e3ca0ccfedf93e4adbb63

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:27 GMT
content-encoding
br
last-modified
Fri, 14 Jan 2022 23:31:42 GMT
server
nginx
etag
W/"61e207de-29cf"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
pwt.js
ads.pubmatic.com/AdServer/js/pwt/160074/3146// 		169 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/pwt/160074/3146//pwt.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
5022fcf9de86b31fb30f480f4aa29fe96298d33242f5455a778da9f3079550b9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:27 GMT
content-encoding
gzip
last-modified
Thu, 30 Sep 2021 19:22:25 GMT
server
Apache/2.2.15 (CentOS)
etag
"11c1a63-2a268-5cd3b5de565d2"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
public, max-age=66900
accept-ranges
bytes
content-type
text/javascript
content-length
55348
expires
Mon, 21 Feb 2022 01:58:27 GMT
apstag.js
c.amazon-adsystem.com/aax2/ 		134 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.250.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-250-78.fra6.r.cloudfront.net
Software
Server /
Resource Hash
784acd540b5fcfb87c47dfe12e5311084ce692366a2ac196fd5cc8eb28ff4c23

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:22:42 GMT
content-encoding
gzip
age
44
x-cache
Hit from cloudfront
timing-allow-origin
*
server
Server
x-amz-rid
12AJZT2HNTNTRN9XWCBQ
etag
c1da564f59b83b9805e8df92eca012f5
vary
Accept-Encoding
x-amz-version-id
GtBleBshAfJx9KFXwg43LDlo50FXi9le
via
1.1 f038e7175be9761825b2eefc2b0a832e.cloudfront.net (CloudFront)
cache-control
public, max-age=900
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
zhMUEjGVLF9puz1a47Lgw_ZvmoHXQyFSUnU1tw7rJsx4GV4ZgBTcDA==
gpt.js
www.googletagservices.com/tag/js/ 		82 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0e231b4bc0f1396059c46b683932a8fdf64d7665ff4b4beebfa16d4c1d2614f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27499
x-xss-protection
0
server
sffe
etag
"1137 / 18 of 1000 / last-modified: 1645225517"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 20 Feb 2022 07:23:27 GMT
prebid4.15.0.js
www.staradvertiser.com/wp-content/themes/staradvertiser/js/ 		196 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.staradvertiser.com/wp-content/themes/staradvertiser/js/prebid4.15.0.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
d2be56cea1a4dcdfe58a21865c56188678e70e0cb288a965f649829ad71d467d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:27 GMT
content-encoding
br
last-modified
Tue, 16 Feb 2021 02:08:00 GMT
server
nginx
etag
W/"602b2900-3117a"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
p.css
p.typekit.net/ 		5 B
181 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://p.typekit.net/p.css?s=1&k=wsl8gsu&ht=tk&f=139.140.175.176.28494.28496.28497.28498&a=84346937&app=typekit&e=css
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/wsl8gsu.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:5f80:a::b212:e7c0 , Russian Federation, ASN50952 (DATAIX-AS Peering Ltd., RU),
Reverse DNS
Software
nginx /
Resource Hash
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://use.typekit.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:27 GMT
last-modified
Fri, 10 Sep 2021 23:46:21 GMT
server
nginx
etag
"613bee4d-5"
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
5
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
4715
date
Sun, 20 Feb 2022 06:04:52 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Sun, 20 Feb 2022 08:04:52 GMT
aam.js
aamcftag.aamsitecertifier.com/ 		74 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aamcftag.aamsitecertifier.com/aam.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:224a:6600:14:c3e7:6780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c1a476b3442043756f97fc98c480c06c65c74207e12ae6ba150eee21d7eed067

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 04:05:58 GMT
content-encoding
gzip
last-modified
Mon, 01 Feb 2021 19:46:45 GMT
server
AmazonS3
age
12405
etag
"d01602293dda6546ca8f8ededd0e44e8"
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 27a205ba0937fb032aa2efb66ec66a80.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-P1
accept-ranges
bytes
content-length
25648
x-amz-cf-id
KqaGgj-F75719spA7xNa7V01_S7pCOlaCsTbByzdo6TkV0MvsmegUA==
x-amz-meta-s3b-last-modified
20210201T194158Z
134cd2a0-7eab-4f89-ad56-f416cc5743c6.js
d2na2p72vtqyok.cloudfront.net/client-embed/ 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d2na2p72vtqyok.cloudfront.net/client-embed/134cd2a0-7eab-4f89-ad56-f416cc5743c6.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.66.242.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-242-20.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b6635617488fc4222e37a13cdbf287ad4ce92706f3a97c5c23b9f8d10e33c069

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id
iI2kFJB6Pj_R15TLJps4aq9Rz4Z4f2NW
Content-Encoding
gzip
ETag
W/"b1e3d9e44cf1c9b4e3a9f3acabad1361"
Age
50056
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Mon, 14 Feb 2022 17:56:45 GMT
Server
AmazonS3
Date
Sat, 19 Feb 2022 17:29:13 GMT
Vary
Accept-Encoding
Content-Type
application/javascript
Via
1.1 5bbaa27b453dc834289b91c14bbb4934.cloudfront.net (CloudFront)
Cache-Control
max-age=60
X-Amz-Cf-Pop
DUS51-P1
X-Amz-Cf-Id
Xge8Fdt29Td5T14k-cJg-DIK1A07Kakq3FCrqTOLf1lnUi_lWDvU4Q==
beacon.js
sb.scorecardresearch.com/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-3.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:22:00 GMT
content-encoding
gzip
etag
W/"1827f116c73f319409b97f10b8a58ade"
last-modified
Fri, 26 Feb 2021 14:35:05 GMT
server
AmazonS3
age
93
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 560d8d35213ac925f8d05c5730db1582.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
x-amz-cf-id
mm8O0vN84j99UeBWdWxZxT3SzF3T7nGbu4184LiuGRFc8EiX7qcl1A==
fbevents.js
connect.facebook.net/en_US/ 		99 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
27bcdc67e32fef9bdd86b785b1bafadd7f6915c49f6b49bed86bfbddf414b2f8
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
26236
x-xss-protection
0
pragma
public
x-fb-debug
TepFCoi/t1thP9Yt8ITvSWmhrX6A/p643qwUKZX9hC6jHqWgO7SrDX+nPg1tGB4Lfhle9l7v0ObWu+7ZlI30PA==
x-fb-trip-id
686109401
x-frame-options
DENY
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Sun, 20 Feb 2022 07:23:27 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
expires
Sat, 01 Jan 2000 00:00:00 GMT
v2yvtUP-JFtbX5bUPvWOzjvArVQfAbB2CNRcIlDVCHGmQKKtMHHkNPqw
lorenzourban.com/ 		89 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lorenzourban.com/v2yvtUP-JFtbX5bUPvWOzjvArVQfAbB2CNRcIlDVCHGmQKKtMHHkNPqw
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.96.133 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
133.96.201.35.bc.googleusercontent.com
Software
/
Resource Hash
b6146e21cf454aea82492ee74d67bcc9fdd67204c279a457b88c851de2fe2594
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; preload
content-encoding
br
x-datacenter
gce-europe-west1
etag
"2501beee8f5a77daf9d21e9af6f67d542a8f04db21b5feb6022b4188c18ed9bc"
vary
Accept-Encoding, Accept-Language
x-hostname
fen-hoothoot-europe-west1-spot-kh86
content-type
text/javascript; charset=utf-8
cache-control
private, must-revalidate, max-age=21600
date
Sun, 20 Feb 2022 07:23:28 GMT
x-buildnumber
473687343
timing-allow-origin
*
gtm.js
www.googletagmanager.com/ 		108 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WTV5NMZ
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
efd1c3714507d714b75a760e02ce29028e9e5e9c8e795e15611114c1017ba3fa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:28 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41793
x-xss-protection
0
last-modified
Sun, 20 Feb 2022 06:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 20 Feb 2022 07:23:28 GMT
wp-emoji-release.min.js
www.staradvertiser.com/wp-includes/js/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.staradvertiser.com/wp-includes/js/wp-emoji-release.min.js?ver=5.8.3
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:27 GMT
content-encoding
br
last-modified
Tue, 08 Jun 2021 22:15:12 GMT
server
nginx
etag
W/"60bfebf0-4705"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
bg-ad-black.png
www.staradvertiser.com/wp-content/themes/staradvertiser/images/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.staradvertiser.com/wp-content/themes/staradvertiser/images/bg-ad-black.png
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/wp-content/themes/staradvertiser/css/sa-style-2018.css?version=1.88
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
c6d36a345aad21002e4db0c4578eba8e9979a61c22f112f55ac95c166cabdaf9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/wp-content/themes/staradvertiser/css/sa-style-2018.css?version=1.88
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:27 GMT
last-modified
Mon, 23 Sep 2019 21:22:01 GMT
server
nginx
etag
"5d893779-40b"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
1035
fa-solid-900.woff2
use.fontawesome.com/releases/v5.0.10/webfonts/ 		43 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.0.10/webfonts/fa-solid-900.woff2
Requested by
Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.0.10/css/all.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb7aa6b06aa5a8eea3670662c4b0c37104041c14575fc170dc48677a0506a33a

Request headers

Referer
https://use.fontawesome.com/releases/v5.0.10/css/all.css
Origin
https://www.staradvertiser.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:27 GMT
access-control-allow-methods
GET
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
266813
cf-ray
6e05fd595ea683ba-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44068
x-amz-id-2
sMrF6iWaXgoZDrQd6IHcFnCfkRFIPMbmgnQjF6t6sYnB8ABacdQR8Vf6HQ7FvVI3UAmnWFp6gog=
last-modified
Wed, 30 Jun 2021 15:27:03 GMT
server
cloudflare
etag
"84f351b3972185aed620f78489e48b2d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aqxcO1ViZAo%2FviSCzjuQDJdZs48%2FQu6Wf%2FhtGu%2FSOOYfNnkDkwnR4SGe9jf%2BPFiNcxmMiH0vNHvIMkRML7iI9L185g%2F1ysCLdHAezD%2BfjEVmmXyKgtMtbKdW3CjHwc5jBxrZoEUUD39zP4MLcldqgMpL"}],"group":"cf-nel","max_age":604800}
x-amz-request-id
ZJGNQRSTZ0M6H5BN
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
content-type
font/woff2
bg-ad.png
www.staradvertiser.com/wp-content/themes/staradvertiser/images/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.staradvertiser.com/wp-content/themes/staradvertiser/images/bg-ad.png
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/wp-content/themes/staradvertiser/css/sa-style-2018.css?version=1.88
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
05488f9b88e6509afa4c9438d1352309aee2b020a508c76d66f5691f03824ff1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/wp-content/themes/staradvertiser/css/sa-style-2018.css?version=1.88
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:27 GMT
last-modified
Mon, 23 Sep 2019 21:22:01 GMT
server
nginx
etag
"5d893779-3ac5"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
15045
fa-regular-400.woff2
use.fontawesome.com/releases/v5.0.10/webfonts/ 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.0.10/webfonts/fa-regular-400.woff2
Requested by
Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.0.10/css/all.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d2cdb4f2ed4b585d772068df75c01d0a360d45d27294188fccf5ceb4255fdc83

Request headers

Referer
https://use.fontawesome.com/releases/v5.0.10/css/all.css
Origin
https://www.staradvertiser.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:27 GMT
access-control-allow-methods
GET
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6838362
cf-ray
6e05fd597eef83ba-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
12216
x-amz-id-2
sYRWODIhhHl0ZXqtAD+7kXl/BbJU4CR/Q8T5Gygt5SDrolFvT23qtGpNx0KNIJ2fXu3j1tUYh7A=
last-modified
Wed, 30 Jun 2021 15:27:03 GMT
server
cloudflare
etag
"12717b4a013de862452c4ffcf4e1c264"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ta78L%2F%2FvOaucV6tdaq5%2FfuQO8fFZ7vkcLZ0mSFil5sInFCnAoHn%2BHyKmO76fG92Pq2tci3SXTTio6r0LefPcR653wbgYDncQNpwJDLhjouh%2FXVel6FNBiGSfLdA3PVsWp7RZ%2BiTCrRFs3NS7zN5b0khA"}],"group":"cf-nel","max_age":604800}
x-amz-request-id
Z9HMGHCVK8K9SZWF
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
content-type
font/woff2
l
use.typekit.net/af/65a133/00000000000000003b9adc1a/27/ 		34 KB
34 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/65a133/00000000000000003b9adc1a/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/wsl8gsu.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:5f80:a::b212:e7c0 , Russian Federation, ASN50952 (DATAIX-AS Peering Ltd., RU),
Reverse DNS
Software
nginx /
Resource Hash
c0669f3efd6fb6d4fc87aefdcdd50a0f60cbe3c6e2f9d0c7e01fdfe43596c9d8

Request headers

Referer
https://use.typekit.net/wsl8gsu.css
Origin
https://www.staradvertiser.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:27 GMT
server
nginx
etag
"d1273710b7f550512dbb2ff62d904ba6dde81f28"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
34856
web1_CTY-exec-order-9066-6887.jpg
www.staradvertiser.com/wp-content/uploads/2022/02/ 		40 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.staradvertiser.com/wp-content/uploads/2022/02/web1_CTY-exec-order-9066-6887.jpg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
c5e16accfe3fe9b1626ffcb06dee85818f32ec1301550d731e5dd8322c62efdc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:27 GMT
last-modified
Sat, 19 Feb 2022 08:37:24 GMT
server
nginx
etag
"6210ac44-a0ca"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
41162
web1_CTY-DUKES0177-300x195.jpg
www.staradvertiser.com/wp-content/uploads/2022/02/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.staradvertiser.com/wp-content/uploads/2022/02/web1_CTY-DUKES0177-300x195.jpg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
4fec1e2f5e242292dfbd7e85c4348343a7d509ae91ab09ab6cddffd0e8ec1048

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:27 GMT
last-modified
Sat, 19 Feb 2022 09:34:49 GMT
server
nginx
etag
"6210b9b9-36f5"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
14069
web1_CTY-Opening-Legislature-MAUI-MAYOR-3418-300x199.jpg
www.staradvertiser.com/wp-content/uploads/2022/02/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.staradvertiser.com/wp-content/uploads/2022/02/web1_CTY-Opening-Legislature-MAUI-MAYOR-3418-300x199.jpg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
2762f3937e71053b44bdac4e43b8764be0bf3bb5b5f67827497d30cb7bd6e5b6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:27 GMT
last-modified
Sat, 19 Feb 2022 03:27:03 GMT
server
nginx
etag
"62106387-2228"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
8744
web1_20220219-web-qanon-300x200.jpg
www.staradvertiser.com/wp-content/uploads/2022/02/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.staradvertiser.com/wp-content/uploads/2022/02/web1_20220219-web-qanon-300x200.jpg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
a9b1a3a1f111d31d2055b2a273749688337613925faab6bf73b08dae0ed311b2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:27 GMT
last-modified
Sun, 20 Feb 2022 01:21:51 GMT
server
nginx
etag
"621197af-3236"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
12854
web1_Ubersee-3-300x200.jpg
www.staradvertiser.com/wp-content/uploads/2022/02/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.staradvertiser.com/wp-content/uploads/2022/02/web1_Ubersee-3-300x200.jpg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
3cd7b4becc5b4e90ca6763c7fd1167376a7975610dbada54ce5506674ae7417a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:27 GMT
last-modified
Sat, 19 Feb 2022 08:03:58 GMT
server
nginx
etag
"6210a46e-3c99"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
15513
web1_20220219-web-figure-skaters-300x200.jpg
www.staradvertiser.com/wp-content/uploads/2022/02/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.staradvertiser.com/wp-content/uploads/2022/02/web1_20220219-web-figure-skaters-300x200.jpg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
0c64f9e9a42862411ae74ba3506212eb549c5a3cba567793c622a09b1f18d406

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:27 GMT
last-modified
Sat, 19 Feb 2022 20:02:11 GMT
server
nginx
etag
"62114cc3-1c93"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
7315
web1_Obama-GOA-in-garden-300x200.jpg
www.staradvertiser.com/wp-content/uploads/2022/02/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.staradvertiser.com/wp-content/uploads/2022/02/web1_Obama-GOA-in-garden-300x200.jpg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
8c0565981eb5a20d24d63f5bfeec7ba1a2cc0326698e065f4a1013cad2b3a618

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:27 GMT
last-modified
Sat, 19 Feb 2022 09:19:31 GMT
server
nginx
etag
"6210b623-4477"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
17527
web1_12245969-15bf69c7308c4c0c86bd86c0c61e087e-300x200.jpg
www.staradvertiser.com/wp-content/uploads/2022/02/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.staradvertiser.com/wp-content/uploads/2022/02/web1_12245969-15bf69c7308c4c0c86bd86c0c61e087e-300x200.jpg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
2a57a668e5bf41e41188cd8f8c3f53ca17c6b99e7c4aff660628ffe10a330b24

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:27 GMT
last-modified
Sat, 19 Feb 2022 19:33:52 GMT
server
nginx
etag
"62114620-2167"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
8551
web1_SPT-uhbsb-7666-300x213.jpg
www.staradvertiser.com/wp-content/uploads/2022/02/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.staradvertiser.com/wp-content/uploads/2022/02/web1_SPT-uhbsb-7666-300x213.jpg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
16e47e1514ae507eafc3a63a2687324b3b24a7ebb03338054d270cff9d2b4c4f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:27 GMT
last-modified
Sat, 19 Feb 2022 10:20:57 GMT
server
nginx
etag
"6210c489-37a0"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
14240
web1_SPT-uhmvb-7847-300x204.jpg
www.staradvertiser.com/wp-content/uploads/2022/02/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.staradvertiser.com/wp-content/uploads/2022/02/web1_SPT-uhmvb-7847-300x204.jpg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
24cca7efbc9a80a391cf36c86cd7dacffe4c4dc93aab29bc3e991751f2fd7054

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:27 GMT
last-modified
Sat, 19 Feb 2022 10:08:49 GMT
server
nginx
etag
"6210c1b1-3ee0"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
16096
AP22050142152737-300x200.jpg
www.staradvertiser.com/wp-content/uploads/2022/02/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.staradvertiser.com/wp-content/uploads/2022/02/AP22050142152737-300x200.jpg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
2ba654812c16558059d496548e80457b8597ae034ecdba1dd7f17eb4d2eb13f6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:27 GMT
last-modified
Sat, 19 Feb 2022 06:46:06 GMT
server
nginx
etag
"6210922e-2a69"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
10857
web1_274276757_319980410169863_5963241486407761274_n-2-300x200.jpg
www.staradvertiser.com/wp-content/uploads/2022/02/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.staradvertiser.com/wp-content/uploads/2022/02/web1_274276757_319980410169863_5963241486407761274_n-2-300x200.jpg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
c4f9988fb187ceb87d3fdcb6e273829c9d68dd21884d409a0d36190385f5b89f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:27 GMT
last-modified
Sun, 20 Feb 2022 04:06:24 GMT
server
nginx
etag
"6211be40-2e36"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
11830
web1_SPT-UH-WOMEN-S-BASKETBALL-59-300x214.jpg
www.staradvertiser.com/wp-content/uploads/2022/02/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.staradvertiser.com/wp-content/uploads/2022/02/web1_SPT-UH-WOMEN-S-BASKETBALL-59-300x214.jpg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
b91073161650d3a1903b486d64b05466bdda7ceafaf23f95494527f91fa44cb2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:27 GMT
last-modified
Sun, 20 Feb 2022 05:53:44 GMT
server
nginx
etag
"6211d768-3e19"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
15897
web1_SPT-bows-vulcans-5110-300x206.jpg
www.staradvertiser.com/wp-content/uploads/2022/02/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.staradvertiser.com/wp-content/uploads/2022/02/web1_SPT-bows-vulcans-5110-300x206.jpg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
117e1f8b209d839543a1bbf79e841750966f3e0b7cb55ba0bcb659ca44860d71

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:27 GMT
last-modified
Sat, 19 Feb 2022 23:27:15 GMT
server
nginx
etag
"62117cd3-2e9f"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
11935
web1_2018-EMS-sign-300x200.jpg
www.staradvertiser.com/wp-content/uploads/2022/02/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.staradvertiser.com/wp-content/uploads/2022/02/web1_2018-EMS-sign-300x200.jpg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
914e783ccb9b7d1fc826cc9a5f1f24c8a68f4d626008ca05ca43d3205e4d1843

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:27 GMT
last-modified
Sun, 20 Feb 2022 04:08:25 GMT
server
nginx
etag
"6211beb9-414b"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
16715
web1_12246036-412605245a9147b4b897cd08f712da15-300x200.jpg
www.staradvertiser.com/wp-content/uploads/2022/02/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.staradvertiser.com/wp-content/uploads/2022/02/web1_12246036-412605245a9147b4b897cd08f712da15-300x200.jpg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
820465a45a0fc9606782c387a2a0d5d417e4c91d6afff04b11a60b18c44950ed

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:27 GMT
last-modified
Sat, 19 Feb 2022 20:46:52 GMT
server
nginx
etag
"6211573c-1cb1"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
7345
web1_20220219-web-jet-ski-300x185.jpg
www.staradvertiser.com/wp-content/uploads/2022/02/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.staradvertiser.com/wp-content/uploads/2022/02/web1_20220219-web-jet-ski-300x185.jpg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
3d81ff0711054ae1e44ce4b60541bf26af068765af41211d131027b0132f4770

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:27 GMT
last-modified
Sun, 20 Feb 2022 02:03:52 GMT
server
nginx
etag
"6211a188-2157"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
8535
web1_12245962-6a1490d860b94be79c5e450cab4edda8-300x200.jpg
www.staradvertiser.com/wp-content/uploads/2022/02/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.staradvertiser.com/wp-content/uploads/2022/02/web1_12245962-6a1490d860b94be79c5e450cab4edda8-300x200.jpg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
2016e299fc127b10927ec39bea552104648c4bc9473949451c96743d06f0fbfc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:27 GMT
last-modified
Sat, 19 Feb 2022 19:28:52 GMT
server
nginx
etag
"621144f4-3371"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
13169
web1_12245956-dc6eccaf652b4d40af324b6c221b7b52-300x200.jpg
www.staradvertiser.com/wp-content/uploads/2022/02/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.staradvertiser.com/wp-content/uploads/2022/02/web1_12245956-dc6eccaf652b4d40af324b6c221b7b52-300x200.jpg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
9839e0085a801af6df8e93ab2967a5fcd2640d9c537da2160b2c605e63bed10e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:27 GMT
last-modified
Sat, 19 Feb 2022 19:25:17 GMT
server
nginx
etag
"6211441d-4615"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
17941
web1_12246010-895a5bc2aed94b48b3b5b3592d7fac24-185x250.jpg
www.staradvertiser.com/wp-content/uploads/2022/02/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.staradvertiser.com/wp-content/uploads/2022/02/web1_12246010-895a5bc2aed94b48b3b5b3592d7fac24-185x250.jpg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
7a0041e6fba8fb86423916591e96760803b6f21acf61cf9d0e9df50c12300053

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:27 GMT
last-modified
Sat, 19 Feb 2022 20:21:32 GMT
server
nginx
etag
"6211514c-21ea"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
8682
web1_12245975-38e04d137fc94688be136993e3f85f6a-300x200.jpg
www.staradvertiser.com/wp-content/uploads/2022/02/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.staradvertiser.com/wp-content/uploads/2022/02/web1_12245975-38e04d137fc94688be136993e3f85f6a-300x200.jpg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
eb771d9ac0b48dae76feaff13c89abee4a1705da8345ea33afc0706db6f708ea

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:27 GMT
last-modified
Sat, 19 Feb 2022 19:37:54 GMT
server
nginx
etag
"62114712-36c2"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
14018
web1_12246003-11f49fceb854408390974389968691e2-300x200.jpg
www.staradvertiser.com/wp-content/uploads/2022/02/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.staradvertiser.com/wp-content/uploads/2022/02/web1_12246003-11f49fceb854408390974389968691e2-300x200.jpg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
2ee75722c46f8c4c50778322aa5e3f91b0bed1ddbc32df89525aba8ee2e3c869

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:27 GMT
last-modified
Sat, 19 Feb 2022 20:09:47 GMT
server
nginx
etag
"62114e8b-213f"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
8511
/
www.staradvertiser.com/covid-19-statistics-box/ Frame BEF0 		19 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.staradvertiser.com/covid-19-statistics-box/?version=1.20
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx / WP Engine
Resource Hash
c0f31d7192a9fe2f82063091e40f265cb14ab994a2d60b7520e970e1519ab45d

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/

Response headers

server
nginx
date
Sun, 20 Feb 2022 07:23:27 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding Accept-Encoding Accept-Encoding,Cookie
expires
Thu, 19 Nov 1981 08:52:00 GMT
pragma
no-cache
link
<https://www.staradvertiser.com/wp-api/>; rel="https://api.w.org/" <https://www.staradvertiser.com/wp-api/wp/v2/pages/967553>; rel="alternate"; type="application/json" <https://www.staradvertiser.com/?p=967553>; rel=shortlink <https://www.staradvertiser.com/wp-json>; rel="https://github.com/WP-API/WP-API"
x-powered-by
WP Engine
x-cacheable
SHORT
cache-control
max-age=600, must-revalidate
x-cache
HIT: 31
x-cache-group
normal
content-encoding
br
videoseries
www.youtube.com/embed/ Frame 429E 		211 KB
42 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/videoseries?list=PL4hYTOAQ-Qk4ksml-4NKgz3JafpO-tfY-
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ab37320e79d1aeb68fe01ebdf2ead6c7d012c73466bd197fd5b1e0f294333339
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/

Response headers

content-type
text/html; charset=utf-8
x-content-type-options
nosniff
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Sun, 20 Feb 2022 07:23:27 GMT
strict-transport-security
max-age=31536000
cross-origin-opener-policy-report-only
same-origin; report-to="ATmXEA_XZXH6CdbrmjUzyTbVgxu22C8KYH7NsxKbRt94"
report-to
{"group":"ATmXEA_XZXH6CdbrmjUzyTbVgxu22C8KYH7NsxKbRt94","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_ATmXEA_XZXH6CdbrmjUzyTbVgxu22C8KYH7NsxKbRt94"}]}
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
content-encoding
br
server
ESF
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
loader-sa.jpg
www.staradvertiser.com/wp-content/plugins/cmd-hsa-lazy-load/assets/img/ 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.staradvertiser.com/wp-content/plugins/cmd-hsa-lazy-load/assets/img/loader-sa.jpg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
969c577b1459c03ad78597e6c1f13a836dc74a439e9c17b0094bedf4d312e57a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:27 GMT
last-modified
Mon, 23 Sep 2019 21:22:01 GMT
server
nginx
etag
"5d893779-6cb8"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
27832
jwpsrv.js
ssl.p.jwpcdn.com/player/v/8.24.3/ 		61 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.p.jwpcdn.com/player/v/8.24.3/jwpsrv.js
Requested by
Host: content.jwplatform.com
URL: https://content.jwplatform.com/libraries/ZoPFXSjg.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
aefe09194c600df28a1d55fd7148031678d5d7a19d337d532cb4efcecff81869

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:28 GMT
content-encoding
gzip
age
739
x-cache
HIT
content-length
18658
via
1.1 varnish
x-served-by
cache-mxp6932-MXP
last-modified
Wed, 02 Feb 2022 23:47:03 GMT
server
AmazonS3
x-timer
S1645341808.078241,VS0,VE0
etag
"f50a9a91be4569c9271626978d999b7a"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=900, immutable
accept-ranges
bytes
x-cache-hits
766
gapro.js
ssl.p.jwpcdn.com/player/plugins/gapro/v/2.1.5/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.p.jwpcdn.com/player/plugins/gapro/v/2.1.5/gapro.js
Requested by
Host: content.jwplatform.com
URL: https://content.jwplatform.com/libraries/ZoPFXSjg.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f484bf1727c442651c5fea5fe160504e678aad0a4540fa9e815667ebab0da802

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:28 GMT
content-encoding
gzip
age
12983923
x-cache
HIT
content-length
952
via
1.1 varnish
x-served-by
cache-mxp6932-MXP
last-modified
Mon, 27 Jul 2020 19:53:56 GMT
server
AmazonS3
x-timer
S1645341808.078305,VS0,VE0
etag
"e83d797922d8589456725338a81aa207"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000, immutable
accept-ranges
bytes
x-cache-hits
46161
jwplayer.core.controls.js
ssl.p.jwpcdn.com/player/v/8.24.3/ 		309 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.p.jwpcdn.com/player/v/8.24.3/jwplayer.core.controls.js
Requested by
Host: content.jwplatform.com
URL: https://content.jwplatform.com/libraries/ZoPFXSjg.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5cf7b01e9bad3d3a9da846f6be9bde1e9e50625bc4c0c19ef3f2cc52ab0278b7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:28 GMT
content-encoding
gzip
age
1438334
x-cache
HIT
content-length
81490
via
1.1 varnish
x-served-by
cache-mxp6932-MXP
last-modified
Wed, 02 Feb 2022 23:46:53 GMT
server
AmazonS3
x-timer
S1645341808.078399,VS0,VE0
etag
"a99512d5317fbe4cd7b8949ad229be5a"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000, immutable
accept-ranges
bytes
x-cache-hits
130031
025uSCQm
cdn.jwplayer.com/v2/playlists/ 		14 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jwplayer.com/v2/playlists/025uSCQm
Requested by
Host: content.jwplatform.com
URL: https://content.jwplatform.com/libraries/ZoPFXSjg.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:2e00:1:a3fa:7cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty /
Resource Hash
5dbcc519703132c36d2ff69ede8cdd1b9593e31ac13914828ceacc8b4d8b3d50

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:22:40 GMT
content-encoding
gzip
server
openresty
age
47
x-cache
Hit from cloudfront
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=180, max-stale=180
x-amz-cf-pop
FRA53-C1
content-length
2038
via
1.1 8d31bbd9d6638cdacab37047b8045da4.cloudfront.net (CloudFront)
x-amz-cf-id
hwzOQaALN83R8eHXg2GcD2dOq-wd4zrPPWx9ai3PhqGzvZlbQkCIZg==
expires
Sun, 20 Feb 2022 07:25:40
/
mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/ 		167 B
482 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/?host=staradvertiser.com&domain=staradvertiser.com&path=%2F
Requested by
Host: static.chartbeat.com
URL: https://static.chartbeat.com/js/chartbeat_mab.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:600::714 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
1bdd3e645e5be204ed300083ad58af70cd5eb69e6b4235bc5b6f7e98170951f0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:28 GMT
content-encoding
gzip
x-cache-hits
0
age
0
x-cache
MISS
cross-origin-resource-policy
cross-origin
content-length
128
x-served-by
cache-mxp6945-MXP
access-control-allow-origin
*
x-timer
S1645341808.899793,VS0,VE101
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type
application/json
via
1.1 varnish (Varnish/6.0), 1.1 varnish
cache-control
no-store, no-cache, must-revalidate, max-age=0, s-maxage=0
accept-ranges
bytes
expires
Fri, 18 Feb 2022 07:23:27 GMT
t
jadserve.postrelease.com/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jadserve.postrelease.com/t?ntv_url=https%3A%2F%2Fwww.staradvertiser.com%2F&ntv_mvi
Requested by
Host: s.ntv.io
URL: https://s.ntv.io/serve/load.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.231.120.176 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-231-120-176.compute-1.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
87ad39c8129e7a5cd0f058b927a1fe405a046d92efe25a6cb752ed556dcc75c5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 20 Feb 2022 07:23:28 GMT
content-encoding
gzip
server
nginx/1.12.1
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
text/javascript;charset=UTF-8
content-length
1072
expires
Mon, 1 Jan 1990 12:00:00 GMT
rollbar.min.js
cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.4.6/ 		61 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.4.6/rollbar.min.js
Requested by
Host: origami.secure.ownlocal.com
URL: https://origami.secure.ownlocal.com/origami-widget.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e2d476a3da7d96d989379c7fb3be5ed4595a5dcdf7164cda8b5ecf0ed9a39fe
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.staradvertiser.com/
Origin
https://www.staradvertiser.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:27 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
702840
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
17086
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:16:01 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03fc1-f4a1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xbk9BJwSNLZfLFjoj5uezp28mHUHNIwjIteLNzgm2XqkHJoiN3uCU5bNf5hkeshEh6RNEJnCEFGPYezX0C0LdZPbKCwXSUsuQjUUzhIDQmhcjCmK2vUxWCt2WAukGjMYa%2FtcYaoqcA%2F%2FVwmPPN0axIux"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6e05fd5b6fcf5a3d-MXP
expires
Fri, 10 Feb 2023 07:23:27 GMT
provider.hlsjs.js
ssl.p.jwpcdn.com/player/v/8.24.3/ 		387 KB
111 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.p.jwpcdn.com/player/v/8.24.3/provider.hlsjs.js
Requested by
Host: content.jwplatform.com
URL: https://content.jwplatform.com/libraries/ZoPFXSjg.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2bfe57a23d8ef229c88a3d24babf237122d897f8f6f43e69c6cc4ebe14896687

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:28 GMT
content-encoding
gzip
age
1438391
x-cache
HIT
content-length
113210
via
1.1 varnish
x-served-by
cache-mxp6932-MXP
last-modified
Wed, 02 Feb 2022 23:46:58 GMT
server
AmazonS3
x-timer
S1645341808.079057,VS0,VE0
etag
"ba7d083531c284e20d19b93345e56932"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000, immutable
accept-ranges
bytes
x-cache-hits
133708
cleanslate.min.css
cdnjs.cloudflare.com/ajax/libs/cleanslate/0.10.1/ 		14 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/cleanslate/0.10.1/cleanslate.min.css
Requested by
Host: widgets.recruitology.com
URL: https://widgets.recruitology.com/scripts/gD12H3oM9Iqch4Y2IgeBpEqQnAvfOv.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
69f0e66de394788011c9e0d5fcf53f1a0feb32aba17b18c4c78612cd92adb44f
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:27 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1414791
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2379
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:09:12 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e28-38a2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u6S1%2F5deb7gxA8W8k98PiI1acRq5qOFKhzZl1kLQI%2FuA46PZW8ruz34%2FKhwwMOu%2BHQQdA5S%2FZQo5kScC9nyi3vvPvhMQHl5IpKlhGwJGKQPPTCrmvpXH%2BjeTdsG7wcgLZJ5oFdTlaYUoVHmanxAKzrza"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6e05fd5b6b3d0f72-MXP
expires
Fri, 10 Feb 2023 07:23:27 GMT
css
fonts.googleapis.com/ 		8 KB
709 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,600,700
Requested by
Host: widgets.recruitology.com
URL: https://widgets.recruitology.com/scripts/gD12H3oM9Iqch4Y2IgeBpEqQnAvfOv.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
5195579e675db39e47a19d4925ea466868ed0558d68d9a9b9e7c02c7b7e4008d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 20 Feb 2022 06:27:54 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sun, 20 Feb 2022 07:23:27 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 20 Feb 2022 07:23:27 GMT
search-bar-autocomplete.css
widgets.recruitology.com/lib/ 		809 B
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://widgets.recruitology.com/lib/search-bar-autocomplete.css
Requested by
Host: widgets.recruitology.com
URL: https://widgets.recruitology.com/scripts/gD12H3oM9Iqch4Y2IgeBpEqQnAvfOv.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-125.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f78e3422084b9a403f0d1fe0657cc8464a8b9ed4535a374608974e70539422a3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:29 GMT
via
1.1 21da0a66bafe2c8de8be4a4d8039346a.cloudfront.net (CloudFront)
last-modified
Mon, 24 Apr 2017 21:04:29 GMT
server
AmazonS3
x-amz-cf-pop
FRA6-C1
etag
"94c4aff69d9031d7ac28ab2f706d8ff0"
vary
Origin
x-cache
RefreshHit from cloudfront
content-type
text/css
accept-ranges
bytes
content-length
809
x-amz-cf-id
Z7akLMn6rtIldhwTYmAyyBHWJmzQBVD_3txshBxKF9w0YR2Fa-kB3g==
auto-complete.min.js
widgets.recruitology.com/lib/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.recruitology.com/lib/auto-complete.min.js
Requested by
Host: widgets.recruitology.com
URL: https://widgets.recruitology.com/scripts/gD12H3oM9Iqch4Y2IgeBpEqQnAvfOv.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-125.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ba1bfdef6fd715d9b9c3d6f09f1d1c46ae3e1abf8344750c22af4e57d1f7ee31

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:29 GMT
content-encoding
br
last-modified
Mon, 24 Apr 2017 21:04:29 GMT
server
AmazonS3
x-amz-cf-pop
FRA6-C1
etag
W/"0731475e6a55c38b7ff6cd23c98c121f"
vary
Accept-Encoding, Origin
x-cache
RefreshHit from cloudfront
content-type
application/javascript
via
1.1 21da0a66bafe2c8de8be4a4d8039346a.cloudfront.net (CloudFront)
x-amz-cf-id
kOZFs6ycS4r6e6Q7dY3EFIIo1LjsCRWGkjueltB41zwWsKqcLXMjTw==
fa-briefcase.png
recruitology-static.s3.amazonaws.com/static/images/ 		835 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://recruitology-static.s3.amazonaws.com/static/images/fa-briefcase.png
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.196.89 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
982fd78f58ce2a94e199e5b624969a8e7261b31955160fce4d1ea98bb36bafb0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Sun, 20 Feb 2022 07:23:29 GMT
Last-Modified
Fri, 23 Jul 2021 13:24:54 GMT
Server
AmazonS3
x-amz-request-id
CRS1QW52H4VNDJPH
ETag
"6b0ea0515ba755249bf5d4a22b41805e"
Content-Type
image/png
Cache-Control
max-age=3600
Accept-Ranges
bytes
Content-Length
835
x-amz-id-2
dD+nne8GxK/1itlHPJaQAdQqZdlDa498GxBBJ9uuccmXaaRAoK4wDP7x+JE3oIaTmRKlelHjHq8=
fa-location-arrow.png
recruitology-static.s3.amazonaws.com/static/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://recruitology-static.s3.amazonaws.com/static/images/fa-location-arrow.png
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.196.89 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
a3d2e1e7066775143da6681809d6f2c359736315cbc6457e1faacf8647f3e4b9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Sun, 20 Feb 2022 07:23:29 GMT
Last-Modified
Fri, 23 Jul 2021 13:24:54 GMT
Server
AmazonS3
x-amz-request-id
CRS8BWZ7M947E2K0
ETag
"afb85cfd6600a866bb3ab634a12b73ca"
Content-Type
image/png
Cache-Control
max-age=3600
Accept-Ranges
bytes
Content-Length
1152
x-amz-id-2
EJbJzLgSXH4hkUqjPDoE32+nP7xdUC7ftkIvpFJRG9lZ/xakXizgSSJhURv2QFtUrMVXYdZg3Wc=
fa-search.png
recruitology-static.s3.amazonaws.com/static/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://recruitology-static.s3.amazonaws.com/static/images/fa-search.png
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.196.89 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
f7008fb6ed25a1eedb24388fa3f2024f7be118b310d492699dcb6b3ccf06cead

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Sun, 20 Feb 2022 07:23:29 GMT
Last-Modified
Fri, 23 Jul 2021 13:24:53 GMT
Server
AmazonS3
x-amz-request-id
CRSCQW9BR469XMFZ
ETag
"1a48a4475bcc37e8866403c27000c83d"
Content-Type
image/png
Cache-Control
max-age=3600
Accept-Ranges
bytes
Content-Length
1212
x-amz-id-2
7iZbyDiTPPUn2F5U1TUEU7B120lUxTybu/+2MrMDuHmOvlKFwWn7GqEBlYQBmCikuJxn0jnE4WA=
sid
mug.criteo.com/
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.staradvertiser.com%2F&domain=www.staradvertiser.com&cw=1&lsw=1
  • https://mug.criteo.com/sid?cpp=DPMAxXx5OS9pUVVWaUp1MmVZY2szUlJxNTA0Ulk0b3RtL0pES1RuSnFaNUdMYjgxMCtVTFBCZTUrNkhlb0VaeFRzSW8vMXJNcHhYMnZBcGVTeGxGaEZZSURVSnZVWU15Yys1SEZUZi93MzM3QSs0SWpnd0dmd29la2VmN2...
358 B
625 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=DPMAxXx5OS9pUVVWaUp1MmVZY2szUlJxNTA0Ulk0b3RtL0pES1RuSnFaNUdMYjgxMCtVTFBCZTUrNkhlb0VaeFRzSW8vMXJNcHhYMnZBcGVTeGxGaEZZSURVSnZVWU15Yys1SEZUZi93MzM3QSs0SWpnd0dmd29la2VmN2VvK254aWptT0h0NHRicy9MTHpESlMxS0JneFdTc0ZpQUtvUlVhR1prMGp6S0U1ZldhZTBOUis4TE4vNUpZMlJrd3I1dFY1b0hmeDdlK0xYMmM4czVrYVN0TjM0Qmg2eEx3cDBiYnlwVlZyVU03cTIzdmwxODJJNlpFdDlmZEY2NE9aa2VwTEE3fA&cppv=2
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
b79246726fd5a7f0fedb0161908e184e994411ac37a147a29e3636a8f3ec0114
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 20 Feb 2022 07:23:27 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2742
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Sun, 20 Feb 2022 07:23:27 GMT
location
https://mug.criteo.com/sid?cpp=DPMAxXx5OS9pUVVWaUp1MmVZY2szUlJxNTA0Ulk0b3RtL0pES1RuSnFaNUdMYjgxMCtVTFBCZTUrNkhlb0VaeFRzSW8vMXJNcHhYMnZBcGVTeGxGaEZZSURVSnZVWU15Yys1SEZUZi93MzM3QSs0SWpnd0dmd29la2VmN2VvK254aWptT0h0NHRicy9MTHpESlMxS0JneFdTc0ZpQUtvUlVhR1prMGp6S0U1ZldhZTBOUis4TE4vNUpZMlJrd3I1dFY1b0hmeDdlK0xYMmM4czVrYVN0TjM0Qmg2eEx3cDBiYnlwVlZyVU03cTIzdmwxODJJNlpFdDlmZEY2NE9aa2VwTEE3fA&cppv=2
strict-transport-security
max-age=31536000; preload;
access-control-allow-methods
GET
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.staradvertiser.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1912
content-length
509
expires
0
email-signup-bg2.gif
www.staradvertiser.com/wp-content/themes/staradvertiser/images/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.staradvertiser.com/wp-content/themes/staradvertiser/images/email-signup-bg2.gif
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/wp-content/themes/staradvertiser/css/sa-style-2018.css?version=1.88
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
21ae863e166094b37618bb195db2b44719d89ea2f7748b02ef140c6ed03f0370

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/wp-content/themes/staradvertiser/css/sa-style-2018.css?version=1.88
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:27 GMT
last-modified
Sat, 12 Oct 2019 02:20:59 GMT
server
nginx
etag
"5da1388b-4158"
vary
Accept-Encoding
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
16728
recaptcha__de.js
www.gstatic.com/recaptcha/releases/1B_yv3CBEV10KtI2HJ6eEXhJ/ 		358 KB
142 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/1B_yv3CBEV10KtI2HJ6eEXhJ/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6LdAlLwUAAAAABkgsamHb8lqNqVqvZQKWYXKl57b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ee5d8f682805ed45d8c9ff24941a1ad286763bf61e23fde210d41e5016607106
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.staradvertiser.com/
Origin
https://www.staradvertiser.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 19 Feb 2022 10:01:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
76907
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
144945
x-xss-protection
0
last-modified
Mon, 14 Feb 2022 05:01:42 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 19 Feb 2023 10:01:41 GMT
chartbeat.js
static.chartbeat.com/js/ 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.chartbeat.com/js/chartbeat.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2134:c000:18:1fcd:34f:cdc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e2c28f3e8b6a2e5170859e67cff3e8240e6b888d02005306ef3d2129f5cbd74c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:06:39 GMT
content-encoding
gzip
last-modified
Thu, 03 Feb 2022 22:23:33 GMT
server
nginx
age
1008
etag
W/"61fc55e5-8e96"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
via
1.1 69f8ad486723f285e484ce57919faf2e.cloudfront.net (CloudFront)
cache-control
max-age=7200
cross-origin-resource-policy
cross-origin
x-amz-cf-pop
MXP64-C2
x-amz-cf-id
wyVQcxBbMhLJx_Rhb99vm33U9WXCkTepKckTTfFB6HafXABFBmHvoA==
expires
Sun, 20 Feb 2022 09:06:39 GMT
fab.js
ecdn.analysis.fi/static/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ecdn.analysis.fi/static/js/fab.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-116.fra53.r.cloudfront.net
Software
nginx/1.18.0 /
Resource Hash
d8a34aeacc4054bd4e119e538c7eb4956421014f48a9b603d3f9314a7435b5a6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 06:31:14 GMT
content-encoding
gzip
last-modified
Sat, 19 Feb 2022 16:49:44 GMT
server
nginx/1.18.0
age
3135
etag
W/"62111fa8-1090"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
x-amz-cf-pop
FRA53-C1
x-amz-cf-id
jAiTioove4WtjPNOvknE2t5X6X85yWfXGycHzCgHDXCRtLk3XKE1JQ==
via
1.1 a3c2566f9e36ad3cdf79fc6307fcf566.cloudfront.net (CloudFront)
expires
Sun, 20 Feb 2022 07:31:13 GMT
fi_client.js
ecdn.firstimpression.io/ 		347 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ecdn.firstimpression.io/fi_client.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-121.dus51.r.cloudfront.net
Software
nginx/1.18.0 / PHP/7.3.23
Resource Hash
35e61779a97d89f284d8e838b50832061daca6f528a25a972928bc2c06de3cb8
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 06:31:12 GMT
content-encoding
br
age
3136
x-powered-by
PHP/7.3.23
x-cache
Hit from cloudfront
x-xss-protection
0
access-control-allow-origin
*
last-modified
Sun, 20 Feb 2022 06:31:12 UTC
server
nginx/1.18.0
etag
W/"086a27b871f1258335f7647292c1698f"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 6ee47dd27ca379a812104b559e9a5a22.cloudfront.net (CloudFront)
cache-control
max-age=3600
x-amz-cf-pop
DUS51-P1
x-amz-cf-id
S6zqUASBP9Zv6gf8rg4FrwKP-alDD5-Ml8BQm0jXwRxQMvlisFDy9Q==
expires
Sun, 20 Feb 2022 07:31:12 GMT
ppt=10159;g=hsa_formers_jan-2021;gid=31282;ord=7867330276711.124;v=120;ip=217.64.151.29;cuidchk=1
trkn.us/pixel/conv/
Redirect Chain
  • https://trkn.us/pixel/conv/ppt=10159;g=hsa_formers_jan-2021;gid=31282;ord=7867330276711.124;v=120
  • https://trkn.us/pixel/conv/ppt=10159;g=hsa_formers_jan-2021;gid=31282;ord=7867330276711.124;v=120;ip=217.64.151.29;cuidchk=1
42 B
780 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trkn.us/pixel/conv/ppt=10159;g=hsa_formers_jan-2021;gid=31282;ord=7867330276711.124;v=120;ip=217.64.151.29;cuidchk=1
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
HTTP/1.1
Server
52.20.115.1 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-20-115-1.compute-1.amazonaws.com
Software
Apache /
Resource Hash
b2c78c910f5ea29e3a9d223dabc203c055c8708b1fe7d83788b490638126db4d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 20 Feb 2022 07:23:28 GMT
X-Content-Type-Options
nosniff
Last-Modified
Sun, 9 Nov 1980 12:59:00 GMT
Server
Apache
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Cache-Control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Connection
keep-alive
Content-Type
image/gif
Content-Length
42
Expires
Sun, 9 Nov 1980 12:58:00 GMT

Redirect headers

Date
Sun, 20 Feb 2022 07:23:28 GMT
X-Content-Type-Options
nosniff
Server
Apache
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location
/pixel/conv/ppt=10159;g=hsa_formers_jan-2021;gid=31282;ord=7867330276711.124;v=120;ip=217.64.151.29;cuidchk=1
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
0
ats.js
ats.rlcdn.com/ 		109 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ats.rlcdn.com/ats.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-86.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
72c5d10e99c6620a2561415895a84064b5b5616c2b1914602263886be4cdc229

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id
28x_tDvW9kJ.rWgfbdZIcgxbFDdgh9p3
content-encoding
gzip
etag
W/"d7dfa2940a5d5ce3beedd8774c961dd7"
age
10123
x-amz-server-side-encryption
AES256
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:eu-west-1:469675294282:build/ATSLibrary-prod:6fbe2bf4-0d3f-4234-a84e-c584de5ecb5e
x-cache
Hit from cloudfront
x-amz-meta-codebuild-content-md5
8c7650e47b7f894f6ae5a1fc4919cee6
last-modified
Thu, 16 Dec 2021 12:45:56 GMT
server
AmazonS3
date
Sun, 20 Feb 2022 04:34:46 GMT
vary
Accept-Encoding
x-amz-meta-codebuild-content-sha256
ae589a6335869a8948d0172dfafea0c42638763d87ea89591504c580a5c4f6c7
via
1.1 a350f357b825293e306b1b0a2cb490c0.cloudfront.net (CloudFront)
cache-control
must-revalidate,public,max-age=86400
x-amz-cf-pop
FRA6-C1
content-type
application/x-javascript
x-amz-cf-id
Vw9pRnuM7SRtL-46aAHgxlurkCv8OEVitss30erKiTHoKY8U5gG0VA==
hqdefault.jpg
i.ytimg.com/vi/aMIrmB78ed8/ 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi/aMIrmB78ed8/hqdefault.jpg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9bc6380d3386011163277ffdcafd800121660e229e79d69abbeeea8c98479af3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:22:46 GMT
x-content-type-options
nosniff
age
42
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32375
x-xss-protection
0
server
sffe
etag
"1645225216"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/jpeg
cache-control
public, max-age=300
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sun, 20 Feb 2022 07:27:46 GMT
hqdefault.jpg
i.ytimg.com/vi/M-sHceSnDiM/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi/M-sHceSnDiM/hqdefault.jpg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b07b3f8bc0ad363cd83e922c6c5863d9fcd10ef19a52049993dfe5000d23e82
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:17:33 GMT
x-content-type-options
nosniff
age
355
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11365
x-xss-protection
0
server
sffe
etag
"1644459809"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sun, 20 Feb 2022 09:17:33 GMT
bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/ 		141 KB
22 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/bootstrap.min.css
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/prefixfree/1.0.7/prefixfree.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c0f3dcfe93d7e380c290fe4ab838ed8cadff1596d62697f5444be460d1f876d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:27 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
601, 617, 617
age
26190404
cdn-cachedat
2021-04-23 05:58:16
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
timing-allow-origin
*
access-control-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:04 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css; charset=utf-8
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
a2cdf6002e5898310bcc2c0b2e47a44c
cf-ray
6e05fd5b689b59b9-MXP
cdn-requestcountrycode
EG
cdn-requestpullsuccess
True
sa-style-2018.css
www.staradvertiser.com/wp-content/themes/staradvertiser/css/ 		67 KB
15 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.staradvertiser.com/wp-content/themes/staradvertiser/css/sa-style-2018.css?version=1.88
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/prefixfree/1.0.7/prefixfree.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
cb8b1419780ed6f78469a86d286c2668ab0a9e78582797defafc1d7f2762ffb5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:27 GMT
content-encoding
br
last-modified
Tue, 15 Jun 2021 01:44:26 GMT
server
nginx
etag
W/"60c805fa-10c45"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
wsl8gsu.css
use.typekit.net/ 		6 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/wsl8gsu.css
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/prefixfree/1.0.7/prefixfree.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:5f80:a::b212:e7c0 , Russian Federation, ASN50952 (DATAIX-AS Peering Ltd., RU),
Reverse DNS
Software
nginx /
Resource Hash
bf78c9bad3b9a376810a5a12afa3d5a7a3ec5199228f34ee33d8ae13536a5f1f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains;
content-encoding
gzip
server
nginx
date
Sun, 20 Feb 2022 07:23:27 GMT
vary
Accept-Encoding
content-type
text/css;charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
922
all.css
use.fontawesome.com/releases/v5.0.10/css/ 		36 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.0.10/css/all.css
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/prefixfree/1.0.7/prefixfree.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cfac6241dd3aabb5f1552c17501790093015c006a8e13671823c1ff4872beaae

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:27 GMT
content-encoding
br
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
12756850
access-control-allow-methods
GET
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
B36X1BCHCQ732ADZ
x-amz-id-2
20uffz1kDj+aqh3fOgw+IcBHEkwif8F90uXiEgrQdOM9jvm/W6jTyG/26uvoUregVDavczVZqQc=
last-modified
Wed, 30 Jun 2021 15:26:49 GMT
server
cloudflare
etag
W/"d1acb8ad33b1526acbfd3f0028b859b0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q2m7qVuEOo6J11R%2Bfrh96D0CKdZ4YvCakzzfWGS1D5cqK8v7Y9xLW3PC%2B7WuJ99xbEKF3xMLC2u%2FlTl8FUeHU8g%2BPxa9%2FxYqtrbP3oN0LTTPdGKdydijpSqras9n7WI%2FUzyYxCVCgaiYVqdBuYGWsGuq"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31556926
cf-ray
6e05fd5b2cd359f5-MXP
sa-jwplayer.css
www.staradvertiser.com/wp-content/themes/staradvertiser/css/ 		2 KB
869 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.staradvertiser.com/wp-content/themes/staradvertiser/css/sa-jwplayer.css?version=1.0
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/prefixfree/1.0.7/prefixfree.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
6e206304ef613bb43bbad63baeeef8a0fa2c96dc7295c45f025131467c14aee8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:27 GMT
content-encoding
br
last-modified
Mon, 23 Sep 2019 21:22:01 GMT
server
nginx
etag
W/"5d893779-603"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
common.cmd-hsa-minified.1569273721.css
www.staradvertiser.com/wp-content/plugins/hsa-polls/css/ 		502 B
460 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.staradvertiser.com/wp-content/plugins/hsa-polls/css/common.cmd-hsa-minified.1569273721.css?ver=5.8.3
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/prefixfree/1.0.7/prefixfree.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
0e2a560f13627bee0925e5e49243f611d9a4cef76f56f4c96d3d3a6510a1d29c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:27 GMT
content-encoding
br
last-modified
Tue, 04 Feb 2020 19:56:12 GMT
server
nginx
etag
W/"5e39cc5c-1f6"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
style.min.css
www.staradvertiser.com/wp-includes/css/dist/block-library/ 		79 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.staradvertiser.com/wp-includes/css/dist/block-library/style.min.css?ver=5.8.3
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/prefixfree/1.0.7/prefixfree.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
cb16845f3c28284255639a36b2d6fed7a0f10aad38ac166cb8a7c90ee07b4372

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:27 GMT
content-encoding
br
last-modified
Wed, 01 Sep 2021 04:05:58 GMT
server
nginx
etag
W/"612efc26-13abe"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
vfb-style.min.css
www.staradvertiser.com/wp-content/plugins/vfb-pro/public/assets/css/ 		66 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.staradvertiser.com/wp-content/plugins/vfb-pro/public/assets/css/vfb-style.min.css?ver=2019.05.10
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/prefixfree/1.0.7/prefixfree.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
2a03771453248c5eb3ee390d87edddd490ac37484b6a6c95567ffc222fccd107

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:27 GMT
content-encoding
br
last-modified
Wed, 10 Feb 2021 19:20:25 GMT
server
nginx
etag
W/"602431f9-108dd"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
css
fonts.googleapis.com/ 		16 KB
1016 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Source+Sans+Pro%3A300%2C400%2C700%2C300italic%2C400italic%2C700italic%7CBitter%3A400%2C700&subset=latin%2Clatin-ext
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/prefixfree/1.0.7/prefixfree.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d5502471827af86b745c40e045c7ffa3e58fa7ced50fb20ed7e37025a9abfdaf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 20 Feb 2022 06:30:47 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sun, 20 Feb 2022 07:23:27 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 20 Feb 2022 07:23:27 GMT
genericons.css
www.staradvertiser.com/wp-content/themes/staradvertiser/genericons/ 		30 KB
19 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.staradvertiser.com/wp-content/themes/staradvertiser/genericons/genericons.css?ver=3.03
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/prefixfree/1.0.7/prefixfree.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
4d5679eb4ffe764c49e2fb1386bf3ef04139e7a5a9e867da46aa1045374d6925

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:27 GMT
content-encoding
br
last-modified
Mon, 23 Sep 2019 21:22:01 GMT
server
nginx
etag
W/"5d893779-7945"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
style.css
www.staradvertiser.com/wp-content/themes/staradvertiser/ 		0
188 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.staradvertiser.com/wp-content/themes/staradvertiser/style.css?ver=2015-12-08
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/prefixfree/1.0.7/prefixfree.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:27 GMT
last-modified
Mon, 23 Sep 2019 21:22:01 GMT
server
nginx
etag
"5d893779-0"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
0
facets.min.css
www.staradvertiser.com/wp-content/plugins/elasticpress/features/facets/assets/css/ 		789 B
479 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.staradvertiser.com/wp-content/plugins/elasticpress/features/facets/assets/css/facets.min.css?ver=2.5.2
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/prefixfree/1.0.7/prefixfree.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
125b1c5f96e7bd6829d8ce638c463f14c0a78f7cadee45d6ea4584b897aaf1e3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:27 GMT
content-encoding
br
last-modified
Mon, 23 Sep 2019 21:22:01 GMT
server
nginx
etag
W/"5d893779-315"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
cleanslate.min.css
cdnjs.cloudflare.com/ajax/libs/cleanslate/0.10.1/ 		14 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/cleanslate/0.10.1/cleanslate.min.css
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/prefixfree/1.0.7/prefixfree.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
69f0e66de394788011c9e0d5fcf53f1a0feb32aba17b18c4c78612cd92adb44f
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:27 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
2887942
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2379
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:09:12 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e28-38a2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=geUs0srcTeZYiZPf8OLGP8Pigu9Wo3O2d8VXuo3UVLhDK7JM064R12Nfujowfgj2YBy54lxRCADM%2BpUoS0pF6hhl7e8MEblbXtF6oL2rXKQmAQwrWpMlslAXW58zkdNdHT5w9Y8AovO4Iln70TQ0Sqi%2B"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6e05fd5b6fcd5a3d-MXP
expires
Fri, 10 Feb 2023 07:23:27 GMT
css
fonts.googleapis.com/ 		8 KB
709 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,600,700
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/prefixfree/1.0.7/prefixfree.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
5195579e675db39e47a19d4925ea466868ed0558d68d9a9b9e7c02c7b7e4008d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 20 Feb 2022 06:16:37 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sun, 20 Feb 2022 07:23:27 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 20 Feb 2022 07:23:27 GMT
search-bar-autocomplete.css
widgets.recruitology.com/lib/ 		0
0
active_orders
origami.secure.ownlocal.com/api/ 		289 B
320 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://origami.secure.ownlocal.com/api/active_orders?owned_by=11d8bf01-4a0d-42f1-9c82-39f1b7726234
Requested by
Host: origami.secure.ownlocal.com
URL: https://origami.secure.ownlocal.com/origami-widget.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.77.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.77.96.34.bc.googleusercontent.com
Software
nginx/1.17.2 /
Resource Hash
382424c3c506c90ec21cbcaa6c96bca5b1ef2db1c32e81d9cb2fd919973f515e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json
Referer
https://www.staradvertiser.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 google
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
289
x-xss-protection
1; mode=block
x-request-id
e22b4f78-5ccf-4904-9485-f3d1c252c8f8
x-runtime
0.040041
referrer-policy
strict-origin-when-cross-origin
server
nginx/1.17.2
x-frame-options
SAMEORIGIN
date
Sun, 20 Feb 2022 07:23:28 GMT
x-download-options
noopen
access-control-max-age
7200
access-control-allow-methods
GET, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
*
vary
Origin
cache-control
max-age=3600, public
etag
W/"382424c3c506c90ec21cbcaa6c96bca5"
access-control-expose-headers
active_orders
origami.secure.ownlocal.com/api/ 		3 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://origami.secure.ownlocal.com/api/active_orders?owned_by=c46cf15d-1622-4157-8f3f-18b9a61946de
Requested by
Host: origami.secure.ownlocal.com
URL: https://origami.secure.ownlocal.com/origami-widget.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.77.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.77.96.34.bc.googleusercontent.com
Software
nginx/1.17.2 /
Resource Hash
0ef411b723ebbee3f50d098fc294c8161afb90234b5d1406e5b0e7110e55de78
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json
Referer
https://www.staradvertiser.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 google
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
age
2982
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2957
x-xss-protection
1; mode=block
x-request-id
61c3d455-1f14-4479-88fc-5bb2767a361e
x-runtime
0.034062
referrer-policy
strict-origin-when-cross-origin
server
nginx/1.17.2
x-frame-options
SAMEORIGIN
date
Sun, 20 Feb 2022 06:33:45 GMT
x-download-options
noopen
access-control-max-age
7200
access-control-allow-methods
GET, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
*
vary
Origin
cache-control
max-age=3600, public
etag
W/"0ef411b723ebbee3f50d098fc294c816"
access-control-expose-headers
play.png
www.staradvertiser.com/wp-content/plugins/cmd-hsa-dbn-video/include/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.staradvertiser.com/wp-content/plugins/cmd-hsa-dbn-video/include/images/play.png
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
12617a86d84e318f81b68310fb64c66b79059877e1b550d2e7a43472e0c417f2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:27 GMT
last-modified
Mon, 23 Sep 2019 21:22:01 GMT
server
nginx
etag
"5d893779-87d"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
2173
play.png
www.staradvertiser.com/wp-content/plugins/cmd-hsa-video/include/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.staradvertiser.com/wp-content/plugins/cmd-hsa-video/include/images/play.png
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
12617a86d84e318f81b68310fb64c66b79059877e1b550d2e7a43472e0c417f2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:27 GMT
last-modified
Mon, 23 Sep 2019 21:22:01 GMT
server
nginx
etag
"5d893779-87d"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
2173
fa-brands-400.woff2
use.fontawesome.com/releases/v5.0.10/webfonts/ 		54 KB
55 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.0.10/webfonts/fa-brands-400.woff2
Requested by
Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.0.10/css/all.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8562087317b34c4b2ac60e28e272b7b33e37523aacd5f2adba7a4f108e415c6

Request headers

Referer
https://use.fontawesome.com/releases/v5.0.10/css/all.css
Origin
https://www.staradvertiser.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:27 GMT
access-control-allow-methods
GET
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6838361
cf-ray
6e05fd5b3ce559f5-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
55144
x-amz-id-2
xC/1mx9DxtPvMerjqvZJL+Nt9uWTfQXfTcXmZUbURkhmJjWgUrf+Rr6Fn3XR4W5sQEx1sT8RNh8=
last-modified
Wed, 30 Jun 2021 15:27:03 GMT
server
cloudflare
etag
"2ac01f7650b5ab76bfebbc708928929e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sFh1cX97RZwZslhGkQiZKnmmS2gjx9jYqRz97uRI2q3qC4%2B%2BqGbDV8zQJ0xocsh1Nsb6Pb7yIqf6L44YM3I8yzff7nsVoE8hcMF3xl77CVAtWPl4MkiBlCoFC5tBQBj15Ealz1356uN6SFzl%2FaJFNrEx"}],"group":"cf-nel","max_age":604800}
x-amz-request-id
Z9HWVVWSE0XTHD52
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
content-type
font/woff2
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v27/ 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v27/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,600,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.staradvertiser.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 00:14:34 GMT
x-content-type-options
nosniff
age
371333
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44656
x-xss-protection
0
last-modified
Thu, 28 Oct 2021 00:30:43 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 16 Feb 2023 00:14:34 GMT
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.staradvertiser.com%2F&domain=www.staradvertiser.com&cw=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
https://www.staradvertiser.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
content-type
application/json; charset=utf-8
expires
0
access-control-allow-origin
https://www.staradvertiser.com
access-control-allow-headers
content-type
access-control-allow-credentials
true
access-control-allow-methods
GET
server-processing-duration-in-ticks
1450
date
Sun, 20 Feb 2022 07:23:27 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
vary
Accept-Encoding
bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/ 		141 KB
22 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/bootstrap.min.css
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/prefixfree/1.0.7/prefixfree.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c0f3dcfe93d7e380c290fe4ab838ed8cadff1596d62697f5444be460d1f876d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:27 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
601, 617, 617
age
26190404
cdn-cachedat
2021-04-23 05:58:16
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
timing-allow-origin
*
access-control-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:04 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css; charset=utf-8
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
a2cdf6002e5898310bcc2c0b2e47a44c
cf-ray
6e05fd5b98f459b9-MXP
cdn-requestcountrycode
EG
cdn-requestpullsuccess
True
sa-style-2018.css
www.staradvertiser.com/wp-content/themes/staradvertiser/css/ 		67 KB
15 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.staradvertiser.com/wp-content/themes/staradvertiser/css/sa-style-2018.css?version=1.88
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/prefixfree/1.0.7/prefixfree.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
cb8b1419780ed6f78469a86d286c2668ab0a9e78582797defafc1d7f2762ffb5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:27 GMT
content-encoding
br
last-modified
Tue, 15 Jun 2021 01:44:26 GMT
server
nginx
etag
W/"60c805fa-10c45"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
wsl8gsu.css
use.typekit.net/ 		6 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/wsl8gsu.css
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/prefixfree/1.0.7/prefixfree.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:5f80:a::b212:e7c0 , Russian Federation, ASN50952 (DATAIX-AS Peering Ltd., RU),
Reverse DNS
Software
nginx /
Resource Hash
bf78c9bad3b9a376810a5a12afa3d5a7a3ec5199228f34ee33d8ae13536a5f1f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains;
content-encoding
gzip
server
nginx
date
Sun, 20 Feb 2022 07:23:27 GMT
vary
Accept-Encoding
content-type
text/css;charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
922
all.css
use.fontawesome.com/releases/v5.0.10/css/ 		36 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.0.10/css/all.css
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/prefixfree/1.0.7/prefixfree.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cfac6241dd3aabb5f1552c17501790093015c006a8e13671823c1ff4872beaae

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:27 GMT
content-encoding
br
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
12756850
access-control-allow-methods
GET
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
B36X1BCHCQ732ADZ
x-amz-id-2
20uffz1kDj+aqh3fOgw+IcBHEkwif8F90uXiEgrQdOM9jvm/W6jTyG/26uvoUregVDavczVZqQc=
last-modified
Wed, 30 Jun 2021 15:26:49 GMT
server
cloudflare
etag
W/"d1acb8ad33b1526acbfd3f0028b859b0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b1nl6BytJvEwwuLeDQGGIyBCnXCl06LYRct4upiqdrKTu9tCSG3CrXoagmcDZr4INqx6hW6dr9ohUoflOMU65eijCPbhxoTybiDenXW7BnU%2BsDtknKu7bYpUtw8kwUtbCyfgHDCDbpxTzK46hdcrx43T"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31556926
cf-ray
6e05fd5bade559f5-MXP
sa-jwplayer.css
www.staradvertiser.com/wp-content/themes/staradvertiser/css/ 		2 KB
869 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.staradvertiser.com/wp-content/themes/staradvertiser/css/sa-jwplayer.css?version=1.0
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/prefixfree/1.0.7/prefixfree.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
6e206304ef613bb43bbad63baeeef8a0fa2c96dc7295c45f025131467c14aee8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:27 GMT
content-encoding
br
last-modified
Mon, 23 Sep 2019 21:22:01 GMT
server
nginx
etag
W/"5d893779-603"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
common.cmd-hsa-minified.1569273721.css
www.staradvertiser.com/wp-content/plugins/hsa-polls/css/ 		502 B
460 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.staradvertiser.com/wp-content/plugins/hsa-polls/css/common.cmd-hsa-minified.1569273721.css?ver=5.8.3
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/prefixfree/1.0.7/prefixfree.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
0e2a560f13627bee0925e5e49243f611d9a4cef76f56f4c96d3d3a6510a1d29c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:27 GMT
content-encoding
br
last-modified
Tue, 04 Feb 2020 19:56:12 GMT
server
nginx
etag
W/"5e39cc5c-1f6"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
style.min.css
www.staradvertiser.com/wp-includes/css/dist/block-library/ 		79 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.staradvertiser.com/wp-includes/css/dist/block-library/style.min.css?ver=5.8.3
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/prefixfree/1.0.7/prefixfree.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
cb16845f3c28284255639a36b2d6fed7a0f10aad38ac166cb8a7c90ee07b4372

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:27 GMT
content-encoding
br
last-modified
Wed, 01 Sep 2021 04:05:58 GMT
server
nginx
etag
W/"612efc26-13abe"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
vfb-style.min.css
www.staradvertiser.com/wp-content/plugins/vfb-pro/public/assets/css/ 		66 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.staradvertiser.com/wp-content/plugins/vfb-pro/public/assets/css/vfb-style.min.css?ver=2019.05.10
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/prefixfree/1.0.7/prefixfree.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
2a03771453248c5eb3ee390d87edddd490ac37484b6a6c95567ffc222fccd107

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:27 GMT
content-encoding
br
last-modified
Wed, 10 Feb 2021 19:20:25 GMT
server
nginx
etag
W/"602431f9-108dd"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
css
fonts.googleapis.com/ 		16 KB
1016 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Source+Sans+Pro%3A300%2C400%2C700%2C300italic%2C400italic%2C700italic%7CBitter%3A400%2C700&subset=latin%2Clatin-ext
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/prefixfree/1.0.7/prefixfree.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d5502471827af86b745c40e045c7ffa3e58fa7ced50fb20ed7e37025a9abfdaf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 20 Feb 2022 05:43:52 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sun, 20 Feb 2022 07:23:27 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 20 Feb 2022 07:23:27 GMT
genericons.css
www.staradvertiser.com/wp-content/themes/staradvertiser/genericons/ 		30 KB
19 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.staradvertiser.com/wp-content/themes/staradvertiser/genericons/genericons.css?ver=3.03
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/prefixfree/1.0.7/prefixfree.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
4d5679eb4ffe764c49e2fb1386bf3ef04139e7a5a9e867da46aa1045374d6925

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:27 GMT
content-encoding
br
last-modified
Mon, 23 Sep 2019 21:22:01 GMT
server
nginx
etag
W/"5d893779-7945"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
style.css
www.staradvertiser.com/wp-content/themes/staradvertiser/ 		0
188 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.staradvertiser.com/wp-content/themes/staradvertiser/style.css?ver=2015-12-08
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/prefixfree/1.0.7/prefixfree.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:27 GMT
last-modified
Mon, 23 Sep 2019 21:22:01 GMT
server
nginx
etag
"5d893779-0"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
0
facets.min.css
www.staradvertiser.com/wp-content/plugins/elasticpress/features/facets/assets/css/ 		789 B
479 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.staradvertiser.com/wp-content/plugins/elasticpress/features/facets/assets/css/facets.min.css?ver=2.5.2
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/prefixfree/1.0.7/prefixfree.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
125b1c5f96e7bd6829d8ce638c463f14c0a78f7cadee45d6ea4584b897aaf1e3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:27 GMT
content-encoding
br
last-modified
Mon, 23 Sep 2019 21:22:01 GMT
server
nginx
etag
W/"5d893779-315"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
cleanslate.min.css
cdnjs.cloudflare.com/ajax/libs/cleanslate/0.10.1/ 		14 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/cleanslate/0.10.1/cleanslate.min.css
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/prefixfree/1.0.7/prefixfree.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
69f0e66de394788011c9e0d5fcf53f1a0feb32aba17b18c4c78612cd92adb44f
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:27 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
2887942
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2379
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:09:12 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e28-38a2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7UiU2TPILCiMWC8HjBl1AdG661IIOOw8Szrh8bAppHUHOHsdPwUdv9YwPZM4gVYrD63SLk1G5lSXYN8oFxJM0d9ypVKIZT%2B5bp%2FIvtk44WYLtAUDNXGT100pNkhpO4xGYaGx7pCZ5EQhNz%2F7C5RJsM6L"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6e05fd5ba83f5a3d-MXP
expires
Fri, 10 Feb 2023 07:23:27 GMT
css
fonts.googleapis.com/ 		8 KB
709 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,600,700
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/prefixfree/1.0.7/prefixfree.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
5195579e675db39e47a19d4925ea466868ed0558d68d9a9b9e7c02c7b7e4008d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 20 Feb 2022 06:29:22 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sun, 20 Feb 2022 07:23:27 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 20 Feb 2022 07:23:27 GMT
search-bar-autocomplete.css
widgets.recruitology.com/lib/ 		0
0
index.html
origami.secure.ownlocal.com/origami_unit/ 		13 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://origami.secure.ownlocal.com/origami_unit/index.html
Requested by
Host: origami.secure.ownlocal.com
URL: https://origami.secure.ownlocal.com/origami-widget.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.77.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.77.96.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
a20c152c22c67c4d7c8b135742a5ee401c9af423c0b3f42a5f52cb351a52400c

Request headers

Accept
text/html
Referer
https://www.staradvertiser.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 19 Feb 2022 11:05:22 GMT
age
73086
x-guploader-uploadid
ADPycdu8e8RAXLl1Cfw_TflEYKteSdPGFqHNXHilBjGHpSx0P1nFcrm__Y7Z-5sB67RmTjFplDCizBMHI-Vvy1HYl4oUWaHtnQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-meta-surrogate-key
ares-unit-html-production
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13753
accept-ranges
bytes
last-modified
Tue, 10 Nov 2020 14:45:02 GMT
server
UploadServer
etag
"0ac794e2a61ea0f7ec1bc4cf3520238b"
x-goog-hash
crc32c=HivesQ==, md5=CseU4qYeoPfsG8TPNSAjiw==
x-goog-generation
1605019502335578
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=86400
x-goog-stored-content-length
13753
x-goog-meta-surrogate-key-control
max-age=31536000
content-type
text/html
expires
Sun, 20 Feb 2022 11:05:22 GMT
www-player-webp.css
www.youtube.com/s/player/c3125ad0/ Frame 429E 		341 KB
47 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/c3125ad0/www-player-webp.css
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/videoseries?list=PL4hYTOAQ-Qk4ksml-4NKgz3JafpO-tfY-
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4477ee59b97030d6f35483b304d8bd6e71388e45c339d83c22cde5d1dead3d34
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/videoseries?list=PL4hYTOAQ-Qk4ksml-4NKgz3JafpO-tfY-
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 19 Feb 2022 11:39:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
71023
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47760
x-xss-protection
0
last-modified
Thu, 17 Feb 2022 01:18:33 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sun, 19 Feb 2023 11:39:45 GMT
bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/ Frame BEF0 		141 KB
22 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/bootstrap.min.css
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/covid-19-statistics-box/?version=1.20
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c0f3dcfe93d7e380c290fe4ab838ed8cadff1596d62697f5444be460d1f876d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.staradvertiser.com/
Origin
https://www.staradvertiser.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:28 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
601, 617, 617
age
26190405
cdn-cachedat
2021-04-23 05:58:16
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
timing-allow-origin
*
access-control-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:04 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css; charset=utf-8
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
a2cdf6002e5898310bcc2c0b2e47a44c
cf-ray
6e05fd5c3a3c59b9-MXP
cdn-requestcountrycode
EG
cdn-requestpullsuccess
True
sa-style-2018.css
www.staradvertiser.com/wp-content/themes/staradvertiser/css/ Frame BEF0 		67 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.staradvertiser.com/wp-content/themes/staradvertiser/css/sa-style-2018.css?version=1.82
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/covid-19-statistics-box/?version=1.20
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
cb8b1419780ed6f78469a86d286c2668ab0a9e78582797defafc1d7f2762ffb5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/covid-19-statistics-box/?version=1.20
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:28 GMT
content-encoding
br
last-modified
Tue, 15 Jun 2021 01:44:26 GMT
server
nginx
etag
W/"60c805fa-10c45"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
wsl8gsu.css
use.typekit.net/ Frame BEF0 		6 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/wsl8gsu.css
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/covid-19-statistics-box/?version=1.20
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:5f80:a::b212:e7c0 , Russian Federation, ASN50952 (DATAIX-AS Peering Ltd., RU),
Reverse DNS
Software
nginx /
Resource Hash
bf78c9bad3b9a376810a5a12afa3d5a7a3ec5199228f34ee33d8ae13536a5f1f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains;
content-encoding
gzip
server
nginx
date
Sun, 20 Feb 2022 07:23:28 GMT
vary
Accept-Encoding
content-type
text/css;charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
922
all.css
use.fontawesome.com/releases/v5.0.10/css/ Frame BEF0 		36 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.0.10/css/all.css
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/covid-19-statistics-box/?version=1.20
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cfac6241dd3aabb5f1552c17501790093015c006a8e13671823c1ff4872beaae

Request headers

Referer
https://www.staradvertiser.com/
Origin
https://www.staradvertiser.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:28 GMT
content-encoding
br
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
12756851
access-control-allow-methods
GET
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
B36X1BCHCQ732ADZ
x-amz-id-2
20uffz1kDj+aqh3fOgw+IcBHEkwif8F90uXiEgrQdOM9jvm/W6jTyG/26uvoUregVDavczVZqQc=
last-modified
Wed, 30 Jun 2021 15:26:49 GMT
server
cloudflare
etag
W/"d1acb8ad33b1526acbfd3f0028b859b0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pfr%2BJFzDRED%2BY8JdTenC4Dnb83btdZ8mkjFtt8nun%2BLIwmXwrI4e1bZIZThS%2BQcGazxgiVp56pC9Qx5sUvjnJMSsGIYoQcK%2BED7nGhWFB6XwoLKVekPDz9RULxNibJenR3IX0VyBiSLpRP5v4mRU0yGP"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31556926
cf-ray
6e05fd5c3f2359f5-MXP
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/2.1.1/ Frame BEF0 		82 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/2.1.1/jquery.min.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/covid-19-statistics-box/?version=1.20
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 17 Feb 2022 15:41:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
229339
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29671
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 17 Feb 2023 15:41:09 GMT
polyfill.min.js
polyfill.io/v2/ Frame BEF0 		222 B
198 B 		Script
General
Check archive.org
Download Go to
Full URL
https://polyfill.io/v2/polyfill.min.js?features=IntersectionObserver
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/covid-19-statistics-box/?version=1.20
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:e00::282 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
cae897bdde94867960ad284a56b1631296eaceddf5710a2857127ca0aa2777d3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains; preload
content-encoding
br
x-content-type-options
nosniff
content-type
text/javascript; charset=utf-8
age
503709
detected-user-agent
Chrome/98.0.4758
server-timing
HIT, fastly;desc="Edge time";dur=0, HIT, fastly;desc="Edge time";dur=1
content-length
126
referrer-policy
origin-when-cross-origin
last-modified
Mon, 14 Feb 2022 10:57:33 GMT
date
Sun, 20 Feb 2022 07:23:28 GMT
vary
User-Agent, Accept-Encoding
access-control-allow-methods
GET,HEAD,OPTIONS
normalized-user-agent
chrome/98.0.0
access-control-allow-origin
*
cache-control
public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges
bytes
timing-allow-origin
*
common.cmd-hsa-minified.1569273721.css
www.staradvertiser.com/wp-content/plugins/hsa-polls/css/ Frame BEF0 		502 B
460 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.staradvertiser.com/wp-content/plugins/hsa-polls/css/common.cmd-hsa-minified.1569273721.css?ver=5.8.3
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/covid-19-statistics-box/?version=1.20
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
0e2a560f13627bee0925e5e49243f611d9a4cef76f56f4c96d3d3a6510a1d29c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/covid-19-statistics-box/?version=1.20
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:28 GMT
content-encoding
br
last-modified
Tue, 04 Feb 2020 19:56:12 GMT
server
nginx
etag
W/"5e39cc5c-1f6"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
style.min.css
www.staradvertiser.com/wp-includes/css/dist/block-library/ Frame BEF0 		79 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.staradvertiser.com/wp-includes/css/dist/block-library/style.min.css?ver=5.8.3
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/covid-19-statistics-box/?version=1.20
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/covid-19-statistics-box/?version=1.20
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:28 GMT
content-encoding
br
last-modified
Wed, 01 Sep 2021 04:05:58 GMT
server
nginx
etag
W/"612efc26-13abe"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
vfb-style.min.css
www.staradvertiser.com/wp-content/plugins/vfb-pro/public/assets/css/ Frame BEF0 		66 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.staradvertiser.com/wp-content/plugins/vfb-pro/public/assets/css/vfb-style.min.css?ver=2019.05.10
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/covid-19-statistics-box/?version=1.20
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
2a03771453248c5eb3ee390d87edddd490ac37484b6a6c95567ffc222fccd107

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/covid-19-statistics-box/?version=1.20
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:28 GMT
content-encoding
br
last-modified
Wed, 10 Feb 2021 19:20:25 GMT
server
nginx
etag
W/"602431f9-108dd"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
css
fonts.googleapis.com/ Frame BEF0 		16 KB
1016 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Source+Sans+Pro%3A300%2C400%2C700%2C300italic%2C400italic%2C700italic%7CBitter%3A400%2C700&subset=latin%2Clatin-ext
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/covid-19-statistics-box/?version=1.20
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d5502471827af86b745c40e045c7ffa3e58fa7ced50fb20ed7e37025a9abfdaf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 20 Feb 2022 06:40:38 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sun, 20 Feb 2022 07:23:28 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 20 Feb 2022 07:23:28 GMT
genericons.css
www.staradvertiser.com/wp-content/themes/staradvertiser/genericons/ Frame BEF0 		30 KB
19 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.staradvertiser.com/wp-content/themes/staradvertiser/genericons/genericons.css?ver=3.03
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/covid-19-statistics-box/?version=1.20
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
4d5679eb4ffe764c49e2fb1386bf3ef04139e7a5a9e867da46aa1045374d6925

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/covid-19-statistics-box/?version=1.20
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:28 GMT
content-encoding
br
last-modified
Mon, 23 Sep 2019 21:22:01 GMT
server
nginx
etag
W/"5d893779-7945"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
style.css
www.staradvertiser.com/wp-content/themes/staradvertiser/ Frame BEF0 		0
188 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.staradvertiser.com/wp-content/themes/staradvertiser/style.css?ver=2015-12-08
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/covid-19-statistics-box/?version=1.20
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/covid-19-statistics-box/?version=1.20
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:28 GMT
last-modified
Mon, 23 Sep 2019 21:22:01 GMT
server
nginx
etag
"5d893779-0"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
0
facets.min.css
www.staradvertiser.com/wp-content/plugins/elasticpress/features/facets/assets/css/ Frame BEF0 		789 B
479 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.staradvertiser.com/wp-content/plugins/elasticpress/features/facets/assets/css/facets.min.css?ver=2.5.2
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/covid-19-statistics-box/?version=1.20
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
125b1c5f96e7bd6829d8ce638c463f14c0a78f7cadee45d6ea4584b897aaf1e3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/covid-19-statistics-box/?version=1.20
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:28 GMT
content-encoding
br
last-modified
Mon, 23 Sep 2019 21:22:01 GMT
server
nginx
etag
W/"5d893779-315"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
jquery.min.js
www.staradvertiser.com/wp-includes/js/jquery/ Frame BEF0 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.staradvertiser.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/covid-19-statistics-box/?version=1.20
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/covid-19-statistics-box/?version=1.20
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:28 GMT
content-encoding
br
last-modified
Wed, 10 Mar 2021 15:07:24 GMT
server
nginx
etag
W/"6048e0ac-15db1"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
jquery-migrate.min.js
www.staradvertiser.com/wp-includes/js/jquery/ Frame BEF0 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.staradvertiser.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/covid-19-statistics-box/?version=1.20
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/covid-19-statistics-box/?version=1.20
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:28 GMT
content-encoding
br
last-modified
Wed, 18 Nov 2020 09:06:06 GMT
server
nginx
etag
W/"5fb4e3fe-2bd8"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
common.cmd-hsa-minified.1569273721.js
www.staradvertiser.com/wp-content/plugins/hsa-polls/js/ Frame BEF0 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.staradvertiser.com/wp-content/plugins/hsa-polls/js/common.cmd-hsa-minified.1569273721.js?ver=5.8.3
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/covid-19-statistics-box/?version=1.20
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
3596c8db4dfd165d2fa4af70f72fbb7d22caab7c9b7aa1cd7e91af4a663e6a8d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/covid-19-statistics-box/?version=1.20
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:28 GMT
content-encoding
br
last-modified
Tue, 04 Feb 2020 19:56:12 GMT
server
nginx
etag
W/"5e39cc5c-100a"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
longs-logo-v2.png
sa-media.s3.amazonaws.com/images/ Frame BEF0 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sa-media.s3.amazonaws.com/images/longs-logo-v2.png
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/covid-19-statistics-box/?version=1.20
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.196.89 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
638097836bce5402a852fa4c73b205bfc0c65e376d8fb1ccb012d0517c356964

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Sun, 20 Feb 2022 07:23:29 GMT
Last-Modified
Sat, 26 Sep 2020 00:19:06 GMT
Server
AmazonS3
x-amz-request-id
CRS31Z4YJR0RNKQR
ETag
"e27b38173bd2ef423c92bda3df3d96c3"
Content-Type
image/png
x-amz-version-id
GzphI3.O4hiAqawWjBOOp6F3G1kWiWdq
Accept-Ranges
bytes
Content-Length
7277
x-amz-id-2
mXKFr3t9E4XcL5dgvQxglbRK4/VJ/KihfHQas0KAbau0o11rS8Q9B2lIv87mb8Zgpmdfj20iUYY=
frontend.js
www.staradvertiser.com/wp-content/plugins/ad-refresh-control/dist/js/ Frame BEF0 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.staradvertiser.com/wp-content/plugins/ad-refresh-control/dist/js/frontend.js?ver=1.0.5
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/covid-19-statistics-box/?version=1.20
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
3cd0f7339e3fe1e7228f087ed90b78e9fdcbcc1db30e4f228e510ce6bb220f46

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/covid-19-statistics-box/?version=1.20
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:28 GMT
content-encoding
br
last-modified
Fri, 23 Jul 2021 07:01:13 GMT
server
nginx
etag
W/"60fa6939-3583"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
functions.js
www.staradvertiser.com/wp-content/themes/staradvertiser/js/ Frame BEF0 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.staradvertiser.com/wp-content/themes/staradvertiser/js/functions.js?ver=20200320
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/covid-19-statistics-box/?version=1.20
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
3cab875a2a392985fb6bc7269ea092a6b16d208b2ba247cba8bfc0f626d9caac

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/covid-19-statistics-box/?version=1.20
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:28 GMT
content-encoding
br
last-modified
Tue, 24 Mar 2020 19:28:26 GMT
server
nginx
etag
W/"5e7a5f5a-10af"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
underscore.min.js
www.staradvertiser.com/wp-includes/js/ Frame BEF0 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.staradvertiser.com/wp-includes/js/underscore.min.js?ver=1.13.1
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/covid-19-statistics-box/?version=1.20
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
5dacc86b8a64742e60d70192353e5643da219a3f84c0b26cf6116b06b67fff32

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/covid-19-statistics-box/?version=1.20
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:28 GMT
content-encoding
br
last-modified
Thu, 27 May 2021 19:33:19 GMT
server
nginx
etag
W/"60aff3ff-4a84"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
facets.min.js
www.staradvertiser.com/wp-content/plugins/elasticpress/features/facets/assets/js/ Frame BEF0 		399 B
476 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.staradvertiser.com/wp-content/plugins/elasticpress/features/facets/assets/js/facets.min.js?ver=2.5.2
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/covid-19-statistics-box/?version=1.20
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
842542e571b27f1586b2472b0f927e13973b6b47e5d9fe345abfd2436eb24fe6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/covid-19-statistics-box/?version=1.20
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:28 GMT
content-encoding
br
last-modified
Mon, 23 Sep 2019 21:22:01 GMT
server
nginx
etag
W/"5d893779-18f"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
wp-embed.min.js
www.staradvertiser.com/wp-includes/js/ Frame BEF0 		1 KB
947 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.staradvertiser.com/wp-includes/js/wp-embed.min.js?ver=5.8.3
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/covid-19-statistics-box/?version=1.20
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/covid-19-statistics-box/?version=1.20
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:28 GMT
content-encoding
br
last-modified
Wed, 06 Jan 2021 15:29:24 GMT
server
nginx
etag
W/"5ff5d754-592"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
popper.min.js
www.staradvertiser.com/wp-content/themes/staradvertiser/js/ Frame BEF0 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.staradvertiser.com/wp-content/themes/staradvertiser/js/popper.min.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/covid-19-statistics-box/?version=1.20
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
a52f7aa54d7bcaafa056ee0a050262dfc5694ae28dee8b4cac3429af37ff0d66

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/covid-19-statistics-box/?version=1.20
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:28 GMT
content-encoding
br
last-modified
Mon, 23 Sep 2019 21:22:01 GMT
server
nginx
etag
W/"5d893779-4af4"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
bootstrap.min.js
cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.0.0/js/ Frame BEF0 		48 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.0.0/js/bootstrap.min.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/covid-19-statistics-box/?version=1.20
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:28 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
2893256
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
11522
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:17:20 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb04010-bf30"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Rwea%2FwcQ80AKfNmFm4C7JgdFwxDJNTQw6gt8Y6W6a2lfN%2B1XxmtRfPWc%2BZXtCK5RxIcjOPKew8dl6N%2Bcsixa0LjTPg1qyhVKFkG1z60RacZ4tuf55ISzyAauJgBsk0plEb7gtIFHIu4G2tG5gyYvNKIO"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6e05fd5f59960f72-MXP
expires
Fri, 10 Feb 2023 07:23:28 GMT
prefixfree.min.js
cdnjs.cloudflare.com/ajax/libs/prefixfree/1.0.7/ Frame BEF0 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/prefixfree/1.0.7/prefixfree.min.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/covid-19-statistics-box/?version=1.20
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
19a28e2d74e7eee25716e5a9e7bba44191ae28ada05995a5107d7a85cea3054f
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:28 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
10114000
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2135
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:15:38 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03faa-16f4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=On54qo%2FU0RHzqsJQKcZJPAx3ehh9YjHAmpnlk91rqREiPNJ7uG6x7XyBu4IHpLuW5KKu7eZ9DnbV2G4cSNFmAnngiE6vlcKQE3y9odYBa9eukLznL%2Fpyjyk5n42Fpeljs79A9IL1a5yEhiojJR8%2BPFo6"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6e05fd5f59990f72-MXP
expires
Fri, 10 Feb 2023 07:23:28 GMT
collect
www.google-analytics.com/j/ 		4 B
24 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=907291583&t=pageview&_s=1&dl=https%3A%2F%2Fwww.staradvertiser.com%2F&ul=en-us&de=UTF-8&dt=Hawaii%20News%20%7C%20Honolulu%20Star-Advertiser&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=62307304&gjid=1078937323&cid=565048288.1645341808&tid=UA-16272709-1&_gid=1208915351.1645341808&_r=1&_slc=1&z=538989185
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.staradvertiser.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 20 Feb 2022 07:23:28 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.staradvertiser.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl_2022021401.js
securepubads.g.doubleclick.net/gpt/ 		360 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021401.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
sffe /
Resource Hash
8e2dcb9912e96ad6472e010d4e66d67c647dfc385f09d652c1ff8d4d752baf14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 00:35:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
24464
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
123280
x-xss-protection
0
last-modified
Mon, 14 Feb 2022 09:43:42 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 20 Feb 2023 00:35:44 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		398 B
815 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.staradvertiser.com
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
b36242f8baafe46cbe8379817d2534399d0301110d78b73dfa0433d6040536f9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 20 Feb 2022 07:23:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
178
x-xss-protection
0
expires
Sun, 20 Feb 2022 07:23:28 GMT
config
c.amazon-adsystem.com/cdn/prod/ 		0
314 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.staradvertiser.com&pubid=ced4075c-e9ce-4f68-a498-b8a3cd48cc57
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.250.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-250-78.fra6.r.cloudfront.net
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 06:17:18 GMT
via
1.1 f038e7175be9761825b2eefc2b0a832e.cloudfront.net (CloudFront)
server
Server
age
3969
x-cache
Hit from cloudfront
access-control-allow-origin
https://www.staradvertiser.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-pop
FRA6-C1
x-amz-cf-id
wV9FawMGczrmKIMG6pGnjRdf5WcOzCEBdvPsqV0po9bEX1mfJDdOZg==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.250.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-250-78.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id
kI14R7urpxgHjeMWGWlNpVn0IgFose_t
content-encoding
gzip
etag
W/"a4d296427fc806b21335359e398c025c"
age
21224
x-cache
Hit from cloudfront
access-control-max-age
3000
access-control-allow-origin
*
last-modified
Sat, 19 Feb 2022 01:26:04 GMT
server
AmazonS3
date
Sun, 20 Feb 2022 01:29:45 GMT
vary
Origin
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 f0a97a8c56cd2bb79a1739863489ed4c.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
FRA6-C1
x-amz-cf-id
9S7J7dJW44-kI8OnsjhZN-wQ8UrzbU7d_cZvWPVnOzo_QfzHZ0Htfw==
i
aamcf.aamsitecertifier.com/ 		43 B
461 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aamcf.aamsitecertifier.com/i?stm=1645341808157&e=pv&url=https%3A%2F%2Fwww.staradvertiser.com%2F&page=Hawaii%20News%20%7C%20Honolulu%20Star-Advertiser&tv=js-2.9.2-SNAPSHOT&tna=cf&aid=206&p=web&tz=UTC&lang=en-US&cs=UTF-8&f_pdf=1&f_qt=0&f_realp=0&f_wma=0&f_dir=0&f_fla=0&f_java=0&f_gears=0&f_ag=0&f_inpriv=0&f_abd=0&res=1600x1200&cd=24&cookie=1&eid=2b921b8e-3209-4754-9d00-27e0e9dcddcd&dtm=1645341808136&vp=1600x1200&ds=1600x10522&vid=1&sid=7f127b73-075d-4cec-91b1-a28da29b2ece&duid=59fa82ea-b8c6-44d8-98cf-dddd4e421558&fp=2005890712&cx=eyJzY2hlbWEiOiJpZ2x1OmNvbS5zbm93cGxvd2FuYWx5dGljcy5zbm93cGxvdy9jb250ZXh0cy9qc29uc2NoZW1hLzEtMC0wIiwiZGF0YSI6W3sic2NoZW1hIjoiaWdsdTpjb20uZ29vZ2xlLmFuYWx5dGljcy9jb29raWVzL2pzb25zY2hlbWEvMS0wLTAiLCJkYXRhIjp7Il9nYSI6IkdBMS4yLjU2NTA0ODI4OC4xNjQ1MzQxODA4In19XX0
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.166.4.28 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-166-4-28.us-west-2.compute.amazonaws.com
Software
Apache/2.4.51 () OpenSSL/1.0.2k-fips /
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Sun, 20 Feb 2022 07:23:30 GMT
Server
Apache/2.4.51 () OpenSSL/1.0.2k-fips
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 429E 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/videoseries?list=PL4hYTOAQ-Qk4ksml-4NKgz3JafpO-tfY-
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 11:18:05 GMT
x-content-type-options
nosniff
age
417923
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 15 Feb 2023 11:18:05 GMT
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=DPMAxXx5OS9pUVVWaUp1MmVZY2szUlJxNTA0Ulk0b3RtL0pES1RuSnFaNUdMYjgxMCtVTFBCZTUrNkhlb0VaeFRzSW8vMXJNcHhYMnZBcGVTeGxGaEZZSURVSnZVWU15Yys1SEZUZi93MzM3QSs0SWpnd0dmd29la2VmN2VvK254aWptT0h0NHRicy9MTHpESlMxS0JneFdTc0ZpQUtvUlVhR1prMGp6S0U1ZldhZTBOUis4TE4vNUpZMlJrd3I1dFY1b0hmeDdlK0xYMmM4czVrYVN0TjM0Qmg2eEx3cDBiYnlwVlZyVU03cTIzdmwxODJJNlpFdDlmZEY2NE9aa2VwTEE3fA&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
null
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
content-type
application/json; charset=utf-8
expires
0
access-control-allow-origin
null
access-control-allow-headers
content-type
access-control-allow-credentials
true
access-control-allow-methods
GET
server-processing-duration-in-ticks
1188
date
Sun, 20 Feb 2022 07:23:27 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
vary
Accept-Encoding
ares-unit.css
origami.secure.ownlocal.com/origami_unit/production/ Frame 42E6 		43 KB
43 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://origami.secure.ownlocal.com/origami_unit/production/ares-unit.css
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.77.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.77.96.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
9eb5cb26a1730c20ee1a11202c2a06c6cc7ff4312c9c9ee8dd805ded1edbf673

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 19 Feb 2022 17:07:02 GMT
x-goog-meta-goog-reserved-file-mtime
1605019378
age
51386
x-guploader-uploadid
ADPycdsNPaeJbbw0CNtP0cC2DPXPtUbRF8-K0EcbMW1WpXpFX_wHdD46XhB2emv8QjQW2QaodSTtDgt33y0cv5e4zMQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-meta-surrogate-key
ares-unit-bundle-production
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
44190
accept-ranges
bytes
last-modified
Tue, 10 Nov 2020 14:52:03 GMT
server
UploadServer
etag
"ca2d3510261a58fb4fbc8ac0361b8e23"
x-goog-hash
crc32c=1WBR9g==, md5=yi01ECYaWPtPvIrANhuOIw==
x-goog-generation
1605019923580659
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=86400
x-goog-stored-content-length
44190
x-goog-meta-surrogate-key-control
max-age=31536000
content-type
text/css
expires
Sun, 20 Feb 2022 17:07:02 GMT
rollbar.min.js
cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.4.1/ Frame 42E6 		59 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.4.1/rollbar.min.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bc611cd3f2e427b4b4c098b3cd5ccbf6e46754bcaa2bf3e2445b0d2f83e78b65
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.staradvertiser.com/
Origin
https://www.staradvertiser.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:28 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
2088785
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
16344
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:16:01 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03fc1-ea52"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dPZmc8ElxkM2LD9EJmfcV8VKK08FgZB8oMGr9U0BhAmCKL51f5kiLQCHyoEkqWLoc7C2bcJAynLEaGuW%2FEOWXRTeaxCWbpAo8o8VuaoqJLKuJ%2B7BR1fSVW9oeWt3C2EDj3q3zDAAm3yU4e0g0I6Z1B3s"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6e05fd5d7be55a3d-MXP
expires
Fri, 10 Feb 2023 07:23:28 GMT
sp.js
snowplow.ownlocal.com/ Frame 42E6 		96 KB
96 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snowplow.ownlocal.com/sp.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.184.131 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
131.184.244.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
9cf71774f1f1f6c394e18096287cb46b53cc4ba8e2f17af4625b2dde339f4776

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 06:40:51 GMT
age
2557
x-guploader-uploadid
ADPycdu8ofbyooMLuXyDbhofWP9cJTugu74dP1MpSKiQN4lPtrP98isF-YOFgFwewqupYU7zHt6AGaD3REJkYNm3U2w
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
97919
last-modified
Mon, 19 Aug 2019 14:47:45 GMT
server
UploadServer
etag
"53030ece69ef259990486148c204d820"
x-goog-hash
crc32c=/u8IMA==, md5=UwMOzmnvJZmQSGFIwgTYIA==
x-goog-generation
1566226065807390
cache-control
public, max-age=3600
x-goog-stored-content-length
97919
accept-ranges
bytes
content-type
application/x-javascript
expires
Sun, 20 Feb 2022 07:40:51 GMT
polyfill.min.js
cdn.polyfill.io/v2/ Frame 42E6 		222 B
584 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.polyfill.io/v2/polyfill.min.js?features=Promise,fetch,Set,requestAnimationFrame,Map
Requested by
Host: origami.secure.ownlocal.com
URL: https://origami.secure.ownlocal.com/origami-widget.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::282 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
cae897bdde94867960ad284a56b1631296eaceddf5710a2857127ca0aa2777d3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.staradvertiser.com/
Origin
https://www.staradvertiser.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains; preload
content-encoding
br
x-content-type-options
nosniff
content-type
text/javascript; charset=utf-8
age
503615
detected-user-agent
Chrome/98.0.4758
server-timing
HIT-CLUSTER, fastly;desc="Edge time";dur=1, HIT-CLUSTER, fastly;desc="Edge time";dur=1
content-length
126
referrer-policy
origin-when-cross-origin
last-modified
Mon, 14 Feb 2022 10:57:33 GMT
date
Sun, 20 Feb 2022 07:23:28 GMT
vary
User-Agent, Accept-Encoding
access-control-allow-methods
GET,HEAD,OPTIONS
normalized-user-agent
chrome/98.0.0
access-control-allow-origin
*
cache-control
public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges
bytes
timing-allow-origin
*
react.production.min.js
unpkg.com/react@16.5.2/umd/ Frame 42E6 		10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/react@16.5.2/umd/react.production.min.js
Requested by
Host: origami.secure.ownlocal.com
URL: https://origami.secure.ownlocal.com/origami-widget.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7eaf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6a526700a518d11ba17f9e4afc2fac0b2cfacda8a91a1975931bb30d6de3b479
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.staradvertiser.com/
Origin
https://www.staradvertiser.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:28 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
age
26204540
fly-request-id
01F3Y1M2K40VQA0QC767BAE893
content-encoding
br
vary
Accept-Encoding
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
server
cloudflare
etag
W/"28a2-zTTTPNEOyiQBmfjucbRapR63Ixw"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
6e05fd5dad3e0f7a-MXP
react-dom.production.min.js
unpkg.com/react-dom@16.5.2/umd/ Frame 42E6 		92 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/react-dom@16.5.2/umd/react-dom.production.min.js
Requested by
Host: origami.secure.ownlocal.com
URL: https://origami.secure.ownlocal.com/origami-widget.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7eaf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf12ee84c417cbb401083f27253d0541a64dd8605c7442f8ce8a22fe3026bbad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.staradvertiser.com/
Origin
https://www.staradvertiser.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:28 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
1955212
vary
Accept-Encoding
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
server
cloudflare
etag
W/"170da-IPAwmE0kwddBAKa0tilJJFl1MZg"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-cloud-trace-context
0f9314b7b3d56cf4277644665838fec9
cache-control
public, max-age=31536000
cf-ray
6e05fd5dad400f7a-MXP
index.html
origami.secure.ownlocal.com/origami_unit/ 		13 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://origami.secure.ownlocal.com/origami_unit/index.html
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.4.6/rollbar.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.77.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.77.96.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
a20c152c22c67c4d7c8b135742a5ee401c9af423c0b3f42a5f52cb351a52400c

Request headers

Accept
text/html
Referer
https://www.staradvertiser.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 19 Feb 2022 11:05:22 GMT
age
73086
x-guploader-uploadid
ADPycdu8e8RAXLl1Cfw_TflEYKteSdPGFqHNXHilBjGHpSx0P1nFcrm__Y7Z-5sB67RmTjFplDCizBMHI-Vvy1HYl4oUWaHtnQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-meta-surrogate-key
ares-unit-html-production
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13753
accept-ranges
bytes
last-modified
Tue, 10 Nov 2020 14:45:02 GMT
server
UploadServer
etag
"0ac794e2a61ea0f7ec1bc4cf3520238b"
x-goog-hash
crc32c=HivesQ==, md5=CseU4qYeoPfsG8TPNSAjiw==
x-goog-generation
1605019502335578
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=86400
x-goog-stored-content-length
13753
x-goog-meta-surrogate-key-control
max-age=31536000
content-type
text/html
expires
Sun, 20 Feb 2022 11:05:22 GMT
p.css
p.typekit.net/ Frame BEF0 		5 B
181 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://p.typekit.net/p.css?s=1&k=wsl8gsu&ht=tk&f=139.140.175.176.28494.28496.28497.28498&a=84346937&app=typekit&e=css
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/wsl8gsu.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:5f80:a::b212:e7c0 , Russian Federation, ASN50952 (DATAIX-AS Peering Ltd., RU),
Reverse DNS
Software
nginx /
Resource Hash
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://use.typekit.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:28 GMT
last-modified
Fri, 10 Sep 2021 23:46:21 GMT
server
nginx
etag
"613bee4d-5"
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
5
ping
ping.chartbeat.net/ 		43 B
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ping.chartbeat.net/ping?h=staradvertiser.com&p=%2F&u=B2GukFn0vkJCN18Ql&d=staradvertiser.com&g=48334&g0=Homepage&g1=Dave%20Reardon&n=1&f=00001&c=0&x=0&m=0&y=10822&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&b=1828&t=CMSozrB1ar4RDQhC3S6mhhaD9GX-H&V=129&i=Hawaii%20News%20%7C%20Honolulu%20Star-Advertiser&tz=0&_acct=anon&sn=1&sv=Cjpy9SXfx9lBAJXV9lkNN1BEbQ4k&sd=1&im=067b2fff&_
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.194.49.161 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-194-49-161.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 20 Feb 2022 07:23:28 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
content-length
43
expires
0
materialdesignicons.min.css
cdn.jsdelivr.net/npm/@mdi/font@4.5.95/css/ Frame 42E6
Redirect Chain
  • https://cdn.materialdesignicons.com/4.5.95/css/materialdesignicons.min.css
  • https://cdn.jsdelivr.net/mdi/4.5.95/css/materialdesignicons.min.css
  • https://cdn.jsdelivr.net/npm/@mdi/font@4.5.95/css/materialdesignicons.min.css
200 KB
34 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/@mdi/font@4.5.95/css/materialdesignicons.min.css
Requested by
Host: origami.secure.ownlocal.com
URL: https://origami.secure.ownlocal.com/origami_unit/production/ares-unit.css
Protocol
H3
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f10134f63012891e9e259c48919da02a150be23f97892cae445acec7c1e8e00f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://origami.secure.ownlocal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:28 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
555896
x-jsd-version
4.5.95
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19179-FRA, cache-mxp6978-MXP
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"31f6f-BYur28y59QOryer8RIiplddE6Sc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
cf-ray
6e05fd60b86fe8fb-MXP

Redirect headers

date
Sun, 20 Feb 2022 07:23:28 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
555896
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
111
x-served-by
cache-fra19137-FRA, cache-mxp6981-MXP
timing-allow-origin
*
access-control-allow-origin
*
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept
content-type
text/plain; charset=utf-8
location
https://cdn.jsdelivr.net/npm/@mdi/font@4.5.95/css/materialdesignicons.min.css
access-control-expose-headers
*
cache-control
public, max-age=31536000
cf-ray
6e05fd5fbf9de8fb-MXP
inter.css
rsms.me/inter/ Frame 42E6 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://rsms.me/inter/inter.css
Requested by
Host: origami.secure.ownlocal.com
URL: https://origami.secure.ownlocal.com/origami_unit/production/ares-unit.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:9e2a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
effd7ce6ed5f47c331ed9333eb10d6ad78f496277f95dabb0d7dcba847d34a97

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://origami.secure.ownlocal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-fastly-request-id
cf73be4d6d6d031ee8e030c4d3632e54d130b542
date
Sun, 20 Feb 2022 07:23:28 GMT
via
1.1 varnish
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
387
x-cache
MISS
x-cache-hits
0
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-mxp6968-MXP
last-modified
Tue, 18 Jan 2022 19:57:03 GMT
server
cloudflare
x-github-request-id
FE40:E10E:297F91E:2A9EFF4:61E71BD8
x-timer
S1642535897.793733,VS0,VE95
etag
W/"61e71b8f-1966"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X6kzPwJrSVzevd6uZEPKTMFoDv49iiHFsUyR8MP9E1g3JkwFhFWE%2F0e5gJYx6iaThcTPvWxaiCiY0CDUa%2FASc35FaHK7S%2Fc3um%2Bayxm64zgEqLXRSDLVfEoIcUkODW063iXKrV3j"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=14400
cf-ray
6e05fd5e6c0659e3-MXP
x-proxy-cache
MISS
expires
Sat, 19 Feb 2022 23:29:13 GMT
css2
fonts.googleapis.com/ Frame 42E6 		1 KB
446 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Frank+Ruhl+Libre:wght@500&display=swap
Requested by
Host: origami.secure.ownlocal.com
URL: https://origami.secure.ownlocal.com/origami_unit/production/ares-unit.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e0617705dea4b9e3e6f00448ff0fa20e8f0a27f76a43272044055672b882bd8e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://origami.secure.ownlocal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 20 Feb 2022 07:23:28 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sun, 20 Feb 2022 07:23:28 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 20 Feb 2022 07:23:28 GMT
widgetinfo
p.cityspark.com/api/widgets/ 		67 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p.cityspark.com/api/widgets/widgetinfo?wid=9865&callback=jsonp1645342625501
Requested by
Host: cdn.cityspark.com
URL: https://cdn.cityspark.com/wid/get.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.160.40.218 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e4a84cc36669ad4809710a8dea92ea8cec360c624b72c771693b4b23150b98c9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Sun, 20 Feb 2022 07:23:28 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
309252323293891
connect.facebook.net/signals/config/ 		308 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/309252323293891?v=2.9.52&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
4f410b9b350b1a76cab88e3c8014237da133cf66905a5b1f2034f1854b104e31
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
x-xss-protection
0
pragma
public
x-fb-debug
pmmjyQ5QUY5Vqb9aLXaig9rbBx4+/g4ABZRBZrAEudf4qUIGy9LwBat2zPU/pF3GA36t8VpAdkJWyk3r4EJ0+Q==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Sun, 20 Feb 2022 07:23:28 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
447 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-16272709-1&cid=565048288.1645341808&jid=62307304&gjid=1078937323&_gid=1208915351.1645341808&_u=IEBAAEAAAAAAAC~&z=1533485105
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.4.6/rollbar.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c06::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.staradvertiser.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Sun, 20 Feb 2022 07:23:28 GMT
content-type
text/plain
access-control-allow-origin
https://www.staradvertiser.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
ares-unit.css
origami.secure.ownlocal.com/origami_unit/production/ Frame EA32 		43 KB
43 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://origami.secure.ownlocal.com/origami_unit/production/ares-unit.css
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.77.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.77.96.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
9eb5cb26a1730c20ee1a11202c2a06c6cc7ff4312c9c9ee8dd805ded1edbf673

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 19 Feb 2022 17:07:02 GMT
x-goog-meta-goog-reserved-file-mtime
1605019378
age
51386
x-guploader-uploadid
ADPycdsNPaeJbbw0CNtP0cC2DPXPtUbRF8-K0EcbMW1WpXpFX_wHdD46XhB2emv8QjQW2QaodSTtDgt33y0cv5e4zMQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-meta-surrogate-key
ares-unit-bundle-production
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
44190
accept-ranges
bytes
last-modified
Tue, 10 Nov 2020 14:52:03 GMT
server
UploadServer
etag
"ca2d3510261a58fb4fbc8ac0361b8e23"
x-goog-hash
crc32c=1WBR9g==, md5=yi01ECYaWPtPvIrANhuOIw==
x-goog-generation
1605019923580659
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=86400
x-goog-stored-content-length
44190
x-goog-meta-surrogate-key-control
max-age=31536000
content-type
text/css
expires
Sun, 20 Feb 2022 17:07:02 GMT
rollbar.min.js
cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.4.1/ Frame EA32 		59 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.4.1/rollbar.min.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bc611cd3f2e427b4b4c098b3cd5ccbf6e46754bcaa2bf3e2445b0d2f83e78b65
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.staradvertiser.com/
Origin
https://www.staradvertiser.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:28 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
2088785
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
16344
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:16:01 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03fc1-ea52"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h%2FCF220eipsmpPVe8wO61DjRQaQOCx4ARekdHdwi5tyy%2BN6IxcpMLTt83estt64PQD8SAS9Exl91QSgUKVxSAkue7F2HkmvuHbpiky%2FIlTScLVXN2eyjyPbUDvK8KBENZkN5H9G42f52HcJis9cofRSY"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6e05fd5e8e1a5a3d-MXP
expires
Fri, 10 Feb 2023 07:23:28 GMT
sp.js
snowplow.ownlocal.com/ Frame EA32 		96 KB
96 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snowplow.ownlocal.com/sp.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.184.131 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
131.184.244.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
9cf71774f1f1f6c394e18096287cb46b53cc4ba8e2f17af4625b2dde339f4776

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 06:40:51 GMT
age
2557
x-guploader-uploadid
ADPycdu8ofbyooMLuXyDbhofWP9cJTugu74dP1MpSKiQN4lPtrP98isF-YOFgFwewqupYU7zHt6AGaD3REJkYNm3U2w
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
97919
last-modified
Mon, 19 Aug 2019 14:47:45 GMT
server
UploadServer
etag
"53030ece69ef259990486148c204d820"
x-goog-hash
crc32c=/u8IMA==, md5=UwMOzmnvJZmQSGFIwgTYIA==
x-goog-generation
1566226065807390
cache-control
public, max-age=3600
x-goog-stored-content-length
97919
accept-ranges
bytes
content-type
application/x-javascript
expires
Sun, 20 Feb 2022 07:40:51 GMT
polyfill.min.js
cdn.polyfill.io/v2/ Frame EA32 		222 B
198 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.polyfill.io/v2/polyfill.min.js?features=Promise,fetch,Set,requestAnimationFrame,Map
Requested by
Host: origami.secure.ownlocal.com
URL: https://origami.secure.ownlocal.com/origami-widget.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::282 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
cae897bdde94867960ad284a56b1631296eaceddf5710a2857127ca0aa2777d3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.staradvertiser.com/
Origin
https://www.staradvertiser.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains; preload
content-encoding
br
x-content-type-options
nosniff
content-type
text/javascript; charset=utf-8
age
503615
detected-user-agent
Chrome/98.0.4758
server-timing
HIT-CLUSTER, fastly;desc="Edge time";dur=1, HIT, fastly;desc="Edge time";dur=1
content-length
126
referrer-policy
origin-when-cross-origin
last-modified
Mon, 14 Feb 2022 10:57:33 GMT
date
Sun, 20 Feb 2022 07:23:28 GMT
vary
User-Agent, Accept-Encoding
access-control-allow-methods
GET,HEAD,OPTIONS
normalized-user-agent
chrome/98.0.0
access-control-allow-origin
*
cache-control
public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges
bytes
timing-allow-origin
*
react.production.min.js
unpkg.com/react@16.5.2/umd/ Frame EA32 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/react@16.5.2/umd/react.production.min.js
Requested by
Host: origami.secure.ownlocal.com
URL: https://origami.secure.ownlocal.com/origami-widget.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7eaf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6a526700a518d11ba17f9e4afc2fac0b2cfacda8a91a1975931bb30d6de3b479
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.staradvertiser.com/
Origin
https://www.staradvertiser.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:28 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
age
26204540
fly-request-id
01F3Y1M2K40VQA0QC767BAE893
content-encoding
br
vary
Accept-Encoding
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
server
cloudflare
etag
W/"28a2-zTTTPNEOyiQBmfjucbRapR63Ixw"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
6e05fd5e7df70f7a-MXP
react-dom.production.min.js
unpkg.com/react-dom@16.5.2/umd/ Frame EA32 		92 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/react-dom@16.5.2/umd/react-dom.production.min.js
Requested by
Host: origami.secure.ownlocal.com
URL: https://origami.secure.ownlocal.com/origami-widget.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7eaf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf12ee84c417cbb401083f27253d0541a64dd8605c7442f8ce8a22fe3026bbad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.staradvertiser.com/
Origin
https://www.staradvertiser.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:28 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
1955212
vary
Accept-Encoding
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
server
cloudflare
etag
W/"170da-IPAwmE0kwddBAKa0tilJJFl1MZg"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-cloud-trace-context
0f9314b7b3d56cf4277644665838fec9
cache-control
public, max-age=31536000
cf-ray
6e05fd5e7df80f7a-MXP
www-embed-player.js
www.youtube.com/s/player/c3125ad0/www-embed-player.vflset/ Frame 429E 		283 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/c3125ad0/www-embed-player.vflset/www-embed-player.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/videoseries?list=PL4hYTOAQ-Qk4ksml-4NKgz3JafpO-tfY-
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8b838fab476b0b972555361c19bfa11475adc6bcb3165ea3823eca1584fe6017
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/videoseries?list=PL4hYTOAQ-Qk4ksml-4NKgz3JafpO-tfY-
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 19 Feb 2022 21:15:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
36488
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
87214
x-xss-protection
0
last-modified
Thu, 17 Feb 2022 01:18:33 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sun, 19 Feb 2023 21:15:20 GMT
base.js
www.youtube.com/s/player/c3125ad0/player_ias.vflset/de_DE/ Frame 429E 		2 MB
539 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/c3125ad0/player_ias.vflset/de_DE/base.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/videoseries?list=PL4hYTOAQ-Qk4ksml-4NKgz3JafpO-tfY-
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4c0b6c872c7e94af4fb9a7daed9dd3b48037402aa2bfa90df773913fd9d9ef6f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/videoseries?list=PL4hYTOAQ-Qk4ksml-4NKgz3JafpO-tfY-
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 17 Feb 2022 15:54:56 GMT
content-encoding
br
x-content-type-options
nosniff
age
228512
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
551833
x-xss-protection
0
last-modified
Thu, 17 Feb 2022 01:18:33 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 17 Feb 2023 15:54:56 GMT
fetch-polyfill.js
www.youtube.com/s/player/c3125ad0/fetch-polyfill.vflset/ Frame 429E 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/c3125ad0/fetch-polyfill.vflset/fetch-polyfill.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/videoseries?list=PL4hYTOAQ-Qk4ksml-4NKgz3JafpO-tfY-
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
245700ec8ef4a9acfb6088689f5b4867269393b8222cb1c75ea791621751ff87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/videoseries?list=PL4hYTOAQ-Qk4ksml-4NKgz3JafpO-tfY-
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 19 Feb 2022 18:11:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
47530
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3338
x-xss-protection
0
last-modified
Thu, 17 Feb 2022 01:18:33 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sun, 19 Feb 2023 18:11:18 GMT
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=2&c2=6035032&ns__t=1645341808398&ns_c=UTF-8&cv=3.5&c8=Hawaii%20News%20%7C%20Honolulu%20Star-Advertiser&c7=https%3A%2F%2Fwww.staradvertiser.com%2F&c9=
  • https://sb.scorecardresearch.com/b2?c1=2&c2=6035032&ns__t=1645341808398&ns_c=UTF-8&cv=3.5&c8=Hawaii%20News%20%7C%20Honolulu%20Star-Advertiser&c7=https%3A%2F%2Fwww.staradvertiser.com%2F&c9=
0
224 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=2&c2=6035032&ns__t=1645341808398&ns_c=UTF-8&cv=3.5&c8=Hawaii%20News%20%7C%20Honolulu%20Star-Advertiser&c7=https%3A%2F%2Fwww.staradvertiser.com%2F&c9=
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Server
99.86.4.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-3.fra6.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:28 GMT
via
1.1 560d8d35213ac925f8d05c5730db1582.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
etag
W/"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk"
x-amz-cf-id
gZ3ZA3zh7bD8IcNeqfkBUITgLCtTrHPYNybn1wL7rzjxdBG0oIhPKA==
x-cache
Miss from cloudfront

Redirect headers

date
Sun, 20 Feb 2022 07:23:28 GMT
via
1.1 560d8d35213ac925f8d05c5730db1582.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
vary
Accept
x-cache
Miss from cloudfront
content-type
text/plain; charset=utf-8
location
https://sb.scorecardresearch.com/b2?c1=2&c2=6035032&ns__t=1645341808398&ns_c=UTF-8&cv=3.5&c8=Hawaii%20News%20%7C%20Honolulu%20Star-Advertiser&c7=https%3A%2F%2Fwww.staradvertiser.com%2F&c9=
content-length
210
x-amz-cf-id
JETYzi-xyFlKqA57f5fxdaHV-gGGojtk4kVaad0JdgZJSXUcqgBK3w==
58dd42ce-1cdb-4ab3-8524-38a7cdc64a9d.js
d3lcz8vpax4lo2.cloudfront.net/header-tags/134cd2a0-7eab-4f89-ad56-f416cc5743c6/ 		169 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3lcz8vpax4lo2.cloudfront.net/header-tags/134cd2a0-7eab-4f89-ad56-f416cc5743c6/58dd42ce-1cdb-4ab3-8524-38a7cdc64a9d.js
Requested by
Host: d2na2p72vtqyok.cloudfront.net
URL: https://d2na2p72vtqyok.cloudfront.net/client-embed/134cd2a0-7eab-4f89-ad56-f416cc5743c6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:8800:1c:386f:ec80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d8f917b12778d4a22a9547d1725638c0c428398479c5dea57664d0045552b930

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id
Lx6K0etpQijmMYCfHMf5IsP1s4CQr02V
content-encoding
gzip
last-modified
Mon, 14 Feb 2022 17:56:45 GMT
server
AmazonS3
age
58
etag
W/"ee311ae0819b9ba4d27cba803bb90140"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 89cb19c6f2c9ed0983294d3b12e80e42.cloudfront.net (CloudFront)
cache-control
max-age=60
date
Sun, 20 Feb 2022 07:23:28 GMT
x-amz-cf-pop
FRA53-C1
x-amz-cf-id
s0nPcNA_hJ0_T5JfKPI6BJXR4znCBRRsvCzwaYRrr6SFubq7-FHhvw==
/
geoip.instiengage.com/json/ 		210 B
401 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://geoip.instiengage.com/json/
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.4.6/rollbar.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.202.78.124 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-202-78-124.compute-1.amazonaws.com
Software
/
Resource Hash
70fb114037fd9e681fa34ca7bfe2c107d7c85420d7511762e934eeaed9bc6d64

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

access-control-allow-origin
https://www.staradvertiser.com
date
Sun, 20 Feb 2022 07:23:28 GMT
access-control-allow-credentials
true
x-database-date
Sat, 19 Feb 2022 23:00:00 GMT
content-length
210
vary
Origin
content-type
application/json
index.html
auth.instiengage.com/auth/ Frame 4261 		73 B
438 B 		Document
General
Check archive.org
Download Go to
Full URL
https://auth.instiengage.com/auth/index.html
Requested by
Host: d2na2p72vtqyok.cloudfront.net
URL: https://d2na2p72vtqyok.cloudfront.net/client-embed/134cd2a0-7eab-4f89-ad56-f416cc5743c6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2182:8a00:9:78a:e540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fb7e70becd9b9f29c4afe8b2b82eef24739e120c0abafc812e24c8362657f37d

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/

Response headers

content-type
text/html
content-length
73
last-modified
Thu, 28 Oct 2021 14:58:38 GMT
x-amz-version-id
Z_9pWwT0klc7emOur8LDxIaKOSvjAB6l
accept-ranges
bytes
server
AmazonS3
date
Sun, 20 Feb 2022 07:21:03 GMT
etag
"d143b1e94cfb2dcb20bcad0f44fd1f0a"
x-cache
Hit from cloudfront
via
1.1 c51e3be89c14e3f859ea898f7e36ecec.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-C1
x-amz-cf-id
-_0zSlVZI6v7vJiZ4ZZUrju52WWnn7dIAK8y-g7Ne2XtXaNJxqJD6g==
age
187
bbSa3LzB.png
assets-jpcust.jwpsrv.com/watermarks/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets-jpcust.jwpsrv.com/watermarks/bbSa3LzB.png
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
ea61548e9d5031954bac5839724821f0aa82d3a6ad15440cd592c551f21fa3b9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:28 GMT
content-encoding
gzip
age
180
x-cache
HIT, HIT
content-length
4826
x-served-by
cache-iad-kcgs7200087-IAD, cache-mxp6932-MXP
access-control-allow-origin
*
last-modified
Mon, 19 Feb 2018 23:04:18 GMT
server
nginx
x-timer
S1645341809.502262,VS0,VE94
etag
"ebbad5ad378aa3799d2487401ff2298a"
vary
Accept-Encoding
content-type
image/png
via
1.1 varnish, 1.1 varnish
cache-control
max-age=900
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits
1, 1
Ct9V6Euv-120.vtt
assets-jpcust.jwpsrv.com/strips/
Redirect Chain
  • https://cdn.jwplayer.com/strips/Ct9V6Euv-120.vtt
  • https://assets-jpcust.jwpsrv.com/strips/Ct9V6Euv-120.vtt
918 B
568 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://assets-jpcust.jwpsrv.com/strips/Ct9V6Euv-120.vtt
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Server
2a04:4e42:200::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
76dcada666862ba41775bf2b49f921cdc65a0fc6dfa0f6b1a5f1cc53d07b6114

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:28 GMT
content-encoding
gzip
age
481
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
203
x-served-by
cache-iad-kjyo7100166-IAD, cache-mxp6934-MXP
access-control-allow-origin
*
last-modified
Tue, 04 Jan 2022 20:03:53 GMT
server
nginx
x-timer
S1645341809.789036,VS0,VE95
etag
"b049b2833a8975b230b26fd15e3d3ffd"
vary
Accept-Encoding
content-type
text/vtt
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits
1, 1

Redirect headers

date
Sun, 20 Feb 2022 07:22:40 GMT
via
1.1 8d31bbd9d6638cdacab37047b8045da4.cloudfront.net (CloudFront)
server
openresty
age
48
location
https://assets-jpcust.jwpsrv.com/strips/Ct9V6Euv-120.vtt
x-cache
Hit from cloudfront
content-type
text/html
access-control-allow-origin
*
x-amz-cf-pop
FRA53-C1
content-length
166
x-amz-cf-id
BS82OsiKOfgR3VzXQJprJmd8NJPb3kPp8gjGzztKgkcw2hQkIQCWug==
related.js
ssl.p.jwpcdn.com/player/v/8.24.3/ 		109 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.p.jwpcdn.com/player/v/8.24.3/related.js
Requested by
Host: content.jwplatform.com
URL: https://content.jwplatform.com/libraries/ZoPFXSjg.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bb5e2ea41114aac7cc85db465754f2f71644dc601ff16689ac1c3afbddc66138

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:28 GMT
content-encoding
gzip
age
1405441
x-cache
HIT
content-length
25207
via
1.1 varnish
x-served-by
cache-mxp6932-MXP
last-modified
Wed, 02 Feb 2022 23:47:01 GMT
server
AmazonS3
x-timer
S1645341808.476398,VS0,VE0
etag
"3244e814aba5e28b2d0b25b5fa10fbcf"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000, immutable
accept-ranges
bytes
x-cache-hits
75886
0wtdz9yr-720.jpg
assets-jpcust.jwpsrv.com/thumbnails/
Redirect Chain
  • https://cdn.jwplayer.com/v2/media/Ct9V6Euv/poster.jpg?width=720
  • https://assets-jpcust.jwpsrv.com/thumbnails/0wtdz9yr-720.jpg
50 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets-jpcust.jwpsrv.com/thumbnails/0wtdz9yr-720.jpg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Server
2a04:4e42::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
7b812e796f59ce02cd9afa956d7827dca1457f2c379e8e801d9147d8f1e7ebac

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:28 GMT
content-encoding
gzip
age
128
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
49847
x-served-by
cache-iad-kcgs7200087-IAD, cache-mxp6932-MXP
access-control-allow-origin
*
last-modified
Tue, 04 Jan 2022 20:03:44 GMT
server
nginx
x-timer
S1645341809.644987,VS0,VE96
etag
"33aba6af8b54fe9ab236ae70121d4bb7"
vary
Accept-Encoding
content-type
image/jpeg
via
1.1 varnish, 1.1 varnish
cache-control
max-age=900
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits
1, 1

Redirect headers

date
Sun, 20 Feb 2022 07:22:40 GMT
via
1.1 1cc446ef4692d8e752b16c07f2f58a58.cloudfront.net (CloudFront)
server
openresty
age
48
location
https://assets-jpcust.jwpsrv.com/thumbnails/0wtdz9yr-720.jpg
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=180, max-stale=180
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA53-C1
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
content-length
0
x-amz-cf-id
jqbMZ_5tmpPA2uHJDJCweBJ7tfEOiEgNXm86de_452eKraztZ_xifw==
st0aa5ei-720.jpg
assets-jpcust.jwpsrv.com/thumbnails/
Redirect Chain
  • https://cdn.jwplayer.com/v2/media/xS1UI2RY/poster.jpg?width=720
  • https://assets-jpcust.jwpsrv.com/thumbnails/st0aa5ei-720.jpg
81 KB
79 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets-jpcust.jwpsrv.com/thumbnails/st0aa5ei-720.jpg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Server
2a04:4e42::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
fdd1eb743eaba6388d6bf34f56b00aad1eece44973f2966508497f2458c9632c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:28 GMT
content-encoding
gzip
age
176
x-amz-server-side-encryption
AES256
x-cache
HIT, MISS
content-length
80467
x-served-by
cache-iad-kiad7000037-IAD, cache-mxp6932-MXP
access-control-allow-origin
*
last-modified
Thu, 09 Dec 2021 02:55:58 GMT
server
nginx
x-timer
S1645341809.749307,VS0,VE94
etag
"27541fc64f69278a32a29ca930628516"
vary
Accept-Encoding
content-type
image/jpeg
via
1.1 varnish, 1.1 varnish
cache-control
max-age=900
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits
1, 0

Redirect headers

date
Sun, 20 Feb 2022 07:23:28 GMT
via
1.1 1cc446ef4692d8e752b16c07f2f58a58.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
FRA53-C1
location
https://assets-jpcust.jwpsrv.com/thumbnails/st0aa5ei-720.jpg
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=180, max-stale=180
x-cache
Miss from cloudfront
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
content-length
0
x-amz-cf-id
dPBYW58szhpDxbtnVFLv7cAkxSyR6xHWRKPQUcmfk5iBLsq8sPmJ_w==
xS1UI2RY-120.vtt
assets-jpcust.jwpsrv.com/strips/
Redirect Chain
  • https://cdn.jwplayer.com/strips/xS1UI2RY-120.vtt
  • https://assets-jpcust.jwpsrv.com/strips/xS1UI2RY-120.vtt
918 B
372 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://assets-jpcust.jwpsrv.com/strips/xS1UI2RY-120.vtt
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Server
2a04:4e42:200::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
731dfd45b79101e70d1c0f998e9387be13fbe88dd19931deaa858b0605c3b343

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:28 GMT
content-encoding
gzip
age
175
x-amz-server-side-encryption
AES256
x-cache
HIT, MISS
content-length
203
x-served-by
cache-iad-kiad7000061-IAD, cache-mxp6934-MXP
access-control-allow-origin
*
last-modified
Thu, 09 Dec 2021 02:56:06 GMT
server
nginx
x-timer
S1645341809.788966,VS0,VE97
etag
"a707b4b9b9c34db570e2992ffd36290e"
vary
Accept-Encoding
content-type
text/vtt
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits
1, 0

Redirect headers

date
Sun, 20 Feb 2022 07:23:28 GMT
via
1.1 8d31bbd9d6638cdacab37047b8045da4.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
FRA53-C1
location
https://assets-jpcust.jwpsrv.com/strips/xS1UI2RY-120.vtt
x-cache
Miss from cloudfront
content-type
text/html
access-control-allow-origin
*
content-length
166
x-amz-cf-id
JaZGC8v81m-XB7i207Kn-8a6942zEs4Oh22YQLu_JuzxpCOQWEI92g==
materialdesignicons.min.css
cdn.jsdelivr.net/npm/@mdi/font@4.5.95/css/ Frame EA32
Redirect Chain
  • https://cdn.materialdesignicons.com/4.5.95/css/materialdesignicons.min.css
  • https://cdn.jsdelivr.net/mdi/4.5.95/css/materialdesignicons.min.css
  • https://cdn.jsdelivr.net/npm/@mdi/font@4.5.95/css/materialdesignicons.min.css
200 KB
34 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/@mdi/font@4.5.95/css/materialdesignicons.min.css
Requested by
Host: origami.secure.ownlocal.com
URL: https://origami.secure.ownlocal.com/origami_unit/production/ares-unit.css
Protocol
H3
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f10134f63012891e9e259c48919da02a150be23f97892cae445acec7c1e8e00f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://origami.secure.ownlocal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:28 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
555896
x-jsd-version
4.5.95
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19179-FRA, cache-mxp6978-MXP
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"31f6f-BYur28y59QOryer8RIiplddE6Sc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
cf-ray
6e05fd60b880e8fb-MXP

Redirect headers

date
Sun, 20 Feb 2022 07:23:28 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
555896
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
111
x-served-by
cache-fra19137-FRA, cache-mxp6981-MXP
timing-allow-origin
*
access-control-allow-origin
*
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept
content-type
text/plain; charset=utf-8
location
https://cdn.jsdelivr.net/npm/@mdi/font@4.5.95/css/materialdesignicons.min.css
access-control-expose-headers
*
cache-control
public, max-age=31536000
cf-ray
6e05fd600ff2e8fb-MXP
inter.css
rsms.me/inter/ Frame EA32 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://rsms.me/inter/inter.css
Requested by
Host: origami.secure.ownlocal.com
URL: https://origami.secure.ownlocal.com/origami_unit/production/ares-unit.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:9e2a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
effd7ce6ed5f47c331ed9333eb10d6ad78f496277f95dabb0d7dcba847d34a97

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://origami.secure.ownlocal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-fastly-request-id
cf73be4d6d6d031ee8e030c4d3632e54d130b542
date
Sun, 20 Feb 2022 07:23:28 GMT
via
1.1 varnish
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
387
x-cache
MISS
x-cache-hits
0
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-mxp6968-MXP
last-modified
Tue, 18 Jan 2022 19:57:03 GMT
server
cloudflare
x-github-request-id
FE40:E10E:297F91E:2A9EFF4:61E71BD8
x-timer
S1642535897.793733,VS0,VE95
etag
W/"61e71b8f-1966"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5A71DtAzNgPgTAnSgU9zAgi9PnO2Avb69oQ7RHIy28ydx%2BCMllJmCoqRorfAiRdbxChFYQ1rIHlmNuoUOhLm9iH7ZhlvfchCUFZTwmpb%2FqT%2B05u2hWCFL5GGrSaJFNaKXquJaoLM"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=14400
cf-ray
6e05fd5f3d5e8397-MXP
x-proxy-cache
MISS
expires
Sat, 19 Feb 2022 23:29:13 GMT
css2
fonts.googleapis.com/ Frame EA32 		1 KB
446 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Frank+Ruhl+Libre:wght@500&display=swap
Requested by
Host: origami.secure.ownlocal.com
URL: https://origami.secure.ownlocal.com/origami_unit/production/ares-unit.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e0617705dea4b9e3e6f00448ff0fa20e8f0a27f76a43272044055672b882bd8e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://origami.secure.ownlocal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 20 Feb 2022 07:23:28 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sun, 20 Feb 2022 07:23:28 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 20 Feb 2022 07:23:28 GMT
conversion_async.js
www.googleadservices.com/pagead/ 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WTV5NMZ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
083ec931e5517a4ab713afbe9561e72b9186cb54e21b8b1eface9caefb54a966
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14879
x-xss-protection
0
server
cafe
etag
17635014576153706337
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sun, 20 Feb 2022 07:23:28 GMT
platform.js
insiderdata360online.com/service/ 		0
0
;ord=7450338050189.917;v=120;ip=217.64.151.29;cuidchk=1
trkn.us/pixel/conv/ppt=15374;g=hsa_formers_sep-2021;gid=38087;cv1=https://www.staradvertiser.com/
Redirect Chain
  • https://trkn.us/pixel/conv/ppt=15374;g=hsa_formers_sep-2021;gid=38087;cv1=https://www.staradvertiser.com/;ord=7450338050189.917;v=120
  • https://trkn.us/pixel/conv/ppt=15374;g=hsa_formers_sep-2021;gid=38087;cv1=https://www.staradvertiser.com/;ord=7450338050189.917;v=120;ip=217.64.151.29;cuidchk=1
42 B
780 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trkn.us/pixel/conv/ppt=15374;g=hsa_formers_sep-2021;gid=38087;cv1=https://www.staradvertiser.com/;ord=7450338050189.917;v=120;ip=217.64.151.29;cuidchk=1
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
HTTP/1.1
Server
52.20.115.1 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-20-115-1.compute-1.amazonaws.com
Software
Apache /
Resource Hash
b2c78c910f5ea29e3a9d223dabc203c055c8708b1fe7d83788b490638126db4d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 20 Feb 2022 07:23:28 GMT
X-Content-Type-Options
nosniff
Last-Modified
Sun, 9 Nov 1980 12:59:00 GMT
Server
Apache
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Cache-Control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Connection
keep-alive
Content-Type
image/gif
Content-Length
42
Expires
Sun, 9 Nov 1980 12:58:00 GMT

Redirect headers

Date
Sun, 20 Feb 2022 07:23:28 GMT
X-Content-Type-Options
nosniff
Server
Apache
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location
/pixel/conv/ppt=15374;g=hsa_formers_sep-2021;gid=38087;cv1=https://www.staradvertiser.com/;ord=7450338050189.917;v=120;ip=217.64.151.29;cuidchk=1
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
0
;ord=3577991719263.66;v=120;ip=217.64.151.29;cuidchk=1
trkn.us/pixel/conv/ppt=16599;g=hsa_formers_oct-2021_v1;gid=39554;cv1=https://www.staradvertiser.com/
Redirect Chain
  • https://trkn.us/pixel/conv/ppt=16599;g=hsa_formers_oct-2021_v1;gid=39554;cv1=https://www.staradvertiser.com/;ord=3577991719263.66;v=120
  • https://trkn.us/pixel/conv/ppt=16599;g=hsa_formers_oct-2021_v1;gid=39554;cv1=https://www.staradvertiser.com/;ord=3577991719263.66;v=120;ip=217.64.151.29;cuidchk=1
42 B
780 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trkn.us/pixel/conv/ppt=16599;g=hsa_formers_oct-2021_v1;gid=39554;cv1=https://www.staradvertiser.com/;ord=3577991719263.66;v=120;ip=217.64.151.29;cuidchk=1
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
HTTP/1.1
Server
52.20.115.1 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-20-115-1.compute-1.amazonaws.com
Software
Apache /
Resource Hash
b2c78c910f5ea29e3a9d223dabc203c055c8708b1fe7d83788b490638126db4d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 20 Feb 2022 07:23:28 GMT
X-Content-Type-Options
nosniff
Last-Modified
Sun, 9 Nov 1980 12:59:00 GMT
Server
Apache
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Cache-Control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Connection
keep-alive
Content-Type
image/gif
Content-Length
42
Expires
Sun, 9 Nov 1980 12:58:00 GMT

Redirect headers

Date
Sun, 20 Feb 2022 07:23:28 GMT
X-Content-Type-Options
nosniff
Server
Apache
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location
/pixel/conv/ppt=16599;g=hsa_formers_oct-2021_v1;gid=39554;cv1=https://www.staradvertiser.com/;ord=3577991719263.66;v=120;ip=217.64.151.29;cuidchk=1
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
0
;ord=1526270816990.7957;v=120;ip=217.64.151.29;cuidchk=1
trkn.us/pixel/conv/ppt=16603;g=hsa_formers_oct-2021_v2;gid=39558;cv1=https://www.staradvertiser.com/
Redirect Chain
  • https://trkn.us/pixel/conv/ppt=16603;g=hsa_formers_oct-2021_v2;gid=39558;cv1=https://www.staradvertiser.com/;ord=1526270816990.7957;v=120
  • https://trkn.us/pixel/conv/ppt=16603;g=hsa_formers_oct-2021_v2;gid=39558;cv1=https://www.staradvertiser.com/;ord=1526270816990.7957;v=120;ip=217.64.151.29;cuidchk=1
42 B
780 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trkn.us/pixel/conv/ppt=16603;g=hsa_formers_oct-2021_v2;gid=39558;cv1=https://www.staradvertiser.com/;ord=1526270816990.7957;v=120;ip=217.64.151.29;cuidchk=1
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
HTTP/1.1
Server
52.20.115.1 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-20-115-1.compute-1.amazonaws.com
Software
Apache /
Resource Hash
b2c78c910f5ea29e3a9d223dabc203c055c8708b1fe7d83788b490638126db4d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 20 Feb 2022 07:23:28 GMT
X-Content-Type-Options
nosniff
Last-Modified
Sun, 9 Nov 1980 12:59:00 GMT
Server
Apache
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Cache-Control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Connection
keep-alive
Content-Type
image/gif
Content-Length
42
Expires
Sun, 9 Nov 1980 12:58:00 GMT

Redirect headers

Date
Sun, 20 Feb 2022 07:23:28 GMT
X-Content-Type-Options
nosniff
Server
Apache
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location
/pixel/conv/ppt=16603;g=hsa_formers_oct-2021_v2;gid=39558;cv1=https://www.staradvertiser.com/;ord=1526270816990.7957;v=120;ip=217.64.151.29;cuidchk=1
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
0
;ord=3520096720155.299;v=120;ip=217.64.151.29;cuidchk=1
trkn.us/pixel/conv/ppt=16605;g=hsa_formers_oct-2021_v3;gid=39561;cv1=https://www.staradvertiser.com/
Redirect Chain
  • https://trkn.us/pixel/conv/ppt=16605;g=hsa_formers_oct-2021_v3;gid=39561;cv1=https://www.staradvertiser.com/;ord=3520096720155.299;v=120
  • https://trkn.us/pixel/conv/ppt=16605;g=hsa_formers_oct-2021_v3;gid=39561;cv1=https://www.staradvertiser.com/;ord=3520096720155.299;v=120;ip=217.64.151.29;cuidchk=1
42 B
780 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trkn.us/pixel/conv/ppt=16605;g=hsa_formers_oct-2021_v3;gid=39561;cv1=https://www.staradvertiser.com/;ord=3520096720155.299;v=120;ip=217.64.151.29;cuidchk=1
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
HTTP/1.1
Server
52.20.115.1 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-20-115-1.compute-1.amazonaws.com
Software
Apache /
Resource Hash
b2c78c910f5ea29e3a9d223dabc203c055c8708b1fe7d83788b490638126db4d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 20 Feb 2022 07:23:28 GMT
X-Content-Type-Options
nosniff
Last-Modified
Sun, 9 Nov 1980 12:59:00 GMT
Server
Apache
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Cache-Control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Connection
keep-alive
Content-Type
image/gif
Content-Length
42
Expires
Sun, 9 Nov 1980 12:58:00 GMT

Redirect headers

Date
Sun, 20 Feb 2022 07:23:28 GMT
X-Content-Type-Options
nosniff
Server
Apache
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location
/pixel/conv/ppt=16605;g=hsa_formers_oct-2021_v3;gid=39561;cv1=https://www.staradvertiser.com/;ord=3520096720155.299;v=120;ip=217.64.151.29;cuidchk=1
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
0
;ord=9714825776117.402;v=120;ip=217.64.151.29;cuidchk=1
trkn.us/pixel/conv/ppt=17603;g=hsa_formers_nov-2021_v1;gid=40542;cv1=https://www.staradvertiser.com/
Redirect Chain
  • https://trkn.us/pixel/conv/ppt=17603;g=hsa_formers_nov-2021_v1;gid=40542;cv1=https://www.staradvertiser.com/;ord=9714825776117.402;v=120
  • https://trkn.us/pixel/conv/ppt=17603;g=hsa_formers_nov-2021_v1;gid=40542;cv1=https://www.staradvertiser.com/;ord=9714825776117.402;v=120;ip=217.64.151.29;cuidchk=1
42 B
780 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trkn.us/pixel/conv/ppt=17603;g=hsa_formers_nov-2021_v1;gid=40542;cv1=https://www.staradvertiser.com/;ord=9714825776117.402;v=120;ip=217.64.151.29;cuidchk=1
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
HTTP/1.1
Server
52.20.115.1 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-20-115-1.compute-1.amazonaws.com
Software
Apache /
Resource Hash
b2c78c910f5ea29e3a9d223dabc203c055c8708b1fe7d83788b490638126db4d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 20 Feb 2022 07:23:28 GMT
X-Content-Type-Options
nosniff
Last-Modified
Sun, 9 Nov 1980 12:59:00 GMT
Server
Apache
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Cache-Control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Connection
keep-alive
Content-Type
image/gif
Content-Length
42
Expires
Sun, 9 Nov 1980 12:58:00 GMT

Redirect headers

Date
Sun, 20 Feb 2022 07:23:28 GMT
X-Content-Type-Options
nosniff
Server
Apache
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location
/pixel/conv/ppt=17603;g=hsa_formers_nov-2021_v1;gid=40542;cv1=https://www.staradvertiser.com/;ord=9714825776117.402;v=120;ip=217.64.151.29;cuidchk=1
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
0
;ord=1247186350001.7344;v=120
trkn.us/pixel/conv/ppt=17605;g=hsa_formers_nov-2021_v2;gid=40544;cv1=https://www.staradvertiser.com/ 		42 B
780 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trkn.us/pixel/conv/ppt=17605;g=hsa_formers_nov-2021_v2;gid=40544;cv1=https://www.staradvertiser.com/;ord=1247186350001.7344;v=120
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.20.115.1 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-20-115-1.compute-1.amazonaws.com
Software
Apache /
Resource Hash
b2c78c910f5ea29e3a9d223dabc203c055c8708b1fe7d83788b490638126db4d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 20 Feb 2022 07:23:28 GMT
X-Content-Type-Options
nosniff
Last-Modified
Sun, 9 Nov 1980 12:59:00 GMT
Server
Apache
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Cache-Control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Connection
keep-alive
Content-Type
image/gif
Content-Length
42
Expires
Sun, 9 Nov 1980 12:58:00 GMT
;ord=3173808708692.625;v=120
trkn.us/pixel/conv/ppt=17607;g=hsa_formers_nov-2021_v3;gid=40546;cv1=https://www.staradvertiser.com/ 		42 B
780 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trkn.us/pixel/conv/ppt=17607;g=hsa_formers_nov-2021_v3;gid=40546;cv1=https://www.staradvertiser.com/;ord=3173808708692.625;v=120
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.20.115.1 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-20-115-1.compute-1.amazonaws.com
Software
Apache /
Resource Hash
b2c78c910f5ea29e3a9d223dabc203c055c8708b1fe7d83788b490638126db4d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 20 Feb 2022 07:23:28 GMT
X-Content-Type-Options
nosniff
Last-Modified
Sun, 9 Nov 1980 12:59:00 GMT
Server
Apache
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Cache-Control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Connection
keep-alive
Content-Type
image/gif
Content-Length
42
Expires
Sun, 9 Nov 1980 12:58:00 GMT
wp-emoji-release.min.js
www.staradvertiser.com/wp-includes/js/ Frame BEF0 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.staradvertiser.com/wp-includes/js/wp-emoji-release.min.js?ver=5.8.3
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/covid-19-statistics-box/?version=1.20
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/covid-19-statistics-box/?version=1.20
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:28 GMT
content-encoding
br
last-modified
Tue, 08 Jun 2021 22:15:12 GMT
server
nginx
etag
W/"60bfebf0-4705"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
covid19-bg3.jpg
sa-media.s3.amazonaws.com/images/ Frame BEF0 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sa-media.s3.amazonaws.com/images/covid19-bg3.jpg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/covid-19-statistics-box/?version=1.20
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.196.89 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
7161dab7927e17051951fb435d3e2ae75487302cdf61e9a461c131f809087727

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Sun, 20 Feb 2022 07:23:29 GMT
Last-Modified
Fri, 14 Aug 2020 03:07:23 GMT
Server
AmazonS3
x-amz-request-id
CRS8MTXDMZHGKC4S
ETag
"4a7b83d4b403780ecae30088ebb71b03"
Content-Type
image/jpeg
x-amz-version-id
lFLMrTK3ih0ss2vdev_5u2M4okXo8Lp0
Accept-Ranges
bytes
Content-Length
16082
x-amz-id-2
0EbKGoxWSmAXUTBAF1/RwZWpVaUnJvTEg6R7jVR6w4Li96O76VtACV+DX0HDq+eRjLY7he7gBk8=
anchor
www.google.com/recaptcha/api2/ Frame 5CF4 		41 KB
21 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdAlLwUAAAAABkgsamHb8lqNqVqvZQKWYXKl57b&co=aHR0cHM6Ly93d3cuc3RhcmFkdmVydGlzZXIuY29tOjQ0Mw..&hl=de&v=1B_yv3CBEV10KtI2HJ6eEXhJ&size=invisible&cb=3qvs80ej9gs1
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/1B_yv3CBEV10KtI2HJ6eEXhJ/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
4e8b4d8d4f9431cca2f13ac27e5434d23777a271edcfb2161eef8bde0dc9e77d
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-j0Qpi1uY16Sb3ob+M2bDGg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Sun, 20 Feb 2022 07:23:28 GMT
content-security-policy
script-src 'report-sample' 'nonce-j0Qpi1uY16Sb3ob+M2bDGg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
21717
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
favicon.ico
ad.doubleclick.net/ 		1 KB
664 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.70 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f6.1e100.net
Software
sffe /
Resource Hash
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 01:51:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
19901
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
last-modified
Tue, 08 May 2012 13:08:06 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/x-icon
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 21 Feb 2022 01:51:47 GMT
achoice.svg
widgets.outbrain.com/images/widgetIcons/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widgets.outbrain.com/images/widgetIcons/achoice.svg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-190.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:28 GMT
last-modified
Mon, 20 Dec 2021 10:37:08 GMT
server
AkamaiNetStorage
etag
"9d26fa4e7238ed94f1d0d92afb453b3e:1639997209.278109"
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
2735
expires
Tue, 22 Mar 2022 07:23:28 GMT
ga-audiences
www.google.com/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-16272709-1&cid=565048288.1645341808&jid=62307304&_u=IEBAAEAAAAAAAC~&z=1828530671
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 20 Feb 2022 07:23:28 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-16272709-1&cid=565048288.1645341808&jid=62307304&_u=IEBAAEAAAAAAAC~&z=1828530671
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 20 Feb 2022 07:23:28 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ares_assets.json
origami.secure.ownlocal.com/origami_unit/production/ Frame 42E6 		168 B
200 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://origami.secure.ownlocal.com/origami_unit/production/ares_assets.json
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.4.1/rollbar.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.77.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.77.96.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
496db6d47cb7396e6e92ea0d527d26f700d1719a5e993a26379d927da5fd9b20

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 19 Feb 2022 19:01:42 GMT
x-goog-meta-goog-reserved-file-mtime
1605019378
age
44506
x-guploader-uploadid
ADPycdtwWwLu2LCy_aAyWFtZDnePhcpoNyPOIZHuJATDWpLNzqPoVJ-ecenN9kV16KtoN0iSyHHaa_Pmp_lWQoHU6W8
x-goog-storage-class
MULTI_REGIONAL
x-goog-meta-surrogate-key
ares-unit-bundle-production
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
168
accept-ranges
bytes
last-modified
Tue, 10 Nov 2020 14:52:03 GMT
server
UploadServer
etag
"71690f93d8fcaf07c33c4d217bd2d1be"
x-goog-hash
crc32c=nuzGdQ==, md5=cWkPk9j8rwfDPE0he9LRvg==
x-goog-generation
1605019923603319
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=86400
x-goog-stored-content-length
168
x-goog-meta-surrogate-key-control
max-age=31536000
content-type
application/json
expires
Sun, 20 Feb 2022 19:01:42 GMT
/
geo.privacymanager.io/ 		28 B
591 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://geo.privacymanager.io/
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.4.6/rollbar.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.25.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-25-44.lax53.r.cloudfront.net
Software
/
Resource Hash
3b3ed4b191fdd529075b8e099f5daefd684e80acd4c9514a70b6ad746e949544

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 19 Feb 2022 10:27:05 GMT
via
1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 b7b1a2eee8508a9a20c99d23ed8145ce.cloudfront.net (CloudFront)
age
75384
x-amzn-requestid
4da24041-216d-4ab0-8123-28b34089b455
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type
application/json
access-control-allow-origin
*
x-amzn-trace-id
Root=1-6210c5f9-17352c3f12d7fced58e3ea52;Sampled=0
x-cache
Hit from cloudfront
x-amz-cf-pop
HIO50-C1, LAX53-P1
x-amz-apigw-id
NyPfDGTWDoEFkHA=
content-length
28
x-amz-cf-id
WHfTAyY_7rrr59o74DwgwX1wscIWs-9k5fioaadCGpmclf_4jGXdBg==
access-control-allow-headers
Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
skeleton.gif
static.adsafeprotected.com/ 		43 B
482 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.adsafeprotected.com/skeleton.gif
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:224a:e00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 06 Aug 2021 16:14:35 GMT
via
1.1 9135737f9852a1a33e45e8c90861e8be.cloudfront.net (CloudFront)
age
17075334
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
43
last-modified
Mon, 17 Aug 2020 23:55:15 GMT
server
AmazonS3
etag
"45cf913e5d9d3c9b2058033056d3dd23"
x-amz-version-id
iiN8XkcmZQdDIQeKkzAiegPwcD.5WPja
cache-control
max-age=315360000
x-amz-cf-pop
DUS51-P1
accept-ranges
bytes
content-type
image/gif
x-amz-cf-id
kCPIRfv31TZsFoMWun7sDpgrXsrX35_39xjG6wKQU7qKw14TVuX7eA==
trk.gif
jadserve.postrelease.com/ 		43 B
426 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/trk.gif?ntv_at=394&ntv_usid=2474981&ntv_pl=1102376
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.231.120.176 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-231-120-176.compute-1.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 20 Feb 2022 07:23:28 GMT
server
nginx/1.12.1
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
gdprConsent
jadserve.postrelease.com/ 		43 B
426 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/gdprConsent?ntv_pl=1102376&ntv_gdpr_consent=&ntv_it
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.231.120.176 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-231-120-176.compute-1.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 20 Feb 2022 07:23:28 GMT
server
nginx/1.12.1
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
bid
c.amazon-adsystem.com/e/dtb/ 		23 B
496 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.staradvertiser.com%2F&pid=Y0qqK21Mri06y&cb=0&ws=1600x1200&v=7.73.0&t=2000&slots=%5B%7B%22sd%22%3A%22div-gpt-ad-1443757323385-3%22%2C%22s%22%3A%5B%22300x100%22%5D%2C%22kv%22%3A%7B%22pubcid.org%22%3A%5B%220305f4ff-0764-4ba2-8339-1e423dda0174%22%5D%7D%2C%22sn%22%3A%22%2F5136785%2FSA_Tile1_HomePage%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1449255182659-3%22%2C%22s%22%3A%5B%22300x100%22%5D%2C%22kv%22%3A%7B%22pubcid.org%22%3A%5B%220305f4ff-0764-4ba2-8339-1e423dda0174%22%5D%7D%2C%22sn%22%3A%22%2F5136785%2FSA_Tile2_HomePage%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1444028495459-18%22%2C%22s%22%3A%5B%22982x30%22%5D%2C%22kv%22%3A%7B%22pubcid.org%22%3A%5B%220305f4ff-0764-4ba2-8339-1e423dda0174%22%5D%7D%2C%22sn%22%3A%22%2F5136785%2FSA_x15_HomePage%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1444028495459-33%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%2C%22970x250%22%5D%2C%22kv%22%3A%7B%22pubcid.org%22%3A%5B%220305f4ff-0764-4ba2-8339-1e423dda0174%22%5D%7D%2C%22sn%22%3A%22%2F5136785%2FSA_Top_HomePage%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1444028495459-79%22%2C%22s%22%3A%5B%22320x50%22%2C%22728x90%22%5D%2C%22kv%22%3A%7B%22pubcid.org%22%3A%5B%220305f4ff-0764-4ba2-8339-1e423dda0174%22%5D%7D%2C%22sn%22%3A%22%2F5136785%2FSA_Bottom_HomePage%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1444028495459-45%22%2C%22s%22%3A%5B%22320x50%22%2C%22728x90%22%5D%2C%22kv%22%3A%7B%22pubcid.org%22%3A%5B%220305f4ff-0764-4ba2-8339-1e423dda0174%22%5D%7D%2C%22sn%22%3A%22%2F5136785%2FSA_Banner1_HomePage%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1444028495459-46%22%2C%22s%22%3A%5B%22320x50%22%2C%22728x90%22%5D%2C%22kv%22%3A%7B%22pubcid.org%22%3A%5B%220305f4ff-0764-4ba2-8339-1e423dda0174%22%5D%7D%2C%22sn%22%3A%22%2F5136785%2FSA_Banner2_HomePage%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1444028495459-47%22%2C%22s%22%3A%5B%22320x50%22%2C%22728x90%22%5D%2C%22kv%22%3A%7B%22pubcid.org%22%3A%5B%220305f4ff-0764-4ba2-8339-1e423dda0174%22%5D%7D%2C%22sn%22%3A%22%2F5136785%2FSA_Banner3_HomePage%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1483134122312-0%22%2C%22s%22%3A%5B%22300x100%22%5D%2C%22kv%22%3A%7B%22pubcid.org%22%3A%5B%220305f4ff-0764-4ba2-8339-1e423dda0174%22%5D%7D%2C%22sn%22%3A%22%2F5136785%2FSA_Sponsor-MostRead_HomePage%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1444028495459-51%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22kv%22%3A%7B%22pubcid.org%22%3A%5B%220305f4ff-0764-4ba2-8339-1e423dda0174%22%5D%7D%2C%22sn%22%3A%22%2F5136785%2FSA_Box1_HomePage%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1444028495459-65%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22kv%22%3A%7B%22pubcid.org%22%3A%5B%220305f4ff-0764-4ba2-8339-1e423dda0174%22%5D%7D%2C%22sn%22%3A%22%2F5136785%2FSA_Box2_HomePage%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1444788445358-0%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22kv%22%3A%7B%22pubcid.org%22%3A%5B%220305f4ff-0764-4ba2-8339-1e423dda0174%22%5D%7D%2C%22sn%22%3A%22%2F5136785%2FSA_Box3_HomePage%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1482886799060-0%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22kv%22%3A%7B%22pubcid.org%22%3A%5B%220305f4ff-0764-4ba2-8339-1e423dda0174%22%5D%7D%2C%22sn%22%3A%22%2F5136785%2FSA_Box-Top_HomePage%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1521079920643-0%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22kv%22%3A%7B%22pubcid.org%22%3A%5B%220305f4ff-0764-4ba2-8339-1e423dda0174%22%5D%7D%2C%22sn%22%3A%22%2F5136785%2FSA_Box-Top-2_HomePage%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1444965704525-0%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22kv%22%3A%7B%22pubcid.org%22%3A%5B%220305f4ff-0764-4ba2-8339-1e423dda0174%22%5D%7D%2C%22sn%22%3A%22%2F5136785%2FSA_MenuBox%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1445920181141-0%22%2C%22s%22%3A%5B%22300x100%22%5D%2C%22kv%22%3A%7B%22pubcid.org%22%3A%5B%220305f4ff-0764-4ba2-8339-1e423dda0174%22%5D%7D%2C%22sn%22%3A%22%2F5136785%2FSA_MenuTile%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1465867295375-0%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22kv%22%3A%7B%22pubcid.org%22%3A%5B%220305f4ff-0764-4ba2-8339-1e423dda0174%22%5D%7D%2C%22sn%22%3A%22%2F5136785%2FSA_Box-events_TGIF%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1564775939722-0%22%2C%22s%22%3A%5B%221x1%22%5D%2C%22kv%22%3A%7B%22pubcid.org%22%3A%5B%220305f4ff-0764-4ba2-8339-1e423dda0174%22%5D%7D%2C%22sn%22%3A%22%2F5136785%2FSA_Footer_Homepage%22%7D%5D&pubid=ced4075c-e9ce-4f68-a498-b8a3cd48cc57&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.4.6/rollbar.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.250.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-250-78.fra6.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:28 GMT
via
1.1 f038e7175be9761825b2eefc2b0a832e.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA6-C1
x-amz-rid
PABMBZVN5S37BAR1NRW5
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.staradvertiser.com
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
23
x-amz-cf-id
ILWnKDXOrQl96siKFwModCMHba-U-WVuv3DzBRFIkHJ8k5_9OJpAlw==
translator
hbopenbid.pubmatic.com/ 		0
0
ares_assets.json
origami.secure.ownlocal.com/origami_unit/production/ Frame EA32 		168 B
200 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://origami.secure.ownlocal.com/origami_unit/production/ares_assets.json
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.4.1/rollbar.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.77.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.77.96.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
496db6d47cb7396e6e92ea0d527d26f700d1719a5e993a26379d927da5fd9b20

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 19 Feb 2022 19:01:42 GMT
x-goog-meta-goog-reserved-file-mtime
1605019378
age
44506
x-guploader-uploadid
ADPycdtwWwLu2LCy_aAyWFtZDnePhcpoNyPOIZHuJATDWpLNzqPoVJ-ecenN9kV16KtoN0iSyHHaa_Pmp_lWQoHU6W8
x-goog-storage-class
MULTI_REGIONAL
x-goog-meta-surrogate-key
ares-unit-bundle-production
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
168
accept-ranges
bytes
last-modified
Tue, 10 Nov 2020 14:52:03 GMT
server
UploadServer
etag
"71690f93d8fcaf07c33c4d217bd2d1be"
x-goog-hash
crc32c=nuzGdQ==, md5=cWkPk9j8rwfDPE0he9LRvg==
x-goog-generation
1605019923603319
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=86400
x-goog-stored-content-length
168
x-goog-meta-surrogate-key-control
max-age=31536000
content-type
application/json
expires
Sun, 20 Feb 2022 19:01:42 GMT
/
geoip.insticator.com/json/ 		210 B
401 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://geoip.insticator.com/json/
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.4.6/rollbar.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.210.11.204 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-210-11-204.compute-1.amazonaws.com
Software
/
Resource Hash
70fb114037fd9e681fa34ca7bfe2c107d7c85420d7511762e934eeaed9bc6d64

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

access-control-allow-origin
https://www.staradvertiser.com
date
Sun, 20 Feb 2022 07:23:29 GMT
access-control-allow-credentials
true
x-database-date
Sun, 20 Feb 2022 05:37:49 GMT
content-length
210
vary
Origin
content-type
application/json
0305f4ff-0764-4ba2-8339-1e423dda0174
h99w9l39sa.execute-api.us-east-1.amazonaws.com/prod/commonid/ 		2 B
212 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://h99w9l39sa.execute-api.us-east-1.amazonaws.com/prod/commonid/0305f4ff-0764-4ba2-8339-1e423dda0174
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.4.6/rollbar.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.236.178.185 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-236-178-185.compute-1.amazonaws.com
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 20 Feb 2022 07:23:29 GMT
x-amzn-requestid
0694fe2d-6396-4ceb-aa22-97426f8986b6
x-amz-apigw-id
N1HhsEqdIAMF_BQ=
x-amzn-trace-id
Root=1-6211ec71-782ec9077bdd99ce7a45f250;Sampled=0
content-length
2
content-type
application/json
usertracking
b2c.insticator.com/v3/pages/ Frame 6BA0 		8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://b2c.insticator.com/v3/pages/usertracking
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/header-tags/134cd2a0-7eab-4f89-ad56-f416cc5743c6/58dd42ce-1cdb-4ab3-8524-38a7cdc64a9d.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.234.103.215 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-234-103-215.compute-1.amazonaws.com
Software
/
Resource Hash
984bca55409990098cf74adc47ed650c3d22c68900739950bd14c04c9d45f8f7

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/

Response headers

date
Sun, 20 Feb 2022 07:23:29 GMT
content-type
text/html; charset=UTF-8
content-length
2821
etag
3af08c8f-50e9-4c06-84e4-46f29323a06b
vary
Accept-Encoding,Origin
pragma
max-age=3600
cache-control
max-age=3600
content-encoding
gzip
134cd2a0-7eab-4f89-ad56-f416cc5743c6.js
df80k0z3fi8zg.cloudfront.net/files/instibid/ 		350 KB
108 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://df80k0z3fi8zg.cloudfront.net/files/instibid/134cd2a0-7eab-4f89-ad56-f416cc5743c6.js
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/header-tags/134cd2a0-7eab-4f89-ad56-f416cc5743c6/58dd42ce-1cdb-4ab3-8524-38a7cdc64a9d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2315:3c00:10:3422:3f00:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2f50df3f61cf01517d36e005388cb034af3d6ea3a884f0c1f97c76f624c58f61

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id
MkcR4VdDhlnqho9uwcj1qBLhtfbiwniJ
content-encoding
gzip
last-modified
Mon, 14 Feb 2022 17:56:43 GMT
server
AmazonS3
age
31314
etag
W/"f22e15e0413d09bdf152275e2d668305"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 ddd7d19501f4b19d560bfedbdd9b13ce.cloudfront.net (CloudFront)
date
Sat, 19 Feb 2022 22:41:35 GMT
x-amz-cf-pop
DUS51-P2
x-amz-cf-id
6D_IU5DXXOlH9p9pYTw3aM9WCjT-EMATTLnOBh6-ORfdEwmDnK3v_w==
pwt.js
ads.pubmatic.com/AdServer/js/pwt/95054/2912/ 		199 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/pwt/95054/2912/pwt.js
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/header-tags/134cd2a0-7eab-4f89-ad56-f416cc5743c6/58dd42ce-1cdb-4ab3-8524-38a7cdc64a9d.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3d7a3dca6cb4bccb97b70de73a8246ca11e1945aa69114a16df27df7ade0102a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:28 GMT
content-encoding
gzip
last-modified
Wed, 02 Feb 2022 15:04:13 GMT
server
Apache/2.2.15 (CentOS)
etag
"1121321-31c24-5d70a54af7d58"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
public, max-age=44478
accept-ranges
bytes
content-type
text/javascript
content-length
63950
expires
Sun, 20 Feb 2022 19:44:46 GMT
config.js
confiant-integrations.global.ssl.fastly.net/Fseez_-nDyWQXIJsbnoKkKTHXC4/gpt_and_prebid/ 		81 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://confiant-integrations.global.ssl.fastly.net/Fseez_-nDyWQXIJsbnoKkKTHXC4/gpt_and_prebid/config.js
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/header-tags/134cd2a0-7eab-4f89-ad56-f416cc5743c6/58dd42ce-1cdb-4ab3-8524-38a7cdc64a9d.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1d4ea4fc124c2f08ec19fc1a0430fec3b1f3fc9e6c0464050c968b16a586a1d6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Sun, 20 Feb 2022 07:23:29 GMT
Content-Encoding
gzip
Age
1380
X-Cache
HIT
Connection
keep-alive
Content-Length
19544
x-amz-id-2
dsYopbP7BXW23JJ5vlE5c/elTZqVqJuyCIehLImFgSlfL1bK4spriB2s5jHFGbkN0GGUZGrasjQ=
X-Served-By
cache-hhn4041-HHN
Last-Modified
Sun, 20 Feb 2022 06:23:19 GMT
Server
AmazonS3
X-Timer
S1645341809.010200,VS0,VE0
ETag
"cef6f7b40dfc40bdaed580c74e931488"
x-amz-request-id
5G66117G7D2H1AWV
Via
1.1 varnish
Cache-Control
public, max-age=900, stale-while-revalidate=3600
Accept-Ranges
bytes
Content-Type
text/javascript
X-Cache-Hits
34
bundle.js
auth.instiengage.com/auth/ Frame 4261 		74 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://auth.instiengage.com/auth/bundle.js
Requested by
Host: auth.instiengage.com
URL: https://auth.instiengage.com/auth/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2182:8a00:9:78a:e540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
454e275a24548d7c90f785185bef0f45a1a31227dbdf262e23663d3a1c893d34

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://auth.instiengage.com/auth/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id
z9_dsDhFEXvmKWuBLcY14W3grjGzZbNe
content-encoding
br
last-modified
Fri, 11 Feb 2022 18:07:15 GMT
server
AmazonS3
age
186
etag
W/"9bea1145c763a33ae96eac3f3997743f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 c51e3be89c14e3f859ea898f7e36ecec.cloudfront.net (CloudFront)
date
Sun, 20 Feb 2022 07:20:32 GMT
x-amz-cf-pop
DUS51-C1
x-amz-cf-id
4e2Qnn6vGMBAFkEMgcFJ3M00NdfsFDr8dnzwQ7f6xnRNz094J9SKIA==
spc_fi.php
cdn.firstimpression.io/delivery/ 		45 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.firstimpression.io/delivery/spc_fi.php?id=7470&url=%2F&charset=UTF-8&ch=7&ref=www.staradvertiser.com&viewerId=null&referer=&_firid=6592864
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.4.6/rollbar.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-124.fra6.r.cloudfront.net
Software
nginx/1.20.0 / PHP/8.0.14
Resource Hash
fd9da47add4efdbbffcc622dcd0565df51a2a14ab8cacbc6e4ac04821608f14e

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.staradvertiser.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:28 GMT
content-encoding
gzip
x-amz-cf-pop
FRA6-C1
x-powered-by
PHP/8.0.14
x-cache
Miss from cloudfront
p3p
CP="CUR ADM OUR NOR STA NID"
pragma
no-cache
access-control-allow-origin
https://www.staradvertiser.com
server
nginx/1.20.0
vary
Accept-Encoding
content-type
application/json; charset=UTF-8
via
1.1 71b147cd3102755b55ba8b6fd34e3f4a.cloudfront.net (CloudFront)
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-amz-cf-id
WD5kPeJZTA7wLJoRHWGYLNhNCYIye6EPEOON6IZvzmJxRyvciQnCkQ==
expires
0
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/712386318/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/712386318/?random=1645341808822&cv=9&fst=1645341808822&num=1&label=hqBoCLnO39gBEI7O2NMC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg2g0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.staradvertiser.com%2F&tiba=Hawaii%20News%20%7C%20Honolulu%20Star-Advertiser&hn=www.googleadservices.com&us_privacy=error&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3c1e96b298d4071fec3936df7838e36961b7b6e361413ebdee9055698ed901e6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 20 Feb 2022 07:23:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1077
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/ Frame BEF0 		141 KB
22 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/bootstrap.min.css
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/prefixfree/1.0.7/prefixfree.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c0f3dcfe93d7e380c290fe4ab838ed8cadff1596d62697f5444be460d1f876d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:28 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
601, 617, 617
age
26190405
cdn-cachedat
2021-04-23 05:58:16
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
timing-allow-origin
*
access-control-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:04 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css; charset=utf-8
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
a2cdf6002e5898310bcc2c0b2e47a44c
cf-ray
6e05fd614c7a59b9-MXP
cdn-requestcountrycode
EG
cdn-requestpullsuccess
True
sa-style-2018.css
www.staradvertiser.com/wp-content/themes/staradvertiser/css/ Frame BEF0 		67 KB
15 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.staradvertiser.com/wp-content/themes/staradvertiser/css/sa-style-2018.css?version=1.82
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/prefixfree/1.0.7/prefixfree.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
cb8b1419780ed6f78469a86d286c2668ab0a9e78582797defafc1d7f2762ffb5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/covid-19-statistics-box/?version=1.20
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:28 GMT
content-encoding
br
last-modified
Tue, 15 Jun 2021 01:44:26 GMT
server
nginx
etag
W/"60c805fa-10c45"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
wsl8gsu.css
use.typekit.net/ Frame BEF0 		6 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/wsl8gsu.css
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/prefixfree/1.0.7/prefixfree.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:5f80:a::b212:e7c0 , Russian Federation, ASN50952 (DATAIX-AS Peering Ltd., RU),
Reverse DNS
Software
nginx /
Resource Hash
bf78c9bad3b9a376810a5a12afa3d5a7a3ec5199228f34ee33d8ae13536a5f1f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains;
content-encoding
gzip
server
nginx
date
Sun, 20 Feb 2022 07:23:28 GMT
vary
Accept-Encoding
content-type
text/css;charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
922
all.css
use.fontawesome.com/releases/v5.0.10/css/ Frame BEF0 		36 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.0.10/css/all.css
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/prefixfree/1.0.7/prefixfree.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cfac6241dd3aabb5f1552c17501790093015c006a8e13671823c1ff4872beaae

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:28 GMT
content-encoding
br
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
12756851
access-control-allow-methods
GET
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
B36X1BCHCQ732ADZ
x-amz-id-2
20uffz1kDj+aqh3fOgw+IcBHEkwif8F90uXiEgrQdOM9jvm/W6jTyG/26uvoUregVDavczVZqQc=
last-modified
Wed, 30 Jun 2021 15:26:49 GMT
server
cloudflare
etag
W/"d1acb8ad33b1526acbfd3f0028b859b0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EL0bLlySZOd8ABz2J21DoZchoXWueyy0YeVgQRAmwPlabuNjxOYIadGbLuxbMeUXmMMVNO4R53ft83iyXY2E4vN%2BwvWO0y7o21OE1d2Q9gzk8%2BqxDVBAbUH4wOdVVWTG0bEW62SP2l%2BxRgeIL3EmTYih"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31556926
cf-ray
6e05fd61394f59f5-MXP
common.cmd-hsa-minified.1569273721.css
www.staradvertiser.com/wp-content/plugins/hsa-polls/css/ Frame BEF0 		502 B
460 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.staradvertiser.com/wp-content/plugins/hsa-polls/css/common.cmd-hsa-minified.1569273721.css?ver=5.8.3
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/prefixfree/1.0.7/prefixfree.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
0e2a560f13627bee0925e5e49243f611d9a4cef76f56f4c96d3d3a6510a1d29c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/covid-19-statistics-box/?version=1.20
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:28 GMT
content-encoding
br
last-modified
Tue, 04 Feb 2020 19:56:12 GMT
server
nginx
etag
W/"5e39cc5c-1f6"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
style.min.css
www.staradvertiser.com/wp-includes/css/dist/block-library/ Frame BEF0 		79 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.staradvertiser.com/wp-includes/css/dist/block-library/style.min.css?ver=5.8.3
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/prefixfree/1.0.7/prefixfree.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
cb16845f3c28284255639a36b2d6fed7a0f10aad38ac166cb8a7c90ee07b4372

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/covid-19-statistics-box/?version=1.20
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:28 GMT
content-encoding
br
last-modified
Wed, 01 Sep 2021 04:05:58 GMT
server
nginx
etag
W/"612efc26-13abe"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
vfb-style.min.css
www.staradvertiser.com/wp-content/plugins/vfb-pro/public/assets/css/ Frame BEF0 		66 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.staradvertiser.com/wp-content/plugins/vfb-pro/public/assets/css/vfb-style.min.css?ver=2019.05.10
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/prefixfree/1.0.7/prefixfree.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
2a03771453248c5eb3ee390d87edddd490ac37484b6a6c95567ffc222fccd107

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/covid-19-statistics-box/?version=1.20
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:28 GMT
content-encoding
br
last-modified
Wed, 10 Feb 2021 19:20:25 GMT
server
nginx
etag
W/"602431f9-108dd"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
css
fonts.googleapis.com/ Frame BEF0 		16 KB
1016 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Source+Sans+Pro%3A300%2C400%2C700%2C300italic%2C400italic%2C700italic%7CBitter%3A400%2C700&subset=latin%2Clatin-ext
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/prefixfree/1.0.7/prefixfree.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d5502471827af86b745c40e045c7ffa3e58fa7ced50fb20ed7e37025a9abfdaf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 20 Feb 2022 07:20:06 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sun, 20 Feb 2022 07:23:28 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 20 Feb 2022 07:23:28 GMT
genericons.css
www.staradvertiser.com/wp-content/themes/staradvertiser/genericons/ Frame BEF0 		30 KB
19 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.staradvertiser.com/wp-content/themes/staradvertiser/genericons/genericons.css?ver=3.03
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/prefixfree/1.0.7/prefixfree.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
4d5679eb4ffe764c49e2fb1386bf3ef04139e7a5a9e867da46aa1045374d6925

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/covid-19-statistics-box/?version=1.20
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:28 GMT
content-encoding
br
last-modified
Mon, 23 Sep 2019 21:22:01 GMT
server
nginx
etag
W/"5d893779-7945"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
style.css
www.staradvertiser.com/wp-content/themes/staradvertiser/ Frame BEF0 		0
188 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.staradvertiser.com/wp-content/themes/staradvertiser/style.css?ver=2015-12-08
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/prefixfree/1.0.7/prefixfree.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/covid-19-statistics-box/?version=1.20
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:28 GMT
last-modified
Mon, 23 Sep 2019 21:22:01 GMT
server
nginx
etag
"5d893779-0"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
0
facets.min.css
www.staradvertiser.com/wp-content/plugins/elasticpress/features/facets/assets/css/ Frame BEF0 		789 B
479 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.staradvertiser.com/wp-content/plugins/elasticpress/features/facets/assets/css/facets.min.css?ver=2.5.2
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/prefixfree/1.0.7/prefixfree.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
125b1c5f96e7bd6829d8ce638c463f14c0a78f7cadee45d6ea4584b897aaf1e3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/covid-19-statistics-box/?version=1.20
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:28 GMT
content-encoding
br
last-modified
Mon, 23 Sep 2019 21:22:01 GMT
server
nginx
etag
W/"5d893779-315"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
ares-unit.js
origami.secure.ownlocal.com/origami_unit/production/ Frame 42E6 		114 KB
114 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://origami.secure.ownlocal.com/origami_unit/production/ares-unit.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.77.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.77.96.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
343ea3c17fa2d9c0502e019abd2f22d748dc6926105fc21c2aaded55e783b38a

Request headers

Referer
https://www.staradvertiser.com/
Origin
https://www.staradvertiser.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 19 Feb 2022 16:25:31 GMT
x-goog-meta-goog-reserved-file-mtime
1605019378
age
53877
x-guploader-uploadid
ADPycduPnVB0igZfKC48CuIMhDAGf6bYn21fgwivqmq3IPldof_XgcNUfQFg9WpGz4WV3yNlV6W3N0zbOJ6Lutg_Gew
x-goog-storage-class
MULTI_REGIONAL
x-goog-meta-surrogate-key
ares-unit-bundle-production
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
116430
accept-ranges
bytes
last-modified
Tue, 10 Nov 2020 14:52:03 GMT
server
UploadServer
etag
"1446c964725d9fed3a606a6f124276ac"
x-goog-hash
crc32c=KknYiA==, md5=FEbJZHJdn+06YGpvEkJ2rA==
x-goog-generation
1605019923664535
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=86400
x-goog-stored-content-length
116430
x-goog-meta-surrogate-key-control
max-age=31536000
content-type
application/javascript
expires
Sun, 20 Feb 2022 16:25:31 GMT
1401480206566122
connect.facebook.net/signals/config/ 		312 KB
89 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1401480206566122?v=2.9.52&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
eb9dbe481dbd9f58d980df39569fb1ba4e941ccdbebf2bc5be7b3568976185e9
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
x-xss-protection
0
pragma
public
x-fb-debug
tJMDpdkGetGVp9z79ElXXUIi4tLG/nVYjzdYOgH7OI6Dni58/KbAxNZkoxzAXCwEmvjsKLOCWcHQ/cY4Zdudqw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Sun, 20 Feb 2022 07:23:29 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=309252323293891&ev=PageView&dl=https%3A%2F%2Fwww.staradvertiser.com%2F&rl=&if=false&ts=1645341808847&sw=1600&sh=1200&v=2.9.52&r=stable&ec=0&o=30&par[0]=%7B%22extractorID%22%3A%22456843294878480%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%22priceCurrency%22%3A%22USD%22%7D%7D%7D&par[1]=%7B%22extractorID%22%3A%222346298978947266%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%7D%7D%7D&fbp=fb.1.1645341808846.1687757412&it=1645341808376&coo=false&exp=p0&rqm=GET
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:29 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length
44
expires
Sun, 20 Feb 2022 07:23:29 GMT
id
googleads.g.doubleclick.net/pagead/ Frame 429E
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/id
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
100 B
146 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/videoseries?list=PL4hYTOAQ-Qk4ksml-4NKgz3JafpO-tfY-
Protocol
H3
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8905d2adc8537ef18432a612f54387ef4e6562a2f6647f0620ffea63b4cea81f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
120
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sun, 20 Feb 2022 07:23:28 GMT
x-content-type-options
nosniff
access-control-allow-origin
https://www.youtube.com
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad_status.js
static.doubleclick.net/instream/ Frame 429E 		29 B
588 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.doubleclick.net/instream/ad_status.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/c3125ad0/www-embed-player.vflset/www-embed-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:14:18 GMT
x-content-type-options
nosniff
age
550
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29
x-xss-protection
0
last-modified
Thu, 12 Dec 2013 23:40:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 20 Feb 2022 07:29:18 GMT
styles__ltr.css
www.gstatic.com/recaptcha/releases/1B_yv3CBEV10KtI2HJ6eEXhJ/ Frame 5CF4 		51 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/1B_yv3CBEV10KtI2HJ6eEXhJ/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdAlLwUAAAAABkgsamHb8lqNqVqvZQKWYXKl57b&co=aHR0cHM6Ly93d3cuc3RhcmFkdmVydGlzZXIuY29tOjQ0Mw..&hl=de&v=1B_yv3CBEV10KtI2HJ6eEXhJ&size=invisible&cb=3qvs80ej9gs1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 18 Feb 2022 23:10:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
115996
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24237
x-xss-protection
0
last-modified
Mon, 14 Feb 2022 05:01:42 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 18 Feb 2023 23:10:12 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/1B_yv3CBEV10KtI2HJ6eEXhJ/ Frame 5CF4 		358 KB
142 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/1B_yv3CBEV10KtI2HJ6eEXhJ/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdAlLwUAAAAABkgsamHb8lqNqVqvZQKWYXKl57b&co=aHR0cHM6Ly93d3cuc3RhcmFkdmVydGlzZXIuY29tOjQ0Mw..&hl=de&v=1B_yv3CBEV10KtI2HJ6eEXhJ&size=invisible&cb=3qvs80ej9gs1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ee5d8f682805ed45d8c9ff24941a1ad286763bf61e23fde210d41e5016607106
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 19 Feb 2022 10:01:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
76907
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
144945
x-xss-protection
0
last-modified
Mon, 14 Feb 2022 05:01:42 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 19 Feb 2023 10:01:41 GMT
bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/ Frame BEF0 		141 KB
22 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/bootstrap.min.css
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/prefixfree/1.0.7/prefixfree.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c0f3dcfe93d7e380c290fe4ab838ed8cadff1596d62697f5444be460d1f876d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:28 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
601, 617, 617
age
26190405
cdn-cachedat
2021-04-23 05:58:16
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
timing-allow-origin
*
access-control-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:04 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css; charset=utf-8
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
a2cdf6002e5898310bcc2c0b2e47a44c
cf-ray
6e05fd61dd6b59b9-MXP
cdn-requestcountrycode
EG
cdn-requestpullsuccess
True
sa-style-2018.css
www.staradvertiser.com/wp-content/themes/staradvertiser/css/ Frame BEF0 		67 KB
15 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.staradvertiser.com/wp-content/themes/staradvertiser/css/sa-style-2018.css?version=1.82
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/prefixfree/1.0.7/prefixfree.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
cb8b1419780ed6f78469a86d286c2668ab0a9e78582797defafc1d7f2762ffb5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/covid-19-statistics-box/?version=1.20
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:28 GMT
content-encoding
br
last-modified
Tue, 15 Jun 2021 01:44:26 GMT
server
nginx
etag
W/"60c805fa-10c45"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
wsl8gsu.css
use.typekit.net/ Frame BEF0 		6 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/wsl8gsu.css
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/prefixfree/1.0.7/prefixfree.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:5f80:a::b212:e7c0 , Russian Federation, ASN50952 (DATAIX-AS Peering Ltd., RU),
Reverse DNS
Software
nginx /
Resource Hash
bf78c9bad3b9a376810a5a12afa3d5a7a3ec5199228f34ee33d8ae13536a5f1f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains;
content-encoding
gzip
server
nginx
date
Sun, 20 Feb 2022 07:23:28 GMT
vary
Accept-Encoding
content-type
text/css;charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
922
all.css
use.fontawesome.com/releases/v5.0.10/css/ Frame BEF0 		36 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.0.10/css/all.css
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/prefixfree/1.0.7/prefixfree.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cfac6241dd3aabb5f1552c17501790093015c006a8e13671823c1ff4872beaae

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:28 GMT
content-encoding
br
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
12756851
access-control-allow-methods
GET
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
B36X1BCHCQ732ADZ
x-amz-id-2
20uffz1kDj+aqh3fOgw+IcBHEkwif8F90uXiEgrQdOM9jvm/W6jTyG/26uvoUregVDavczVZqQc=
last-modified
Wed, 30 Jun 2021 15:26:49 GMT
server
cloudflare
etag
W/"d1acb8ad33b1526acbfd3f0028b859b0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9qa2Yub%2FwcTMojjbzuWcOFONZrcrUIBUB87KrJaqu%2F00lz4LB5ZqeycN9GY8cFk4dMIvP%2BbNWeKUEFcb5I2u6dEWlln56hTTgxrsao58t3btmfv5YyZr58fSkUGOMnIzEdKV5emfeQSBgbu1ZZf5bDcJ"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31556926
cf-ray
6e05fd61da5d59f5-MXP
common.cmd-hsa-minified.1569273721.css
www.staradvertiser.com/wp-content/plugins/hsa-polls/css/ Frame BEF0 		502 B
460 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.staradvertiser.com/wp-content/plugins/hsa-polls/css/common.cmd-hsa-minified.1569273721.css?ver=5.8.3
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/prefixfree/1.0.7/prefixfree.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
0e2a560f13627bee0925e5e49243f611d9a4cef76f56f4c96d3d3a6510a1d29c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/covid-19-statistics-box/?version=1.20
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:28 GMT
content-encoding
br
last-modified
Tue, 04 Feb 2020 19:56:12 GMT
server
nginx
etag
W/"5e39cc5c-1f6"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
style.min.css
www.staradvertiser.com/wp-includes/css/dist/block-library/ Frame BEF0 		79 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.staradvertiser.com/wp-includes/css/dist/block-library/style.min.css?ver=5.8.3
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/prefixfree/1.0.7/prefixfree.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
cb16845f3c28284255639a36b2d6fed7a0f10aad38ac166cb8a7c90ee07b4372

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/covid-19-statistics-box/?version=1.20
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:28 GMT
content-encoding
br
last-modified
Wed, 01 Sep 2021 04:05:58 GMT
server
nginx
etag
W/"612efc26-13abe"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
vfb-style.min.css
www.staradvertiser.com/wp-content/plugins/vfb-pro/public/assets/css/ Frame BEF0 		66 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.staradvertiser.com/wp-content/plugins/vfb-pro/public/assets/css/vfb-style.min.css?ver=2019.05.10
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/prefixfree/1.0.7/prefixfree.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
2a03771453248c5eb3ee390d87edddd490ac37484b6a6c95567ffc222fccd107

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/covid-19-statistics-box/?version=1.20
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:28 GMT
content-encoding
br
last-modified
Wed, 10 Feb 2021 19:20:25 GMT
server
nginx
etag
W/"602431f9-108dd"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
css
fonts.googleapis.com/ Frame BEF0 		16 KB
1016 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Source+Sans+Pro%3A300%2C400%2C700%2C300italic%2C400italic%2C700italic%7CBitter%3A400%2C700&subset=latin%2Clatin-ext
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/prefixfree/1.0.7/prefixfree.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d5502471827af86b745c40e045c7ffa3e58fa7ced50fb20ed7e37025a9abfdaf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 20 Feb 2022 07:20:46 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sun, 20 Feb 2022 07:23:28 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 20 Feb 2022 07:23:28 GMT
genericons.css
www.staradvertiser.com/wp-content/themes/staradvertiser/genericons/ Frame BEF0 		30 KB
19 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.staradvertiser.com/wp-content/themes/staradvertiser/genericons/genericons.css?ver=3.03
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/prefixfree/1.0.7/prefixfree.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
4d5679eb4ffe764c49e2fb1386bf3ef04139e7a5a9e867da46aa1045374d6925

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/covid-19-statistics-box/?version=1.20
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:28 GMT
content-encoding
br
last-modified
Mon, 23 Sep 2019 21:22:01 GMT
server
nginx
etag
W/"5d893779-7945"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
style.css
www.staradvertiser.com/wp-content/themes/staradvertiser/ Frame BEF0 		0
188 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.staradvertiser.com/wp-content/themes/staradvertiser/style.css?ver=2015-12-08
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/prefixfree/1.0.7/prefixfree.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/covid-19-statistics-box/?version=1.20
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:28 GMT
last-modified
Mon, 23 Sep 2019 21:22:01 GMT
server
nginx
etag
"5d893779-0"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
0
facets.min.css
www.staradvertiser.com/wp-content/plugins/elasticpress/features/facets/assets/css/ Frame BEF0 		789 B
479 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.staradvertiser.com/wp-content/plugins/elasticpress/features/facets/assets/css/facets.min.css?ver=2.5.2
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/prefixfree/1.0.7/prefixfree.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.132.100 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
100.132.68.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
125b1c5f96e7bd6829d8ce638c463f14c0a78f7cadee45d6ea4584b897aaf1e3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/covid-19-statistics-box/?version=1.20
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:28 GMT
content-encoding
br
last-modified
Mon, 23 Sep 2019 21:22:01 GMT
server
nginx
etag
W/"5d893779-315"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
remote.js
www.youtube.com/s/player/c3125ad0/player_ias.vflset/de_DE/ Frame 429E 		119 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/c3125ad0/player_ias.vflset/de_DE/remote.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/c3125ad0/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
221d3a2d426c59a6409d52c0479926772d85f1432c59b92d0997397567025897
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/videoseries?list=PL4hYTOAQ-Qk4ksml-4NKgz3JafpO-tfY-
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 17 Feb 2022 15:55:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
228497
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37823
x-xss-protection
0
last-modified
Thu, 17 Feb 2022 01:18:33 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 17 Feb 2023 15:55:11 GMT
6spa0TxKVv-Gz-nhby53VDP5NXwWUT4lf5BRKwyA5GA.js
www.google.com/js/th/ Frame 429E 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/js/th/6spa0TxKVv-Gz-nhby53VDP5NXwWUT4lf5BRKwyA5GA.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/c3125ad0/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eaca5ad13c4a56ff86cfe9e16f2e775433f9357c16513e257f90512b0c80e460
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 18 Feb 2022 13:07:59 GMT
content-encoding
br
x-content-type-options
nosniff
age
152129
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13581
x-xss-protection
0
last-modified
Tue, 08 Feb 2022 16:00:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 18 Feb 2023 13:07:59 GMT
embed.js
www.youtube.com/s/player/c3125ad0/player_ias.vflset/de_DE/ Frame 429E 		26 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/c3125ad0/player_ias.vflset/de_DE/embed.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/c3125ad0/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a577e36e5d969ddf3f78d35584fd3186309bbcf56427a8b0e1faba9e126a2065
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/videoseries?list=PL4hYTOAQ-Qk4ksml-4NKgz3JafpO-tfY-
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 17 Feb 2022 15:54:57 GMT
content-encoding
br
x-content-type-options
nosniff
age
228511
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7727
x-xss-protection
0
last-modified
Thu, 17 Feb 2022 01:18:33 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 17 Feb 2023 15:54:57 GMT
truncated
/ Frame 429E 		175 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type
image/png
AKedOLSxErALqBCtFurtafnvvpJtsw16ZDgzVPfmASEwLw=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame 429E 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yt3.ggpht.com/ytc/AKedOLSxErALqBCtFurtafnvvpJtsw16ZDgzVPfmASEwLw=s68-c-k-c0x00ffffff-no-rj
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/videoseries?list=PL4hYTOAQ-Qk4ksml-4NKgz3JafpO-tfY-
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
144af7bafe02560b9d2ef48a35c13844873b533d84db56b03b0f19263cb7437f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:00:18 GMT
x-content-type-options
nosniff
age
1391
content-disposition
inline;filename="unnamed.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5310
x-xss-protection
0
server
fife
etag
"v2f6f"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Tue, 16 Nov 2021 21:21:18 GMT
default.jpg
i.ytimg.com/vi/kP5lcpPATAY/ Frame 429E 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi/kP5lcpPATAY/default.jpg
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/videoseries?list=PL4hYTOAQ-Qk4ksml-4NKgz3JafpO-tfY-
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
68a4eece4a674fd820a36d676f39d7f89857e75ced09dddf43762ba00ce12dd2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:29 GMT
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4026
x-xss-protection
0
server
sffe
etag
"1645232408"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/jpeg
cache-control
public, max-age=300
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sun, 20 Feb 2022 07:28:29 GMT
ares-unit.js
origami.secure.ownlocal.com/origami_unit/production/ Frame EA32 		114 KB
114 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://origami.secure.ownlocal.com/origami_unit/production/ares-unit.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.77.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.77.96.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
343ea3c17fa2d9c0502e019abd2f22d748dc6926105fc21c2aaded55e783b38a

Request headers

Referer
https://www.staradvertiser.com/
Origin
https://www.staradvertiser.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 19 Feb 2022 16:25:31 GMT
x-goog-meta-goog-reserved-file-mtime
1605019378
age
53878
x-guploader-uploadid
ADPycduPnVB0igZfKC48CuIMhDAGf6bYn21fgwivqmq3IPldof_XgcNUfQFg9WpGz4WV3yNlV6W3N0zbOJ6Lutg_Gew
x-goog-storage-class
MULTI_REGIONAL
x-goog-meta-surrogate-key
ares-unit-bundle-production
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
116430
accept-ranges
bytes
last-modified
Tue, 10 Nov 2020 14:52:03 GMT
server
UploadServer
etag
"1446c964725d9fed3a606a6f124276ac"
x-goog-hash
crc32c=KknYiA==, md5=FEbJZHJdn+06YGpvEkJ2rA==
x-goog-generation
1605019923664535
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=86400
x-goog-stored-content-length
116430
x-goog-meta-surrogate-key-control
max-age=31536000
content-type
application/javascript
expires
Sun, 20 Feb 2022 16:25:31 GMT
apstag.js
c.amazon-adsystem.com/aax2/ Frame 6412 		134 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.250.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-250-78.fra6.r.cloudfront.net
Software
Server /
Resource Hash
784acd540b5fcfb87c47dfe12e5311084ce692366a2ac196fd5cc8eb28ff4c23

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:22:42 GMT
content-encoding
gzip
age
46
x-cache
Hit from cloudfront
timing-allow-origin
*
server
Server
x-amz-rid
12AJZT2HNTNTRN9XWCBQ
etag
c1da564f59b83b9805e8df92eca012f5
vary
Accept-Encoding
x-amz-version-id
GtBleBshAfJx9KFXwg43LDlo50FXi9le
via
1.1 f038e7175be9761825b2eefc2b0a832e.cloudfront.net (CloudFront)
cache-control
public, max-age=900
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
MYAHlwm2dwV55KUl16pHdmuUcGz9jYV1677RaRmZR-zmx2rbQ4IVAg==
prebidamp.js
ecdn.firstimpression.io/static/js/ 		312 KB
115 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ecdn.firstimpression.io/static/js/prebidamp.js
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/fi_client.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-121.dus51.r.cloudfront.net
Software
nginx/1.18.0 /
Resource Hash
9180f589b3c6ace89b0d577f9bbc4d136d2fab3e2c19831caa0bd815f0702d83

Request headers

Referer
https://www.staradvertiser.com/
Origin
https://www.staradvertiser.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 06:26:17 GMT
content-encoding
gzip
last-modified
Sat, 19 Feb 2022 21:40:57 GMT
server
nginx/1.18.0
age
3432
etag
W/"621163e9-4e128"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
x-amz-cf-pop
DUS51-P1
x-amz-cf-id
A-UlWLqCn5nJvZelfORvF84yHfwesOejgvA9JTFkBq035YCtCYuTDA==
via
1.1 cca0e030e1fac6fb27702d182fb6a74a.cloudfront.net (CloudFront)
expires
Sun, 20 Feb 2022 07:26:17 GMT
creative.js
cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/ 		26 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/fi_client.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e72a4d605e3d5af4047f1f34af4008981be221e0809e57805c6011c451f81c14
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.staradvertiser.com/
Origin
https://www.staradvertiser.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:29 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
37612
x-jsd-version
1.13.0
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19183-FRA, cache-mxp6920-MXP
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"682b-2ihEYwqesMldd0dS8BiHEV2ELiA"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
cf-ray
6e05fd62aea183a3-MXP
apstag.js
c.amazon-adsystem.com/aax2/ 		134 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/fi_client.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.250.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-250-78.fra6.r.cloudfront.net
Software
Server /
Resource Hash
784acd540b5fcfb87c47dfe12e5311084ce692366a2ac196fd5cc8eb28ff4c23

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:22:42 GMT
content-encoding
gzip
age
46
x-cache
Hit from cloudfront
timing-allow-origin
*
server
Server
x-amz-rid
12AJZT2HNTNTRN9XWCBQ
etag
c1da564f59b83b9805e8df92eca012f5
vary
Accept-Encoding
x-amz-version-id
GtBleBshAfJx9KFXwg43LDlo50FXi9le
via
1.1 f038e7175be9761825b2eefc2b0a832e.cloudfront.net (CloudFront)
cache-control
public, max-age=900
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
YuFWv7ZHJxVKy9jGq4UMW_xAbMHIgHYmBf_CJoMDEASXmnWhQGJ8QA==
p.css
p.typekit.net/ Frame BEF0 		5 B
181 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://p.typekit.net/p.css?s=1&k=wsl8gsu&ht=tk&f=139.140.175.176.28494.28496.28497.28498&a=84346937&app=typekit&e=css
Requested by
Host: client
URL: about:client
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:5f80:a::b212:e7c0 , Russian Federation, ASN50952 (DATAIX-AS Peering Ltd., RU),
Reverse DNS
Software
nginx /
Resource Hash
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:29 GMT
last-modified
Fri, 10 Sep 2021 23:46:21 GMT
server
nginx
etag
"613bee4d-5"
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
5
tag.min.js
get.s-onetag.com/42a30fdd-c1da-4d85-ab06-c212412bd9ab/ 		18 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://get.s-onetag.com/42a30fdd-c1da-4d85-ab06-c212412bd9ab/tag.min.js
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/header-tags/134cd2a0-7eab-4f89-ad56-f416cc5743c6/58dd42ce-1cdb-4ab3-8524-38a7cdc64a9d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.4.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-157-4-91.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
83af3eed9bc9713193f2ad86f6214e2554ec29f8022e054dcf696a10d59ff9d2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id
aT8uF5QDZCsxz_FuCjV0EGzNRrUyg9DX
content-encoding
gzip
last-modified
Thu, 17 Jun 2021 18:02:42 GMT
server
AmazonS3
age
17499
etag
W/"51ed6db266476896c6fe9a06992898e2"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
via
1.1 7ef588f1ad9c3a185cdaf4119943040e.cloudfront.net (CloudFront)
cache-control
max-age=86400
date
Sun, 20 Feb 2022 02:31:51 GMT
x-amz-cf-pop
DUS51-P2
x-amz-cf-id
q-M-S7cj4d5OkfszZBV8QGQZ_D8fKoJopnaGCRcKojgxUH2fQLkdVQ==
latest.json
origami.secure.ownlocal.com/origami_configs/d20a1cec-5ad0-4bcc-b728-adce1684b675/ Frame 42E6 		2 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://origami.secure.ownlocal.com/origami_configs/d20a1cec-5ad0-4bcc-b728-adce1684b675/latest.json
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.4.1/rollbar.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.77.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.77.96.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
c3a4ce632669ba3473ebc4df56752a726a808cc6fc9486544908f84a00eb36b5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:29 GMT
age
0
x-guploader-uploadid
ADPycdvfFLmaU3aZTVJoZYvt-hd1tPrb1UqYum9A6YW1YT0EXI2BBXRqrTIAlu3ojLa_LPkn51vKR53IVNlrzZ5jZs4
x-goog-storage-class
MULTI_REGIONAL
x-goog-meta-surrogate-key
d20a1cec-5ad0-4bcc-b728-adce1684b675
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2130
last-modified
Sat, 19 Feb 2022 07:32:28 GMT
server
UploadServer
etag
"73dc48d8c4d8235843e431c58f07cdd2"
x-goog-hash
crc32c=d0Zhrw==, md5=c9xI2MTYI1hD5DHFjwfN0g==
x-goog-generation
1645169558587280
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public,max-age=0,s-maxage=3600
x-goog-stored-content-length
2130
accept-ranges
bytes
content-type
application/json
expires
Sun, 20 Feb 2022 08:23:29 GMT
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 5CF4 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/1B_yv3CBEV10KtI2HJ6eEXhJ/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/1B_yv3CBEV10KtI2HJ6eEXhJ/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 03:05:30 GMT
x-content-type-options
nosniff
age
361079
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2228
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin-allow-popups; report-to="recaptcha"
expires
Wed, 23 Feb 2022 03:05:30 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 5CF4 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdAlLwUAAAAABkgsamHb8lqNqVqvZQKWYXKl57b&co=aHR0cHM6Ly93d3cuc3RhcmFkdmVydGlzZXIuY29tOjQ0Mw..&hl=de&v=1B_yv3CBEV10KtI2HJ6eEXhJ&size=invisible&cb=3qvs80ej9gs1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 11:18:05 GMT
x-content-type-options
nosniff
age
417924
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 15 Feb 2023 11:18:05 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 5CF4 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdAlLwUAAAAABkgsamHb8lqNqVqvZQKWYXKl57b&co=aHR0cHM6Ly93d3cuc3RhcmFkdmVydGlzZXIuY29tOjQ0Mw..&hl=de&v=1B_yv3CBEV10KtI2HJ6eEXhJ&size=invisible&cb=3qvs80ej9gs1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 18:59:48 GMT
x-content-type-options
nosniff
age
390221
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 15 Feb 2023 18:59:48 GMT
fiamp.js
ecdn.firstimpression.io/static/js/ Frame 6C9F 		110 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ecdn.firstimpression.io/static/js/fiamp.js
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/fi_client.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-121.dus51.r.cloudfront.net
Software
nginx/1.18.0 /
Resource Hash
3d34b2f2e02c7937501dd51255ee7900c9ec823f07b3d8d0fc19c5e242058cf9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 06:31:11 GMT
content-encoding
gzip
last-modified
Sat, 19 Feb 2022 14:55:12 GMT
server
nginx/1.18.0
age
3138
etag
W/"621104d0-1b8e9"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
x-amz-cf-pop
DUS51-P1
x-amz-cf-id
DTWBS16VWa3BiVsRcu3PITeNpScnZBeMWB6_eAIr37SW2xgqCfAvOQ==
via
1.1 6ee47dd27ca379a812104b559e9a5a22.cloudfront.net (CloudFront)
expires
Sun, 20 Feb 2022 07:31:11 GMT
trk.gif
jadserve.postrelease.com/ 		43 B
426 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/trk.gif?ntv_ui=79df00dc-d616-4795-a515-add1991a61dd&ntv_fl=CF4se3gYGjAPzQcMJoAeWZBvuMByf3mSfd6pqSUcCCjE72VesWY2C5eDzpryLU6FksteqSkcleECuBpMyDg10kh9hRpUxoQvsbFu8riQFzHex10p6aEspHCEI2HBiMbQCZ0EW_xVt7dlFF12ofcegBc8Qi1DBn-1dciN-qOUWv7FmgRF7UCsq7-gwvDp9JgA_7fyI_gG0ha1yaXw0q6hKgzYWnVM1s9l36ezEh2tvrE=&ntv_ht=cOwRYgA&ntv_at=303,302&ntv_a=AAAAAAAAAAKNIQA&ord=1645341809215&ntv_it
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.231.120.176 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-231-120-176.compute-1.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 20 Feb 2022 07:23:29 GMT
server
nginx/1.12.1
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
webworker.js
www.google.com/recaptcha/api2/ Frame 5CF4 		102 B
134 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=1B_yv3CBEV10KtI2HJ6eEXhJ
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdAlLwUAAAAABkgsamHb8lqNqVqvZQKWYXKl57b&co=aHR0cHM6Ly93d3cuc3RhcmFkdmVydGlzZXIuY29tOjQ0Mw..&hl=de&v=1B_yv3CBEV10KtI2HJ6eEXhJ&size=invisible&cb=3qvs80ej9gs1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
e603b509658fdf55f0b46c6af2e7c189447f5046357e7d359b1fe6803574f7f2
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdAlLwUAAAAABkgsamHb8lqNqVqvZQKWYXKl57b&co=aHR0cHM6Ly93d3cuc3RhcmFkdmVydGlzZXIuY29tOjQ0Mw..&hl=de&v=1B_yv3CBEV10KtI2HJ6eEXhJ&size=invisible&cb=3qvs80ej9gs1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
112
x-xss-protection
1; mode=block
expires
Sun, 20 Feb 2022 07:23:29 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.staradvertiser.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 20 Feb 2022 07:23:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.staradvertiser.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 20 Feb 2022 07:23:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		26 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3369027831208136&correlator=1256814745405582&eid=31064151%2C31065013%2C31063223%2C31064869&output=ldjh&gdfp_req=1&vrg=2022021401&ptt=17&impl=fifs&sc=1&sfv=1-0-38&ecs=20220220&iu_parts=2507246%3A5136785%2Cstaradvertiser.com_Web_300x250_1&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&prev_scp=h%3D7%26shb%3D1%26tg%3D1%26p%3DBTF%26at%3D1%26hostname%3Dwww.staradvertiser.com%26consent%3D0%26Exclude_Adx%3DN%26ib%3Dnofill%26iba%3D0%26iaid%3Dnofill%26it%3Dil&eri=1&cust_params=ip%3D0%26he%3D0&cookie_enabled=1&bc=31&abxe=1&dt=1645341809290&lmt=1645341809&dlt=1645341806985&idt=1693&frm=20&biw=1600&bih=1200&oid=2&adxs=1162&adys=9249&adks=1231134253&ucis=1&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fwww.staradvertiser.com%2F&vis=1&scr_x=0&scr_y=0&psz=300x574&msz=300x-1&ga_vid=565048288.1645341808&ga_sid=1645341809&ga_hid=907291583&ga_fc=true&fws=0&ohw=0&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nvt=1
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.4.6/rollbar.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
dbb75d9ad91414d024ac64690f0445464cbedd4ee6d71f47fae84d68b14b9d34
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:29 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11806
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.staradvertiser.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		48 KB
19 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3369027831208136&correlator=3489288592203139&eid=31064151%2C31065013%2C31063223%2C31064869&output=ldjh&gdfp_req=1&vrg=2022021401&ptt=17&impl=fifs&sc=1&sfv=1-0-38&ecs=20220220&iu_parts=2507246%3A5136785%2Cstaradvertiser.com_Web_300x250_2&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&prev_scp=h%3D7%26shb%3D1%26tg%3D1%26p%3DBTF%26at%3D1%26hostname%3Dwww.staradvertiser.com%26consent%3D0%26Exclude_Adx%3DN%26ib%3Dnofill%26iba%3D0%26iaid%3Dnofill%26it%3Dil&eri=1&cust_params=ip%3D0%26he%3D0&cookie_enabled=1&bc=31&abxe=1&dt=1645341809295&lmt=1645341809&dlt=1645341806985&idt=1693&frm=20&biw=1600&bih=1200&oid=2&adxs=1162&adys=9529&adks=2233527209&ucis=2&ifi=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fwww.staradvertiser.com%2F&vis=1&scr_x=0&scr_y=0&psz=300x574&msz=300x-1&ga_vid=565048288.1645341808&ga_sid=1645341809&ga_hid=907291583&ga_fc=true&fws=0&ohw=0&btvi=2&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nvt=1
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.4.6/rollbar.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
bfa61eb1efee11e70c9bc08430eb7e9ece6abb95aa75a163572c5eef1315d0c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:29 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19327
x-xss-protection
0
google-lineitem-id
5747548770
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138357539018
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.staradvertiser.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		26 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3369027831208136&correlator=2586698852990710&eid=31064151%2C31065013%2C31063223%2C31064869&output=ldjh&gdfp_req=1&vrg=2022021401&ptt=17&impl=fifs&sc=1&sfv=1-0-38&ecs=20220220&iu_parts=2507246%3A5136785%2Cstaradvertiser.com_Web_728x90_1&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&prev_scp=h%3D7%26shb%3D1%26tg%3D1%26p%3DBTF%26at%3D1%26hostname%3Dwww.staradvertiser.com%26consent%3D0%26Exclude_Adx%3DN%26ib%3Dnofill%26iba%3D0%26iaid%3Dnofill%26it%3Dil&eri=1&cust_params=ip%3D0%26he%3D0&cookie_enabled=1&bc=31&abxe=1&dt=1645341809297&lmt=1645341809&dlt=1645341806985&idt=1693&frm=20&biw=1600&bih=1200&oid=2&adxs=436&adys=10698&adks=613459873&ucis=3&ifi=3&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fwww.staradvertiser.com%2F&vis=1&scr_x=0&scr_y=0&psz=1350x142&msz=1320x-1&ga_vid=565048288.1645341808&ga_sid=1645341809&ga_hid=907291583&ga_fc=true&fws=0&ohw=0&btvi=3&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nvt=1
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.4.6/rollbar.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
b5e627a6a302154ef2b927c31a48ca17d13a3e68ed923661a86f5efb1f0ebc79
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:29 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11723
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.staradvertiser.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 997E 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Sun, 20 Feb 2022 07:23:29 GMT
expires
Mon, 20 Feb 2023 07:23:29 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
wrap.js
confiant-integrations.global.ssl.fastly.net/gptprebidnative/202202161834/ 		184 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://confiant-integrations.global.ssl.fastly.net/gptprebidnative/202202161834/wrap.js
Requested by
Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/Fseez_-nDyWQXIJsbnoKkKTHXC4/gpt_and_prebid/config.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
38e27f6cbe86b26bf65dff11b6d203ecc3231ddcd010cc89a3889f3c03bc3f73

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Sun, 20 Feb 2022 07:23:29 GMT
Content-Encoding
gzip
Age
605
X-Cache
HIT
Connection
keep-alive
Content-Length
59645
x-amz-id-2
M5VyQhY8WTEvqYhgzGZ1GXZ0F5OL3J1CSRR0M5FESKZJfwqMk5mWYHJVqcywx2G4vEvtmfHR6yU=
X-Served-By
cache-hhn4041-HHN
Last-Modified
Thu, 17 Feb 2022 18:21:30 GMT
Server
AmazonS3
X-Timer
S1645341809.307700,VS0,VE0
ETag
"724754dd331b2038d7b614ac5d8a9900"
x-amz-request-id
RZXQQ1BZETZHQ713
Via
1.1 varnish
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Content-Type
application/javascript; charset=utf-8
X-Cache-Hits
1553
v2wjo1hXC6_9IOUTT6SmRJKKDCvUxrB9sLt1Ab7Ajrdvkn75MSLDkDQP7qTm330lAmsdgFVfm
lorenzourban.com/ 		209 B
650 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://lorenzourban.com/v2wjo1hXC6_9IOUTT6SmRJKKDCvUxrB9sLt1Ab7Ajrdvkn75MSLDkDQP7qTm330lAmsdgFVfm
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.4.6/rollbar.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.96.133 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
133.96.201.35.bc.googleusercontent.com
Software
/
Resource Hash
a5603ec98056eb1fae466d03b0d66094257e14492a2bf2b1ab88a8b3b464a1ae
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://www.staradvertiser.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
access-control-allow-methods
POST, OPTIONS
x-datacenter
gce-europe-west1
date
Sun, 20 Feb 2022 07:23:29 GMT
vary
Accept-Encoding, Origin
x-hostname
fen-hoothoot-europe-west1-spot-kh86
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.staradvertiser.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-buildnumber
473687343
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
content-length
209
expires
Sun, 20 Feb 2022 07:23:28 GMT
/
www.google.com/pagead/1p-user-list/712386318/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/712386318/?random=1645341808822&cv=9&fst=1645340400000&num=1&label=hqBoCLnO39gBEI7O2NMC&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg2g0&sendb=1&frm=0&url=https%3A%2F%2Fwww.staradvertiser.com%2F&tiba=Hawaii%20News%20%7C%20Honolulu%20Star-Advertiser&async=1&fmt=3&is_vtc=1&random=3507568946&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 20 Feb 2022 07:23:29 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/712386318/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/712386318/?random=1645341808822&cv=9&fst=1645340400000&num=1&label=hqBoCLnO39gBEI7O2NMC&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg2g0&sendb=1&frm=0&url=https%3A%2F%2Fwww.staradvertiser.com%2F&tiba=Hawaii%20News%20%7C%20Honolulu%20Star-Advertiser&async=1&fmt=3&is_vtc=1&random=3507568946&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 20 Feb 2022 07:23:29 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
latest.json
origami.secure.ownlocal.com/origami_configs/5773249b-a1f3-436c-bd6e-6af0b00e84e0/ Frame EA32 		3 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://origami.secure.ownlocal.com/origami_configs/5773249b-a1f3-436c-bd6e-6af0b00e84e0/latest.json
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.4.1/rollbar.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.77.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.77.96.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
765c9fcc6adacf0f9b30ba7114992518ddf4a5a8e5a89756272cfa0b1c9c0923

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 06:47:36 GMT
age
2153
x-guploader-uploadid
ADPycdtKnqxvi6rQAPgrYO8ELihjyX0ytut7fHV61XvFcir9lVlS4iynse-FmRKjV_XLkwS12N9PhbKKPd_L2A_TLng
x-goog-storage-class
MULTI_REGIONAL
x-goog-meta-surrogate-key
5773249b-a1f3-436c-bd6e-6af0b00e84e0
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2903
last-modified
Sat, 19 Feb 2022 07:32:21 GMT
server
UploadServer
etag
"0db70b178ec9372c0313beb785a9d043"
x-goog-hash
crc32c=jek6cw==, md5=DbcLF47JNywDE763hanQQw==
x-goog-generation
1644737559355847
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public,max-age=0,s-maxage=3600
x-goog-stored-content-length
2903
accept-ranges
bytes
content-type
application/json
expires
Sun, 20 Feb 2022 07:47:36 GMT
config
c.amazon-adsystem.com/cdn/prod/ Frame 6412 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.staradvertiser.com&pubid=70fb13d1-ab65-42ac-a7ca-0b4e680d5c92
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.250.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-250-78.fra6.r.cloudfront.net
Software
Server /
Resource Hash
2e0b76760753ecabd92d6562f5900f745acbefc7226fd4af4127f9aaeea9dba2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 01:44:38 GMT
via
1.1 f038e7175be9761825b2eefc2b0a832e.cloudfront.net (CloudFront)
server
Server
age
20330
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.staradvertiser.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-pop
FRA6-C1
content-length
1897
x-amz-cf-id
264-3IlQtpNTcu-lQT1BQTngZggoeNhQlfzWoDjeECz1cj_Z8SawiA==
bid
c.amazon-adsystem.com/e/dtb/ Frame 6412 		64 B
537 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.staradvertiser.com%2F&pid=0XDPXaH8diwsO&cb=0&ws=0x0&v=7.73.0&t=3000&slots=%5B%7B%22sd%22%3A%22div-insticator-ad-1%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F2507246%2Fstaradvertiser.com_Web_300x250_1%22%7D%2C%7B%22sd%22%3A%22div-insticator-ad-2%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F2507246%2Fstaradvertiser.com_Web_300x250_2%22%7D%2C%7B%22sd%22%3A%22div-insticator-ad-4%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F2507246%2Fstaradvertiser.com_Web_728x90_1%22%7D%5D&schain=1.0%2C1!insticator.com%2C0eda47e1-3a3f-4444-8ab9-a525f4133e8d%2C1%2C%2C%2C&pubid=70fb13d1-ab65-42ac-a7ca-0b4e680d5c92&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.250.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-250-78.fra6.r.cloudfront.net
Software
Server /
Resource Hash
d278491b1de51ad826d16be5ab27b1746999c02d45200f107218427e34eed798
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:29 GMT
via
1.1 f038e7175be9761825b2eefc2b0a832e.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA6-C1
x-amz-rid
F3YJ6BAT1ZJR1FK3BF75
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.staradvertiser.com
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
64
x-amz-cf-id
bkkz3npB0jMLFA9nCnlxd8prWK5FvyCra5J7Ef2wITTYWVTJdfSpVQ==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame 6412 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.250.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-250-78.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id
kI14R7urpxgHjeMWGWlNpVn0IgFose_t
content-encoding
gzip
etag
W/"a4d296427fc806b21335359e398c025c"
age
21225
x-cache
Hit from cloudfront
access-control-max-age
3000
access-control-allow-origin
*
last-modified
Sat, 19 Feb 2022 01:26:04 GMT
server
AmazonS3
date
Sun, 20 Feb 2022 01:29:45 GMT
vary
Origin
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 f0a97a8c56cd2bb79a1739863489ed4c.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
FRA6-C1
x-amz-cf-id
7y-YZQg2E0dbIsMypfvnHRCxTW8H4iqr3lMTCF3JIZl0rEfKGE3Qfw==
/
www.facebook.com/tr/ 		44 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1401480206566122&ev=PageView&dl=https%3A%2F%2Fwww.staradvertiser.com%2F&rl=&if=false&ts=1645341809352&sw=1600&sh=1200&v=2.9.52&r=stable&ec=0&o=30&fbp=fb.1.1645341808846.1687757412&it=1645341808376&coo=false&exp=p0&rqm=GET
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:29 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority
u=3,i
expires
Sun, 20 Feb 2022 07:23:29 GMT
/
www.facebook.com/tr/ 		44 B
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=309252323293891&ev=ViewContent&dl=https%3A%2F%2Fwww.staradvertiser.com%2F&rl=&if=false&ts=1645341809354&cd[content_type]=Homepage&sw=1600&sh=1200&v=2.9.52&r=stable&ec=1&o=30&fbp=fb.1.1645341808846.1687757412&it=1645341808376&coo=false&exp=p0&rqm=GET
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:29 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority
u=3,i
expires
Sun, 20 Feb 2022 07:23:29 GMT
/
www.facebook.com/tr/ 		44 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1401480206566122&ev=ViewContent&dl=https%3A%2F%2Fwww.staradvertiser.com%2F&rl=&if=false&ts=1645341809354&cd[content_type]=Homepage&sw=1600&sh=1200&v=2.9.52&r=stable&ec=1&o=30&fbp=fb.1.1645341808846.1687757412&it=1645341808376&coo=false&exp=p0&rqm=GET
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:29 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority
u=3,i
expires
Sun, 20 Feb 2022 07:23:29 GMT
prebidamp.js
ecdn.firstimpression.io/static/js/ Frame 6C9F 		312 KB
115 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ecdn.firstimpression.io/static/js/prebidamp.js
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/fiamp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-121.dus51.r.cloudfront.net
Software
nginx/1.18.0 /
Resource Hash
9180f589b3c6ace89b0d577f9bbc4d136d2fab3e2c19831caa0bd815f0702d83

Request headers

Referer
https://www.staradvertiser.com/
Origin
https://www.staradvertiser.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 06:26:17 GMT
content-encoding
gzip
last-modified
Sat, 19 Feb 2022 21:40:57 GMT
server
nginx/1.18.0
age
3432
etag
W/"621163e9-4e128"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
x-amz-cf-pop
DUS51-P1
x-amz-cf-id
5wS9GF1vBwlYEcmYEQNU6Npnk91DYchjo1Fx0djW7gF9BnfRfKt1mg==
via
1.1 cca0e030e1fac6fb27702d182fb6a74a.cloudfront.net (CloudFront)
expires
Sun, 20 Feb 2022 07:26:17 GMT
tiny-slider.css
cdnjs.cloudflare.com/ajax/libs/tiny-slider/2.9.1/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/tiny-slider/2.9.1/tiny-slider.css
Requested by
Host: cdn.cityspark.com
URL: https://cdn.cityspark.com/wid/get.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e9b8906a8b7540b8accfd2a491c0821d6bd6d8ccbd4ab53a56da8906ff028423
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:29 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1507186
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
573
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:17:01 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ffd-882"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ILbQg6OttMpJgE0C3ARv26HnHi2gaBIwLDZMhl8KTcWX0jKKPdirVCh3e9xJFQsH4qljUtxpXzeb%2Fu%2BsiTVK72es5Crpj%2BB4Z8Ht7xzgDh5OS0nDiww9rIbqR%2FBW9CmLxp%2FJg8g1sRdkvFRGgd7dV8UI"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6e05fd6498c20f72-MXP
expires
Fri, 10 Feb 2023 07:23:29 GMT
one.js
csp.azureedge.net/cdn/OneCol/ 		138 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://csp.azureedge.net/cdn/OneCol/one.js?v=7
Requested by
Host: cdn.cityspark.com
URL: https://cdn.cityspark.com/wid/get.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:fb::5f65:5949 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
eee64e7a420c5e70f9c636da84110997eb85bf5e55e56a003ff4b448d4889897

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:29 GMT
content-encoding
gzip
last-modified
Wed, 25 Aug 2021 15:51:54 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"1d799c9204961e2"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
61870
ats.js
ats.rlcdn.com/ Frame 6412 		109 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ats.rlcdn.com/ats.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-86.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
72c5d10e99c6620a2561415895a84064b5b5616c2b1914602263886be4cdc229

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id
28x_tDvW9kJ.rWgfbdZIcgxbFDdgh9p3
content-encoding
gzip
etag
W/"d7dfa2940a5d5ce3beedd8774c961dd7"
age
10124
x-amz-server-side-encryption
AES256
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:eu-west-1:469675294282:build/ATSLibrary-prod:6fbe2bf4-0d3f-4234-a84e-c584de5ecb5e
x-cache
Hit from cloudfront
x-amz-meta-codebuild-content-md5
8c7650e47b7f894f6ae5a1fc4919cee6
last-modified
Thu, 16 Dec 2021 12:45:56 GMT
server
AmazonS3
date
Sun, 20 Feb 2022 04:34:46 GMT
vary
Accept-Encoding
x-amz-meta-codebuild-content-sha256
ae589a6335869a8948d0172dfafea0c42638763d87ea89591504c580a5c4f6c7
via
1.1 a350f357b825293e306b1b0a2cb490c0.cloudfront.net (CloudFront)
cache-control
must-revalidate,public,max-age=86400
x-amz-cf-pop
FRA6-C1
content-type
application/x-javascript
x-amz-cf-id
0p7cYi8TDi8lks-DcthYsdQgr2Spmqu6XgNBdtiQ3p5LJZ9cPgjDXA==
pubcid.min.js
secure.cdn.fastclick.net/js/pubcid/latest/ Frame 6412 		53 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.219.144 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-219-144.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
a4350fed8ed92bbf4f462fc245028928ac33afa25d2231b28c334b91cd0d3952

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:29 GMT
content-encoding
gzip
last-modified
Tue, 01 Jun 2021 17:06:57 GMT
server
Apache
etag
"d398-5c3b75e9ebb41-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
17087
expires
Sun, 20 Feb 2022 07:38:29 GMT
config.js
confiant-integrations.global.ssl.fastly.net/pOIAx-8QWovHK9PBpEctv-fzgXs/gpt_and_prebid/ Frame 6412 		63 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://confiant-integrations.global.ssl.fastly.net/pOIAx-8QWovHK9PBpEctv-fzgXs/gpt_and_prebid/config.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2b8351122b4c595aabf558ac61bd606f706974f14bcd21be575536ca6472e2a4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Sun, 20 Feb 2022 07:23:29 GMT
Content-Encoding
gzip
Age
3064
X-Cache
HIT
Connection
keep-alive
Content-Length
15229
x-amz-id-2
Ijqrb6YTxtvhNnq8IOqeBmCtrFn7xCGGsxARHFVor3kkEP2XftRhLslqq0pEVxlSDCkAR7sbcjc=
X-Served-By
cache-hhn4041-HHN
Last-Modified
Sun, 20 Feb 2022 05:29:18 GMT
Server
AmazonS3
X-Timer
S1645341809.402318,VS0,VE0
ETag
"4856ec002dbe86c5d418dde169a1a545"
x-amz-request-id
N0C8XFPTJADB8QZ0
Via
1.1 varnish
Cache-Control
public, max-age=900, stale-while-revalidate=3600
Accept-Ranges
bytes
Content-Type
text/javascript
X-Cache-Hits
105
id5-api.js
cdn.id5-sync.com/api/1.0/ Frame 6412 		38 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.105.202.126 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
60d76e5d3d47c3f67063f6ad8c4c19906031164734d901e60a8842d0a292a1cd
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
br
x-cacheable
Matched cache
x-cdn-pop-ip
137.74.120.0/27
date
Sun, 20 Feb 2022 07:16:59 GMT
content-type
text/javascript;charset=utf-8
cache-control
max-age=3600
x-cdn-pop
sbg
content-disposition
attachment;filename="id5-api.js"
accept-ranges
bytes
content-length
10638
x-request-id
150341566
6ec7e8f1-4ee6-488c-abcc-88afe7eabdd7.png
storage.googleapis.com/ownlocal-platform-production/public/images/logos/600/ Frame 42E6 		56 KB
56 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://storage.googleapis.com/ownlocal-platform-production/public/images/logos/600/6ec7e8f1-4ee6-488c-abcc-88afe7eabdd7.png
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
a6bf8637eaf0f2b7053e23e8344585e298bb815cb51044ef5a284e37b33a4775

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 06:30:48 GMT
age
3161
x-guploader-uploadid
ADPycdvD-vtK9YDrgG3dNpoh_L5jvmsXroL2rBjwnYzhFxeK3GLiT2LIosa6VwaOEx72giya7USR3J2riqqSyBqexAEDHmxWbw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
56998
last-modified
Wed, 17 Nov 2021 05:46:06 GMT
server
UploadServer
etag
"37d72d9e0307b4c9b44bebbd3d09bb0e"
x-goog-hash
crc32c=RYKtJQ==, md5=N9ctngMHtMm0S+u9PQm7Dg==
x-goog-generation
1637127966660066
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=3600
x-goog-stored-content-length
56998
accept-ranges
bytes
content-type
image/png
expires
Sun, 20 Feb 2022 07:30:48 GMT
j8_36_fAw7jrcalD7oKYNX0QfAnPU0PG9JfGhA.woff2
fonts.gstatic.com/s/frankruhllibre/v10/ Frame 42E6 		19 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/frankruhllibre/v10/j8_36_fAw7jrcalD7oKYNX0QfAnPU0PG9JfGhA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Frank+Ruhl+Libre:wght@500&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d60bef1316dc12b91225f2862832123dfbd67ae192bda2d2dfd385130b42a07d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.staradvertiser.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 21:49:23 GMT
x-content-type-options
nosniff
age
293646
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19952
x-xss-protection
0
last-modified
Wed, 26 Jan 2022 18:58:38 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 16 Feb 2023 21:49:23 GMT
materialdesignicons-webfont.woff2
cdn.jsdelivr.net/npm/@mdi/font@4.5.95/fonts/ Frame 42E6 		256 KB
257 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/@mdi/font@4.5.95/fonts/materialdesignicons-webfont.woff2?v=4.5.95
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/@mdi/font@4.5.95/css/materialdesignicons.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f824000649b12b68a220a0120c606932d0740bd5332770a244473db773185e4a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://cdn.jsdelivr.net/npm/@mdi/font@4.5.95/css/materialdesignicons.min.css
Origin
https://www.staradvertiser.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:29 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
555292
x-jsd-version
4.5.95
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
262440
x-served-by
cache-fra19158-FRA, cache-mxp6941-MXP
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"40128-4s6MGTGrA2fPV5r2GYYmCP/EkkA"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
font/woff2
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
cf-ray
6e05fd653b6f83a3-MXP
Inter-roman.var.woff2
rsms.me/inter/font-files/ Frame 42E6 		222 KB
223 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://rsms.me/inter/font-files/Inter-roman.var.woff2?v=3.19
Requested by
Host: rsms.me
URL: https://rsms.me/inter/inter.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:9e2a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
17fe38ab302c7e5dbfb5c3d87801092d79be958500db6412ed3bc0f126bd53d3

Request headers

Referer
https://rsms.me/inter/inter.css
Origin
https://www.staradvertiser.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-fastly-request-id
794ea4d4d563c8db9577360c8499e9f957925593
date
Sun, 20 Feb 2022 07:23:29 GMT
via
1.1 varnish
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache
HIT
x-cache-hits
1
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
227180
x-served-by
cache-mxp6940-MXP
last-modified
Tue, 18 Jan 2022 19:57:00 GMT
server
cloudflare
x-github-request-id
6FA8:4BFB:DEC47F:E912AA:62117B2D
x-timer
S1645341810.507634,VS0,VE1
etag
"61e71b8c-3776c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DKG2XqTLkl5Au%2FKJCYpB3nPghx%2FLfgpm8CISElk3%2B9%2B1lKxP5as3hzzPy1wjyXXnxjloeRroGpcpQBUzRya0XMda6%2FvQ1gFGIVeMeAwF4Pw96Qc3zBxzDsQx3QOzDtiIWo72lTlV"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
6e05fd655b9e83a0-MXP
x-proxy-cache
HIT
expires
Sat, 19 Feb 2022 23:29:52 GMT
tp-production
us-central1-kube-ownlocal.cloudfunctions.net/ Frame 42E6 		26 B
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-central1-kube-ownlocal.cloudfunctions.net/tp-production?stm=1645341809451&e=pv&url=https%3A%2F%2Fwww.staradvertiser.com%2F&page=AdForge%20Ad%20Unit&tv=js-2.10.2&tna=origami-tracker&aid=origami-unit&p=web&tz=UTC&lang=en-US&cs=UTF-8&f_pdf=1&f_qt=0&f_realp=0&f_wma=0&f_dir=0&f_fla=0&f_java=0&f_gears=0&f_ag=0&res=1600x1200&cd=24&cookie=1&eid=0569504f-9272-4311-af45-a23366d1fe2a&dtm=1645341809447&vp=300x250&ds=300x250&vid=1&sid=0c886380-73bc-45b5-99ca-728a41b52c0f&duid=b70fb51b-ce07-4b05-aae5-6a5e9bd38f80&fp=839606422&cx=eyJzY2hlbWEiOiJpZ2x1OmNvbS5zbm93cGxvd2FuYWx5dGljcy5zbm93cGxvdy9jb250ZXh0cy9qc29uc2NoZW1hLzEtMC0wIiwiZGF0YSI6W3sic2NoZW1hIjoiaWdsdTpjb20ub3dubG9jYWwvb3JpZ2FtaV9jdHgvanNvbnNjaGVtYS8xLTAtMCIsImRhdGEiOnsiYWlkIjoiZDIwYTFjZWMtNWFkMC00YmNjLWI3MjgtYWRjZTE2ODRiNjc1IiwiYmlkIjoiZWZiOGY2YjAtMTg4Mi00NzZkLTk3ZDAtMGM2NWMwMWVkNDNjIiwicGlkIjoiYzQ2Y2YxNWQtMTYyMi00MTU3LThmM2YtMThiOWE2MTk0NmRlIn19XX0
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:36::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend / Express
Resource Hash
09f9f507e1b9603cb213244da6e536b850fc6934a4e28701a53a341562e62c34

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:29 GMT
server
Google Frontend
x-powered-by
Express
etag
W/"1a-Hjpuc/IrHLWXlDT8bmHFqznVniY"
content-type
image/gif; charset=utf-8
access-control-allow-origin
*
x-cloud-trace-context
8045133968a635de53ea3661e26acc70
function-execution-id
h02pvdyo88of
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26
86690806-4d0c-4a16-909c-3cb2cd58e222.jpeg
storage.googleapis.com/ownlocal-platform-production/public/images/categories/300/ Frame 42E6 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://storage.googleapis.com/ownlocal-platform-production/public/images/categories/300/86690806-4d0c-4a16-909c-3cb2cd58e222.jpeg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
4a2ce659bc7cf71e18e810c1e2a2d5f4557bb5b205e2ee7c78cf92df8d110f05

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 06:30:48 GMT
age
3161
x-guploader-uploadid
ADPycds_b5oMEHM60-mtC_uHe6hFt97e5Q3741XckM6Kr0w2U1P6lYqKoY34mHWbb1-KYYhK5bW8DO8Bk1UcW2FLCF8P1ak3cw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23630
last-modified
Sat, 05 Feb 2022 06:00:51 GMT
server
UploadServer
etag
"17f8cc5ab11cc3b7a98b7dd4faf586c9"
x-goog-hash
crc32c=TNXu1g==, md5=F/jMWrEcw7epi33U+vWGyQ==
x-goog-generation
1644040851686731
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=3600
x-goog-stored-content-length
23630
accept-ranges
bytes
content-type
image/jpeg
expires
Sun, 20 Feb 2022 07:30:48 GMT
/
onetag-geo.s-onetag.com/ 		555 B
969 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://onetag-geo.s-onetag.com/
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.4.6/rollbar.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-31.fra6.r.cloudfront.net
Software
/
Resource Hash
f51938710e179807bbf1be9a1e9d7e3441fa74e7dfe9f46841914fb12ca7de3c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 19 Feb 2022 18:12:19 GMT
via
1.1 474733f16f494ddb794b4f7dfd7de966.cloudfront.net (CloudFront), 1.1 1277de71b2472d19ca0bfc510db9ec54.cloudfront.net (CloudFront)
age
47470
x-amzn-requestid
5f0250ce-1333-4a92-a94d-d3034f499e7a
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=86400
x-amz-cf-pop
FRA56-P3, FRA6-C1
x-amz-apigw-id
NzTohFIcCYcF8FQ=
content-length
555
x-amz-cf-id
iFXxbsEuFC3rLzGCxPp5umGhMQfr4Z_rRT8eJZjiDD3v01y7oZis1A==
beacon.min.js
signal-beacon.s-onetag.com/ 		29 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://signal-beacon.s-onetag.com/beacon.min.js
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/42a30fdd-c1da-4d85-ab06-c212412bd9ab/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.4.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-157-4-53.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
03019ccf62b2bc924f2ff0be6fd1b8757e9d957dd3f704edfd792fe9e7d8b22c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id
Ii2jhxmjfv9mSegAdGfXOVYZ4_KRreLt
content-encoding
gzip
etag
W/"3835fd1b56b3844068b57efa6650428e"
last-modified
Mon, 07 Feb 2022 10:51:30 GMT
server
AmazonS3
age
73910
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 0247123ccdc6a2a86167d7f4de30885a.cloudfront.net (CloudFront)
cache-control
max-age=86400
date
Sat, 19 Feb 2022 10:51:40 GMT
x-amz-cf-pop
DUS51-P2
x-amz-cf-id
5wTkqlX3i93XpsM2C9SHpLvgzFcrdJ8J7pf1ifXYRFbaJSsAUjhJTA==
99sa2obd-120.jpg
assets-jpcust.jwpsrv.com/thumbnails/
Redirect Chain
  • https://cdn.jwplayer.com/v2/media/ReiuWYBP/poster.jpg?width=120
  • https://assets-jpcust.jwpsrv.com/thumbnails/99sa2obd-120.jpg
3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets-jpcust.jwpsrv.com/thumbnails/99sa2obd-120.jpg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Server
2a04:4e42::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
6032718d891bf126aecb035080cb80ff4f67419245ad05db993311def8b4da9e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:29 GMT
content-encoding
gzip
age
462
x-cache
HIT, MISS
content-length
3216
x-served-by
cache-iad-kiad7000179-IAD, cache-mxp6932-MXP
access-control-allow-origin
*
last-modified
Sat, 03 Mar 2018 01:58:46 GMT
server
nginx
x-timer
S1645341810.634152,VS0,VE97
etag
"a4ced4a51f3ed1bb4d7b1c14be633956"
vary
Accept-Encoding
content-type
image/jpeg
via
1.1 varnish, 1.1 varnish
cache-control
max-age=900
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits
1, 0

Redirect headers

date
Sun, 20 Feb 2022 07:22:42 GMT
via
1.1 1cc446ef4692d8e752b16c07f2f58a58.cloudfront.net (CloudFront)
server
openresty
age
47
location
https://assets-jpcust.jwpsrv.com/thumbnails/99sa2obd-120.jpg
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=180, max-stale=180
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA53-C1
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
content-length
0
x-amz-cf-id
amArKgT7pSxZhYnocd5_IXTiHVZy8Su4KTk08q1nWkxCEj9tMFGUPA==
/
www.facebook.com/tr/ Frame 014A 		0
15 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
Origin
https://www.staradvertiser.com
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/

Response headers

content-type
text/plain
access-control-allow-origin
https://www.staradvertiser.com
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
content-length
0
server
proxygen-bolt
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority
u=0
date
Sun, 20 Feb 2022 07:23:29 GMT
41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
d3plfjw9uod7ab.cloudfront.net/ad/ Frame 4B2F 		94 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3plfjw9uod7ab.cloudfront.net/ad/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:da00:13:a391:88c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b82b3b26f73cec97530fe064182ec7fad83a326a45ba746d58d69bd4de4b04e5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id
NoC6YGt5eCR14CGF_CePZnGYd_hZgCkD
content-encoding
br
last-modified
Thu, 17 Feb 2022 17:56:17 GMT
server
AmazonS3
age
201
etag
W/"ee61816da156df01dc9c34b3cece567f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 f8895de4463e8d120a0f4b4a1f7703e4.cloudfront.net (CloudFront)
cache-control
max-age=7200, public
date
Sun, 20 Feb 2022 07:23:29 GMT
x-amz-cf-pop
FRA53-C1
x-amz-cf-id
Kbl4JN3IGV0sEZovCiFMpdhsbE9zjbUrInTHDuPgAraM4yTeIxatmg==
9664828210146280552
tpc.googlesyndication.com/simgad/ Frame 4B2F 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/9664828210146280552
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
772082343a8afb4bc481b2e252b6e1249bfb97ae1ddfb40e5dbc638d4a5a9a18
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 10:23:58 GMT
x-content-type-options
nosniff
age
334771
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14069
x-xss-protection
0
last-modified
Tue, 27 Jul 2021 18:58:33 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 16 Feb 2023 10:23:58 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220216/r20110914/ Frame 4B2F 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220216/r20110914/abg_lite_fy2019.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cb0a1ac121b8aa9b8e2912768985ee6341cdd33d4c7b4db39052731d4b5248e2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 06:51:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1890
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7876
x-xss-protection
0
server
cafe
etag
1930320615972901081
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 06 Mar 2022 06:51:59 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220216/r20110914/client/ Frame 4B2F 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220216/r20110914/client/window_focus_fy2019.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:13:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
575
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1233
x-xss-protection
0
server
cafe
etag
16517525077337815633
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 06 Mar 2022 07:13:54 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 4B2F 		124 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021401.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5b9794842e89dcec3790d21b95acce36c08673d4162e745dc440e6766534ed53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38723
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1645015031201889"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 20 Feb 2022 07:23:29 GMT
l
www.google.com/ads/measurement/ Frame 4B2F 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTR8S0K7pAlJzgGLLMtpv-RQp0EmTHLNHLZ-v9T-GHp8f0tQaUmgyORzhAtBB1LmfObet22hMPPifwXr3i-XvPmwl609A
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021401.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers
3ac2ee10-9408-4e29-84d0-f7f710168b13.jpeg
storage.googleapis.com/ownlocal-platform-production/public/images/logos/600/ Frame EA32 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://storage.googleapis.com/ownlocal-platform-production/public/images/logos/600/3ac2ee10-9408-4e29-84d0-f7f710168b13.jpeg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
5ee87b9eaccd7d5d0c4ac14ef1fc4468e72d5865d781459dc4c688cb345f7dd9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:29 GMT
age
0
x-guploader-uploadid
ADPycduYQb4VXH_Jun-tGP2eZ6pTBKyBQY5Jpv__FFUXJq3ZuaehTIIrKQAwzUdTC-KZAhic3uskVJYZTN7X_3YaJA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20635
last-modified
Sun, 06 Jun 2021 06:18:08 GMT
server
UploadServer
etag
"09880a54c4f9198f2da464a6be733810"
x-goog-hash
crc32c=KeG9KQ==, md5=CYgKVMT5GY8tpGSmvnM4EA==
x-goog-generation
1622960287475006
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=3600
x-goog-stored-content-length
20635
accept-ranges
bytes
content-type
image/jpeg
expires
Sun, 20 Feb 2022 08:23:29 GMT
Inter-roman.var.woff2
rsms.me/inter/font-files/ Frame EA32 		222 KB
223 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://rsms.me/inter/font-files/Inter-roman.var.woff2?v=3.19
Requested by
Host: rsms.me
URL: https://rsms.me/inter/inter.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:9e2a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
17fe38ab302c7e5dbfb5c3d87801092d79be958500db6412ed3bc0f126bd53d3

Request headers

Referer
https://rsms.me/inter/inter.css
Origin
https://www.staradvertiser.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-fastly-request-id
794ea4d4d563c8db9577360c8499e9f957925593
date
Sun, 20 Feb 2022 07:23:29 GMT
via
1.1 varnish
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
0
x-cache
HIT
x-cache-hits
1
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
227180
x-served-by
cache-mxp6940-MXP
last-modified
Tue, 18 Jan 2022 19:57:00 GMT
server
cloudflare
x-github-request-id
6FA8:4BFB:DEC47F:E912AA:62117B2D
x-timer
S1645341810.507634,VS0,VE1
etag
"61e71b8c-3776c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6FMx0mqZ7WCJ54Q%2BdrgRm0ZomhcaezS%2BJJggNpZWrswMelen8WoKCsXai3JB%2Fukxd%2B%2BMcPdJ5UmH%2FKjJQZTHHb7C95rcG4MC%2FPSB4gZx2xLuAfY%2BZFp4ifyBR%2B%2FbZwXjmjzKGWL2"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
6e05fd65bc4a83a0-MXP
x-proxy-cache
HIT
expires
Sat, 19 Feb 2022 23:29:52 GMT
materialdesignicons-webfont.woff2
cdn.jsdelivr.net/npm/@mdi/font@4.5.95/fonts/ Frame EA32 		256 KB
257 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/@mdi/font@4.5.95/fonts/materialdesignicons-webfont.woff2?v=4.5.95
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/@mdi/font@4.5.95/css/materialdesignicons.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f824000649b12b68a220a0120c606932d0740bd5332770a244473db773185e4a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://cdn.jsdelivr.net/npm/@mdi/font@4.5.95/css/materialdesignicons.min.css
Origin
https://www.staradvertiser.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:29 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
555292
x-jsd-version
4.5.95
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
262440
x-served-by
cache-fra19158-FRA, cache-mxp6941-MXP
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"40128-4s6MGTGrA2fPV5r2GYYmCP/EkkA"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
font/woff2
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
cf-ray
6e05fd65bc8e83a3-MXP
tp-production
us-central1-kube-ownlocal.cloudfunctions.net/ Frame EA32 		26 B
375 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-central1-kube-ownlocal.cloudfunctions.net/tp-production?stm=1645341809540&e=pv&url=https%3A%2F%2Fwww.staradvertiser.com%2F&page=AdForge%20Ad%20Unit&tv=js-2.10.2&tna=origami-tracker&aid=origami-unit&p=web&tz=UTC&lang=en-US&cs=UTF-8&f_pdf=1&f_qt=0&f_realp=0&f_wma=0&f_dir=0&f_fla=0&f_java=0&f_gears=0&f_ag=0&res=1600x1200&cd=24&cookie=1&eid=0569504f-9272-4311-af45-a23366d1fe2a&dtm=1645341809447&vp=300x250&ds=300x250&vid=1&sid=0c886380-73bc-45b5-99ca-728a41b52c0f&duid=b70fb51b-ce07-4b05-aae5-6a5e9bd38f80&fp=839606422&cx=eyJzY2hlbWEiOiJpZ2x1OmNvbS5zbm93cGxvd2FuYWx5dGljcy5zbm93cGxvdy9jb250ZXh0cy9qc29uc2NoZW1hLzEtMC0wIiwiZGF0YSI6W3sic2NoZW1hIjoiaWdsdTpjb20ub3dubG9jYWwvb3JpZ2FtaV9jdHgvanNvbnNjaGVtYS8xLTAtMCIsImRhdGEiOnsiYWlkIjoiZDIwYTFjZWMtNWFkMC00YmNjLWI3MjgtYWRjZTE2ODRiNjc1IiwiYmlkIjoiZWZiOGY2YjAtMTg4Mi00NzZkLTk3ZDAtMGM2NWMwMWVkNDNjIiwicGlkIjoiYzQ2Y2YxNWQtMTYyMi00MTU3LThmM2YtMThiOWE2MTk0NmRlIn19XX0
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:36::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend / Express
Resource Hash
09f9f507e1b9603cb213244da6e536b850fc6934a4e28701a53a341562e62c34

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:29 GMT
server
Google Frontend
x-powered-by
Express
etag
W/"1a-Hjpuc/IrHLWXlDT8bmHFqznVniY"
content-type
image/gif; charset=utf-8
access-control-allow-origin
*
x-cloud-trace-context
df4d8d97986d2a55dd73a9c01ec7ae04
function-execution-id
lk4s75ns7jsn
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26
photo-1625403701237-33d42c60a372
images.unsplash.com/ Frame EA32 		65 KB
65 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.unsplash.com/photo-1625403701237-33d42c60a372?ixid=Mnw4MTQ0MXwwfDF8c2VhcmNofDEzfHxwb3Bjb3JufGVufDB8fHx8MTY0NDczMjA5OQ&ixlib=rb-1.2.1&utm_source=api_app&utm_medium=referral&utm_campaign=api-credit&auto=format&w=600&h=500&fit=crop&crop=entropy
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:3::720 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
imgix /
Resource Hash
8a8badcb3cc1bebc9843702522f9c720a7ecd40dae88ab02e72a04253140f6fa
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:29 GMT
x-content-type-options
nosniff
last-modified
Sun, 06 Feb 2022 16:07:37 GMT
server
imgix
age
1178152
vary
Accept, User-Agent
x-cache
HIT, HIT
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=315360000
x-imgix-id
94dfb781246aa81c39fed3c2953b0b26ed15e68b
accept-ranges
bytes
content-length
66579
cross-origin-resource-policy
cross-origin
x-served-by
cache-sjc10040-SJC, cache-fra19140-FRA
cast_sender.js
www.gstatic.com/cv/js/sender/v1/ Frame 429E 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/c3125ad0/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2007
x-xss-protection
0
last-modified
Tue, 16 Feb 2021 23:57:06 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview"
vary
Accept-Encoding
report-to
{"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 20 Feb 2022 07:23:29 GMT
generate_204
www.youtube.com/ Frame 429E 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.youtube.com/generate_204?IBo9cw
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/videoseries?list=PL4hYTOAQ-Qk4ksml-4NKgz3JafpO-tfY-
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:29 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
lg.php
cdn.firstimpression.io/delivery/ Frame 6C9F 		1 B
456 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://cdn.firstimpression.io/delivery/lg.php?bannerid=67473%7C67474%7C67475%7C68125%7C68321%7C68413%7C68422%7C76814%7C77576%7C83342%7C93650&campaignid=43%7C15%7C9%7C13%7C16%7C18%7C11%7C22%7C7%7C44%7C6&zoneid=110722%7C110722%7C110722%7C110722%7C110722%7C110722%7C110722%7C110722%7C110722%7C110722%7C110722
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/fiamp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-124.fra6.r.cloudfront.net
Software
nginx/1.18.0 / PHP/7.3.23
Resource Hash
cdb4ee2aea69cc6a83331bbe96dc2caa9a299d21329efb0336fc02a82e1839a8

Request headers

Referer
https://www.staradvertiser.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 20 Feb 2022 07:23:29 GMT
content-encoding
gzip
server
nginx/1.18.0
x-amz-cf-pop
FRA6-C1
x-powered-by
PHP/7.3.23
vary
Accept-Encoding
x-cache
Miss from cloudfront
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.staradvertiser.com
cache-control
no-cache, no-store, must-revalidate
content-type
text/html; charset=UTF-8
x-amz-cf-id
7xJ4BWY5Cw9aZ7a-U2Qz18zQmFR9oaw4dSUET57WMUMgQUkNbZ7WAw==
via
1.1 71b147cd3102755b55ba8b6fd34e3f4a.cloudfront.net (CloudFront)
expires
0
cdb
bidder.criteo.com/ Frame 6C9F 		0
223 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.2.0&cb=53893250062
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/prebidamp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.staradvertiser.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 20 Feb 2022 07:23:29 GMT
server
Finatra
vary
Origin
access-control-allow-origin
https://www.staradvertiser.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
translator
hbopenbid.pubmatic.com/ Frame 6C9F 		0
0
/
hb.emxdgt.com/ Frame 6C9F 		0
164 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.emxdgt.com/?t=2000&ts=1645341809657&src=pbjs
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/prebidamp.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.158.25.241 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-158-25-241.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.staradvertiser.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.staradvertiser.com
date
Sun, 20 Feb 2022 07:23:29 GMT
cache-control
no-cache
access-control-allow-credentials
true
access-control-allow-headers
security, Content-Type
prebid
ib.adnxs.com/ut/v3/ Frame 6C9F 		19 B
704 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/prebidamp.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.90 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.staradvertiser.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 20 Feb 2022 07:23:29 GMT
X-Proxy-Origin
217.64.151.29; 217.64.151.29; 727.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
d0fcb14e-4b79-4eae-8d80-5a941f94b443
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.staradvertiser.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 6C9F 		371 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=18438&site_id=202928&zone_id=1486010&size_id=2&rp_schain=1.0,1!firstimpression.io,7470,1,,,&rf=https%3A%2F%2Fwww.staradvertiser.com%2F&tg_i.ref=https%3A%2F%2Fwww.staradvertiser.com%2F&tg_i.page=https%3A%2F%2Fwww.staradvertiser.com%2F&tg_i.domain=staradvertiser.com&tg_i.figroup=a3&tk_flint=pbjs_lite_v6.2.0&x_source.tid=009aecdc-670d-4131-84db-c56bcfd6c0af&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&rp_maxbids=1&slots=1&rand=0.7485407812697724
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/prebidamp.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
d0e6c823d25b756388d14dd2db63841e31b1e1ecdd7ad5e30a67b798e683f79b

Request headers

Referer
https://www.staradvertiser.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 20 Feb 2022 07:23:29 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.staradvertiser.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
371
Expires
Wed, 17 Sep 1975 21:32:10 GMT
mvo
tag.1rx.io/rmp/212956/0/ Frame 6C9F 		0
178 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.1rx.io/rmp/212956/0/mvo?z=1r&hbv=6.2,2.1
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/prebidamp.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.42 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.staradvertiser.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.staradvertiser.com
pragma
no-cache
date
Sun, 20 Feb 2022 07:23:29 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
Tengine
bid
ap.lijit.com/rtb/ Frame 6C9F 		24 B
654 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_6.2.0
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/prebidamp.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.39 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
e8c352b24a1606918dd64525c1554d4c852e738a3418a2f4cb204ae78effba68

Request headers

Referer
https://www.staradvertiser.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sun, 20 Feb 2022 07:23:29 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.staradvertiser.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap7ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
24
cygnus
htlb.casalemedia.com/ Frame 6C9F 		37 B
336 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=505551&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22151c342514e9884%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.staradvertiser.com%2F%22%2C%22ref%22%3A%22https%3A%2F%2Fwww.staradvertiser.com%2F%22%2C%22domain%22%3A%22staradvertiser.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22staradvertiser.com%22%7D%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%226.2.0%22%2C%22userIds%22%3A%5B%5D%2C%22fpd%22%3Atrue%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2216ecd2bfb48b2a%22%2C%22banner%22%3A%7B%22topframe%22%3A0%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22505551%22%2C%22sid%22%3A%22728x90%22%7D%7D%5D%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22firstimpression.io%22%2C%22sid%22%3A%227470%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%7D%7D
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/prebidamp.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.31.84.150 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-31-84-150.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
328f288e539f179b91e6e8bd7932e412185f2bccc6bf383d1e224043ef0a1ca0

Request headers

Referer
https://www.staradvertiser.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 20 Feb 2022 07:23:29 GMT
x-ak-initial-geo
CC:[DE], RC:[HE], CN:[EU], CIP:[217.64.151.29], XFF:[]
server
Apache
content-type
application/json
access-control-allow-origin
https://www.staradvertiser.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
37
x-ak-client-geo
12
expires
Sun, 20 Feb 2022 07:23:29 GMT
arj
firstimpression-d.openx.net/w/1.0/ Frame 6C9F 		73 B
384 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://firstimpression-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.staradvertiser.com%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=009aecdc-670d-4131-84db-c56bcfd6c0af&nocache=1645341809667&schain=1.0%2C1!firstimpression.io%2C7470%2C1%2C%2C%2C&aus=728x90&divids=fiInstance_110722_0_762065623841692_unit&aucs=&auid=540910482&aumfs=10
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/prebidamp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/17.1.0 /
Resource Hash
90a6ca0321a91a1d562e74d06adc6a575d59b74e56f9678c40a1831382d6982c

Request headers

Referer
https://www.staradvertiser.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 20 Feb 2022 07:23:29 GMT
content-encoding
gzip
server
OXGW/17.1.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.staradvertiser.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ Frame 6C9F 		145 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/prebidamp.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.90 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
a54bd7428972e1aed39d8774dade5ea086c4b5f4b6e36d2d8b0fd6da7beb2abb
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.staradvertiser.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 20 Feb 2022 07:23:29 GMT
X-Proxy-Origin
217.64.151.29; 217.64.151.29; 727.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
dd8d9b7c-2922-4edc-b7d5-eb1752363575
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.staradvertiser.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
145
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
apstag.js
c.amazon-adsystem.com/aax2/ Frame 6C9F 		134 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/fiamp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.250.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-250-78.fra6.r.cloudfront.net
Software
Server /
Resource Hash
784acd540b5fcfb87c47dfe12e5311084ce692366a2ac196fd5cc8eb28ff4c23

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:22:42 GMT
content-encoding
gzip
age
46
x-cache
Hit from cloudfront
timing-allow-origin
*
server
Server
x-amz-rid
12AJZT2HNTNTRN9XWCBQ
etag
c1da564f59b83b9805e8df92eca012f5
vary
Accept-Encoding
x-amz-version-id
GtBleBshAfJx9KFXwg43LDlo50FXi9le
via
1.1 f038e7175be9761825b2eefc2b0a832e.cloudfront.net (CloudFront)
cache-control
public, max-age=900
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
tY0n8XcW0WnhzLmNsl6InVwwiuLH9sFcecNclnxD9tS98AMvpEFpZQ==
container.html
05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame C54B 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021401.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Sun, 20 Feb 2022 07:23:29 GMT
expires
Mon, 20 Feb 2023 07:23:29 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
content-type
text/html
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
container.html
05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 8641 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021401.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Sun, 20 Feb 2022 07:23:29 GMT
expires
Mon, 20 Feb 2023 07:23:29 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
content-type
text/html
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
v2ojjs2bLNGSW9jOffXIsZnc-t_h6zYycFZ76qwaKa6F11B2aahzSIYW6f2PXnRzw_1_JixXb
lorenzourban.com/ 		3 B
37 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://lorenzourban.com/v2ojjs2bLNGSW9jOffXIsZnc-t_h6zYycFZ76qwaKa6F11B2aahzSIYW6f2PXnRzw_1_JixXb
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.4.6/rollbar.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.96.133 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
133.96.201.35.bc.googleusercontent.com
Software
/
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://www.staradvertiser.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
access-control-allow-methods
POST, OPTIONS
x-datacenter
gce-europe-west1
date
Sun, 20 Feb 2022 07:23:29 GMT
vary
Accept-Encoding, Origin
x-hostname
fen-hoothoot-europe-west1-spot-kh86
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.staradvertiser.com
access-control-allow-credentials
true
x-buildnumber
473687343
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
content-length
3
css
fonts.googleapis.com/ 		5 KB
665 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,700
Requested by
Host: client
URL: about:client
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
68b931411d1b32336caca78f0e52dc3a6f5d197c8d99d811dd5fae004f3a831a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 20 Feb 2022 06:27:35 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sun, 20 Feb 2022 07:23:29 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 20 Feb 2022 07:23:29 GMT
3a2df07e-d006-468c-a9ed-94e4fc82af15.medium.JPG
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/3a2df07e-d006-468c-a9ed-94e4fc82af15.medium.JPG
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.60.81.107 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
a947001574f5b7696a074ea564b7d211cde2e3c67468520e7fd0e7aa85f22f15

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Sun, 20 Feb 2022 07:23:29 GMT
Last-Modified
Mon, 17 Jan 2022 21:00:09 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
vrG/vcrwiuYf6iX/vEBy6Q==
ETag
0x8D9D9FC58918FAF
Content-Type
image/jpeg
x-ms-request-id
4ca645c7-d01e-0075-072a-26569d000000
x-ms-version
2009-09-19
Content-Length
11137
be735096-1698-4614-9aac-562009d73d55.medium.JPG
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/be735096-1698-4614-9aac-562009d73d55.medium.JPG
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.60.81.107 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
80b0fa5a9b31ca5d5c2ae293930af0cbfca11fb0f8d793a98146eacfc65994c0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Sun, 20 Feb 2022 07:23:30 GMT
Last-Modified
Tue, 02 Mar 2021 01:09:26 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
cGb6asu9+iVHbua8H86W2w==
ETag
0x8D8DD17D326FB98
Content-Type
image/jpeg
x-ms-request-id
b58fc953-a01e-006f-342a-263742000000
x-ms-version
2009-09-19
Content-Length
6282
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
079720151f8e5a548186737593346110b3534909e074b4de98de5f1923dbb486

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
af89d420-752a-47dc-8b5a-3a3f0b7ad667.medium.JPG
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/af89d420-752a-47dc-8b5a-3a3f0b7ad667.medium.JPG
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.60.81.107 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
7561df085a8f27438b99a4aa875e5941a296e8d7e771627ab6a904cebd5d0cdd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Sun, 20 Feb 2022 07:23:30 GMT
Last-Modified
Tue, 15 Feb 2022 01:08:11 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
O8AX0tG/8GWSnEqs+Jq3Lg==
ETag
0x8D9F01FA2F4350B
Content-Type
image/jpeg
x-ms-request-id
22bbd3d4-301e-001f-752a-268eb5000000
x-ms-version
2009-09-19
Content-Length
7759
0fc2b793-b305-4451-9d27-acb13a69794e.medium.png
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ 		148 KB
148 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/0fc2b793-b305-4451-9d27-acb13a69794e.medium.png
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.60.81.107 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
c2d803ecd001b639fb591d861bf3d39041b95dfc84ea23dc113ad76c80e0bf45

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Sun, 20 Feb 2022 07:23:30 GMT
Last-Modified
Sun, 21 Sep 2014 07:29:08 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
wKlZsQaqMp0nrs/UTqpMGQ==
ETag
0x8D1A384DD6334C7
Content-Type
image/png
x-ms-request-id
59271b1d-e01e-0041-522a-266555000000
x-ms-version
2009-09-19
Content-Length
151417
41447729-8455-4c1c-b13d-9198bd3b7376.medium.png
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ 		109 KB
110 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/41447729-8455-4c1c-b13d-9198bd3b7376.medium.png
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.60.81.107 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
d00a2a2cc42a61afdc3e64f37a61cd7477f603b7a811722edf50429e2efaad54

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Sun, 20 Feb 2022 07:23:29 GMT
Last-Modified
Sat, 19 Oct 2013 06:58:41 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
bXIp0QiFFfpF5jlg+CjNcA==
ETag
0x8D09AAFC75366B4
Content-Type
image/png
x-ms-request-id
270e1406-401e-0067-232a-262d4d000000
x-ms-version
2009-09-19
Content-Length
111856
304e2ac7-5517-4cbd-9a7f-dd6def6f34d2.medium.JPG
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/304e2ac7-5517-4cbd-9a7f-dd6def6f34d2.medium.JPG
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.60.81.107 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e8742c4a874074b03c10874a3871dc586da7bc08a4abeb11ea5a902db7ea513c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Sun, 20 Feb 2022 07:23:29 GMT
Last-Modified
Sat, 22 Jan 2022 04:26:01 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
YY9qmYZmpN4oX6EmCAeE7g==
ETag
0x8D9DD5F4BD76F31
Content-Type
image/jpeg
x-ms-request-id
6d41be00-d01e-0017-1c2a-2694ba000000
x-ms-version
2009-09-19
Content-Length
20953
c714d40d-3b91-4178-aefa-10f65a125e4f.medium.JPG
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/c714d40d-3b91-4178-aefa-10f65a125e4f.medium.JPG
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.60.81.107 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
f69b20025bce19118dc32040133cbdfaaa31b4ec09d91ca885e8fc46d9f4b36d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Sun, 20 Feb 2022 07:23:30 GMT
Last-Modified
Sat, 01 Jan 2022 01:31:28 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
WWd+trqU3vY579ENaOOd3A==
ETag
0x8D9CCC66F12B3A5
Content-Type
image/jpeg
x-ms-request-id
4ca645ec-d01e-0075-292a-26569d000000
x-ms-version
2009-09-19
Content-Length
23057
6361f322-555e-46db-ad4c-26322a1affce.medium.png
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ 		165 KB
166 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/6361f322-555e-46db-ad4c-26322a1affce.medium.png
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.60.81.107 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
06f6e711e79b57792ecb21e63f9909a2554c8a25f6b1b0a38004a06da8497adb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Sun, 20 Feb 2022 07:23:30 GMT
Last-Modified
Wed, 08 Aug 2018 07:04:07 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
cZIebx4cqMvT0j+WJ2JHug==
ETag
0x8D5FCFD2219EA9B
Content-Type
image/png
x-ms-request-id
b58fc960-a01e-006f-412a-263742000000
x-ms-version
2009-09-19
Content-Length
169172
7bdfb275-1fc4-4091-88fa-476ae7366825.medium.PNG
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/7bdfb275-1fc4-4091-88fa-476ae7366825.medium.PNG
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.60.81.107 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
523cc6ee59448f8d335cc6ac979dd10b6fad069588f96ee37a8a62c5dbf16c1f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Sun, 20 Feb 2022 07:23:30 GMT
Last-Modified
Sun, 12 Dec 2021 23:36:32 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
4atyOuq+vPB3755stKIwMw==
ETag
0x8D9BDC83AA92BA6
Content-Type
image/png
x-ms-request-id
22bbd3fd-301e-001f-1e2a-268eb5000000
x-ms-version
2009-09-19
Content-Length
16447
4c5de605-fb72-4f1a-a01d-fd9085b50023.medium.png
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ 		77 KB
78 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/4c5de605-fb72-4f1a-a01d-fd9085b50023.medium.png
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.60.81.107 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
deb4323f079912a5283042639953033bb16d509a0c6aeac9d8e5ada00e8d15df

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Sun, 20 Feb 2022 07:23:30 GMT
Last-Modified
Fri, 18 Oct 2013 00:10:39 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
KHa2idW7T6R5fkN/pRL36A==
ETag
0x8D099AD9CD8EE83
Content-Type
image/png
x-ms-request-id
4ca6460f-d01e-0075-4b2a-26569d000000
x-ms-version
2009-09-19
Content-Length
79335
607f2af6-c086-49dc-82f3-0baba78bda84.medium.png
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ 		114 KB
114 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/607f2af6-c086-49dc-82f3-0baba78bda84.medium.png
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.60.81.107 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
c041fc2ea8f808d0309f0024d6848892189b6b366dc625bb6a69bb27b200f07d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Sun, 20 Feb 2022 07:23:30 GMT
Last-Modified
Fri, 02 May 2014 08:43:21 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
QiMAQXH6J09YTfurWJeHpg==
ETag
0x8D133F9B5083C73
Content-Type
image/png
x-ms-request-id
22bbd40f-301e-001f-2f2a-268eb5000000
x-ms-version
2009-09-19
Content-Length
116237
a535f5f1-1b2c-476f-95b6-3cf111ab3bf4.medium.png
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ 		63 KB
63 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/a535f5f1-1b2c-476f-95b6-3cf111ab3bf4.medium.png
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.60.81.107 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
0f0d78da6af508cd25fb36b2a7344833bdf92402b991ecd6affacf9aec023d8c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Sun, 20 Feb 2022 07:23:29 GMT
Last-Modified
Thu, 01 May 2014 10:12:04 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
CSF49CyFoVZqJbpLe5NVFg==
ETag
0x8D1333CEF53364D
Content-Type
image/png
x-ms-request-id
6d41be23-d01e-0017-3d2a-2694ba000000
x-ms-version
2009-09-19
Content-Length
64313
53f759f7-92c9-4db0-a5eb-b37baf4aecbc.medium.png
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ 		138 KB
138 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/53f759f7-92c9-4db0-a5eb-b37baf4aecbc.medium.png
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.60.81.107 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
f66465da73bd50e9ead702e0fc63ef50f5e0e665214d2b196ea50b8f077718e5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Sun, 20 Feb 2022 07:23:29 GMT
Last-Modified
Fri, 18 Oct 2013 01:32:17 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
lV6kwi2Hvv+8p7dU+yXVrA==
ETag
0x8D099B90455335D
Content-Type
image/png
x-ms-request-id
270e1429-401e-0067-452a-262d4d000000
x-ms-version
2009-09-19
Content-Length
141300
f5a53693-de87-498b-a035-124412f9eea0.medium.png
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ 		144 KB
145 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/f5a53693-de87-498b-a035-124412f9eea0.medium.png
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.60.81.107 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
d85e7a9efc0ca2e08b8c657bdf56d98ae41a63bf5d7bc786bfdf773ad1541850

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Sun, 20 Feb 2022 07:23:30 GMT
Last-Modified
Fri, 18 Oct 2013 01:37:24 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
YnF4J5TuYB9u2ixhDGVWtA==
ETag
0x8D099B9BAD718B3
Content-Type
image/png
x-ms-request-id
59271b74-e01e-0041-252a-266555000000
x-ms-version
2009-09-19
Content-Length
147623
bb4450b7-7a5f-4467-aa32-1f95c3d6c32c.medium.PNG
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/bb4450b7-7a5f-4467-aa32-1f95c3d6c32c.medium.PNG
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.60.81.107 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
7e539b890a0e58edd14392a51c5dc46940a19a19e840737de777d20a00e68f8d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Sun, 20 Feb 2022 07:23:30 GMT
Last-Modified
Fri, 10 Dec 2021 01:01:02 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
xJ8thpa/PmkIl85g9saZKQ==
ETag
0x8D9BB78899176D6
Content-Type
image/png
x-ms-request-id
4ca6466b-d01e-0075-212a-26569d000000
x-ms-version
2009-09-19
Content-Length
19075
c2c9ff38-bff8-40cd-b343-8787c7519187.medium.png
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ 		122 KB
122 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/c2c9ff38-bff8-40cd-b343-8787c7519187.medium.png
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.60.81.107 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
95a97feb66166b8fb931e6a8d8b96eddfd76f2ea3b9b3c28fa999b0642350223

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Sun, 20 Feb 2022 07:23:30 GMT
Last-Modified
Thu, 01 May 2014 09:21:36 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
eWf5flw48pVK35oaTQvcRw==
ETag
0x8D13335E2E7F3EB
Content-Type
image/png
x-ms-request-id
4ca64691-d01e-0075-452a-26569d000000
x-ms-version
2009-09-19
Content-Length
124834
bb98f80b-0b3e-4af5-a30e-fa5b197c87e8.medium.png
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ 		113 KB
114 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/bb98f80b-0b3e-4af5-a30e-fa5b197c87e8.medium.png
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.60.81.107 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
a460ff736cf024b7c896b059ce807a0d8d8e6388fcc7a74367f8f6ef25af536c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Sun, 20 Feb 2022 07:23:31 GMT
Last-Modified
Thu, 01 May 2014 09:21:35 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
4SgGgSbGPy7x6zE+/5qyiQ==
ETag
0x8D13335E1DF2FB4
Content-Type
image/png
x-ms-request-id
59271b95-e01e-0041-452a-266555000000
x-ms-version
2009-09-19
Content-Length
116002
41e899d4-eecb-4906-b3ea-3f7a3f7fae2f
analyticssystems.net/api/v2/ad/impression/ Frame 4B2F 		0
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analyticssystems.net/api/v2/ad/impression/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f?rand=294545
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:251b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:30 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UMs4h0R6r7vUWabs4%2BbtpyAqNWL5ac%2BfBXEnFmEn%2BGuU6EEWyA%2BWa6n5aDIN6%2FP0ng841PM%2BggMhMwMePyo1nFBgSAC7A%2FNPQg101GhmhkqWwkXsB7DsFjsp1YH0tFTMUUApFrnEWj5wUZHcBlRd%2B4dHgg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
cf-ray
6e05fd676ab20f56-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-request-id
FtVtqKfAzITBumMOIb1R
view
securepubads.g.doubleclick.net/pcs/ Frame 4B2F 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvJ9MoiGyGoQR2lOnnsbCHZgtTUlSdMKkuDwsPHO6sgLtBQs78n8YBPpKsIDsfcA_QAY92WFASGVqyCE5oKrJ6lMyP5nvdv7npUpDqPNTZkJEf8quluOsqHgsqCoYUx3hAwNLB9oErIrd4UdN2y84OzG33JBa06kquWc4Kc1HnfcpSqpJqFn6N-MZfp7MJWFdW50ltoWbuDav_UQ7b5DgVNy0NgreWUHy2Y6G1d7YBHZR-Ggm8lub7OfubnHLP9X69lPMnuRVxNazLR2CcQFtraxO7rdnBttyiulX9_6yQXN2SNPQCgLvniWDnB7Kb21xKnuJgM0pQnrBuiES5UTRG5pHk&sig=Cg0ArKJSzKWsQSi4SOBbEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 20 Feb 2022 07:23:29 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
86690806-4d0c-4a16-909c-3cb2cd58e222.jpeg
storage.googleapis.com/ownlocal-platform-production/public/images/categories/300/ Frame 42E6 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://storage.googleapis.com/ownlocal-platform-production/public/images/categories/300/86690806-4d0c-4a16-909c-3cb2cd58e222.jpeg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
4a2ce659bc7cf71e18e810c1e2a2d5f4557bb5b205e2ee7c78cf92df8d110f05

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 06:30:48 GMT
age
3161
x-guploader-uploadid
ADPycds_b5oMEHM60-mtC_uHe6hFt97e5Q3741XckM6Kr0w2U1P6lYqKoY34mHWbb1-KYYhK5bW8DO8Bk1UcW2FLCF8P1ak3cw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23630
last-modified
Sat, 05 Feb 2022 06:00:51 GMT
server
UploadServer
etag
"17f8cc5ab11cc3b7a98b7dd4faf586c9"
x-goog-hash
crc32c=TNXu1g==, md5=F/jMWrEcw7epi33U+vWGyQ==
x-goog-generation
1644040851686731
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=3600
x-goog-stored-content-length
23630
accept-ranges
bytes
content-type
image/jpeg
expires
Sun, 20 Feb 2022 07:30:48 GMT
fa-regular-400.woff2
use.fontawesome.com/releases/v5.0.10/webfonts/ 		12 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.0.10/webfonts/fa-regular-400.woff2
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d2cdb4f2ed4b585d772068df75c01d0a360d45d27294188fccf5ceb4255fdc83

Request headers

Referer
https://www.staradvertiser.com/
Origin
https://www.staradvertiser.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:29 GMT
access-control-allow-methods
GET
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6838364
cf-ray
6e05fd677d2c59f5-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
12216
x-amz-id-2
sYRWODIhhHl0ZXqtAD+7kXl/BbJU4CR/Q8T5Gygt5SDrolFvT23qtGpNx0KNIJ2fXu3j1tUYh7A=
last-modified
Wed, 30 Jun 2021 15:27:03 GMT
server
cloudflare
etag
"12717b4a013de862452c4ffcf4e1c264"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z1fl0RIbA73UqAkupT69dZ3d9z7lC1T%2B18gXekCIFXUdBOm9oiL5Nur8Rn%2B0CPH647e1U2i0e9ND%2Bz92KXhjC%2B633v1MYyJEj01Wmr46PJBENvs0ADRatiy4MSOynHmh7%2BN5lIYn68OpHhHkXaL9NbTG"}],"group":"cf-nel","max_age":604800}
x-amz-request-id
Z9HMGHCVK8K9SZWF
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
content-type
font/woff2
fa-solid-900.woff2
use.fontawesome.com/releases/v5.0.10/webfonts/ 		43 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.0.10/webfonts/fa-solid-900.woff2
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb7aa6b06aa5a8eea3670662c4b0c37104041c14575fc170dc48677a0506a33a

Request headers

Referer
https://www.staradvertiser.com/
Origin
https://www.staradvertiser.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:29 GMT
access-control-allow-methods
GET
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
266815
cf-ray
6e05fd677d2f59f5-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44068
x-amz-id-2
sMrF6iWaXgoZDrQd6IHcFnCfkRFIPMbmgnQjF6t6sYnB8ABacdQR8Vf6HQ7FvVI3UAmnWFp6gog=
last-modified
Wed, 30 Jun 2021 15:27:03 GMT
server
cloudflare
etag
"84f351b3972185aed620f78489e48b2d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U6gKK6aZlFyLYN9Hh2Gpm7GCJQdljiDjAUYNPJ6jsmLOtyL4Ho83NM2lGabI4016ninl%2BavbnfvBYxbye1IaHwHaKZoQ9tTVSNJf09a5%2B8KSy%2Fa4%2Bt495eJa2a1DFN9Qqep%2FsVEhM%2B15hU2uRXiNZmdD"}],"group":"cf-nel","max_age":604800}
x-amz-request-id
ZJGNQRSTZ0M6H5BN
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
content-type
font/woff2
l
use.typekit.net/af/65a133/00000000000000003b9adc1a/27/ 		34 KB
34 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/65a133/00000000000000003b9adc1a/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:5f80:a::b212:e7c0 , Russian Federation, ASN50952 (DATAIX-AS Peering Ltd., RU),
Reverse DNS
Software
nginx /
Resource Hash
c0669f3efd6fb6d4fc87aefdcdd50a0f60cbe3c6e2f9d0c7e01fdfe43596c9d8

Request headers

Referer
https://www.staradvertiser.com/
Origin
https://www.staradvertiser.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:29 GMT
server
nginx
etag
"d1273710b7f550512dbb2ff62d904ba6dde81f28"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
34856
fa-brands-400.woff2
use.fontawesome.com/releases/v5.0.10/webfonts/ 		54 KB
55 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.0.10/webfonts/fa-brands-400.woff2
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8562087317b34c4b2ac60e28e272b7b33e37523aacd5f2adba7a4f108e415c6

Request headers

Referer
https://www.staradvertiser.com/
Origin
https://www.staradvertiser.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:29 GMT
access-control-allow-methods
GET
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6838363
cf-ray
6e05fd679d6c59f5-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
55144
x-amz-id-2
xC/1mx9DxtPvMerjqvZJL+Nt9uWTfQXfTcXmZUbURkhmJjWgUrf+Rr6Fn3XR4W5sQEx1sT8RNh8=
last-modified
Wed, 30 Jun 2021 15:27:03 GMT
server
cloudflare
etag
"2ac01f7650b5ab76bfebbc708928929e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D0bDfReBTXFua7ttHUQiuxCBzoQ%2F0vquTEbBVAXo6HisqmxeWdDiXBQt5040aGuBpFOmhkXetmMjvgWayP9YteKsCWQ2dF1o7Y9KFHG0hqGzWx4euMhpTAMIO1U3tkZ7eSg5MPPTiRBRCyJ8xHHMoPwj"}],"group":"cf-nel","max_age":604800}
x-amz-request-id
Z9HWVVWSE0XTHD52
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
content-type
font/woff2
369.json
id5-sync.com/g/v2/ Frame 6412 		213 B
540 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/369.json
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
141.95.3.9 , France, ASN16276 (OVH, FR),
Reverse DNS
p32.id5-sync.com
Software
/
Resource Hash
c237eafbdb4255f65a8f7059620878932225db625fcc6e5f6e79c5a50f51c557
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.staradvertiser.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.staradvertiser.com
Date
Sun, 20 Feb 2022 07:23:29 GMT
Access-Control-Allow-Credentials
true
Vary
Origin
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Content-Type
application/json;charset=UTF-8
wrap.js
confiant-integrations.global.ssl.fastly.net/gptprebidnative/202202161834/ Frame 6412 		184 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://confiant-integrations.global.ssl.fastly.net/gptprebidnative/202202161834/wrap.js
Requested by
Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/pOIAx-8QWovHK9PBpEctv-fzgXs/gpt_and_prebid/config.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
38e27f6cbe86b26bf65dff11b6d203ecc3231ddcd010cc89a3889f3c03bc3f73

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Sun, 20 Feb 2022 07:23:29 GMT
Content-Encoding
gzip
Age
606
X-Cache
HIT
Connection
keep-alive
Content-Length
59645
x-amz-id-2
M5VyQhY8WTEvqYhgzGZ1GXZ0F5OL3J1CSRR0M5FESKZJfwqMk5mWYHJVqcywx2G4vEvtmfHR6yU=
X-Served-By
cache-hhn4041-HHN
Last-Modified
Thu, 17 Feb 2022 18:21:30 GMT
Server
AmazonS3
X-Timer
S1645341810.911961,VS0,VE0
ETag
"724754dd331b2038d7b614ac5d8a9900"
x-amz-request-id
RZXQQ1BZETZHQ713
Via
1.1 varnish
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Content-Type
application/javascript; charset=utf-8
X-Cache-Hits
1554
77f805fb-9168-40ce-85e1-b91fa08f988a
https://www.staradvertiser.com/ Frame 4B2F 		789 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.staradvertiser.com/77f805fb-9168-40ce-85e1-b91fa08f988a
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
af79010f58afe12a54ef84b6e5c79b3c1c1542dfd88ff5ba29c0507a71f00d8a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Length
789
Content-Type
application/javascript
cast_sender.js
www.gstatic.com/eureka/clank/98/ Frame 429E 		52 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/eureka/clank/98/cast_sender.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3b3043a59925da95728c8d505da11bc06e2c7a502486e1c84fcc9445dee2ab96
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 00:33:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
24580
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15480
x-xss-protection
0
last-modified
Mon, 29 Nov 2021 16:03:53 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview-release"
vary
Accept-Encoding
report-to
{"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type
text/javascript
cache-control
public, max-age=86400
accept-ranges
bytes
expires
Mon, 21 Feb 2022 00:33:49 GMT
event
event.insticator.com/v1/ 		0
125 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://event.insticator.com/v1/event?event_name=event_pageview
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.4.6/rollbar.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.210.11.204 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-210-11-204.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Allow-Origin
*
Referer
https://www.staradvertiser.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-type
application/json

Response headers

access-control-allow-origin
https://www.staradvertiser.com
date
Sun, 20 Feb 2022 07:23:30 GMT
access-control-allow-credentials
true
content-length
0
vary
Origin
event
event.insticator.com/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://event.insticator.com/v1/event?event_name=event_pageview
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.210.11.204 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-210-11-204.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
access-control-allow-origin,content-type
Origin
https://www.staradvertiser.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Sun, 20 Feb 2022 07:23:29 GMT
content-length
0
vary
Origin
access-control-max-age
3600
access-control-allow-origin
https://www.staradvertiser.com
access-control-allow-headers
access-control-allow-origin,content-type
access-control-allow-methods
POST
access-control-allow-credentials
true
view
securepubads.g.doubleclick.net/pcs/ Frame 4B2F 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuy0c8H5KLbmu5olPiY1p31GYa4z0BVFBPStA-FvgZkrmDV4uhePdpN47V6DfxUZHhLAMBaN1pyqYiKU1b_FBJjwl94sD-MZAyoHlbVyavc-Vhoi7QpFmKWV2Dx5KW2QI3okbtCAmLU-f0wGbF_i4EzZyqZOSgdH_DJRY5iu7czaow3hWFzezrYgeZUX4XklVRHeRnBZDImyvasx6qJLK4drp3Le5CPVEyUU3IyWzbH8DUNhPP4kf8HxCaq8eXSFw5a7TIUVcnoNsefkIsNgBzcj9I4AnDVhBUlzmXTHzMt-z2e3P_PvTw2G1HrGLJkjEHfz1fpyGTCmyb41tKYW0sTlWFbyg&sig=Cg0ArKJSzLTzSblHfW9AEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 20 Feb 2022 07:23:29 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Sun, 20 Feb 2022 07:23:29 GMT
truncated
/ Frame 4B2F 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fc111d616b9e02be0db06a4a877dcd882fd92ae678e0f8a5311dd671cbfedf77

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type
image/png
934.json
id5-sync.com/g/v2/ 		213 B
540 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/934.json
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.4.6/rollbar.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
141.95.3.9 , France, ASN16276 (OVH, FR),
Reverse DNS
p32.id5-sync.com
Software
/
Resource Hash
173cf4e361059ca9571ffa462b018c0cb3ab42f65ae1bfa04855067330138ccf
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.staradvertiser.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.staradvertiser.com
Date
Sun, 20 Feb 2022 07:23:29 GMT
Access-Control-Allow-Credentials
true
Vary
Origin
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Content-Type
application/json;charset=UTF-8
id
id.crwdcntrl.net/ 		63 B
342 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.crwdcntrl.net/id
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.4.6/rollbar.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.140.199 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-140-199.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
4a17993276183fec7818ba36bce50b816903e7ed928fc3749ca8ba2b32f09c0d

Request headers

Referer
https://www.staradvertiser.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 20 Feb 2022 07:23:30 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://www.staradvertiser.com
cache-control
no-cache
x-server
10.45.16.24
access-control-allow-credentials
true
content-type
application/json;charset=utf-8
content-length
63
expires
0
rid
match.adsrvr.org/track/ 		109 B
548 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.4.6/rollbar.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
0464dd44a33d105a36f74f111f68cce8e8708ddc2337607e2021e15927793b0e

Request headers

Referer
https://www.staradvertiser.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 20 Feb 2022 07:23:30 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.staradvertiser.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
109
expires
Tue, 22 Mar 2022 07:23:30 GMT
envelope
api.rlcdn.com/api/identity/ 		44 B
333 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.rlcdn.com/api/identity/envelope?pid=1273
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.4.6/rollbar.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.133.55 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
55.133.120.34.bc.googleusercontent.com
Software
/
Resource Hash
da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.staradvertiser.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 20 Feb 2022 07:23:29 GMT
via
1.1 google
x-content-type-options
nosniff
access-control-allow-headers
Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
access-control-allow-methods
GET, OPTIONS
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.staradvertiser.com
access-control-allow-credentials
true
alt-svc
clear
content-length
44
photo-1625403701237-33d42c60a372
images.unsplash.com/ Frame EA32 		65 KB
65 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.unsplash.com/photo-1625403701237-33d42c60a372?ixid=Mnw4MTQ0MXwwfDF8c2VhcmNofDEzfHxwb3Bjb3JufGVufDB8fHx8MTY0NDczMjA5OQ&ixlib=rb-1.2.1&utm_source=api_app&utm_medium=referral&utm_campaign=api-credit&auto=format&w=600&h=500&fit=crop&crop=entropy
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:3::720 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
imgix /
Resource Hash
8a8badcb3cc1bebc9843702522f9c720a7ecd40dae88ab02e72a04253140f6fa
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:30 GMT
x-content-type-options
nosniff
last-modified
Sun, 06 Feb 2022 16:07:37 GMT
server
imgix
age
1178152
vary
Accept, User-Agent
x-cache
HIT, HIT
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=315360000
x-imgix-id
94dfb781246aa81c39fed3c2953b0b26ed15e68b
accept-ranges
bytes
content-length
66579
cross-origin-resource-policy
cross-origin
x-served-by
cache-sjc10040-SJC, cache-fra19140-FRA
/
www.facebook.com/tr/ Frame 9DDC 		0
15 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
Origin
https://www.staradvertiser.com
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/

Response headers

content-type
text/plain
access-control-allow-origin
https://www.staradvertiser.com
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
content-length
0
server
proxygen-bolt
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority
u=0
date
Sun, 20 Feb 2022 07:23:30 GMT
41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
d3plfjw9uod7ab.cloudfront.net/ad/ Frame C54B 		94 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3plfjw9uod7ab.cloudfront.net/ad/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Requested by
Host: 05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com
URL: https://05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:da00:13:a391:88c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b82b3b26f73cec97530fe064182ec7fad83a326a45ba746d58d69bd4de4b04e5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id
NoC6YGt5eCR14CGF_CePZnGYd_hZgCkD
content-encoding
br
last-modified
Thu, 17 Feb 2022 17:56:17 GMT
server
AmazonS3
age
202
etag
W/"ee61816da156df01dc9c34b3cece567f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 f8895de4463e8d120a0f4b4a1f7703e4.cloudfront.net (CloudFront)
cache-control
max-age=7200, public
date
Sun, 20 Feb 2022 07:23:29 GMT
x-amz-cf-pop
FRA53-C1
x-amz-cf-id
a-GUwYdMyW58CgIrcZqwuMmPjdDnvV0YXl2_adp2cQZqzf3UGVF3XA==
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220216/r20110914/client/ Frame C54B 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220216/r20110914/client/window_focus_fy2019.js
Requested by
Host: 05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com
URL: https://05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:00:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1370
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1233
x-xss-protection
0
server
cafe
etag
16517525077337815633
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 06 Mar 2022 07:00:40 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame C54B 		124 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com
URL: https://05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5b9794842e89dcec3790d21b95acce36c08673d4162e745dc440e6766534ed53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38723
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1645015031201889"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 20 Feb 2022 07:23:30 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220216/r20110914/client/ Frame C54B 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220216/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com
URL: https://05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
78ea6d7806beda2d76bb7d9abb14b034ad476a897376c270aefcf40a2f49316c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:05:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1110
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6438
x-xss-protection
0
server
cafe
etag
12093742715590823996
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 06 Mar 2022 07:05:00 GMT
l
www.google.com/ads/measurement/ Frame C54B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQba2dK6d4kSAG-uiBGhV13zC39qqlDjLIwvP54QW51-TkExCqXpXqs5K4eLnKEqf0gZyBkJkRmVLH4x6sSaq0q8-jmpA
Requested by
Host: 05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com
URL: https://05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame C54B 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: 05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com
URL: https://05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 19:07:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
389790
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 15 Feb 2023 19:07:00 GMT
41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
d3plfjw9uod7ab.cloudfront.net/ad/ Frame 8641 		94 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3plfjw9uod7ab.cloudfront.net/ad/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Requested by
Host: 05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com
URL: https://05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:da00:13:a391:88c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b82b3b26f73cec97530fe064182ec7fad83a326a45ba746d58d69bd4de4b04e5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id
NoC6YGt5eCR14CGF_CePZnGYd_hZgCkD
content-encoding
br
last-modified
Thu, 17 Feb 2022 17:56:17 GMT
server
AmazonS3
age
202
etag
W/"ee61816da156df01dc9c34b3cece567f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 f8895de4463e8d120a0f4b4a1f7703e4.cloudfront.net (CloudFront)
cache-control
max-age=7200, public
date
Sun, 20 Feb 2022 07:23:29 GMT
x-amz-cf-pop
FRA53-C1
x-amz-cf-id
4qFCzhkBO8jGjOSTNzNX53nI6-I92nMF8Gmr4J1ZIhOxuQmDRjxyGQ==
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220216/r20110914/client/ Frame 8641 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220216/r20110914/client/window_focus_fy2019.js
Requested by
Host: 05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com
URL: https://05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:00:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1370
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1233
x-xss-protection
0
server
cafe
etag
16517525077337815633
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 06 Mar 2022 07:00:40 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 8641 		124 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com
URL: https://05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5b9794842e89dcec3790d21b95acce36c08673d4162e745dc440e6766534ed53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38723
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1645015031201889"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 20 Feb 2022 07:23:30 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220216/r20110914/client/ Frame 8641 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220216/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com
URL: https://05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
78ea6d7806beda2d76bb7d9abb14b034ad476a897376c270aefcf40a2f49316c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:05:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1110
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6438
x-xss-protection
0
server
cafe
etag
12093742715590823996
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 06 Mar 2022 07:05:00 GMT
l
www.google.com/ads/measurement/ Frame 8641 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRDdvy7vrP6ov5GTFeYFzVkfks_FZ068r8SvVCCj1GZF2uPxNCkkX8MLe_qopxVrIisSs5T28Z4Q1I50J8xq711C6XRDw
Requested by
Host: 05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com
URL: https://05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 8641 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: 05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com
URL: https://05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 19:07:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
389790
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 15 Feb 2023 19:07:00 GMT
config
c.amazon-adsystem.com/cdn/prod/ Frame 6C9F 		0
0
bid
c.amazon-adsystem.com/e/dtb/ Frame 6C9F 		23 B
495 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.staradvertiser.com%2F&pid=zFfjbfjRDtWji&cb=0&ws=728x90&v=7.73.0&t=2000&slots=%5B%7B%22sd%22%3A%2267473%22%2C%22s%22%3A%5B%22728x90%22%5D%7D%5D&cfgv=1&schain=1.0%2C1!firstimpression.io%2C7470%2C1%2C%2C%2C&pubid=4cd01fd0-0780-4b33-a4da-c39467660185&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.250.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-250-78.fra6.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:30 GMT
via
1.1 f038e7175be9761825b2eefc2b0a832e.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA6-C1
x-amz-rid
7J627TSX5080T9X5BTFG
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.staradvertiser.com
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
23
x-amz-cf-id
IqZuxdoGZe7Qg3MyPoYY4sgpPwHPYikbObpoTMf3T8r7RrN5fbd8Kw==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame 6C9F 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.250.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-250-78.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id
kI14R7urpxgHjeMWGWlNpVn0IgFose_t
content-encoding
gzip
etag
W/"a4d296427fc806b21335359e398c025c"
age
21226
x-cache
Hit from cloudfront
access-control-max-age
3000
access-control-allow-origin
*
last-modified
Sat, 19 Feb 2022 01:26:04 GMT
server
AmazonS3
date
Sun, 20 Feb 2022 01:29:45 GMT
vary
Origin
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 f0a97a8c56cd2bb79a1739863489ed4c.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
FRA6-C1
x-amz-cf-id
ap2QTPx-ASCodYlMx7QbxxI3qmlVBnyWsHsHovcqT8241iBdtvr_Ww==
tp-production
us-central1-kube-ownlocal.cloudfunctions.net/ Frame EA32 		26 B
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-central1-kube-ownlocal.cloudfunctions.net/tp-production?stm=1645341810073&e=pv&url=https%3A%2F%2Fwww.staradvertiser.com%2F&page=AdForge%20Ad%20Unit&tv=js-2.10.2&tna=origami-tracker&aid=origami-unit&p=web&tz=UTC&lang=en-US&cs=UTF-8&f_pdf=1&f_qt=0&f_realp=0&f_wma=0&f_dir=0&f_fla=0&f_java=0&f_gears=0&f_ag=0&res=1600x1200&cd=24&cookie=1&eid=eea5ac48-7343-4198-9ee3-0b66336bd8f6&dtm=1645341809538&vp=300x250&ds=300x250&vid=1&sid=0c886380-73bc-45b5-99ca-728a41b52c0f&duid=b70fb51b-ce07-4b05-aae5-6a5e9bd38f80&fp=839606422&cx=eyJzY2hlbWEiOiJpZ2x1OmNvbS5zbm93cGxvd2FuYWx5dGljcy5zbm93cGxvdy9jb250ZXh0cy9qc29uc2NoZW1hLzEtMC0wIiwiZGF0YSI6W3sic2NoZW1hIjoiaWdsdTpjb20ub3dubG9jYWwvb3JpZ2FtaV9jdHgvanNvbnNjaGVtYS8xLTAtMCIsImRhdGEiOnsiYWlkIjoiNTc3MzI0OWItYTFmMy00MzZjLWJkNmUtNmFmMGIwMGU4NGUwIiwiYmlkIjoiZDExMjRiMmUtYzQ4NC00ZTViLThhM2UtMmU1OWU5MWEwYmFlIiwicGlkIjoiMTFkOGJmMDEtNGEwZC00MmYxLTljODItMzlmMWI3NzI2MjM0In19XX0
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:36::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend / Express
Resource Hash
09f9f507e1b9603cb213244da6e536b850fc6934a4e28701a53a341562e62c34

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:30 GMT
server
Google Frontend
x-powered-by
Express
etag
W/"1a-Hjpuc/IrHLWXlDT8bmHFqznVniY"
content-type
image/gif; charset=utf-8
access-control-allow-origin
*
x-cloud-trace-context
d6fa15f230763665a4eb86caaa3fbae0
function-execution-id
lk4s9xzsrrpc
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26
41e899d4-eecb-4906-b3ea-3f7a3f7fae2f
analyticssystems.net/api/v2/ad/impression/ Frame C54B 		0
588 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analyticssystems.net/api/v2/ad/impression/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f?rand=644474
Requested by
Host: 05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com
URL: https://05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:251b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:30 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aLlGD2qQSkSBjhm8pobMULCiyDD6mufoZJlHKpruQKIgckYUxTibNCCl%2FGgGTkVBrM2iyAsjDUDcTtPJ2sbbxFkCzZOfpqWjm5e4oeARzSGLPrX9Djw9xHE4Yr9NJ6le04ven%2BBG9u5x32KJ%2FQGv5dMpgw%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
cf-ray
6e05fd69cbda5a07-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-request-id
FtVtqLdRVbe09XIBCVOh
41e899d4-eecb-4906-b3ea-3f7a3f7fae2f
analyticssystems.net/api/v2/ad/impression/ Frame 8641 		0
549 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analyticssystems.net/api/v2/ad/impression/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f?rand=808388
Requested by
Host: 05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com
URL: https://05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:251b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:30 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GyXY3W2Dr78k1091ARRJInkncJQuWYAozgrQRlBlZRBSToRArmjtNNV9uVxIn6Deg2LFHnuVPy1GV0yiICcRTHEFh8oonw5MEAJ3h4N11sj3U3DIhS%2FZK%2BBU4p%2Fd8VTstltK0RP2ZovsVIlrcwtknm2fZw%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
cf-ray
6e05fd69cbd85a07-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-request-id
FtVtqLc3GgNhmeEOIb8h
b3dcc2e7-ca9a-4d5d-84a2-760b77ca2f17
https://05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com/ Frame C54B 		789 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com/b3dcc2e7-ca9a-4d5d-84a2-760b77ca2f17
Requested by
Host: 05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com
URL: https://05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
af79010f58afe12a54ef84b6e5c79b3c1c1542dfd88ff5ba29c0507a71f00d8a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Length
789
Content-Type
application/javascript
65665490-d8d0-4ce0-b7fb-e3f59e430fdd
https://05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com/ Frame 8641 		789 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com/65665490-d8d0-4ce0-b7fb-e3f59e430fdd
Requested by
Host: 05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com
URL: https://05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
af79010f58afe12a54ef84b6e5c79b3c1c1542dfd88ff5ba29c0507a71f00d8a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Length
789
Content-Type
application/javascript
adview
securepubads.g.doubleclick.net/pagead/ Frame C54B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=Cslw_cewRYvavFJGtrASy078okOGBhFy2qMKK8ALAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItMjY5NzY3OTUxODUxNTg4NqABwq7o3QPIAQmpAp0pDB5p_rI-4AIAqAMBqgSbAk_QczSlLdcBlsF-mkzUz9sJadjP1bbZMu-SJiErm0Ekgcgx7gaf_JiipaxC40u6fGOCL7osbGiUwxFGo-mcNGQ0u3Xaj4a7NKeEB9vY7GAF9v20gaOQa1uzod7i4UUB-1SUJEGMqLyEklKC_NYToma5WnT9C--MsaTMvAFr0TsazeJDxEzpz6hED3hj-pwKaEQN6qJx0eJVI0TWPligNQipOvff4z9c62asDrYDe5MDEF8qMpE7m8zj6Ykl3NT0osUtZoeWE2U20SkLYfsNzcm--EkqGrqOu6Jx23g8ZFn3qoWmm9T99EihGo99LBZ8zPDP038kY-0g7-bYyE1m_fHiO3FmsOK-d_PHH1NzQCOKbNM62Oinv1BwA3jgBAGABpmr2p2-gM3fP6AGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBABgAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTI2OTc2Nzk1MTg1MTU4ODYY1MQM&sigh=Y6v1-oPSHM4&uach_m=[UACH]&cid=CAQSOwCNIrLM7z4gcJ2VTym3nfS5MFpeJvCq-1IKDOC33S21llXgM8VYfWIlU26o6T2a8f5tlbKVB1capQDSGAE
Requested by
Host: 05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com
URL: https://05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers
winResponse
prod-rtb.ad4mat.net/ Frame C54B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prod-rtb.ad4mat.net/winResponse?a=1gznx6854bz6c73d9ca4erwrg41ds20qv3h15jr55n9hp7518sr96573cngtq6kbgjmn1gd6pc7s8wvr3nw7z8sz8hqvvc9z8pm12k0fnmmy7q3vxt0ea5xjg296gvkh46vcgcr8657p9v0ee5mg61bdwfyqffbjy359pk1p0xvghye399a2ncpm2j2395tz4nw0cqcz96cbnja2a5hpmwaz5ek53h388pwkssxd7mn1vn07qb1c5c1ymc8fscmmea30d5rs7qywt07e2xf3dj9xrhpcxf2pcpk68xcrjagqpctn539ceeykdbb8m9rjcbp8hqa9hc9tmw5chzwsm4vpx83hvxsrxmnqtqyvt4espvkvtvj564wr2qy2re97ccdxgawk6nknvxndna83mzt0cv9zryn4s8&b=YhHscQAFF_YKixaRAA_psq4qEa_Gm-_qNgIMxA
Requested by
Host: 05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com
URL: https://05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 20 Feb 2022 07:23:30 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
image/gif
dr
as.ad4m.at/ad/ Frame D27A 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/dr?ed=1gm74aafdtkg3gh22a7ff0ra6fm4qvhh9t9yfehx8b9p6d8z2hd94grj8m6nk90syfjb8k1gjawzz348x6gzmxqahrp1jaysnts8cng4rzsz8fta4navcbvpvpn16ra0pfej8qkv2h54077kd5cyzc2fcde4sdj3n1crmn68m7wsj2fbn3mcgfj644259f0b1b2tmc9r79s6k00wy8k7kd769dze22vyyv55r1dr00f7var11tc677sv96mdvme0p7ese894vk696m7etfr64ya8b8w0v8vfgdfhad29m6mw6bscc61pvrrhaj1zq6hhpwzczfy2tztndhr3p8ebrymbppxer8dhg50xe85bhe7fp7dkv3v4654ppq8s7a0kjjywe9e7m0w4dbkgkqxsf4dc3c7e229hcvdezy1j0bwksggmk37ebzfrqcv4yw20vc&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCtacfcewRYvavFJGtrASy078okOGBhFy2qMKK8ALAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItMjY5NzY3OTUxODUxNTg4NqABwq7o3QPIAQmpAp0pDB5p_rI-4AIAqAMBqgSeAk_QczSlLdcBlsF-mkzUz9sJadjP1bbZMu-SJiErm0Ekgcgx7gaf_JiipaxC40u6fGOCL7osbGiUwxFGo-mcNGQ0u3Xaj4a7NKeEB9vY7GAF9v20gaOQa1uzod7i4UUB-1SUJEGMqLyEklKC_NYToma5WnT9C--MsaTMvAFr0TsazeJDxEzpz6hED3hj-pwKaEQN6qJx0eJVI0TWPligNQipOvff4z9c62asDrYDe5MDEF8qMpE7m8zj6Ykl3NT0osUtZoeWE2U20SkLYfsNzcm--EkqGrqOu6Jx23g8ZFn3qoWmm9T99EihGo99LBZ8zPDP038kIe8BfTEhTw2uerl04Tj0QtuqfV7NMUuuwOHD_iuuxsS_aozvQ7AlWozgBAGABpmr2p2-gM3fP6AGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0KhLFFwm7eYzkBLWJ74jgP9N0K9w%26client%3Dca-pub-2697679518515886%26adurl%3D
Requested by
Host: 05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com
URL: https://05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
896b8f17a43af25c26a4c5101c57516bb09e837bdaa8235e630aedf629c277e2
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com/

Response headers

date
Sun, 20 Feb 2022 07:23:30 GMT
content-type
text/html; charset=utf-8
strict-transport-security
max-age=86400; includeSubDomains; preload
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options
noopen
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection
1; mode=block
cross-origin-embedder-policy
unsafe-none
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy
same-origin
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires
0
surrogate-control
no-store
pragma
no-cache
cross-origin-opener-policy
unsafe-none
via
1.1 google
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6e05fd69cbe783af-MXP
content-encoding
br
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 684F 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com
URL: https://05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
date
Sat, 19 Feb 2022 13:26:12 GMT
expires
Sun, 20 Feb 2022 13:26:12 GMT
cache-control
public, max-age=86400
age
64638
etag
48472445140208031
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
adview
securepubads.g.doubleclick.net/pagead/ Frame 8641 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CjY6acewRYv28FKKhrAS1mIDYDZDhgYRctqjCivACwI23ARABIABglfrwgYwHggEXY2EtcHViLTI2OTc2Nzk1MTg1MTU4ODagAcKu6N0DyAEJqQKdKQweaf6yPuACAKgDAaoEoAJP0LTAGp1eMAjeA7AxWk6Ldftu1E0u9r29_BTiBeCDaZbYErho4rF5pVW3kfCmZu7CI5UzL7nmaNrNAAjs7GOxHNez1DXpOJApSezLkQqukjm9iuFrdj2bQNMxYIozCN9N0E5qCbvxwidDuUykfNFDNiQvH6lok3SDxUr1UFheR56cXf2MDg8Y7Vql3AF3BphWFdsaX7MQinNQwBSB39pvrXLl8WNRqj2JoP89C-dD3zMiqJPIPT7MFwe9kuW7AxLK6mMv36zi77ZfBLulg8v5XbGycFMbm8askJCoodH9bG12ZXaB8sAUeXU954OV6hHxVB0EENqi4S3kqpfW9LwtsrxtmTWrdSRHULN_ySM6AgLWuWsBCvcA1MPvkCT3gPvgBAGABvCxjeX2iL7sb6AGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBABgAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTI2OTc2Nzk1MTg1MTU4ODYY1MQM&sigh=sT9TAAVQTrc&uach_m=[UACH]&cid=CAQSOwCNIrLMTLzHkEVrl0EDzxuHlYbjZnL4jLCFYipDPp_PStI5AEK1gFG8VeNVjLaIvM9s-v7d2ebHdpKYGAE
Requested by
Host: 05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com
URL: https://05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers
winResponse
prod-rtb.ad4mat.net/ Frame 8641 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prod-rtb.ad4mat.net/winResponse?a=1hmgcvt172ya513w8h8qnsmgmt026e4n2btcedcb9hpevz7rsbwh7wwwstywsmnc8pbffyzrkksvwbgnwh6zw986w5xyv3bccyk41vvb3y769b5b6tsp1ffh8kggz06cvs1vy6zvfz22c2amhq9w1p0qaavnw2drk65t22c7e9g2rwww7ep4kvz7ncvmqgjq6vwc1g3cntnjh6dz3nrt4yz9j0aa593s6z4rhwp1fp8fdhmepqs70ps528m6etkz0nqa8tf8vd6dcx6rds7n7566whsgctwxg78pjprzjbhx1vk38qmykd60577dmj0c3ef1k3ewwc4jq2e1tkbg1bkz0jz5enqknx8cvpy2sv9vkc1r24w09t2c22x43majbrbq772nc55jt7mqj7hr0s7v1zwb5fy41m&b=YhHscQAFHn0KixCiAAAMNZWCUdEn1Hf6C2dxCQ
Requested by
Host: 05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com
URL: https://05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 20 Feb 2022 07:23:30 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
image/gif
dr
as.ad4m.at/ad/ Frame A685 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/dr?ed=1ke16xgvvqf80jxazjhvydvva1sa6xzmggxyn4qmfhbyq7q024pjrcpcpsh4wpqy8m917fkyvesp8mvcxjpdn6z8nap49eza5yxwh58v9fgmrzyxcfz1qppmm9hjnqyh6j6j5q6sqa2wr828g7n95ndr4vb3fajmqraet4j3z4w845tqzpqkzzdexses0efzz14aww0efb28tz8mjyh1js4v3hgna4xbfzn0nn5sk7c6zntjfp3c49s7j12wy6x4dkt9yeyttyvbbbd29r5q8dp6qzwfw5ry2acm322fcz2nnzxj9szrbtkbntmvb59m3tzr1pcf7dneyjwd01d0bbqm3xat3vks31m8nkpd3m2xa3v4bdw27z4jzbfyxqbcaqtbfkgkae7c1z02yqjh87y46jnb5ewcpz57a1e5f0w1czxr09b9zh07z4rj65he8d3g&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC0UWocewRYv28FKKhrAS1mIDYDZDhgYRctqjCivACwI23ARABIABglfrwgYwHggEXY2EtcHViLTI2OTc2Nzk1MTg1MTU4ODagAcKu6N0DyAEJqQKdKQweaf6yPuACAKgDAaoEowJP0LTAGp1eMAjeA7AxWk6Ldftu1E0u9r29_BTiBeCDaZbYErho4rF5pVW3kfCmZu7CI5UzL7nmaNrNAAjs7GOxHNez1DXpOJApSezLkQqukjm9iuFrdj2bQNMxYIozCN9N0E5qCbvxwidDuUykfNFDNiQvH6lok3SDxUr1UFheR56cXf2MDg8Y7Vql3AF3BphWFdsaX7MQinNQwBSB39pvrXLl8WNRqj2JoP89C-dD3zMiqJPIPT7MFwe9kuW7AxLK6mMv36zi77ZfBLulg8v5XbGycFMbm8askJCoodH9bG12ZXaB8sAUeXU954OV6hHxVB0EENqi4S3k6JX3ZmvUNfylHn09r23Vooprw44wLBoLOalImA-Uyu_3RfhowDPgSWHgBAGABvCxjeX2iL7sb6AGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2srrs_Ri6zCxnrr-Jf6E0tw1sukw%26client%3Dca-pub-2697679518515886%26adurl%3D
Requested by
Host: 05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com
URL: https://05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8de3a19de0d4801a98e2a05f3fe425ba220f27c003ff4580f5a623148287c066
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com/

Response headers

date
Sun, 20 Feb 2022 07:23:30 GMT
content-type
text/html; charset=utf-8
strict-transport-security
max-age=86400; includeSubDomains; preload
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options
noopen
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection
1; mode=block
cross-origin-embedder-policy
unsafe-none
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy
same-origin
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires
0
surrogate-control
no-store
pragma
no-cache
cross-origin-opener-policy
unsafe-none
via
1.1 google
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6e05fd69cbec83af-MXP
content-encoding
br
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame C81F 		1 KB
783 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com
URL: https://05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
date
Sat, 19 Feb 2022 13:26:12 GMT
expires
Sun, 20 Feb 2022 13:26:12 GMT
cache-control
public, max-age=86400
age
64638
etag
48472445140208031
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 8641 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9b3fc157c518a0276ac25c2ff523f20eb3e7fa8a7966a3c8a45b89a67382238a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame C54B 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f1c12ecdc734146fefdea82ef9659cc5b31facfcc2d87dc5abbe3e1b1a8b62be

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type
image/png
i.match
s.tribalfusion.com/z/ Frame 684F
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEBLCuk3sWka4P6fwVDdya7s&google_cver=1&google_push=AYg5qPIIe_ipgHUb-dvlspguFQWFUJ5XrqsXNsExRAk5Y8rfiEqHQmvMGtqR-koJDstTwVvEws8op36m9YLvYknVu-hI1JrcGLos&...
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEBLCuk3sWka4P6fwVDdya7s&google_cver=1&google_push=AYg5qPIIe_ipgHUb-dvlspguFQWFUJ5XrqsXNsExRAk5Y8rfiEqHQmvMGtqR-koJDstTwVvEws8op36m9YLvYknVu-hI1JrcGLo...
43 B
415 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEBLCuk3sWka4P6fwVDdya7s&google_cver=1&google_push=AYg5qPIIe_ipgHUb-dvlspguFQWFUJ5XrqsXNsExRAk5Y8rfiEqHQmvMGtqR-koJDstTwVvEws8op36m9YLvYknVu-hI1JrcGLos&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPIIe_ipgHUb-dvlspguFQWFUJ5XrqsXNsExRAk5Y8rfiEqHQmvMGtqR-koJDstTwVvEws8op36m9YLvYknVu-hI1JrcGLos%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: 05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com
URL: https://05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Server
2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 20 Feb 2022 07:23:30 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
6e05fd6b7e8c8397-MXP
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
content-type
image/gif; charset=utf-8
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 20 Feb 2022 07:23:30 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
643
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
6e05fd6a3beb8397-MXP
p3p
CP="NOI DEVo TAIa OUR BUS"
location
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEBLCuk3sWka4P6fwVDdya7s&google_cver=1&google_push=AYg5qPIIe_ipgHUb-dvlspguFQWFUJ5XrqsXNsExRAk5Y8rfiEqHQmvMGtqR-koJDstTwVvEws8op36m9YLvYknVu-hI1JrcGLos&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPIIe_ipgHUb-dvlspguFQWFUJ5XrqsXNsExRAk5Y8rfiEqHQmvMGtqR-koJDstTwVvEws8op36m9YLvYknVu-hI1JrcGLos%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
cache-control
no-cache, private
content-type
text/html
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 684F
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEB5rlrhpQaoZxLFj7ta8NR8&google_push=AYg5qPIbXzNHbBoWQQ0pZ9G3ZuMJXG4vvXHGepHnm-ddbUc1wv0Xbls6ob...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEB5rlrhpQaoZxLFj7ta8NR8&google_push=AYg5qPIbXzNHbBoWQQ0pZ9G3ZuMJXG4vvXHGepHnm-ddbUc1wv0Xbls6obYwc6usZgwVEuA0OZWLD9vxcXRsWyoP5Eu_H7TXyfU
Requested by
Host: 05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com
URL: https://05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 20 Feb 2022 07:23:30 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 20 Feb 2022 07:23:30 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1645341810.272474,VS0,VE93
x-served-by
cache-hhn4075-HHN
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
location
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEB5rlrhpQaoZxLFj7ta8NR8&google_push=AYg5qPIbXzNHbBoWQQ0pZ9G3ZuMJXG4vvXHGepHnm-ddbUc1wv0Xbls6obYwc6usZgwVEuA0OZWLD9vxcXRsWyoP5Eu_H7TXyfU
cache-control
no-cache
accept-ranges
bytes
access-control-allow-origin
*
content-length
0
x-cache-hits
0
pixel
cm.g.doubleclick.net/ Frame 684F
Redirect Chain
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESECPkBtPkZQodKrrM2VHRN8w&google_cver=1&google_push=AYg5qPL-yHdvN2s1U8VORFOxlCGXk_SNCnPgd5mLUHp5FzTs89fCohVMwc_5RlROh--EaWRHQwdaMh8EZ69...
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AYg5qPL-yHdvN2s1U8VORFOxlCGXk_SNCnPgd5mLUHp5FzTs89fCohVMwc_5RlROh--EaWRHQwdaMh8EZ69N5STpaRnidh2hkON7&google_hm=uzAvxmVKSs6ouj1ABrlaeh0
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AYg5qPL-yHdvN2s1U8VORFOxlCGXk_SNCnPgd5mLUHp5FzTs89fCohVMwc_5RlROh--EaWRHQwdaMh8EZ69N5STpaRnidh2hkON7&google_hm=uzAvxmVKSs6ouj1ABrlaeh0
Requested by
Host: 05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com
URL: https://05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 20 Feb 2022 07:23:30 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 20 Feb 2022 07:23:29 GMT
via
1.1 google
server
Apache-Coyote/1.1
status
302
p3p
CP="NOI DSP COR NID CUR OUR NOR"
location
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AYg5qPL-yHdvN2s1U8VORFOxlCGXk_SNCnPgd5mLUHp5FzTs89fCohVMwc_5RlROh--EaWRHQwdaMh8EZ69N5STpaRnidh2hkON7&google_hm=uzAvxmVKSs6ouj1ABrlaeh0
cache-control
no-cache, must-revalidate
content-type
text/html;charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 684F
Redirect Chain
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEF3DqQ3dRzjHiS2rtMuImBc&google_cver=1&google_push=AYg5qPLCqB3xvYqIYD5U1gwe46FcgjBGGSHzifdnS3Cm-uZzcGQEfc0_hHcCa3jIm3Zf8CDuCm2OeblfuBP10sKd...
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=y4jiZrZpTOyhA5ZBpwFvfQ2&google_push=AYg5qPLCqB3xvYqIYD5U1gwe46FcgjBGGSHzifdnS3Cm-uZzcGQEfc0_hHcCa3jIm3Zf8CDuCm2OeblfuBP10sKdOsz3Cpw0Ch4
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=y4jiZrZpTOyhA5ZBpwFvfQ2&google_push=AYg5qPLCqB3xvYqIYD5U1gwe46FcgjBGGSHzifdnS3Cm-uZzcGQEfc0_hHcCa3jIm3Zf8CDuCm2OeblfuBP10sKdOsz3Cpw0Ch4
Requested by
Host: 05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com
URL: https://05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 20 Feb 2022 07:23:30 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sun, 20 Feb 2022 07:23:30 GMT
via
1.1 google
x-engine-version
0.0.0
server
nginx/1.15.12
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=y4jiZrZpTOyhA5ZBpwFvfQ2&google_push=AYg5qPLCqB3xvYqIYD5U1gwe46FcgjBGGSHzifdnS3Cm-uZzcGQEfc0_hHcCa3jIm3Zf8CDuCm2OeblfuBP10sKdOsz3Cpw0Ch4
x-host
tde-deliveryengine-production-5f896b4797-7vl4p
alt-svc
clear
content-length
0
pixel
cm.g.doubleclick.net/ Frame 684F
Redirect Chain
  • https://onetag-sys.com/sync/i,19/?google_gid=CAESEN9bMmeLi-KMB356UWz9obU&google_cver=1&google_push=AYg5qPIEoAXPDPrMxk60bDmQiH59_Q2GUe69vHv2A80LphZW_GxMwZ2WW1Z8G1UVduh3pqMrHhM8GBN_M62pYlzqMxX_1Csn08w
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIEoAXPDPrMxk60bDmQiH59_Q2GUe69vHv2A80LphZW_GxMwZ2WW1Z8G1UVduh3pqMrHhM8GBN_M62pYlzqMxX_1Csn08w
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIEoAXPDPrMxk60bDmQiH59_Q2GUe69vHv2A80LphZW_GxMwZ2WW1Z8G1UVduh3pqMrHhM8GBN_M62pYlzqMxX_1Csn08w
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIEoAXPDPrMxk60bDmQiH59_Q2GUe69vHv2A80LphZW_GxMwZ2WW1Z8G1UVduh3pqMrHhM8GBN_M62pYlzqMxX_1Csn08w
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIEoAXPDPrMxk60bDmQiH59_Q2GUe69vHv2A80LphZW_GxMwZ2WW1Z8G1UVduh3pqMrHhM8GBN_M62pYlzqMxX_1Csn08w
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIEoAXPDPrMxk60bDmQiH59_Q2GUe69vHv2A80LphZW_GxMwZ2WW1Z8G1UVduh3pqMrHhM8GBN_M62pYlzqMxX_1Csn08w
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIEoAXPDPrMxk60bDmQiH59_Q2GUe69vHv2A80LphZW_GxMwZ2WW1Z8G1UVduh3pqMrHhM8GBN_M62pYlzqMxX_1Csn08w
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIEoAXPDPrMxk60bDmQiH59_Q2GUe69vHv2A80LphZW_GxMwZ2WW1Z8G1UVduh3pqMrHhM8GBN_M62pYlzqMxX_1Csn08w
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIEoAXPDPrMxk60bDmQiH59_Q2GUe69vHv2A80LphZW_GxMwZ2WW1Z8G1UVduh3pqMrHhM8GBN_M62pYlzqMxX_1Csn08w
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIEoAXPDPrMxk60bDmQiH59_Q2GUe69vHv2A80LphZW_GxMwZ2WW1Z8G1UVduh3pqMrHhM8GBN_M62pYlzqMxX_1Csn08w
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIEoAXPDPrMxk60bDmQiH59_Q2GUe69vHv2A80LphZW_GxMwZ2WW1Z8G1UVduh3pqMrHhM8GBN_M62pYlzqMxX_1Csn08w
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIEoAXPDPrMxk60bDmQiH59_Q2GUe69vHv2A80LphZW_GxMwZ2WW1Z8G1UVduh3pqMrHhM8GBN_M62pYlzqMxX_1Csn08w
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIEoAXPDPrMxk60bDmQiH59_Q2GUe69vHv2A80LphZW_GxMwZ2WW1Z8G1UVduh3pqMrHhM8GBN_M62pYlzqMxX_1Csn08w
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIEoAXPDPrMxk60bDmQiH59_Q2GUe69vHv2A80LphZW_GxMwZ2WW1Z8G1UVduh3pqMrHhM8GBN_M62pYlzqMxX_1Csn08w
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIEoAXPDPrMxk60bDmQiH59_Q2GUe69vHv2A80LphZW_GxMwZ2WW1Z8G1UVduh3pqMrHhM8GBN_M62pYlzqMxX_1Csn08w
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIEoAXPDPrMxk60bDmQiH59_Q2GUe69vHv2A80LphZW_GxMwZ2WW1Z8G1UVduh3pqMrHhM8GBN_M62pYlzqMxX_1Csn08w
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIEoAXPDPrMxk60bDmQiH59_Q2GUe69vHv2A80LphZW_GxMwZ2WW1Z8G1UVduh3pqMrHhM8GBN_M62pYlzqMxX_1Csn08w
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIEoAXPDPrMxk60bDmQiH59_Q2GUe69vHv2A80LphZW_GxMwZ2WW1Z8G1UVduh3pqMrHhM8GBN_M62pYlzqMxX_1Csn08w
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIEoAXPDPrMxk60bDmQiH59_Q2GUe69vHv2A80LphZW_GxMwZ2WW1Z8G1UVduh3pqMrHhM8GBN_M62pYlzqMxX_1Csn08w
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIEoAXPDPrMxk60bDmQiH59_Q2GUe69vHv2A80LphZW_GxMwZ2WW1Z8G1UVduh3pqMrHhM8GBN_M62pYlzqMxX_1Csn08w
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIEoAXPDPrMxk60bDmQiH59_Q2GUe69vHv2A80LphZW_GxMwZ2WW1Z8G1UVduh3pqMrHhM8GBN_M62pYlzqMxX_1Csn08w
0
0
pixel
cm.g.doubleclick.net/ Frame 684F
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEBXx2VuHQNf2wJGAl_qMrnA&google_cver=1&google_push=AYg5qPJw1aN1Ev101yn_ALTMI2HjKhsiHQKTOyzjM4NDRi3Efc22HQIlfSoCHdPH9JnhqhXJJ4...
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEBXx2VuHQNf2wJGAl_qMrnA&google_cver=1&google_push=AYg5qPJw1aN1Ev101yn_ALTMI2HjKhsiHQKTOyzjM4NDRi3Efc22HQIlfSoCHdPH9JnhqhXJJ4...
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1TS1ZBU0hGRTJ1RnFGbFN1VUJ3VEVfcXBsLklvWVJ4UX5B&google_push=AYg5qPJw1aN1Ev101yn_ALTMI2HjKhsiHQKTOyzjM4NDRi3Efc22HQIlf...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1TS1ZBU0hGRTJ1RnFGbFN1VUJ3VEVfcXBsLklvWVJ4UX5B&google_push=AYg5qPJw1aN1Ev101yn_ALTMI2HjKhsiHQKTOyzjM4NDRi3Efc22HQIlfSoCHdPH9JnhqhXJJ4eBJ1lZxHYLQpTa_larI9_QFLuidA
Requested by
Host: 05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com
URL: https://05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 20 Feb 2022 07:23:30 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1TS1ZBU0hGRTJ1RnFGbFN1VUJ3VEVfcXBsLklvWVJ4UX5B&google_push=AYg5qPJw1aN1Ev101yn_ALTMI2HjKhsiHQKTOyzjM4NDRi3Efc22HQIlfSoCHdPH9JnhqhXJJ4eBJ1lZxHYLQpTa_larI9_QFLuidA
date
Sun, 20 Feb 2022 07:23:30 GMT
server
ATS/9.1.0.33
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
/
onetag-sys.com/sync/i,19/ Frame 684F
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEN9bMmeLi-KMB356UWz9obU&google_cver=1&google_push=AYg5qPLL-3lqju87cwEvpJXEyKZh9Q-SrykEl5aqqOQWZ0MmkLIGONR-0m1cATLlA7PoZ0xcxQLoTiZWrgl...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AYg5qPLL-3lqju87cwEvpJXEyKZh9Q-SrykEl5aqqOQWZ0MmkLIGONR-0m1cATLlA7PoZ0xcxQLoTiZWrgl9-8AzNOgOFGbzIi1k
  • https://onetag-sys.com/sync/i,19/?google_error=5
0
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/sync/i,19/?google_error=5
Requested by
Host: 05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com
URL: https://05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-cache, no-transform
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Sun, 20 Feb 2022 07:23:30 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/sync/i,19/?google_error=5
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
245
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 684F 		0
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LdP795IoB7yyFz2m9eBEcb5OhfP3W7sH6OGzqIIir0QxPaVxJveJhB1buR35SXmXiB_Z5zrW4
Requested by
Host: 05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com
URL: https://05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:30 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame C81F
Redirect Chain
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEJ4C7l7xx4E1slWrZzMlXeQ&google_cver=1&google_push=AYg5qPINcxPf-iOvOM4kmF1Axqu49dzC__76SxHElrsAGnpcJJyUYtgMK-Cl4JVV40IfDvJiVAUOZaGQu20Q0RBRvbHvI64uxCAW
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=ODAxNjYwNzQyODU4MDAzMzMyMA==&gdpr=&gdpr_consent=
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEJ4C7l7xx4E1slWrZzMlXeQ&google_cver=1
43 B
398 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEJ4C7l7xx4E1slWrZzMlXeQ&google_cver=1
Requested by
Host: 05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com
URL: https://05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Server
2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 20 Feb 2022 07:23:29 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-type
image/gif
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma
no-cache
date
Sun, 20 Feb 2022 07:23:30 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEJ4C7l7xx4E1slWrZzMlXeQ&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
google
match.adsrvr.org/track/cmf/ Frame C81F 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/google?google_gid=CAESEKLTVVd_A3parLfHBQzRslM&google_cver=1&google_push=AYg5qPKSKsioGvcF1KMChyROkPUMH2XWzAOfY6XAJrOKIFnyA1wzD1Jb-tV2UCQ_vljJav-zIFyW7kXsmIza8OyvSzcZXCI4EjIr
Requested by
Host: 05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com
URL: https://05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 20 Feb 2022 07:23:30 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame C81F
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=5_S9koB7RU29F37CTvoJwg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=5_S9koB7RU29F37CTvoJwg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPL2CxvYw3w_RTkZloU1jWPaqX3Nm8-EqDQvQ9rnDtRR8ZMm9SryvGKWubMSWxyW3d6WPkMx1Yp6-PExxo7dz0DBr9tCKajb
Requested by
Host: 05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com
URL: https://05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 20 Feb 2022 07:23:30 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=5_S9koB7RU29F37CTvoJwg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPL2CxvYw3w_RTkZloU1jWPaqX3Nm8-EqDQvQ9rnDtRR8ZMm9SryvGKWubMSWxyW3d6WPkMx1Yp6-PExxo7dz0DBr9tCKajb
date
Sun, 20 Feb 2022 07:23:29 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame C81F
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEOVONMwug-bSUVcnpg6ygbI&google_cver=1&googl...
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEOVONMwug-bSUVcnpg6ygbI&google_push=AY...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YhHsco7XKNMGdNzVCN0FYgAABHwAAAAB&google_push=AYg5qPLtpS8gCuI1-56Vp045kEPYA46GeP5MlHc7tm7nF8HmUArtcfIljeQrUOQymuqHzCMeTxDzf8VOn0KIfW7kEN...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YhHsco7XKNMGdNzVCN0FYgAABHwAAAAB&google_push=AYg5qPLtpS8gCuI1-56Vp045kEPYA46GeP5MlHc7tm7nF8HmUArtcfIljeQrUOQymuqHzCMeTxDzf8VOn0KIfW7kEN...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YhHsco7XKNMGdNzVCN0FYgAABHwAAAAB&google_push=AYg5qPLtpS8gCuI1-56Vp045kEPYA46GeP5MlHc7tm7nF8HmUArtcfIljeQrUOQymuqHzCMeTxDzf8VOn0KIfW7kEN...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YhHsco7XKNMGdNzVCN0FYgAABHwAAAAB&google_push=AYg5qPLtpS8gCuI1-56Vp045kEPYA46GeP5MlHc7tm7nF8HmUArtcfIljeQrUOQymuqHzCMeTxDzf8VOn0KIfW7kEN...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YhHsco7XKNMGdNzVCN0FYgAABHwAAAAB&google_push=AYg5qPLtpS8gCuI1-56Vp045kEPYA46GeP5MlHc7tm7nF8HmUArtcfIljeQrUOQymuqHzCMeTxDzf8VOn0KIfW7kEN...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YhHsco7XKNMGdNzVCN0FYgAABHwAAAAB&google_push=AYg5qPLtpS8gCuI1-56Vp045kEPYA46GeP5MlHc7tm7nF8HmUArtcfIljeQrUOQymuqHzCMeTxDzf8VOn0KIfW7kEN...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YhHsco7XKNMGdNzVCN0FYgAABHwAAAAB&google_push=AYg5qPLtpS8gCuI1-56Vp045kEPYA46GeP5MlHc7tm7nF8HmUArtcfIljeQrUOQymuqHzCMeTxDzf8VOn0KIfW7kEN...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YhHsco7XKNMGdNzVCN0FYgAABHwAAAAB&google_push=AYg5qPLtpS8gCuI1-56Vp045kEPYA46GeP5MlHc7tm7nF8HmUArtcfIljeQrUOQymuqHzCMeTxDzf8VOn0KIfW7kEN...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YhHsco7XKNMGdNzVCN0FYgAABHwAAAAB&google_push=AYg5qPLtpS8gCuI1-56Vp045kEPYA46GeP5MlHc7tm7nF8HmUArtcfIljeQrUOQymuqHzCMeTxDzf8VOn0KIfW7kEN...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YhHsco7XKNMGdNzVCN0FYgAABHwAAAAB&google_push=AYg5qPLtpS8gCuI1-56Vp045kEPYA46GeP5MlHc7tm7nF8HmUArtcfIljeQrUOQymuqHzCMeTxDzf8VOn0KIfW7kEN...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YhHsco7XKNMGdNzVCN0FYgAABHwAAAAB&google_push=AYg5qPLtpS8gCuI1-56Vp045kEPYA46GeP5MlHc7tm7nF8HmUArtcfIljeQrUOQymuqHzCMeTxDzf8VOn0KIfW7kEN...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YhHsco7XKNMGdNzVCN0FYgAABHwAAAAB&google_push=AYg5qPLtpS8gCuI1-56Vp045kEPYA46GeP5MlHc7tm7nF8HmUArtcfIljeQrUOQymuqHzCMeTxDzf8VOn0KIfW7kEN...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YhHsco7XKNMGdNzVCN0FYgAABHwAAAAB&google_push=AYg5qPLtpS8gCuI1-56Vp045kEPYA46GeP5MlHc7tm7nF8HmUArtcfIljeQrUOQymuqHzCMeTxDzf8VOn0KIfW7kEN...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YhHsco7XKNMGdNzVCN0FYgAABHwAAAAB&google_push=AYg5qPLtpS8gCuI1-56Vp045kEPYA46GeP5MlHc7tm7nF8HmUArtcfIljeQrUOQymuqHzCMeTxDzf8VOn0KIfW7kEN...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YhHsco7XKNMGdNzVCN0FYgAABHwAAAAB&google_push=AYg5qPLtpS8gCuI1-56Vp045kEPYA46GeP5MlHc7tm7nF8HmUArtcfIljeQrUOQymuqHzCMeTxDzf8VOn0KIfW7kEN...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YhHsco7XKNMGdNzVCN0FYgAABHwAAAAB&google_push=AYg5qPLtpS8gCuI1-56Vp045kEPYA46GeP5MlHc7tm7nF8HmUArtcfIljeQrUOQymuqHzCMeTxDzf8VOn0KIfW7kEN...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YhHsco7XKNMGdNzVCN0FYgAABHwAAAAB&google_push=AYg5qPLtpS8gCuI1-56Vp045kEPYA46GeP5MlHc7tm7nF8HmUArtcfIljeQrUOQymuqHzCMeTxDzf8VOn0KIfW7kEN...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YhHsco7XKNMGdNzVCN0FYgAABHwAAAAB&google_push=AYg5qPLtpS8gCuI1-56Vp045kEPYA46GeP5MlHc7tm7nF8HmUArtcfIljeQrUOQymuqHzCMeTxDzf8VOn0KIfW7kEN...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YhHsco7XKNMGdNzVCN0FYgAABHwAAAAB&google_push=AYg5qPLtpS8gCuI1-56Vp045kEPYA46GeP5MlHc7tm7nF8HmUArtcfIljeQrUOQymuqHzCMeTxDzf8VOn0KIfW7kEN...
0
0
pixel
cm.g.doubleclick.net/ Frame C81F
Redirect Chain
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEKrNVOWBoPuh2Ove3UQuMz0&google_cver=1&google_push=AYg5qPJHRenBCOH4gbXPUDYquqqTsIWgGSOgssqS8de4zagWp1mARZ0vpliBhPJgHCajbqa0ZGPDSicuEQ586Bwq...
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPJHRenBCOH4gbXPUDYquqqTsIWgGSOgssqS8de4zagWp1mARZ0vpliBhPJgHCajbqa0ZGPDSicuEQ586BwqqggXNXNqZGq8
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPJHRenBCOH4gbXPUDYquqqTsIWgGSOgssqS8de4zagWp1mARZ0vpliBhPJgHCajbqa0ZGPDSicuEQ586BwqqggXNXNqZGq8
Requested by
Host: 05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com
URL: https://05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 20 Feb 2022 07:23:30 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sun, 20 Feb 2022 07:23:30 GMT
via
1.1 8e04f5d6c745b231c10fce7c2aa9c70e.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA6-C1
x-cache
FunctionGeneratedResponse from cloudfront
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPJHRenBCOH4gbXPUDYquqqTsIWgGSOgssqS8de4zagWp1mARZ0vpliBhPJgHCajbqa0ZGPDSicuEQ586BwqqggXNXNqZGq8
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
bGB013vgnDIkYClVcwc0UDAxo8QzxgQq7pnw-n8XNRZ2gbAYwjV6Cg==
pixel
cm.g.doubleclick.net/ Frame C81F
Redirect Chain
  • https://pixel.advertising.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESECOIkcvro1jk-EQ4BQ58UoQ&google_cver=1&google_push=AYg5qPLxEVaQ0aa-3sFoAKTeBHXaGkOc-MOQ8uR9CNGzD2JgEify46Yd...
  • https://pixel.advertising.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESECOIkcvro1jk-EQ4BQ58UoQ&google_cver=1&google_push=AYg5qPLxEVaQ0aa-3sFoAKTeBHXaGkOc-MOQ8uR9CNGzD2JgEify46Yd...
  • https://ups.analytics.yahoo.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESECOIkcvro1jk-EQ4BQ58UoQ&google_cver=1&google_push=AYg5qPLxEVaQ0aa-3sFoAKTeBHXaGkOc-MOQ8uR9CNGzD2JgEify46...
  • https://ups.analytics.yahoo.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESECOIkcvro1jk-EQ4BQ58UoQ&google_cver=1&google_push=AYg5qPLxEVaQ0aa-3sFoAKTeBHXaGkOc-MOQ8uR9CNGzD2JgEify46...
  • https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVAwMGQ5Y2FhNS05MjFlLTExZWMtOGI5YS0wNjU0YzQzOWJkZGU%3D&google_push=AYg5qPLxEVaQ0aa-3sFoAKTeBHXaGkOc-MOQ8uR9CNGzD2JgEify46Yd-jR72-3nkX...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVAwMGQ5Y2FhNS05MjFlLTExZWMtOGI5YS0wNjU0YzQzOWJkZGU%3D&google_push=AYg5qPLxEVaQ0aa-3sFoAKTeBHXaGkOc-MOQ8uR9CNGzD2JgEify46Yd-jR72-3nkXuR8GZgkFflr2wezF_B6oeuNJNHxWYTk_F8
Requested by
Host: 05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com
URL: https://05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 20 Feb 2022 07:23:30 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVAwMGQ5Y2FhNS05MjFlLTExZWMtOGI5YS0wNjU0YzQzOWJkZGU%3D&google_push=AYg5qPLxEVaQ0aa-3sFoAKTeBHXaGkOc-MOQ8uR9CNGzD2JgEify46Yd-jR72-3nkXuR8GZgkFflr2wezF_B6oeuNJNHxWYTk_F8
date
Sun, 20 Feb 2022 07:23:30 GMT
server
ATS/9.1.0.33
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
pixel
cm.g.doubleclick.net/ Frame C81F
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEHevLVqd7jijXsOTrTNfyHA&google_cver=1&google_push=AYg5qPLEe9SlnwKFuusdUVIv1NgFMcywfk9usD5mH137XLjE5CiOjBXokqqkuwGHWgVSp6svKN...
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEHevLVqd7jijXsOTrTNfyHA&google_cver=1&google_push=AYg5qPLEe9SlnwKFuusdUVIv1NgFMcywfk9usD5mH137XLjE5CiOjBXokqqkuwGHWgVSp6svKN...
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS13T0V0MzNoRTJ1RXpUVEQxbXRZYjVid1c5eFlieDhLZX5B&google_push=AYg5qPLEe9SlnwKFuusdUVIv1NgFMcywfk9usD5mH137XLjE5CiOjBXok...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS13T0V0MzNoRTJ1RXpUVEQxbXRZYjVid1c5eFlieDhLZX5B&google_push=AYg5qPLEe9SlnwKFuusdUVIv1NgFMcywfk9usD5mH137XLjE5CiOjBXokqqkuwGHWgVSp6svKNXOhoK5DFFWTlluI6zJ7C6ugu0XHw
Requested by
Host: 05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com
URL: https://05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 20 Feb 2022 07:23:30 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS13T0V0MzNoRTJ1RXpUVEQxbXRZYjVid1c5eFlieDhLZX5B&google_push=AYg5qPLEe9SlnwKFuusdUVIv1NgFMcywfk9usD5mH137XLjE5CiOjBXokqqkuwGHWgVSp6svKNXOhoK5DFFWTlluI6zJ7C6ugu0XHw
date
Sun, 20 Feb 2022 07:23:30 GMT
server
ATS/9.1.0.33
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
attr
cm.g.doubleclick.net/pixel/ Frame C81F 		0
40 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JbEl1mSHE_L-BK1a22phd48qpmGYtwMN9qdSXgEixN_uOEHp4w9GxL76l8S4hNchz1joPeg0g
Requested by
Host: 05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com
URL: https://05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:30 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
default.css
as.ad4m.at/ad/style/0.1.18/one-ad/ Frame D27A 		81 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.18/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1gm74aafdtkg3gh22a7ff0ra6fm4qvhh9t9yfehx8b9p6d8z2hd94grj8m6nk90syfjb8k1gjawzz348x6gzmxqahrp1jaysnts8cng4rzsz8fta4navcbvpvpn16ra0pfej8qkv2h54077kd5cyzc2fcde4sdj3n1crmn68m7wsj2fbn3mcgfj644259f0b1b2tmc9r79s6k00wy8k7kd769dze22vyyv55r1dr00f7var11tc677sv96mdvme0p7ese894vk696m7etfr64ya8b8w0v8vfgdfhad29m6mw6bscc61pvrrhaj1zq6hhpwzczfy2tztndhr3p8ebrymbppxer8dhg50xe85bhe7fp7dkv3v4654ppq8s7a0kjjywe9e7m0w4dbkgkqxsf4dc3c7e229hcvdezy1j0bwksggmk37ebzfrqcv4yw20vc&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCtacfcewRYvavFJGtrASy078okOGBhFy2qMKK8ALAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItMjY5NzY3OTUxODUxNTg4NqABwq7o3QPIAQmpAp0pDB5p_rI-4AIAqAMBqgSeAk_QczSlLdcBlsF-mkzUz9sJadjP1bbZMu-SJiErm0Ekgcgx7gaf_JiipaxC40u6fGOCL7osbGiUwxFGo-mcNGQ0u3Xaj4a7NKeEB9vY7GAF9v20gaOQa1uzod7i4UUB-1SUJEGMqLyEklKC_NYToma5WnT9C--MsaTMvAFr0TsazeJDxEzpz6hED3hj-pwKaEQN6qJx0eJVI0TWPligNQipOvff4z9c62asDrYDe5MDEF8qMpE7m8zj6Ykl3NT0osUtZoeWE2U20SkLYfsNzcm--EkqGrqOu6Jx23g8ZFn3qoWmm9T99EihGo99LBZ8zPDP038kIe8BfTEhTw2uerl04Tj0QtuqfV7NMUuuwOHD_iuuxsS_aozvQ7AlWozgBAGABpmr2p2-gM3fP6AGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0KhLFFwm7eYzkBLWJ74jgP9N0K9w%26client%3Dca-pub-2697679518515886%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0442de55e3838ce2b8cfca9a7ad2a6bcecfd94844453c13b38d7a9f1d31944b9
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/dr?ed=1gm74aafdtkg3gh22a7ff0ra6fm4qvhh9t9yfehx8b9p6d8z2hd94grj8m6nk90syfjb8k1gjawzz348x6gzmxqahrp1jaysnts8cng4rzsz8fta4navcbvpvpn16ra0pfej8qkv2h54077kd5cyzc2fcde4sdj3n1crmn68m7wsj2fbn3mcgfj644259f0b1b2tmc9r79s6k00wy8k7kd769dze22vyyv55r1dr00f7var11tc677sv96mdvme0p7ese894vk696m7etfr64ya8b8w0v8vfgdfhad29m6mw6bscc61pvrrhaj1zq6hhpwzczfy2tztndhr3p8ebrymbppxer8dhg50xe85bhe7fp7dkv3v4654ppq8s7a0kjjywe9e7m0w4dbkgkqxsf4dc3c7e229hcvdezy1j0bwksggmk37ebzfrqcv4yw20vc&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCtacfcewRYvavFJGtrASy078okOGBhFy2qMKK8ALAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItMjY5NzY3OTUxODUxNTg4NqABwq7o3QPIAQmpAp0pDB5p_rI-4AIAqAMBqgSeAk_QczSlLdcBlsF-mkzUz9sJadjP1bbZMu-SJiErm0Ekgcgx7gaf_JiipaxC40u6fGOCL7osbGiUwxFGo-mcNGQ0u3Xaj4a7NKeEB9vY7GAF9v20gaOQa1uzod7i4UUB-1SUJEGMqLyEklKC_NYToma5WnT9C--MsaTMvAFr0TsazeJDxEzpz6hED3hj-pwKaEQN6qJx0eJVI0TWPligNQipOvff4z9c62asDrYDe5MDEF8qMpE7m8zj6Ykl3NT0osUtZoeWE2U20SkLYfsNzcm--EkqGrqOu6Jx23g8ZFn3qoWmm9T99EihGo99LBZ8zPDP038kIe8BfTEhTw2uerl04Tj0QtuqfV7NMUuuwOHD_iuuxsS_aozvQ7AlWozgBAGABpmr2p2-gM3fP6AGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0KhLFFwm7eYzkBLWJ74jgP9N0K9w%26client%3Dca-pub-2697679518515886%26adurl%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:30 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age
917903
cross-origin-embedder-policy
unsafe-none
cf-polished
origSize=83581
surrogate-control
no-store
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=86400; includeSubDomains; preload
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
same-origin
expires
0
last-modified
Wed, 09 Feb 2022 16:25:07 GMT
server
cloudflare
cross-origin-opener-policy
unsafe-none
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options
noopen
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type
text/css; charset=utf-8
vary
Accept-Encoding
cache-control
max-age=3600, must-revalidate, proxy-revalidate
cf-ray
6e05fd6c18a183af-MXP
cf-bgj
minify
r62eglto.js
ad4m.at/ Frame D27A 		35 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/r62eglto.js
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1gm74aafdtkg3gh22a7ff0ra6fm4qvhh9t9yfehx8b9p6d8z2hd94grj8m6nk90syfjb8k1gjawzz348x6gzmxqahrp1jaysnts8cng4rzsz8fta4navcbvpvpn16ra0pfej8qkv2h54077kd5cyzc2fcde4sdj3n1crmn68m7wsj2fbn3mcgfj644259f0b1b2tmc9r79s6k00wy8k7kd769dze22vyyv55r1dr00f7var11tc677sv96mdvme0p7ese894vk696m7etfr64ya8b8w0v8vfgdfhad29m6mw6bscc61pvrrhaj1zq6hhpwzczfy2tztndhr3p8ebrymbppxer8dhg50xe85bhe7fp7dkv3v4654ppq8s7a0kjjywe9e7m0w4dbkgkqxsf4dc3c7e229hcvdezy1j0bwksggmk37ebzfrqcv4yw20vc&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCtacfcewRYvavFJGtrASy078okOGBhFy2qMKK8ALAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItMjY5NzY3OTUxODUxNTg4NqABwq7o3QPIAQmpAp0pDB5p_rI-4AIAqAMBqgSeAk_QczSlLdcBlsF-mkzUz9sJadjP1bbZMu-SJiErm0Ekgcgx7gaf_JiipaxC40u6fGOCL7osbGiUwxFGo-mcNGQ0u3Xaj4a7NKeEB9vY7GAF9v20gaOQa1uzod7i4UUB-1SUJEGMqLyEklKC_NYToma5WnT9C--MsaTMvAFr0TsazeJDxEzpz6hED3hj-pwKaEQN6qJx0eJVI0TWPligNQipOvff4z9c62asDrYDe5MDEF8qMpE7m8zj6Ykl3NT0osUtZoeWE2U20SkLYfsNzcm--EkqGrqOu6Jx23g8ZFn3qoWmm9T99EihGo99LBZ8zPDP038kIe8BfTEhTw2uerl04Tj0QtuqfV7NMUuuwOHD_iuuxsS_aozvQ7AlWozgBAGABpmr2p2-gM3fP6AGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0KhLFFwm7eYzkBLWJ74jgP9N0K9w%26client%3Dca-pub-2697679518515886%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
533e8ab00e73a9a61f550b956a872f9091fe48b79b4072d87bdb07348af7f4bc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-goog-hash
crc32c=tEZe3A==, md5=Jdq10Kok9oEWJwphx1gWLw==
date
Sun, 20 Feb 2022 07:23:30 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
73325
x-guploader-uploadid
ADPycdsoLgx8n7jiyPdzdqiZQ5pie9d6qWkEeBXSxQHaDB9ri_PQZAsJo6gOrp8p0Ozux54M8eJ7NVBSc4Ny9jpqepI
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 26 Jan 2022 11:00:45 GMT
server
cloudflare
etag
W/"25dab5d0aa24f68116270a61c758162f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VsdhdbXnWjMkqltT%2Fh0X44ZEml19tEiHR0tXn%2FXE9YVnh%2BwabRhJ88OhzxvKfQU9ZVCHNmlrjo%2Fz4ktU2V2U2c2Ac5vCCabZbYLyuu6XxAaR1t9l5kOTIC1u5pVpYem%2Bkx3mg9s%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1643194845770575
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=300
x-goog-stored-content-length
11870
cf-ray
6e05fd6a4d1483af-MXP
expires
Sat, 19 Feb 2022 11:01:25 GMT
default.css
as.ad4m.at/ad/style/0.1.18/one-ad/ Frame A685 		81 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.18/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1ke16xgvvqf80jxazjhvydvva1sa6xzmggxyn4qmfhbyq7q024pjrcpcpsh4wpqy8m917fkyvesp8mvcxjpdn6z8nap49eza5yxwh58v9fgmrzyxcfz1qppmm9hjnqyh6j6j5q6sqa2wr828g7n95ndr4vb3fajmqraet4j3z4w845tqzpqkzzdexses0efzz14aww0efb28tz8mjyh1js4v3hgna4xbfzn0nn5sk7c6zntjfp3c49s7j12wy6x4dkt9yeyttyvbbbd29r5q8dp6qzwfw5ry2acm322fcz2nnzxj9szrbtkbntmvb59m3tzr1pcf7dneyjwd01d0bbqm3xat3vks31m8nkpd3m2xa3v4bdw27z4jzbfyxqbcaqtbfkgkae7c1z02yqjh87y46jnb5ewcpz57a1e5f0w1czxr09b9zh07z4rj65he8d3g&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC0UWocewRYv28FKKhrAS1mIDYDZDhgYRctqjCivACwI23ARABIABglfrwgYwHggEXY2EtcHViLTI2OTc2Nzk1MTg1MTU4ODagAcKu6N0DyAEJqQKdKQweaf6yPuACAKgDAaoEowJP0LTAGp1eMAjeA7AxWk6Ldftu1E0u9r29_BTiBeCDaZbYErho4rF5pVW3kfCmZu7CI5UzL7nmaNrNAAjs7GOxHNez1DXpOJApSezLkQqukjm9iuFrdj2bQNMxYIozCN9N0E5qCbvxwidDuUykfNFDNiQvH6lok3SDxUr1UFheR56cXf2MDg8Y7Vql3AF3BphWFdsaX7MQinNQwBSB39pvrXLl8WNRqj2JoP89C-dD3zMiqJPIPT7MFwe9kuW7AxLK6mMv36zi77ZfBLulg8v5XbGycFMbm8askJCoodH9bG12ZXaB8sAUeXU954OV6hHxVB0EENqi4S3k6JX3ZmvUNfylHn09r23Vooprw44wLBoLOalImA-Uyu_3RfhowDPgSWHgBAGABvCxjeX2iL7sb6AGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2srrs_Ri6zCxnrr-Jf6E0tw1sukw%26client%3Dca-pub-2697679518515886%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0442de55e3838ce2b8cfca9a7ad2a6bcecfd94844453c13b38d7a9f1d31944b9
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/dr?ed=1ke16xgvvqf80jxazjhvydvva1sa6xzmggxyn4qmfhbyq7q024pjrcpcpsh4wpqy8m917fkyvesp8mvcxjpdn6z8nap49eza5yxwh58v9fgmrzyxcfz1qppmm9hjnqyh6j6j5q6sqa2wr828g7n95ndr4vb3fajmqraet4j3z4w845tqzpqkzzdexses0efzz14aww0efb28tz8mjyh1js4v3hgna4xbfzn0nn5sk7c6zntjfp3c49s7j12wy6x4dkt9yeyttyvbbbd29r5q8dp6qzwfw5ry2acm322fcz2nnzxj9szrbtkbntmvb59m3tzr1pcf7dneyjwd01d0bbqm3xat3vks31m8nkpd3m2xa3v4bdw27z4jzbfyxqbcaqtbfkgkae7c1z02yqjh87y46jnb5ewcpz57a1e5f0w1czxr09b9zh07z4rj65he8d3g&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC0UWocewRYv28FKKhrAS1mIDYDZDhgYRctqjCivACwI23ARABIABglfrwgYwHggEXY2EtcHViLTI2OTc2Nzk1MTg1MTU4ODagAcKu6N0DyAEJqQKdKQweaf6yPuACAKgDAaoEowJP0LTAGp1eMAjeA7AxWk6Ldftu1E0u9r29_BTiBeCDaZbYErho4rF5pVW3kfCmZu7CI5UzL7nmaNrNAAjs7GOxHNez1DXpOJApSezLkQqukjm9iuFrdj2bQNMxYIozCN9N0E5qCbvxwidDuUykfNFDNiQvH6lok3SDxUr1UFheR56cXf2MDg8Y7Vql3AF3BphWFdsaX7MQinNQwBSB39pvrXLl8WNRqj2JoP89C-dD3zMiqJPIPT7MFwe9kuW7AxLK6mMv36zi77ZfBLulg8v5XbGycFMbm8askJCoodH9bG12ZXaB8sAUeXU954OV6hHxVB0EENqi4S3k6JX3ZmvUNfylHn09r23Vooprw44wLBoLOalImA-Uyu_3RfhowDPgSWHgBAGABvCxjeX2iL7sb6AGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2srrs_Ri6zCxnrr-Jf6E0tw1sukw%26client%3Dca-pub-2697679518515886%26adurl%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:30 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age
917903
cross-origin-embedder-policy
unsafe-none
cf-polished
origSize=83581
surrogate-control
no-store
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=86400; includeSubDomains; preload
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
same-origin
expires
0
last-modified
Wed, 09 Feb 2022 16:25:07 GMT
server
cloudflare
cross-origin-opener-policy
unsafe-none
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options
noopen
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type
text/css; charset=utf-8
vary
Accept-Encoding
cache-control
max-age=3600, must-revalidate, proxy-revalidate
cf-ray
6e05fd6c18a883af-MXP
cf-bgj
minify
r62eglto.js
ad4m.at/ Frame A685 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/r62eglto.js
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1ke16xgvvqf80jxazjhvydvva1sa6xzmggxyn4qmfhbyq7q024pjrcpcpsh4wpqy8m917fkyvesp8mvcxjpdn6z8nap49eza5yxwh58v9fgmrzyxcfz1qppmm9hjnqyh6j6j5q6sqa2wr828g7n95ndr4vb3fajmqraet4j3z4w845tqzpqkzzdexses0efzz14aww0efb28tz8mjyh1js4v3hgna4xbfzn0nn5sk7c6zntjfp3c49s7j12wy6x4dkt9yeyttyvbbbd29r5q8dp6qzwfw5ry2acm322fcz2nnzxj9szrbtkbntmvb59m3tzr1pcf7dneyjwd01d0bbqm3xat3vks31m8nkpd3m2xa3v4bdw27z4jzbfyxqbcaqtbfkgkae7c1z02yqjh87y46jnb5ewcpz57a1e5f0w1czxr09b9zh07z4rj65he8d3g&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC0UWocewRYv28FKKhrAS1mIDYDZDhgYRctqjCivACwI23ARABIABglfrwgYwHggEXY2EtcHViLTI2OTc2Nzk1MTg1MTU4ODagAcKu6N0DyAEJqQKdKQweaf6yPuACAKgDAaoEowJP0LTAGp1eMAjeA7AxWk6Ldftu1E0u9r29_BTiBeCDaZbYErho4rF5pVW3kfCmZu7CI5UzL7nmaNrNAAjs7GOxHNez1DXpOJApSezLkQqukjm9iuFrdj2bQNMxYIozCN9N0E5qCbvxwidDuUykfNFDNiQvH6lok3SDxUr1UFheR56cXf2MDg8Y7Vql3AF3BphWFdsaX7MQinNQwBSB39pvrXLl8WNRqj2JoP89C-dD3zMiqJPIPT7MFwe9kuW7AxLK6mMv36zi77ZfBLulg8v5XbGycFMbm8askJCoodH9bG12ZXaB8sAUeXU954OV6hHxVB0EENqi4S3k6JX3ZmvUNfylHn09r23Vooprw44wLBoLOalImA-Uyu_3RfhowDPgSWHgBAGABvCxjeX2iL7sb6AGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2srrs_Ri6zCxnrr-Jf6E0tw1sukw%26client%3Dca-pub-2697679518515886%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
533e8ab00e73a9a61f550b956a872f9091fe48b79b4072d87bdb07348af7f4bc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-goog-hash
crc32c=tEZe3A==, md5=Jdq10Kok9oEWJwphx1gWLw==
date
Sun, 20 Feb 2022 07:23:30 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
73325
x-guploader-uploadid
ADPycdsoLgx8n7jiyPdzdqiZQ5pie9d6qWkEeBXSxQHaDB9ri_PQZAsJo6gOrp8p0Ozux54M8eJ7NVBSc4Ny9jpqepI
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 26 Jan 2022 11:00:45 GMT
server
cloudflare
etag
W/"25dab5d0aa24f68116270a61c758162f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YuZg9jGpOpBivf%2FqQ4pVPgqgugWjLtqANucfXib1GUMxwm8WoBs6mldqL9kxQjplU%2FsYN5QQMNZ%2Fx7gzyJx2mhk%2BGE4i862DnTfKO2OjBVckYNbpYYgaWXQqhhOQeJN%2F6G0hLjY%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1643194845770575
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=300
x-goog-stored-content-length
11870
cf-ray
6e05fd6a4d1783af-MXP
expires
Sat, 19 Feb 2022 11:01:25 GMT
adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame D27A 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.18/one-ad/default.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:71b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-goog-hash
crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
date
Sun, 20 Feb 2022 07:23:30 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6844124
x-guploader-uploadid
ADPycds9UegxUXswK4RzZzF6mXDfQy_y0GHXQmo_7EYAAHyEQ16keq-zOTSqb6YP04oikMtdLFTYNybr6iTpruHRyi30S7TEFw
x-goog-storage-class
STANDARD
x-goog-custom-time
1970-01-01T00:00:00Z
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3262
x-goog-meta-
last-modified
Wed, 09 Jun 2021 12:35:14 GMT
server
cloudflare
etag
"794c84d30e213ec6a144d64215f07551"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bnxFOBdbt8aOyPRFXLC8%2F7zEeCFrE%2BL2Xv9ClohPLObByUFpPWfPDrV98aymMiDeEStyU53UNobg8Sr0KtXqIhwfRt3%2FQAxztVv%2Be9ybJiad3zoC1HeQmsUXdMsMWU3G24yU33vIrti8MX3EKqYyiw2Q"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1623242114099744
content-type
image/png
cache-control
public, max-age=31536000, immutable
x-goog-stored-content-length
3262
accept-ranges
bytes
cf-ray
6e05fd6cc98983b4-MXP
expires
Sat, 03 Dec 2022 02:14:46 GMT
frame.html
ad4m.at/ Frame E959 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Sun, 20 Feb 2022 07:23:30 GMT
content-type
text/html
x-guploader-uploadid
ABg5-UzDP-_Q5h8v98b5VW6vAABBv-7Sd2Tb_7s7QJ26FBPINE08euLO0mAlQxDbiIDYlctrdb28pMZ34cWhMuFUd0w
expires
Sun, 20 Feb 2022 08:23:30 GMT
last-modified
Wed, 06 May 2020 15:09:30 GMT
x-goog-generation
1588777770164783
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
1681
content-language
en
x-goog-hash
crc32c=iTDHew== md5=c2ZaqCqAXxKd4MgeeQDU8g==
x-goog-storage-class
MULTI_REGIONAL
age
2099783
cache-control
public, max-age=3600
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
HIT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O%2BIheIIQyPUhQMcFWEaZnqBcSbEfz1rpmQgrsRcyCno52NqFUph%2F4XE%2Fhftb66VGepLSu7%2Bl%2BwgwNFQpOxMbS2GtNXhNOGc%2FV2OSluNs9%2FGp0%2BoVn5OrWgypUdj6hdaytwXeC1o%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
server
cloudflare
cf-ray
6e05fd6c69dc0f82-MXP
content-encoding
br
adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame A685 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.18/one-ad/default.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:71b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-goog-hash
crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
date
Sun, 20 Feb 2022 07:23:30 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6844124
x-guploader-uploadid
ADPycds9UegxUXswK4RzZzF6mXDfQy_y0GHXQmo_7EYAAHyEQ16keq-zOTSqb6YP04oikMtdLFTYNybr6iTpruHRyi30S7TEFw
x-goog-storage-class
STANDARD
x-goog-custom-time
1970-01-01T00:00:00Z
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3262
x-goog-meta-
last-modified
Wed, 09 Jun 2021 12:35:14 GMT
server
cloudflare
etag
"794c84d30e213ec6a144d64215f07551"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yNKTQl84HD0hNxCjRLOkmaODT9OMhvvzHWYiDaA%2BsxD49pJKAJaCakZwDE34K3muGWE0zE7dVrnVplhnAnjv3EDcPlSjcCrw2t1%2F4lyD%2BCBcap9k6xySgGV7nDWFhXNEle5xrhL%2B1dlFQF2zHYM3VeDD"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1623242114099744
content-type
image/png
cache-control
public, max-age=31536000, immutable
x-goog-stored-content-length
3262
accept-ranges
bytes
cf-ray
6e05fd6cc98d83b4-MXP
expires
Sat, 03 Dec 2022 02:14:46 GMT
frame.html
ad4m.at/ Frame 1DEE 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Sun, 20 Feb 2022 07:23:30 GMT
content-type
text/html
x-guploader-uploadid
ABg5-UzDP-_Q5h8v98b5VW6vAABBv-7Sd2Tb_7s7QJ26FBPINE08euLO0mAlQxDbiIDYlctrdb28pMZ34cWhMuFUd0w
expires
Sun, 20 Feb 2022 08:23:30 GMT
last-modified
Wed, 06 May 2020 15:09:30 GMT
x-goog-generation
1588777770164783
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
1681
content-language
en
x-goog-hash
crc32c=iTDHew== md5=c2ZaqCqAXxKd4MgeeQDU8g==
x-goog-storage-class
MULTI_REGIONAL
age
2099783
cache-control
public, max-age=3600
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
HIT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k7AI2Z1q7oOjY0PJQq%2Bn22BRpoK0GtbeiqsAvtVBmjDAm%2BjmTjrDPqfiWP84XPaGA6Qcm9vxaLVsCZdDK0hlytNRM3HpuRiOu4VPaoqnZDyej%2BdbcM%2Bc82%2Bs2TscPU%2BrQ25GbFk%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
server
cloudflare
cf-ray
6e05fd6c79e40f82-MXP
content-encoding
br
rs
ad4m.at/ Frame D27A 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1b5e82149bb569e42174a01a04ac361bb5e06447b68779ce179208314c5c38a6

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/json

Response headers

cf-ray
6e05fd6d5e3c3745-MXP
date
Sun, 20 Feb 2022 07:23:30 GMT
via
1.1 google
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H0%2FZ6ijfB8B9zUXHYDXzdQayTyTJF9VaQqDPTiQSCmU7%2BbnEb7FjYsZWG6pwG9TYegO%2FaszXakt72lm5jS65cW5eRyyZqwwSoYWBMFddAUKPUJW8Fd%2F5fY%2BrA4JGDzgslLJrfMw%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
access-control-allow-origin
https://as.ad4m.at
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
access-control-allow-credentials
true
content-encoding
br
x-backend-server
aa-reachservice-group-europe-west1-b0tt
rs
ad4m.at/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://as.ad4m.at
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Sun, 20 Feb 2022 07:23:30 GMT
content-type
text/plain
content-length
24
access-control-allow-origin
https://as.ad4m.at
access-control-allow-credentials
true
access-control-max-age
1800
access-control-allow-methods
GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-headers
content-type
allow
HEAD,POST,GET,OPTIONS
x-backend-server
aa-reachservice-group-europe-west1-b0tt
via
1.1 google
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JhU6VUw0LuNnRMLK5juYxQz4fY8claquRFeHhyPy7sSUeCYlsLA7K06hCQ%2FNcRbowt3F%2BERMh0kDeOurNKdJX4PIZTN1spgTvqASjqnlRp%2FkYKRuhxMfmyw%2FCMmFvS82S%2FsxjnE%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6e05fd6cedae3745-MXP
rs
ad4m.at/ Frame A685 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
19ec0616130bb6f2bd2afc3c24ff4d96e6b1f5caa326476cda1c7a358fef5255

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/json

Response headers

cf-ray
6e05fd6d5e393745-MXP
date
Sun, 20 Feb 2022 07:23:30 GMT
via
1.1 google
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1dUx7pyuokvkO4ydTANFc4WdtWt%2BH%2Bc0IoMp9McY2ez87p5atPC1PaEH%2BsRGDZAldyk6d%2Fs%2FOfyud%2BflHZ0ny9BdIvDQnVF2EE1xVWDjxS%2FZraHYClprHhD8r8Tk2MSPn6Sb9lo%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
access-control-allow-origin
https://as.ad4m.at
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
access-control-allow-credentials
true
content-encoding
br
x-backend-server
aa-reachservice-group-europe-west1-b0tt
rs
ad4m.at/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://as.ad4m.at
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Sun, 20 Feb 2022 07:23:30 GMT
content-type
text/plain
content-length
24
access-control-allow-origin
https://as.ad4m.at
access-control-allow-credentials
true
access-control-max-age
1800
access-control-allow-methods
GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-headers
content-type
allow
HEAD,POST,GET,OPTIONS
x-backend-server
aa-reachservice-group-europe-west1-b0tt
via
1.1 google
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yvcYoa97t35nQ8IVPf4uiO3GhqGrSHu1mKF2NzEysgtSw2KGnoYfZW4TAwBSgSGLHPHA5qVRrwWCXzhzCyvkXn0LBSat0OwPQJP5nYm9OTNm5XlFC%2Bkpi2YQ88ErYXl4DbNC%2BUs%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6e05fd6cedb23745-MXP
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.staradvertiser.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021401.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 20 Feb 2022 07:23:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.staradvertiser.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021401.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 20 Feb 2022 07:23:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		3 KB
269 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3369027831208136&correlator=2641807017154784&eid=31064151%2C31065013%2C31063223%2C31064869&output=ldjh&gdfp_req=1&vrg=2022021401&ptt=17&impl=fifs&sc=1&sfv=1-0-38&ecs=20220220&iu_parts=5136785%2CSA_Native_HomePage%2CSA_Native4-frame_HomePage%2CSA_Native4_HomePage-1%2CSA_Native4_HomePage-2%2CSA_Native4_HomePage-3%2CSA_Native4_HomePage-4%2CSA-FootballFever_300x300-1%2CSA-FootballFever_300x300-2%2CSA-FootballFever_300x300-3%2CSA-FootballFever_300x300-4%2CSA_INT_HomePage&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5%2C%2F0%2F6%2C%2F0%2F7%2C%2F0%2F8%2C%2F0%2F9%2C%2F0%2F10%2C%2F0%2F11&prev_iu_szs=1x1%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1&ists=2047&eri=1&cust_params=ip%3D0%26he%3D0&cookie=ID%3D5ce8b7f408438eaa%3AT%3D1645341809%3AS%3DALNI_MYPTfGaIPvuRDooZfs1nJVx84JKUQ&bc=31&abxe=1&dt=1645341810746&lmt=1645341810&dlt=1645341806985&idt=1693&frm=20&biw=1600&bih=1200&oid=2&adxs=140%2C140%2C140%2C393%2C646%2C899%2C-9%2C-9%2C-9%2C-9%2C-9&adys=2706%2C2706%2C2706%2C2706%2C2706%2C2706%2C-9%2C-9%2C-9%2C-9%2C-9&adks=209233742%2C1265839655%2C3828629500%2C2441712459%2C352046981%2C1925805504%2C1601519305%2C122768717%2C2150871482%2C243705689%2C75063581&ucis=4%7C5%7C6%7C7%7C8%7C9%7Ca%7Cb%7Cc%7Cd%7Ce&ifi=4&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fwww.staradvertiser.com%2F&vis=1&scr_x=0&scr_y=0&psz=1012x4272%7C1012x4272%7C1011x1%7C1011x1%7C1011x1%7C1011x1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1&msz=981x0%7C981x0%7C252x1%7C252x1%7C252x1%7C252x1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1&ga_vid=565048288.1645341808&ga_sid=1645341809&ga_hid=907291583&ga_fc=true&fws=0%2C0%2C0%2C0%2C0%2C0%2C2%2C2%2C2%2C2%2C2&ohw=0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0&btvi=4%7C5%7C6%7C7%7C8%7C9%7C-1%7C-1%7C-1%7C-1%7C-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nvt=1
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.4.6/rollbar.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
9a6fe74929c6b69a0a726b0387c4cec468b55e59a1bb4ac8e1a8e897e0e8bd2d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:30 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
240
x-xss-protection
0
google-lineitem-id
-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.staradvertiser.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		626 KB
61 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3369027831208136&correlator=2894218794219576&eid=31064151%2C31065013%2C31063223%2C31064869&output=ldjh&gdfp_req=1&vrg=2022021401&ptt=17&impl=fifs&sc=1&sfv=1-0-38&ecs=20220220&iu_parts=5136785%2CSA_Tile1_HomePage%2CSA_Tile2_HomePage%2CSA_x15_HomePage%2CSA_Top_HomePage%2CSA_Bottom_HomePage%2CSA_Banner1_HomePage%2CSA_Banner2_HomePage%2CSA_Banner3_HomePage%2CSA_Sponsor-MostRead_HomePage%2CSA_Box1_HomePage%2CSA_Box2_HomePage%2CSA_Box3_HomePage%2CSA_Box-Top_HomePage%2CSA_Box-Top-2_HomePage%2CSA_MenuBox%2CSA_MenuTile%2CSA_Box-events_TGIF%2CSA_Footer_Homepage&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5%2C%2F0%2F6%2C%2F0%2F7%2C%2F0%2F8%2C%2F0%2F9%2C%2F0%2F10%2C%2F0%2F11%2C%2F0%2F12%2C%2F0%2F13%2C%2F0%2F14%2C%2F0%2F15%2C%2F0%2F16%2C%2F0%2F17%2C%2F0%2F18&prev_iu_szs=300x100%2C300x100%2C982x30%2C728x90%7C970x90%7C970x250%2C728x90%2C728x90%2C728x90%2C728x90%2C300x100%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x100%2C300x250%2C1x1&prev_scp=amznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2&eri=1&cust_params=ip%3D0%26he%3D0&cookie=ID%3D5ce8b7f408438eaa%3AT%3D1645341809%3AS%3DALNI_MYPTfGaIPvuRDooZfs1nJVx84JKUQ&bc=31&abxe=1&dt=1645341810756&lmt=1645341810&dlt=1645341806985&idt=1693&frm=20&biw=1600&bih=1200&oid=2&adxs=1159%2C140%2C309%2C436%2C436%2C436%2C263%2C263%2C1161%2C1161%2C1161%2C1161%2C1161%2C1161%2C-975%2C-975%2C-9%2C-9&adys=102%2C102%2C59%2C360%2C10349%2C2036%2C7899%2C8713%2C923%2C3931%2C5003%2C8031%2C427%2C1361%2C2378%2C93%2C-9%2C-9&adks=323572193%2C415600777%2C1023568893%2C776454535%2C1314924799%2C627532990%2C4244480135%2C3396773607%2C4116631529%2C1735864866%2C4170063637%2C3518020607%2C713581990%2C2869934086%2C3123340506%2C1463211416%2C3217711606%2C1069172642&ucis=f%7Cg%7Ch%7Ci%7Cj%7Ck%7Cl%7Cm%7Cn%7Co%7Cp%7Cq%7Cr%7Cs%7Ct%7Cu%7Cv%7Cw&ifi=15&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fwww.staradvertiser.com%2F&vis=1&scr_x=0&scr_y=0&psz=337x100%7C337x100%7C1600x10880%7C1350x64%7C1350x72%7C1350x24%7C1011x24%7C1011x24%7C328x14%7C328x14%7C328x14%7C328x14%7C328x14%7C328x14%7C350x-1%7C350x-1%7C0x-1%7C0x-1&msz=300x-1%7C300x-1%7C1600x24%7C1318x24%7C1318x24%7C1320x24%7C971x24%7C971x24%7C300x14%7C300x14%7C300x14%7C300x14%7C300x14%7C300x14%7C300x-1%7C300x-1%7C0x-1%7C0x-1&ga_vid=565048288.1645341808&ga_sid=1645341809&ga_hid=907291583&ga_fc=true&fws=0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C516%2C516%2C2%2C2&ohw=0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C350%2C350%2C0%2C0&btvi=0%7C0%7C0%7C0%7C10%7C11%7C12%7C13%7C0%7C14%7C15%7C16%7C0%7C17%7C18%7C0%7C-1%7C-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nvt=1
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.4.6/rollbar.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
b435a521e09261f07e2cfcd18c0a4673edbcfe63284e217caf5341516bb24546
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:31 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
62648
x-xss-protection
0
google-lineitem-id
-1,-1,-2,5916375512,5343865161,5334153289,5454335492,-2,-1,5900144622,4901051034,94601425,-1,-1,-2,-2,-2,-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-1,-1,-2,138381030364,138374810063,138307053035,138324203171,-2,-1,138379256651,138258016293,138226966887,-1,-1,-2,-2,-2,-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.staradvertiser.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
gtm.js
www.googletagmanager.com/ 		97 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TV3WXZ5
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a3350e121d2695283aaaa94af7f24cbf7042310cde50f4f51f412b0578c7c08a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:30 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38705
x-xss-protection
0
last-modified
Sun, 20 Feb 2022 06:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 20 Feb 2022 07:23:30 GMT
rar
as.ad4m.at/ad/ Frame CCEC 		7 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/rar?a=15579%2C14044%2C24673&b=RA2hgfQfD4pTkHwH3tQtJgDS9SzTqxTG9x%2CeYET3fVfxBVcjHZHet1teW3swSQT81s7Ew%2CrW4FQf9fd3jTAH7HjtqtBwxuYS8TxmhX4R&f=QM4U4fjf4gRHxH5HYt9CXkWc6S4TqjTj9Y%2CDXEH3fwfbqPS3HmH9twCwAmFxSmT8jsRQE%2CP6rTBfbfRbzh9HjHbtgCPzEHJS9TMYH73A&c=728&d=90&e=Zpz8aSoukkW_pyH7AsfO1rcmHMpMAN9i&g=4270ac2e58bc27e735c845527c0fd0d6%2F16158092447222966745&i=26474%2C25007%2C20430&j=41%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach09_PRIVATKREDIT&r=1645341810790&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1g3za2m7svrm918csnxtczcqpqx7ef43twzbsbnkyg9xcdgnebe65r3yexn5esybksftr51ajtrqsg4yrc4s25dbdb7q7hx9bbvgs2f8z0191hs95c54pr7m1pbsadp3hqzaymp6jwxyqg53134gy0ekhkke3n13bww3z2dg1t3ce2ktbrja7ya69jcscf1kcdvh2e2yh966rzybxk9g2113r8d693jdzfzmdjdmjsj21cyq070q2bt9a4mtzspp99n0n2jq6p4bypg5f7tmntmp%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCtacfcewRYvavFJGtrASy078okOGBhFy2qMKK8ALAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItMjY5NzY3OTUxODUxNTg4NqABwq7o3QPIAQmpAp0pDB5p_rI-4AIAqAMBqgSeAk_QczSlLdcBlsF-mkzUz9sJadjP1bbZMu-SJiErm0Ekgcgx7gaf_JiipaxC40u6fGOCL7osbGiUwxFGo-mcNGQ0u3Xaj4a7NKeEB9vY7GAF9v20gaOQa1uzod7i4UUB-1SUJEGMqLyEklKC_NYToma5WnT9C--MsaTMvAFr0TsazeJDxEzpz6hED3hj-pwKaEQN6qJx0eJVI0TWPligNQipOvff4z9c62asDrYDe5MDEF8qMpE7m8zj6Ykl3NT0osUtZoeWE2U20SkLYfsNzcm--EkqGrqOu6Jx23g8ZFn3qoWmm9T99EihGo99LBZ8zPDP038kIe8BfTEhTw2uerl04Tj0QtuqfV7NMUuuwOHD_iuuxsS_aozvQ7AlWozgBAGABpmr2p2-gM3fP6AGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_0KhLFFwm7eYzkBLWJ74jgP9N0K9w%252526client%25253Dca-pub-2697679518515886%252526adurl%25253D&y=1&z=0
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1045a244c3cdfa961611fa87438ab7b674f50b8365faffee81653ceedb26510d
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/dr?ed=1gm74aafdtkg3gh22a7ff0ra6fm4qvhh9t9yfehx8b9p6d8z2hd94grj8m6nk90syfjb8k1gjawzz348x6gzmxqahrp1jaysnts8cng4rzsz8fta4navcbvpvpn16ra0pfej8qkv2h54077kd5cyzc2fcde4sdj3n1crmn68m7wsj2fbn3mcgfj644259f0b1b2tmc9r79s6k00wy8k7kd769dze22vyyv55r1dr00f7var11tc677sv96mdvme0p7ese894vk696m7etfr64ya8b8w0v8vfgdfhad29m6mw6bscc61pvrrhaj1zq6hhpwzczfy2tztndhr3p8ebrymbppxer8dhg50xe85bhe7fp7dkv3v4654ppq8s7a0kjjywe9e7m0w4dbkgkqxsf4dc3c7e229hcvdezy1j0bwksggmk37ebzfrqcv4yw20vc&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCtacfcewRYvavFJGtrASy078okOGBhFy2qMKK8ALAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItMjY5NzY3OTUxODUxNTg4NqABwq7o3QPIAQmpAp0pDB5p_rI-4AIAqAMBqgSeAk_QczSlLdcBlsF-mkzUz9sJadjP1bbZMu-SJiErm0Ekgcgx7gaf_JiipaxC40u6fGOCL7osbGiUwxFGo-mcNGQ0u3Xaj4a7NKeEB9vY7GAF9v20gaOQa1uzod7i4UUB-1SUJEGMqLyEklKC_NYToma5WnT9C--MsaTMvAFr0TsazeJDxEzpz6hED3hj-pwKaEQN6qJx0eJVI0TWPligNQipOvff4z9c62asDrYDe5MDEF8qMpE7m8zj6Ykl3NT0osUtZoeWE2U20SkLYfsNzcm--EkqGrqOu6Jx23g8ZFn3qoWmm9T99EihGo99LBZ8zPDP038kIe8BfTEhTw2uerl04Tj0QtuqfV7NMUuuwOHD_iuuxsS_aozvQ7AlWozgBAGABpmr2p2-gM3fP6AGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0KhLFFwm7eYzkBLWJ74jgP9N0K9w%26client%3Dca-pub-2697679518515886%26adurl%3D

Response headers

date
Sun, 20 Feb 2022 07:23:30 GMT
content-type
text/html; charset=utf-8
strict-transport-security
max-age=86400; includeSubDomains; preload
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options
noopen
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection
1; mode=block
cross-origin-embedder-policy
unsafe-none
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy
same-origin
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires
0
surrogate-control
no-store
pragma
no-cache
cross-origin-opener-policy
unsafe-none
via
1.1 google
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6e05fd6daba00f82-MXP
content-encoding
br
rar
as.ad4m.at/ad/ Frame 5179 		8 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/rar?a=177536%2C61651%2C175059&b=jEJhEfGfq9Z1TYHEH2t6t4e3QSZSzTRWc8gx%2Cg6mT8frfkpAGaPHbH8t5tzDPhmSQT7Ecdzq%2C6qxtef3fMQx3ueHmHYtkt9VZ6SYS1TqxTVYP&f=x2xsQfAfEJ8VTPHdHztDCmEX9u7S6TkEhVx6%2CBgMSgfPfMJpAaxH6H3tgC37KsjSeTVQSbqg%2CXJjuzfrfKkdJH6H4Het1Cw8APCQSkTK2tKP4&c=300&d=250&e=Zpz8aSoukkW_pyH7AsfO1rcmHMpMAN9i&g=f456c846e026287696fc94f0302a7029%2F12485168588469646935&i=69751%2C24905%2C65915&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach09_PRIVATKREDIT&r=1645341810795&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jjj57z5e3sjcfgxjs0nzsnk5z171k8cgydx4pbzq1mc6h0ch6dwr0vnghxrqnp69ay0ve39jhkkf5raqbqd3m1sz1r5mada8fjhv88y0r2faq44ydxt1gpae07daz5fq006x7shj4za6j8jvjas2vqdg0tz16j827sw4nnw4w8pwe5mrdfm3yp036wk40bkhfwc12x77hd1a0e8semv1rwp3wb72vd7rpksdj22gnjfdcw82frpwket21qtcxxpmvf3jsd3v2cxsvjwr1750pek%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC0UWocewRYv28FKKhrAS1mIDYDZDhgYRctqjCivACwI23ARABIABglfrwgYwHggEXY2EtcHViLTI2OTc2Nzk1MTg1MTU4ODagAcKu6N0DyAEJqQKdKQweaf6yPuACAKgDAaoEowJP0LTAGp1eMAjeA7AxWk6Ldftu1E0u9r29_BTiBeCDaZbYErho4rF5pVW3kfCmZu7CI5UzL7nmaNrNAAjs7GOxHNez1DXpOJApSezLkQqukjm9iuFrdj2bQNMxYIozCN9N0E5qCbvxwidDuUykfNFDNiQvH6lok3SDxUr1UFheR56cXf2MDg8Y7Vql3AF3BphWFdsaX7MQinNQwBSB39pvrXLl8WNRqj2JoP89C-dD3zMiqJPIPT7MFwe9kuW7AxLK6mMv36zi77ZfBLulg8v5XbGycFMbm8askJCoodH9bG12ZXaB8sAUeXU954OV6hHxVB0EENqi4S3k6JX3ZmvUNfylHn09r23Vooprw44wLBoLOalImA-Uyu_3RfhowDPgSWHgBAGABvCxjeX2iL7sb6AGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_2srrs_Ri6zCxnrr-Jf6E0tw1sukw%252526client%25253Dca-pub-2697679518515886%252526adurl%25253D&y=1&z=0
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f85777ed4da2474424468e884d480586e1f57eecc7004afa539019b0a9d33fa2
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/dr?ed=1ke16xgvvqf80jxazjhvydvva1sa6xzmggxyn4qmfhbyq7q024pjrcpcpsh4wpqy8m917fkyvesp8mvcxjpdn6z8nap49eza5yxwh58v9fgmrzyxcfz1qppmm9hjnqyh6j6j5q6sqa2wr828g7n95ndr4vb3fajmqraet4j3z4w845tqzpqkzzdexses0efzz14aww0efb28tz8mjyh1js4v3hgna4xbfzn0nn5sk7c6zntjfp3c49s7j12wy6x4dkt9yeyttyvbbbd29r5q8dp6qzwfw5ry2acm322fcz2nnzxj9szrbtkbntmvb59m3tzr1pcf7dneyjwd01d0bbqm3xat3vks31m8nkpd3m2xa3v4bdw27z4jzbfyxqbcaqtbfkgkae7c1z02yqjh87y46jnb5ewcpz57a1e5f0w1czxr09b9zh07z4rj65he8d3g&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC0UWocewRYv28FKKhrAS1mIDYDZDhgYRctqjCivACwI23ARABIABglfrwgYwHggEXY2EtcHViLTI2OTc2Nzk1MTg1MTU4ODagAcKu6N0DyAEJqQKdKQweaf6yPuACAKgDAaoEowJP0LTAGp1eMAjeA7AxWk6Ldftu1E0u9r29_BTiBeCDaZbYErho4rF5pVW3kfCmZu7CI5UzL7nmaNrNAAjs7GOxHNez1DXpOJApSezLkQqukjm9iuFrdj2bQNMxYIozCN9N0E5qCbvxwidDuUykfNFDNiQvH6lok3SDxUr1UFheR56cXf2MDg8Y7Vql3AF3BphWFdsaX7MQinNQwBSB39pvrXLl8WNRqj2JoP89C-dD3zMiqJPIPT7MFwe9kuW7AxLK6mMv36zi77ZfBLulg8v5XbGycFMbm8askJCoodH9bG12ZXaB8sAUeXU954OV6hHxVB0EENqi4S3k6JX3ZmvUNfylHn09r23Vooprw44wLBoLOalImA-Uyu_3RfhowDPgSWHgBAGABvCxjeX2iL7sb6AGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2srrs_Ri6zCxnrr-Jf6E0tw1sukw%26client%3Dca-pub-2697679518515886%26adurl%3D

Response headers

date
Sun, 20 Feb 2022 07:23:30 GMT
content-type
text/html; charset=utf-8
strict-transport-security
max-age=86400; includeSubDomains; preload
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options
noopen
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection
1; mode=block
cross-origin-embedder-policy
unsafe-none
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy
same-origin
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires
0
surrogate-control
no-store
pragma
no-cache
cross-origin-opener-policy
unsafe-none
via
1.1 google
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6e05fd6daba90f82-MXP
content-encoding
br
diberp-tcx-v4.29.0-v2.js
americanhometownmedia.com/static/ 		337 KB
104 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://americanhometownmedia.com/static/diberp-tcx-v4.29.0-v2.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TV3WXZ5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.58.62 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
62.58.120.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
d43f8c46a66a4d7ee79dd714bb6464d91ec7634f547f2aa485e353839a146d19

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 04:30:19 GMT
content-encoding
gzip
age
874391
x-guploader-uploadid
ADPycdshl7RAIuzzncdd7MxXd9PFf3ejmhB0Wq0YPK3KNhsdueJWJzz5hVsA8hV74KEPQGu0myG3UocBfzOvt5fEYCOCjLzQRA
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
clear
content-length
106099
last-modified
Thu, 04 Mar 2021 16:18:32 GMT
server
UploadServer
etag
"02c7b9ff3fbd84a1b8d93e95e255b626"
vary
Accept-Encoding, Origin
x-goog-hash
crc32c=2R6v6g==, md5=Ase5/z+9hKG42T6V4lW2Jg==
x-goog-generation
1614874712638160
cache-control
public, max-age=31536000
x-goog-stored-content-length
106099
accept-ranges
bytes
content-type
text/javascript
expires
Fri, 10 Feb 2023 04:30:19 GMT
default.css
as.ad4m.at/ad/style/0.1.18/one-ad/ Frame CCEC 		81 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.18/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15579%2C14044%2C24673&b=RA2hgfQfD4pTkHwH3tQtJgDS9SzTqxTG9x%2CeYET3fVfxBVcjHZHet1teW3swSQT81s7Ew%2CrW4FQf9fd3jTAH7HjtqtBwxuYS8TxmhX4R&f=QM4U4fjf4gRHxH5HYt9CXkWc6S4TqjTj9Y%2CDXEH3fwfbqPS3HmH9twCwAmFxSmT8jsRQE%2CP6rTBfbfRbzh9HjHbtgCPzEHJS9TMYH73A&c=728&d=90&e=Zpz8aSoukkW_pyH7AsfO1rcmHMpMAN9i&g=4270ac2e58bc27e735c845527c0fd0d6%2F16158092447222966745&i=26474%2C25007%2C20430&j=41%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach09_PRIVATKREDIT&r=1645341810790&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1g3za2m7svrm918csnxtczcqpqx7ef43twzbsbnkyg9xcdgnebe65r3yexn5esybksftr51ajtrqsg4yrc4s25dbdb7q7hx9bbvgs2f8z0191hs95c54pr7m1pbsadp3hqzaymp6jwxyqg53134gy0ekhkke3n13bww3z2dg1t3ce2ktbrja7ya69jcscf1kcdvh2e2yh966rzybxk9g2113r8d693jdzfzmdjdmjsj21cyq070q2bt9a4mtzspp99n0n2jq6p4bypg5f7tmntmp%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCtacfcewRYvavFJGtrASy078okOGBhFy2qMKK8ALAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItMjY5NzY3OTUxODUxNTg4NqABwq7o3QPIAQmpAp0pDB5p_rI-4AIAqAMBqgSeAk_QczSlLdcBlsF-mkzUz9sJadjP1bbZMu-SJiErm0Ekgcgx7gaf_JiipaxC40u6fGOCL7osbGiUwxFGo-mcNGQ0u3Xaj4a7NKeEB9vY7GAF9v20gaOQa1uzod7i4UUB-1SUJEGMqLyEklKC_NYToma5WnT9C--MsaTMvAFr0TsazeJDxEzpz6hED3hj-pwKaEQN6qJx0eJVI0TWPligNQipOvff4z9c62asDrYDe5MDEF8qMpE7m8zj6Ykl3NT0osUtZoeWE2U20SkLYfsNzcm--EkqGrqOu6Jx23g8ZFn3qoWmm9T99EihGo99LBZ8zPDP038kIe8BfTEhTw2uerl04Tj0QtuqfV7NMUuuwOHD_iuuxsS_aozvQ7AlWozgBAGABpmr2p2-gM3fP6AGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_0KhLFFwm7eYzkBLWJ74jgP9N0K9w%252526client%25253Dca-pub-2697679518515886%252526adurl%25253D&y=1&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0442de55e3838ce2b8cfca9a7ad2a6bcecfd94844453c13b38d7a9f1d31944b9
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/rar?a=15579%2C14044%2C24673&b=RA2hgfQfD4pTkHwH3tQtJgDS9SzTqxTG9x%2CeYET3fVfxBVcjHZHet1teW3swSQT81s7Ew%2CrW4FQf9fd3jTAH7HjtqtBwxuYS8TxmhX4R&f=QM4U4fjf4gRHxH5HYt9CXkWc6S4TqjTj9Y%2CDXEH3fwfbqPS3HmH9twCwAmFxSmT8jsRQE%2CP6rTBfbfRbzh9HjHbtgCPzEHJS9TMYH73A&c=728&d=90&e=Zpz8aSoukkW_pyH7AsfO1rcmHMpMAN9i&g=4270ac2e58bc27e735c845527c0fd0d6%2F16158092447222966745&i=26474%2C25007%2C20430&j=41%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach09_PRIVATKREDIT&r=1645341810790&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1g3za2m7svrm918csnxtczcqpqx7ef43twzbsbnkyg9xcdgnebe65r3yexn5esybksftr51ajtrqsg4yrc4s25dbdb7q7hx9bbvgs2f8z0191hs95c54pr7m1pbsadp3hqzaymp6jwxyqg53134gy0ekhkke3n13bww3z2dg1t3ce2ktbrja7ya69jcscf1kcdvh2e2yh966rzybxk9g2113r8d693jdzfzmdjdmjsj21cyq070q2bt9a4mtzspp99n0n2jq6p4bypg5f7tmntmp%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCtacfcewRYvavFJGtrASy078okOGBhFy2qMKK8ALAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItMjY5NzY3OTUxODUxNTg4NqABwq7o3QPIAQmpAp0pDB5p_rI-4AIAqAMBqgSeAk_QczSlLdcBlsF-mkzUz9sJadjP1bbZMu-SJiErm0Ekgcgx7gaf_JiipaxC40u6fGOCL7osbGiUwxFGo-mcNGQ0u3Xaj4a7NKeEB9vY7GAF9v20gaOQa1uzod7i4UUB-1SUJEGMqLyEklKC_NYToma5WnT9C--MsaTMvAFr0TsazeJDxEzpz6hED3hj-pwKaEQN6qJx0eJVI0TWPligNQipOvff4z9c62asDrYDe5MDEF8qMpE7m8zj6Ykl3NT0osUtZoeWE2U20SkLYfsNzcm--EkqGrqOu6Jx23g8ZFn3qoWmm9T99EihGo99LBZ8zPDP038kIe8BfTEhTw2uerl04Tj0QtuqfV7NMUuuwOHD_iuuxsS_aozvQ7AlWozgBAGABpmr2p2-gM3fP6AGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_0KhLFFwm7eYzkBLWJ74jgP9N0K9w%252526client%25253Dca-pub-2697679518515886%252526adurl%25253D&y=1&z=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:30 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age
917903
cross-origin-embedder-policy
unsafe-none
cf-polished
origSize=83581
surrogate-control
no-store
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=86400; includeSubDomains; preload
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
same-origin
expires
0
last-modified
Wed, 09 Feb 2022 16:25:07 GMT
server
cloudflare
cross-origin-opener-policy
unsafe-none
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options
noopen
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type
text/css; charset=utf-8
vary
Accept-Encoding
cache-control
max-age=3600, must-revalidate, proxy-revalidate
cf-ray
6e05fd6e1c360f82-MXP
cf-bgj
minify
A936526A7BBD1A3667304FF9801CD69D64491F536141498A04EE917B95C4F41805FB0684491C85587102A447B68BEB66A82BA2BA68F7C41066BBF7DD19871BB8
assets.ad4m.at/logo/ Frame CCEC 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/A936526A7BBD1A3667304FF9801CD69D64491F536141498A04EE917B95C4F41805FB0684491C85587102A447B68BEB66A82BA2BA68F7C41066BBF7DD19871BB8
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15579%2C14044%2C24673&b=RA2hgfQfD4pTkHwH3tQtJgDS9SzTqxTG9x%2CeYET3fVfxBVcjHZHet1teW3swSQT81s7Ew%2CrW4FQf9fd3jTAH7HjtqtBwxuYS8TxmhX4R&f=QM4U4fjf4gRHxH5HYt9CXkWc6S4TqjTj9Y%2CDXEH3fwfbqPS3HmH9twCwAmFxSmT8jsRQE%2CP6rTBfbfRbzh9HjHbtgCPzEHJS9TMYH73A&c=728&d=90&e=Zpz8aSoukkW_pyH7AsfO1rcmHMpMAN9i&g=4270ac2e58bc27e735c845527c0fd0d6%2F16158092447222966745&i=26474%2C25007%2C20430&j=41%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach09_PRIVATKREDIT&r=1645341810790&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1g3za2m7svrm918csnxtczcqpqx7ef43twzbsbnkyg9xcdgnebe65r3yexn5esybksftr51ajtrqsg4yrc4s25dbdb7q7hx9bbvgs2f8z0191hs95c54pr7m1pbsadp3hqzaymp6jwxyqg53134gy0ekhkke3n13bww3z2dg1t3ce2ktbrja7ya69jcscf1kcdvh2e2yh966rzybxk9g2113r8d693jdzfzmdjdmjsj21cyq070q2bt9a4mtzspp99n0n2jq6p4bypg5f7tmntmp%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCtacfcewRYvavFJGtrASy078okOGBhFy2qMKK8ALAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItMjY5NzY3OTUxODUxNTg4NqABwq7o3QPIAQmpAp0pDB5p_rI-4AIAqAMBqgSeAk_QczSlLdcBlsF-mkzUz9sJadjP1bbZMu-SJiErm0Ekgcgx7gaf_JiipaxC40u6fGOCL7osbGiUwxFGo-mcNGQ0u3Xaj4a7NKeEB9vY7GAF9v20gaOQa1uzod7i4UUB-1SUJEGMqLyEklKC_NYToma5WnT9C--MsaTMvAFr0TsazeJDxEzpz6hED3hj-pwKaEQN6qJx0eJVI0TWPligNQipOvff4z9c62asDrYDe5MDEF8qMpE7m8zj6Ykl3NT0osUtZoeWE2U20SkLYfsNzcm--EkqGrqOu6Jx23g8ZFn3qoWmm9T99EihGo99LBZ8zPDP038kIe8BfTEhTw2uerl04Tj0QtuqfV7NMUuuwOHD_iuuxsS_aozvQ7AlWozgBAGABpmr2p2-gM3fP6AGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_0KhLFFwm7eYzkBLWJ74jgP9N0K9w%252526client%25253Dca-pub-2697679518515886%252526adurl%25253D&y=1&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d5661858a1ac96084163595f8a5da3f9c0208037dbe609d6a8bbe48ada46c3b5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-goog-hash
crc32c=i1Ff/Q==, md5=AYpfNzYzK/oFCZjsj3K+tA==
date
Sun, 20 Feb 2022 07:23:30 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
214150
cf-polished
origFmt=png, origSize=26777
x-guploader-uploadid
ADPycdvicZuSkldcQ8HzL4wlxpENxbT8pmv4cLJH8de3bjVNxtEaaoZqkvYTxCbYY3P85O-ni3ZcyqXxwH6lIxUs31Y
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
15238
last-modified
Tue, 07 Jul 2020 09:20:40 GMT
server
cloudflare
etag
"018a5f3736332bfa050998ec8f72beb4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FITvCeMPZNskbUDOw6Comkh3NCpzj7vvvRdWKMIGMHoENhfuv%2BWA%2FvUG1JjSs754sY5Zvs4d9ZfBaY34fgr5UqjJ5ArZk%2FzcFK2qObnQedLiA5YduX2g01siOp5hYGFkazkRfHfuvdvDs%2FyM"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1594113640078278
content-type
image/webp
expires
Mon, 21 Feb 2022 07:23:30 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
26777
accept-ranges
bytes
cf-ray
6e05fd6e5d0883af-MXP
cf-bgj
imgq:85,h2pri
CD344C7198208A9A5F740F476AC3F2335508D7627FCE5B0F39A1436D67E60AB1E86775C9CFAD06EEACFED0D65DCA993D91C20CCA09713249CF6834EEECD25F41
assets.ad4m.at/product_image/ Frame CCEC 		382 KB
383 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/CD344C7198208A9A5F740F476AC3F2335508D7627FCE5B0F39A1436D67E60AB1E86775C9CFAD06EEACFED0D65DCA993D91C20CCA09713249CF6834EEECD25F41
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15579%2C14044%2C24673&b=RA2hgfQfD4pTkHwH3tQtJgDS9SzTqxTG9x%2CeYET3fVfxBVcjHZHet1teW3swSQT81s7Ew%2CrW4FQf9fd3jTAH7HjtqtBwxuYS8TxmhX4R&f=QM4U4fjf4gRHxH5HYt9CXkWc6S4TqjTj9Y%2CDXEH3fwfbqPS3HmH9twCwAmFxSmT8jsRQE%2CP6rTBfbfRbzh9HjHbtgCPzEHJS9TMYH73A&c=728&d=90&e=Zpz8aSoukkW_pyH7AsfO1rcmHMpMAN9i&g=4270ac2e58bc27e735c845527c0fd0d6%2F16158092447222966745&i=26474%2C25007%2C20430&j=41%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach09_PRIVATKREDIT&r=1645341810790&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1g3za2m7svrm918csnxtczcqpqx7ef43twzbsbnkyg9xcdgnebe65r3yexn5esybksftr51ajtrqsg4yrc4s25dbdb7q7hx9bbvgs2f8z0191hs95c54pr7m1pbsadp3hqzaymp6jwxyqg53134gy0ekhkke3n13bww3z2dg1t3ce2ktbrja7ya69jcscf1kcdvh2e2yh966rzybxk9g2113r8d693jdzfzmdjdmjsj21cyq070q2bt9a4mtzspp99n0n2jq6p4bypg5f7tmntmp%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCtacfcewRYvavFJGtrASy078okOGBhFy2qMKK8ALAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItMjY5NzY3OTUxODUxNTg4NqABwq7o3QPIAQmpAp0pDB5p_rI-4AIAqAMBqgSeAk_QczSlLdcBlsF-mkzUz9sJadjP1bbZMu-SJiErm0Ekgcgx7gaf_JiipaxC40u6fGOCL7osbGiUwxFGo-mcNGQ0u3Xaj4a7NKeEB9vY7GAF9v20gaOQa1uzod7i4UUB-1SUJEGMqLyEklKC_NYToma5WnT9C--MsaTMvAFr0TsazeJDxEzpz6hED3hj-pwKaEQN6qJx0eJVI0TWPligNQipOvff4z9c62asDrYDe5MDEF8qMpE7m8zj6Ykl3NT0osUtZoeWE2U20SkLYfsNzcm--EkqGrqOu6Jx23g8ZFn3qoWmm9T99EihGo99LBZ8zPDP038kIe8BfTEhTw2uerl04Tj0QtuqfV7NMUuuwOHD_iuuxsS_aozvQ7AlWozgBAGABpmr2p2-gM3fP6AGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_0KhLFFwm7eYzkBLWJ74jgP9N0K9w%252526client%25253Dca-pub-2697679518515886%252526adurl%25253D&y=1&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
25cbb0598f62d55b16729065a0955ce9efcdfb096c7f11fec31e731dcfa11e8a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-goog-hash
crc32c=d5mymQ==, md5=bWiWSMa0+LV8pKw7Fyjaew==
date
Sun, 20 Feb 2022 07:23:30 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
272877
cf-polished
origFmt=png, origSize=588465
x-guploader-uploadid
ADPycds-DjR0Rf3duFKaJZfczqiLXsSAMTDNnwBqimx8xyijpCYySzhVw3K2FcOZSf03s1AKKQ-4688YVO27-cLtsDg
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
391402
last-modified
Fri, 22 Oct 2021 09:31:50 GMT
server
cloudflare
etag
"6d689648c6b4f8b57ca4ac3b1728da7b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Hj%2FgrFoM7tutEvKlQ9O%2BOGS4Sf0msvquJRcI5d2dI6AggJr9RkAJX3Cf9wasojbkjzUHlyS0SAV8irZUv83A7tS7nd%2BdTGFXG9krIzohLFW1HJuxK%2FVRnOQNcrn8Rxz5afuC9oMhEL5a1KJ6"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1634895110632642
content-type
image/webp
expires
Mon, 21 Feb 2022 07:23:30 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
588465
accept-ranges
bytes
cf-ray
6e05fd6e5d0783af-MXP
cf-bgj
imgq:85,h2pri
view.aspx
pb.media01.eu/ Frame CCEC
Redirect Chain
  • https://pv.medialead.de/trck/epv/2aed39855b5f46b7d90f959867be60f8?t=htlp&subid=oneidRA2hgfQfD4pTkHwH3tQtJgDS9SzTqxTG9xoneid__asuidZpz8aSoukkW_pyH7AsfO1rcmHMpMAN9iasuid__suite_Netmix_Reach09_PRIVATK...
  • https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=57372&dt_subid2=oneidRA2hgfQfD4pTkHwH3tQtJgDS9SzTqxTG9xoneid__asuidZpz8aSoukkW_pyH7AsfO1rcmHMpMAN9iasuid__suite_Ne...
0
629 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=57372&dt_subid2=oneidRA2hgfQfD4pTkHwH3tQtJgDS9SzTqxTG9xoneid__asuidZpz8aSoukkW_pyH7AsfO1rcmHMpMAN9iasuid__suite_Netmix_Reach09_PRIVATKREDIT&actionid=981741&produktid=&dt_url=
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15579%2C14044%2C24673&b=RA2hgfQfD4pTkHwH3tQtJgDS9SzTqxTG9x%2CeYET3fVfxBVcjHZHet1teW3swSQT81s7Ew%2CrW4FQf9fd3jTAH7HjtqtBwxuYS8TxmhX4R&f=QM4U4fjf4gRHxH5HYt9CXkWc6S4TqjTj9Y%2CDXEH3fwfbqPS3HmH9twCwAmFxSmT8jsRQE%2CP6rTBfbfRbzh9HjHbtgCPzEHJS9TMYH73A&c=728&d=90&e=Zpz8aSoukkW_pyH7AsfO1rcmHMpMAN9i&g=4270ac2e58bc27e735c845527c0fd0d6%2F16158092447222966745&i=26474%2C25007%2C20430&j=41%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach09_PRIVATKREDIT&r=1645341810790&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1g3za2m7svrm918csnxtczcqpqx7ef43twzbsbnkyg9xcdgnebe65r3yexn5esybksftr51ajtrqsg4yrc4s25dbdb7q7hx9bbvgs2f8z0191hs95c54pr7m1pbsadp3hqzaymp6jwxyqg53134gy0ekhkke3n13bww3z2dg1t3ce2ktbrja7ya69jcscf1kcdvh2e2yh966rzybxk9g2113r8d693jdzfzmdjdmjsj21cyq070q2bt9a4mtzspp99n0n2jq6p4bypg5f7tmntmp%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCtacfcewRYvavFJGtrASy078okOGBhFy2qMKK8ALAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItMjY5NzY3OTUxODUxNTg4NqABwq7o3QPIAQmpAp0pDB5p_rI-4AIAqAMBqgSeAk_QczSlLdcBlsF-mkzUz9sJadjP1bbZMu-SJiErm0Ekgcgx7gaf_JiipaxC40u6fGOCL7osbGiUwxFGo-mcNGQ0u3Xaj4a7NKeEB9vY7GAF9v20gaOQa1uzod7i4UUB-1SUJEGMqLyEklKC_NYToma5WnT9C--MsaTMvAFr0TsazeJDxEzpz6hED3hj-pwKaEQN6qJx0eJVI0TWPligNQipOvff4z9c62asDrYDe5MDEF8qMpE7m8zj6Ykl3NT0osUtZoeWE2U20SkLYfsNzcm--EkqGrqOu6Jx23g8ZFn3qoWmm9T99EihGo99LBZ8zPDP038kIe8BfTEhTw2uerl04Tj0QtuqfV7NMUuuwOHD_iuuxsS_aozvQ7AlWozgBAGABpmr2p2-gM3fP6AGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_0KhLFFwm7eYzkBLWJ74jgP9N0K9w%252526client%25253Dca-pub-2697679518515886%252526adurl%25253D&y=1&z=0
Protocol
H2
Server
88.198.250.30 Baienfurt, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.88-198-250-30.clients.your-server.de
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:30 GMT
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
p3p
policyref="https://pb.media01.eu/pb.media01.eu/p3p.xml", CP="NOI NID PSA OUR BUS NAV STA"
content-length
0
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Sun, 20 Feb 2022 08:23:30 GMT
server
Microsoft-IIS/10.0
access-control-allow-methods
GET,POST
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Range, Content-Disposition, Content-Description, X-XSRF-TOKEN, X-Location
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Sun, 20 Feb 2022 07:23:30 GMT
Server
nginx/1.17.5
Host
pv.medialead.de
X-IPLB-Request-ID
D940971D:8320_91EFC182:01BB_6211EC72_6A227:7DE2
X-IPLB-Instance
40028
Strict-Transport-Security
max-age=15768000
Content-Type
application/javascript
Location
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=57372&dt_subid2=oneidRA2hgfQfD4pTkHwH3tQtJgDS9SzTqxTG9xoneid__asuidZpz8aSoukkW_pyH7AsfO1rcmHMpMAN9iasuid__suite_Netmix_Reach09_PRIVATKREDIT&actionid=981741&produktid=&dt_url=
Keep-Alive
timeout=20
Content-Length
0
Proxy-Host
pv.medialead.de
B4CB880477BA810028D7D7613EE7E9E1448DC35AF48781E4B95EC6ECB7049A9AA27B107B317198EC504A03E948F7EC5A02BC2426A27879C893669BA93941B528
assets.ad4m.at/logo/ Frame CCEC 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/B4CB880477BA810028D7D7613EE7E9E1448DC35AF48781E4B95EC6ECB7049A9AA27B107B317198EC504A03E948F7EC5A02BC2426A27879C893669BA93941B528
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15579%2C14044%2C24673&b=RA2hgfQfD4pTkHwH3tQtJgDS9SzTqxTG9x%2CeYET3fVfxBVcjHZHet1teW3swSQT81s7Ew%2CrW4FQf9fd3jTAH7HjtqtBwxuYS8TxmhX4R&f=QM4U4fjf4gRHxH5HYt9CXkWc6S4TqjTj9Y%2CDXEH3fwfbqPS3HmH9twCwAmFxSmT8jsRQE%2CP6rTBfbfRbzh9HjHbtgCPzEHJS9TMYH73A&c=728&d=90&e=Zpz8aSoukkW_pyH7AsfO1rcmHMpMAN9i&g=4270ac2e58bc27e735c845527c0fd0d6%2F16158092447222966745&i=26474%2C25007%2C20430&j=41%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach09_PRIVATKREDIT&r=1645341810790&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1g3za2m7svrm918csnxtczcqpqx7ef43twzbsbnkyg9xcdgnebe65r3yexn5esybksftr51ajtrqsg4yrc4s25dbdb7q7hx9bbvgs2f8z0191hs95c54pr7m1pbsadp3hqzaymp6jwxyqg53134gy0ekhkke3n13bww3z2dg1t3ce2ktbrja7ya69jcscf1kcdvh2e2yh966rzybxk9g2113r8d693jdzfzmdjdmjsj21cyq070q2bt9a4mtzspp99n0n2jq6p4bypg5f7tmntmp%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCtacfcewRYvavFJGtrASy078okOGBhFy2qMKK8ALAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItMjY5NzY3OTUxODUxNTg4NqABwq7o3QPIAQmpAp0pDB5p_rI-4AIAqAMBqgSeAk_QczSlLdcBlsF-mkzUz9sJadjP1bbZMu-SJiErm0Ekgcgx7gaf_JiipaxC40u6fGOCL7osbGiUwxFGo-mcNGQ0u3Xaj4a7NKeEB9vY7GAF9v20gaOQa1uzod7i4UUB-1SUJEGMqLyEklKC_NYToma5WnT9C--MsaTMvAFr0TsazeJDxEzpz6hED3hj-pwKaEQN6qJx0eJVI0TWPligNQipOvff4z9c62asDrYDe5MDEF8qMpE7m8zj6Ykl3NT0osUtZoeWE2U20SkLYfsNzcm--EkqGrqOu6Jx23g8ZFn3qoWmm9T99EihGo99LBZ8zPDP038kIe8BfTEhTw2uerl04Tj0QtuqfV7NMUuuwOHD_iuuxsS_aozvQ7AlWozgBAGABpmr2p2-gM3fP6AGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_0KhLFFwm7eYzkBLWJ74jgP9N0K9w%252526client%25253Dca-pub-2697679518515886%252526adurl%25253D&y=1&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
54d35e66675f9cc2ab471d0c389573b5ab0902937b397914a177712b27678a46

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-goog-hash
crc32c=GT8dCw==, md5=4YyWNM3TGeacJ2VHXynNEw==
date
Sun, 20 Feb 2022 07:23:30 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
217487
cf-polished
origFmt=png, origSize=35453
x-guploader-uploadid
ADPycdsrqjDda94slhEt03i00rEZOT2m4AGVQ0mta5ktGP84O4ZCZVvn23j-H71YoQ0kgAuzuiUIxxmhyTqY2cWV5heG8FmNtw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
18872
last-modified
Mon, 18 May 2020 12:30:29 GMT
server
cloudflare
etag
"e18c9634cdd319e69c2765475f29cd13"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4SN61jv59nyU6QUQZJV0uX7eeueQxJ6Bdp74HwLyk1xausRy5d0TptLJfEzVzZEQvGbGR3BuqUswlqB557eMxPDDbYDWuzQGoIASrX1M8iCODOcrc0zB6f7dNNAJckh4CMPwyWtg3u5rkFy%2B"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1589805029334103
content-type
image/webp
expires
Mon, 21 Feb 2022 07:23:30 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
35453
accept-ranges
bytes
cf-ray
6e05fd6e3cb683af-MXP
cf-bgj
imgq:85,h2pri
285DE9FE17F697DA1B3C600D8F320A9D948FC7BBE696D077F9175DFE5ECD143923061A8E9DA395B492694AC69B9D920D397618A0BB22BBF5834FED5EDAA72A95
assets.ad4m.at/product_image/ Frame CCEC 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/285DE9FE17F697DA1B3C600D8F320A9D948FC7BBE696D077F9175DFE5ECD143923061A8E9DA395B492694AC69B9D920D397618A0BB22BBF5834FED5EDAA72A95
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15579%2C14044%2C24673&b=RA2hgfQfD4pTkHwH3tQtJgDS9SzTqxTG9x%2CeYET3fVfxBVcjHZHet1teW3swSQT81s7Ew%2CrW4FQf9fd3jTAH7HjtqtBwxuYS8TxmhX4R&f=QM4U4fjf4gRHxH5HYt9CXkWc6S4TqjTj9Y%2CDXEH3fwfbqPS3HmH9twCwAmFxSmT8jsRQE%2CP6rTBfbfRbzh9HjHbtgCPzEHJS9TMYH73A&c=728&d=90&e=Zpz8aSoukkW_pyH7AsfO1rcmHMpMAN9i&g=4270ac2e58bc27e735c845527c0fd0d6%2F16158092447222966745&i=26474%2C25007%2C20430&j=41%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach09_PRIVATKREDIT&r=1645341810790&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1g3za2m7svrm918csnxtczcqpqx7ef43twzbsbnkyg9xcdgnebe65r3yexn5esybksftr51ajtrqsg4yrc4s25dbdb7q7hx9bbvgs2f8z0191hs95c54pr7m1pbsadp3hqzaymp6jwxyqg53134gy0ekhkke3n13bww3z2dg1t3ce2ktbrja7ya69jcscf1kcdvh2e2yh966rzybxk9g2113r8d693jdzfzmdjdmjsj21cyq070q2bt9a4mtzspp99n0n2jq6p4bypg5f7tmntmp%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCtacfcewRYvavFJGtrASy078okOGBhFy2qMKK8ALAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItMjY5NzY3OTUxODUxNTg4NqABwq7o3QPIAQmpAp0pDB5p_rI-4AIAqAMBqgSeAk_QczSlLdcBlsF-mkzUz9sJadjP1bbZMu-SJiErm0Ekgcgx7gaf_JiipaxC40u6fGOCL7osbGiUwxFGo-mcNGQ0u3Xaj4a7NKeEB9vY7GAF9v20gaOQa1uzod7i4UUB-1SUJEGMqLyEklKC_NYToma5WnT9C--MsaTMvAFr0TsazeJDxEzpz6hED3hj-pwKaEQN6qJx0eJVI0TWPligNQipOvff4z9c62asDrYDe5MDEF8qMpE7m8zj6Ykl3NT0osUtZoeWE2U20SkLYfsNzcm--EkqGrqOu6Jx23g8ZFn3qoWmm9T99EihGo99LBZ8zPDP038kIe8BfTEhTw2uerl04Tj0QtuqfV7NMUuuwOHD_iuuxsS_aozvQ7AlWozgBAGABpmr2p2-gM3fP6AGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_0KhLFFwm7eYzkBLWJ74jgP9N0K9w%252526client%25253Dca-pub-2697679518515886%252526adurl%25253D&y=1&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48f67a152acf6ef2df67acd63779bee22382effa8a37b241811e04b683e312b1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-goog-hash
crc32c=FPfkEg==, md5=cNeMaybSTgOMvyODLhu1OA==
date
Sun, 20 Feb 2022 07:23:30 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
212103
cf-polished
qual=85, origFmt=jpeg, origSize=83479
x-guploader-uploadid
ADPycdsGUa2kdal_MyCuqhu5nH0vd-qxkUYcIkxeq8xN1m4wx2EpR2kyX5kw7QtHmVPxVCNpjdkHPY8n4PYtmWlNhoDtg5jOUw
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
9260
last-modified
Mon, 29 Nov 2021 15:03:15 GMT
server
cloudflare
etag
"70d78c6b26d24e038cbf23832e1bb538"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=79%2F8MDq6%2FAwD6O1MMrIJ%2BfjWAFMnDVlGUjbxq66vRTyOAAbB7xodCT6mC0wKMNTNxPCh2UWTP9wsC05f6xVe4G8l52dsTIiWcmIeR8Di3GcrBkEtQ0UBpj2WyyfqUYLMq%2FKc4AevlydLNujL"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1638198195167024
content-type
image/webp
expires
Mon, 21 Feb 2022 07:23:30 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
83479
accept-ranges
bytes
cf-ray
6e05fd6e3cb883af-MXP
cf-bgj
imgq:85,h2pri
cshow.php
www.awin1.com/ Frame CCEC 		43 B
702 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.awin1.com/cshow.php?s=2519498&v=14098&q=368694&r=412871&pv=1&pref3=oneideYET3fVfxBVcjHZHet1teW3swSQT81s7Ewoneid__asuidZpz8aSoukkW_pyH7AsfO1rcmHMpMAN9iasuid__suite_Netmix_Reach09_PRIVATKREDIT&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15579%2C14044%2C24673&b=RA2hgfQfD4pTkHwH3tQtJgDS9SzTqxTG9x%2CeYET3fVfxBVcjHZHet1teW3swSQT81s7Ew%2CrW4FQf9fd3jTAH7HjtqtBwxuYS8TxmhX4R&f=QM4U4fjf4gRHxH5HYt9CXkWc6S4TqjTj9Y%2CDXEH3fwfbqPS3HmH9twCwAmFxSmT8jsRQE%2CP6rTBfbfRbzh9HjHbtgCPzEHJS9TMYH73A&c=728&d=90&e=Zpz8aSoukkW_pyH7AsfO1rcmHMpMAN9i&g=4270ac2e58bc27e735c845527c0fd0d6%2F16158092447222966745&i=26474%2C25007%2C20430&j=41%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach09_PRIVATKREDIT&r=1645341810790&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1g3za2m7svrm918csnxtczcqpqx7ef43twzbsbnkyg9xcdgnebe65r3yexn5esybksftr51ajtrqsg4yrc4s25dbdb7q7hx9bbvgs2f8z0191hs95c54pr7m1pbsadp3hqzaymp6jwxyqg53134gy0ekhkke3n13bww3z2dg1t3ce2ktbrja7ya69jcscf1kcdvh2e2yh966rzybxk9g2113r8d693jdzfzmdjdmjsj21cyq070q2bt9a4mtzspp99n0n2jq6p4bypg5f7tmntmp%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCtacfcewRYvavFJGtrASy078okOGBhFy2qMKK8ALAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItMjY5NzY3OTUxODUxNTg4NqABwq7o3QPIAQmpAp0pDB5p_rI-4AIAqAMBqgSeAk_QczSlLdcBlsF-mkzUz9sJadjP1bbZMu-SJiErm0Ekgcgx7gaf_JiipaxC40u6fGOCL7osbGiUwxFGo-mcNGQ0u3Xaj4a7NKeEB9vY7GAF9v20gaOQa1uzod7i4UUB-1SUJEGMqLyEklKC_NYToma5WnT9C--MsaTMvAFr0TsazeJDxEzpz6hED3hj-pwKaEQN6qJx0eJVI0TWPligNQipOvff4z9c62asDrYDe5MDEF8qMpE7m8zj6Ykl3NT0osUtZoeWE2U20SkLYfsNzcm--EkqGrqOu6Jx23g8ZFn3qoWmm9T99EihGo99LBZ8zPDP038kIe8BfTEhTw2uerl04Tj0QtuqfV7NMUuuwOHD_iuuxsS_aozvQ7AlWozgBAGABpmr2p2-gM3fP6AGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_0KhLFFwm7eYzkBLWJ74jgP9N0K9w%252526client%25253Dca-pub-2697679518515886%252526adurl%25253D&y=1&z=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.239.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-239-217.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 20 Feb 2022 07:23:30 GMT
Strict-Transport-Security
max-age=86400
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Node
Helix
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
0
E8A0B3404CF65D67FABF74F38D2E787E97D75F650E6720B8A047EFE226A7A598DA94FFCF3CDCC52A3B206A422DD3D5082778689277BC79BF962DEE607C6331D8
assets.ad4m.at/logo/ Frame CCEC 		38 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/E8A0B3404CF65D67FABF74F38D2E787E97D75F650E6720B8A047EFE226A7A598DA94FFCF3CDCC52A3B206A422DD3D5082778689277BC79BF962DEE607C6331D8
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15579%2C14044%2C24673&b=RA2hgfQfD4pTkHwH3tQtJgDS9SzTqxTG9x%2CeYET3fVfxBVcjHZHet1teW3swSQT81s7Ew%2CrW4FQf9fd3jTAH7HjtqtBwxuYS8TxmhX4R&f=QM4U4fjf4gRHxH5HYt9CXkWc6S4TqjTj9Y%2CDXEH3fwfbqPS3HmH9twCwAmFxSmT8jsRQE%2CP6rTBfbfRbzh9HjHbtgCPzEHJS9TMYH73A&c=728&d=90&e=Zpz8aSoukkW_pyH7AsfO1rcmHMpMAN9i&g=4270ac2e58bc27e735c845527c0fd0d6%2F16158092447222966745&i=26474%2C25007%2C20430&j=41%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach09_PRIVATKREDIT&r=1645341810790&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1g3za2m7svrm918csnxtczcqpqx7ef43twzbsbnkyg9xcdgnebe65r3yexn5esybksftr51ajtrqsg4yrc4s25dbdb7q7hx9bbvgs2f8z0191hs95c54pr7m1pbsadp3hqzaymp6jwxyqg53134gy0ekhkke3n13bww3z2dg1t3ce2ktbrja7ya69jcscf1kcdvh2e2yh966rzybxk9g2113r8d693jdzfzmdjdmjsj21cyq070q2bt9a4mtzspp99n0n2jq6p4bypg5f7tmntmp%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCtacfcewRYvavFJGtrASy078okOGBhFy2qMKK8ALAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItMjY5NzY3OTUxODUxNTg4NqABwq7o3QPIAQmpAp0pDB5p_rI-4AIAqAMBqgSeAk_QczSlLdcBlsF-mkzUz9sJadjP1bbZMu-SJiErm0Ekgcgx7gaf_JiipaxC40u6fGOCL7osbGiUwxFGo-mcNGQ0u3Xaj4a7NKeEB9vY7GAF9v20gaOQa1uzod7i4UUB-1SUJEGMqLyEklKC_NYToma5WnT9C--MsaTMvAFr0TsazeJDxEzpz6hED3hj-pwKaEQN6qJx0eJVI0TWPligNQipOvff4z9c62asDrYDe5MDEF8qMpE7m8zj6Ykl3NT0osUtZoeWE2U20SkLYfsNzcm--EkqGrqOu6Jx23g8ZFn3qoWmm9T99EihGo99LBZ8zPDP038kIe8BfTEhTw2uerl04Tj0QtuqfV7NMUuuwOHD_iuuxsS_aozvQ7AlWozgBAGABpmr2p2-gM3fP6AGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_0KhLFFwm7eYzkBLWJ74jgP9N0K9w%252526client%25253Dca-pub-2697679518515886%252526adurl%25253D&y=1&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d997fba7832cb78b0933a9eb2ce191d53234c978e25c6c8fc50c75923ea8405e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-goog-hash
crc32c=RkBJ3g==, md5=Kw4C6d3nfjHTjXjXPcaeTw==
date
Sun, 20 Feb 2022 07:23:30 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
215723
cf-polished
origFmt=png, origSize=77267
x-guploader-uploadid
ADPycds2TBM93meg6QVftlfUnLRyKlXVYKUnWn1wUREDF1KCttTWxNfFH6flXo710NtTPGr5We4o7Xt09MWK7tQWeARDjlY48w
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
38696
last-modified
Wed, 22 Jan 2020 13:11:48 GMT
server
cloudflare
etag
"2b0e02e9dde77e31d38d78d73dc69e4f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BILWn29L0Qspmz0ALzuspq2wVUG4gHpLr%2BsvEh5I4SqIABdwYu9buQaCnEYGqbl0Jfq2smzl401aC7gxPZ4FMHRuiNzFKRSlrR%2BjVq4pYQK%2B5GScGVK2T43zBpouHPPSTB%2B4WMFUDjX%2Bk%2Fb9"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1579698708801217
content-type
image/webp
expires
Mon, 21 Feb 2022 07:23:30 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
77267
accept-ranges
bytes
cf-ray
6e05fd6e3cbc83af-MXP
cf-bgj
imgq:85,h2pri
B45F893E9FFC024BF63F31BCCBD125167CBC3446F3678FC31F706A695A83CDCA7427229BCA4C5992B83E2F60A147FCD1B6148725AA0AF3ABB801A6BB7EA78390
assets.ad4m.at/ Frame CCEC 		84 KB
84 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/B45F893E9FFC024BF63F31BCCBD125167CBC3446F3678FC31F706A695A83CDCA7427229BCA4C5992B83E2F60A147FCD1B6148725AA0AF3ABB801A6BB7EA78390
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15579%2C14044%2C24673&b=RA2hgfQfD4pTkHwH3tQtJgDS9SzTqxTG9x%2CeYET3fVfxBVcjHZHet1teW3swSQT81s7Ew%2CrW4FQf9fd3jTAH7HjtqtBwxuYS8TxmhX4R&f=QM4U4fjf4gRHxH5HYt9CXkWc6S4TqjTj9Y%2CDXEH3fwfbqPS3HmH9twCwAmFxSmT8jsRQE%2CP6rTBfbfRbzh9HjHbtgCPzEHJS9TMYH73A&c=728&d=90&e=Zpz8aSoukkW_pyH7AsfO1rcmHMpMAN9i&g=4270ac2e58bc27e735c845527c0fd0d6%2F16158092447222966745&i=26474%2C25007%2C20430&j=41%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach09_PRIVATKREDIT&r=1645341810790&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1g3za2m7svrm918csnxtczcqpqx7ef43twzbsbnkyg9xcdgnebe65r3yexn5esybksftr51ajtrqsg4yrc4s25dbdb7q7hx9bbvgs2f8z0191hs95c54pr7m1pbsadp3hqzaymp6jwxyqg53134gy0ekhkke3n13bww3z2dg1t3ce2ktbrja7ya69jcscf1kcdvh2e2yh966rzybxk9g2113r8d693jdzfzmdjdmjsj21cyq070q2bt9a4mtzspp99n0n2jq6p4bypg5f7tmntmp%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCtacfcewRYvavFJGtrASy078okOGBhFy2qMKK8ALAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItMjY5NzY3OTUxODUxNTg4NqABwq7o3QPIAQmpAp0pDB5p_rI-4AIAqAMBqgSeAk_QczSlLdcBlsF-mkzUz9sJadjP1bbZMu-SJiErm0Ekgcgx7gaf_JiipaxC40u6fGOCL7osbGiUwxFGo-mcNGQ0u3Xaj4a7NKeEB9vY7GAF9v20gaOQa1uzod7i4UUB-1SUJEGMqLyEklKC_NYToma5WnT9C--MsaTMvAFr0TsazeJDxEzpz6hED3hj-pwKaEQN6qJx0eJVI0TWPligNQipOvff4z9c62asDrYDe5MDEF8qMpE7m8zj6Ykl3NT0osUtZoeWE2U20SkLYfsNzcm--EkqGrqOu6Jx23g8ZFn3qoWmm9T99EihGo99LBZ8zPDP038kIe8BfTEhTw2uerl04Tj0QtuqfV7NMUuuwOHD_iuuxsS_aozvQ7AlWozgBAGABpmr2p2-gM3fP6AGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_0KhLFFwm7eYzkBLWJ74jgP9N0K9w%252526client%25253Dca-pub-2697679518515886%252526adurl%25253D&y=1&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c3a0321547809818914bf6666db8a6b4f882b487d3e08e334566d25d5d38e55

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-goog-hash
crc32c=e08Zuw==, md5=psibsHmVB2WUau7aQuE9AQ==
date
Sun, 20 Feb 2022 07:23:30 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
52432
cf-polished
origSize=90165, status=webp_bigger
x-guploader-uploadid
ADPycdsptdp2JHMudyhma4_tRan-1sTXAWuZeU75iOPGSiSi3VWFAgWEo44SxaKV6Y1BqyBrraPCApnQwJCEnDNAE14
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
85727
last-modified
Wed, 09 Oct 2019 16:06:53 GMT
server
cloudflare
etag
"a6c89bb079950765946aeeda42e13d01"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6%2FLUMEGhMfcMEUqVxN1T2mw2afwbqQYOMn5abwxdguaxQOlAlGfBYT%2Fr4QgmbKkwBHQ0bzkpTeN8NDC5IWzYpVIzhh8R13kItDnr3Hk7BePpzqE23cU3VLnCEYbhqjSASR9XBnot1cdJthHe"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1570637213281727
content-type
image/jpeg
expires
Mon, 21 Feb 2022 07:23:30 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
90165
accept-ranges
bytes
cf-ray
6e05fd6e3cba83af-MXP
cf-bgj
imgq:85,h2pri
default.css
as.ad4m.at/ad/style/0.1.18/one-ad/ Frame 5179 		81 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.18/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=177536%2C61651%2C175059&b=jEJhEfGfq9Z1TYHEH2t6t4e3QSZSzTRWc8gx%2Cg6mT8frfkpAGaPHbH8t5tzDPhmSQT7Ecdzq%2C6qxtef3fMQx3ueHmHYtkt9VZ6SYS1TqxTVYP&f=x2xsQfAfEJ8VTPHdHztDCmEX9u7S6TkEhVx6%2CBgMSgfPfMJpAaxH6H3tgC37KsjSeTVQSbqg%2CXJjuzfrfKkdJH6H4Het1Cw8APCQSkTK2tKP4&c=300&d=250&e=Zpz8aSoukkW_pyH7AsfO1rcmHMpMAN9i&g=f456c846e026287696fc94f0302a7029%2F12485168588469646935&i=69751%2C24905%2C65915&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach09_PRIVATKREDIT&r=1645341810795&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jjj57z5e3sjcfgxjs0nzsnk5z171k8cgydx4pbzq1mc6h0ch6dwr0vnghxrqnp69ay0ve39jhkkf5raqbqd3m1sz1r5mada8fjhv88y0r2faq44ydxt1gpae07daz5fq006x7shj4za6j8jvjas2vqdg0tz16j827sw4nnw4w8pwe5mrdfm3yp036wk40bkhfwc12x77hd1a0e8semv1rwp3wb72vd7rpksdj22gnjfdcw82frpwket21qtcxxpmvf3jsd3v2cxsvjwr1750pek%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC0UWocewRYv28FKKhrAS1mIDYDZDhgYRctqjCivACwI23ARABIABglfrwgYwHggEXY2EtcHViLTI2OTc2Nzk1MTg1MTU4ODagAcKu6N0DyAEJqQKdKQweaf6yPuACAKgDAaoEowJP0LTAGp1eMAjeA7AxWk6Ldftu1E0u9r29_BTiBeCDaZbYErho4rF5pVW3kfCmZu7CI5UzL7nmaNrNAAjs7GOxHNez1DXpOJApSezLkQqukjm9iuFrdj2bQNMxYIozCN9N0E5qCbvxwidDuUykfNFDNiQvH6lok3SDxUr1UFheR56cXf2MDg8Y7Vql3AF3BphWFdsaX7MQinNQwBSB39pvrXLl8WNRqj2JoP89C-dD3zMiqJPIPT7MFwe9kuW7AxLK6mMv36zi77ZfBLulg8v5XbGycFMbm8askJCoodH9bG12ZXaB8sAUeXU954OV6hHxVB0EENqi4S3k6JX3ZmvUNfylHn09r23Vooprw44wLBoLOalImA-Uyu_3RfhowDPgSWHgBAGABvCxjeX2iL7sb6AGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_2srrs_Ri6zCxnrr-Jf6E0tw1sukw%252526client%25253Dca-pub-2697679518515886%252526adurl%25253D&y=1&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0442de55e3838ce2b8cfca9a7ad2a6bcecfd94844453c13b38d7a9f1d31944b9
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/rar?a=177536%2C61651%2C175059&b=jEJhEfGfq9Z1TYHEH2t6t4e3QSZSzTRWc8gx%2Cg6mT8frfkpAGaPHbH8t5tzDPhmSQT7Ecdzq%2C6qxtef3fMQx3ueHmHYtkt9VZ6SYS1TqxTVYP&f=x2xsQfAfEJ8VTPHdHztDCmEX9u7S6TkEhVx6%2CBgMSgfPfMJpAaxH6H3tgC37KsjSeTVQSbqg%2CXJjuzfrfKkdJH6H4Het1Cw8APCQSkTK2tKP4&c=300&d=250&e=Zpz8aSoukkW_pyH7AsfO1rcmHMpMAN9i&g=f456c846e026287696fc94f0302a7029%2F12485168588469646935&i=69751%2C24905%2C65915&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach09_PRIVATKREDIT&r=1645341810795&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jjj57z5e3sjcfgxjs0nzsnk5z171k8cgydx4pbzq1mc6h0ch6dwr0vnghxrqnp69ay0ve39jhkkf5raqbqd3m1sz1r5mada8fjhv88y0r2faq44ydxt1gpae07daz5fq006x7shj4za6j8jvjas2vqdg0tz16j827sw4nnw4w8pwe5mrdfm3yp036wk40bkhfwc12x77hd1a0e8semv1rwp3wb72vd7rpksdj22gnjfdcw82frpwket21qtcxxpmvf3jsd3v2cxsvjwr1750pek%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC0UWocewRYv28FKKhrAS1mIDYDZDhgYRctqjCivACwI23ARABIABglfrwgYwHggEXY2EtcHViLTI2OTc2Nzk1MTg1MTU4ODagAcKu6N0DyAEJqQKdKQweaf6yPuACAKgDAaoEowJP0LTAGp1eMAjeA7AxWk6Ldftu1E0u9r29_BTiBeCDaZbYErho4rF5pVW3kfCmZu7CI5UzL7nmaNrNAAjs7GOxHNez1DXpOJApSezLkQqukjm9iuFrdj2bQNMxYIozCN9N0E5qCbvxwidDuUykfNFDNiQvH6lok3SDxUr1UFheR56cXf2MDg8Y7Vql3AF3BphWFdsaX7MQinNQwBSB39pvrXLl8WNRqj2JoP89C-dD3zMiqJPIPT7MFwe9kuW7AxLK6mMv36zi77ZfBLulg8v5XbGycFMbm8askJCoodH9bG12ZXaB8sAUeXU954OV6hHxVB0EENqi4S3k6JX3ZmvUNfylHn09r23Vooprw44wLBoLOalImA-Uyu_3RfhowDPgSWHgBAGABvCxjeX2iL7sb6AGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_2srrs_Ri6zCxnrr-Jf6E0tw1sukw%252526client%25253Dca-pub-2697679518515886%252526adurl%25253D&y=1&z=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:30 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age
917903
cross-origin-embedder-policy
unsafe-none
cf-polished
origSize=83581
surrogate-control
no-store
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=86400; includeSubDomains; preload
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
same-origin
expires
0
last-modified
Wed, 09 Feb 2022 16:25:07 GMT
server
cloudflare
cross-origin-opener-policy
unsafe-none
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options
noopen
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type
text/css; charset=utf-8
vary
Accept-Encoding
cache-control
max-age=3600, must-revalidate, proxy-revalidate
cf-ray
6e05fd6e2c590f82-MXP
cf-bgj
minify
44EC71DDE4A1195956D70ECAF3576273E2E54A0619D3455FA69E0E71BA66EBC6FA8F1962DB7C1229B0DC453F772095C06FEEB511334936483A779922C0481DBE
assets.ad4m.at/logo/ Frame 5179 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/44EC71DDE4A1195956D70ECAF3576273E2E54A0619D3455FA69E0E71BA66EBC6FA8F1962DB7C1229B0DC453F772095C06FEEB511334936483A779922C0481DBE
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=177536%2C61651%2C175059&b=jEJhEfGfq9Z1TYHEH2t6t4e3QSZSzTRWc8gx%2Cg6mT8frfkpAGaPHbH8t5tzDPhmSQT7Ecdzq%2C6qxtef3fMQx3ueHmHYtkt9VZ6SYS1TqxTVYP&f=x2xsQfAfEJ8VTPHdHztDCmEX9u7S6TkEhVx6%2CBgMSgfPfMJpAaxH6H3tgC37KsjSeTVQSbqg%2CXJjuzfrfKkdJH6H4Het1Cw8APCQSkTK2tKP4&c=300&d=250&e=Zpz8aSoukkW_pyH7AsfO1rcmHMpMAN9i&g=f456c846e026287696fc94f0302a7029%2F12485168588469646935&i=69751%2C24905%2C65915&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach09_PRIVATKREDIT&r=1645341810795&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jjj57z5e3sjcfgxjs0nzsnk5z171k8cgydx4pbzq1mc6h0ch6dwr0vnghxrqnp69ay0ve39jhkkf5raqbqd3m1sz1r5mada8fjhv88y0r2faq44ydxt1gpae07daz5fq006x7shj4za6j8jvjas2vqdg0tz16j827sw4nnw4w8pwe5mrdfm3yp036wk40bkhfwc12x77hd1a0e8semv1rwp3wb72vd7rpksdj22gnjfdcw82frpwket21qtcxxpmvf3jsd3v2cxsvjwr1750pek%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC0UWocewRYv28FKKhrAS1mIDYDZDhgYRctqjCivACwI23ARABIABglfrwgYwHggEXY2EtcHViLTI2OTc2Nzk1MTg1MTU4ODagAcKu6N0DyAEJqQKdKQweaf6yPuACAKgDAaoEowJP0LTAGp1eMAjeA7AxWk6Ldftu1E0u9r29_BTiBeCDaZbYErho4rF5pVW3kfCmZu7CI5UzL7nmaNrNAAjs7GOxHNez1DXpOJApSezLkQqukjm9iuFrdj2bQNMxYIozCN9N0E5qCbvxwidDuUykfNFDNiQvH6lok3SDxUr1UFheR56cXf2MDg8Y7Vql3AF3BphWFdsaX7MQinNQwBSB39pvrXLl8WNRqj2JoP89C-dD3zMiqJPIPT7MFwe9kuW7AxLK6mMv36zi77ZfBLulg8v5XbGycFMbm8askJCoodH9bG12ZXaB8sAUeXU954OV6hHxVB0EENqi4S3k6JX3ZmvUNfylHn09r23Vooprw44wLBoLOalImA-Uyu_3RfhowDPgSWHgBAGABvCxjeX2iL7sb6AGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_2srrs_Ri6zCxnrr-Jf6E0tw1sukw%252526client%25253Dca-pub-2697679518515886%252526adurl%25253D&y=1&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a04b865b86a5315881cdbb6dff10de7e84ce229089e10e01864c33b8253d7105

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-goog-hash
crc32c=Kprljw==, md5=PLYAwfmkmufMK1isGGQUcA==
date
Sun, 20 Feb 2022 07:23:30 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
707173
cf-polished
origFmt=png, origSize=35585
x-guploader-uploadid
ADPycdtTRzyYhUjihA7psGSImAO1-kbgJj3X-A8ExnpdS8hXN0d5WB-C0FvGCCDQ75UPXEIFNqdF38M8Czt5cj0UwA
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
20890
last-modified
Fri, 14 Jan 2022 11:18:20 GMT
server
cloudflare
etag
"3cb600c1f9a49ae7cc2b58ac18641470"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bp3qK5%2Ft9%2BOGBwncgvyY4lcuOSngr7acTP27QkSNJI8noE9AaziEV783X9NGWPnb1URfw1imlTTvp%2FIlJ2qLnS0WUxHez%2FaS1FMJ1u%2BsGDZ2RbGkCqQnDgMaKeldJFsoopgpclc5IhAyaO7T"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1642159100906951
content-type
image/webp
expires
Mon, 21 Feb 2022 07:23:30 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
35585
accept-ranges
bytes
cf-ray
6e05fd6e3cbd83af-MXP
cf-bgj
imgq:85,h2pri
1F1C7F3E3263ED7C5F7B17F73F2ED23D7E69EC55EB7F4B90C9D91170BB71DA3D6117376F379087AF73BB884EFED68FC201948CD5227B207D416354C8AB0EA157
assets.ad4m.at/product_image/ Frame 5179 		255 KB
256 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/1F1C7F3E3263ED7C5F7B17F73F2ED23D7E69EC55EB7F4B90C9D91170BB71DA3D6117376F379087AF73BB884EFED68FC201948CD5227B207D416354C8AB0EA157
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=177536%2C61651%2C175059&b=jEJhEfGfq9Z1TYHEH2t6t4e3QSZSzTRWc8gx%2Cg6mT8frfkpAGaPHbH8t5tzDPhmSQT7Ecdzq%2C6qxtef3fMQx3ueHmHYtkt9VZ6SYS1TqxTVYP&f=x2xsQfAfEJ8VTPHdHztDCmEX9u7S6TkEhVx6%2CBgMSgfPfMJpAaxH6H3tgC37KsjSeTVQSbqg%2CXJjuzfrfKkdJH6H4Het1Cw8APCQSkTK2tKP4&c=300&d=250&e=Zpz8aSoukkW_pyH7AsfO1rcmHMpMAN9i&g=f456c846e026287696fc94f0302a7029%2F12485168588469646935&i=69751%2C24905%2C65915&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach09_PRIVATKREDIT&r=1645341810795&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jjj57z5e3sjcfgxjs0nzsnk5z171k8cgydx4pbzq1mc6h0ch6dwr0vnghxrqnp69ay0ve39jhkkf5raqbqd3m1sz1r5mada8fjhv88y0r2faq44ydxt1gpae07daz5fq006x7shj4za6j8jvjas2vqdg0tz16j827sw4nnw4w8pwe5mrdfm3yp036wk40bkhfwc12x77hd1a0e8semv1rwp3wb72vd7rpksdj22gnjfdcw82frpwket21qtcxxpmvf3jsd3v2cxsvjwr1750pek%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC0UWocewRYv28FKKhrAS1mIDYDZDhgYRctqjCivACwI23ARABIABglfrwgYwHggEXY2EtcHViLTI2OTc2Nzk1MTg1MTU4ODagAcKu6N0DyAEJqQKdKQweaf6yPuACAKgDAaoEowJP0LTAGp1eMAjeA7AxWk6Ldftu1E0u9r29_BTiBeCDaZbYErho4rF5pVW3kfCmZu7CI5UzL7nmaNrNAAjs7GOxHNez1DXpOJApSezLkQqukjm9iuFrdj2bQNMxYIozCN9N0E5qCbvxwidDuUykfNFDNiQvH6lok3SDxUr1UFheR56cXf2MDg8Y7Vql3AF3BphWFdsaX7MQinNQwBSB39pvrXLl8WNRqj2JoP89C-dD3zMiqJPIPT7MFwe9kuW7AxLK6mMv36zi77ZfBLulg8v5XbGycFMbm8askJCoodH9bG12ZXaB8sAUeXU954OV6hHxVB0EENqi4S3k6JX3ZmvUNfylHn09r23Vooprw44wLBoLOalImA-Uyu_3RfhowDPgSWHgBAGABvCxjeX2iL7sb6AGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_2srrs_Ri6zCxnrr-Jf6E0tw1sukw%252526client%25253Dca-pub-2697679518515886%252526adurl%25253D&y=1&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b69fe287551669409c2878bd1dd655e36fe7f7e7c8b8acdc784c257ab49e241b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-goog-hash
crc32c=ZQ1hsw==, md5=O9/y/ScDmy5pk35SVWeISg==
date
Sun, 20 Feb 2022 07:23:30 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
213976
cf-polished
origFmt=png, origSize=404563
x-guploader-uploadid
ADPycdutN2O0-2_PjM6a3yYHMVg3FhIsmYifWkVlSNdpvF2VegVdlqrUvET-cDaMBPSxBJ_4RCwuveG2ABJEyaff91s
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
261534
last-modified
Mon, 17 Jan 2022 14:21:39 GMT
server
cloudflare
etag
"3bdff2fd27039b2e69937e525567884a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qyPmkDYfwgkEJGQw2MSbXO3cfI2j6UTU9%2BpFkUe2MBWpqShRDYJ5uEi8nBpT8Pi4lsD36QHybW9Szq3uX7wvDAZQaclIUMc6YuImpOFEH78YY2TtPJUXO8H7ARNI7XYPBKkciBEx6Fu22slb"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1642429298977553
content-type
image/webp
expires
Mon, 21 Feb 2022 07:23:30 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
404563
accept-ranges
bytes
cf-ray
6e05fd6e3cbf83af-MXP
cf-bgj
imgq:85,h2pri
28955936A185107CE60DF2585A63B3B86CCC4B7A6593F99CF47D770EC5D0A33C82C6A9B67E144703653DB452E4551C62791722409DB6346D6D48A000139D8F04
assets.ad4m.at/logo/ Frame 5179 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/28955936A185107CE60DF2585A63B3B86CCC4B7A6593F99CF47D770EC5D0A33C82C6A9B67E144703653DB452E4551C62791722409DB6346D6D48A000139D8F04
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=177536%2C61651%2C175059&b=jEJhEfGfq9Z1TYHEH2t6t4e3QSZSzTRWc8gx%2Cg6mT8frfkpAGaPHbH8t5tzDPhmSQT7Ecdzq%2C6qxtef3fMQx3ueHmHYtkt9VZ6SYS1TqxTVYP&f=x2xsQfAfEJ8VTPHdHztDCmEX9u7S6TkEhVx6%2CBgMSgfPfMJpAaxH6H3tgC37KsjSeTVQSbqg%2CXJjuzfrfKkdJH6H4Het1Cw8APCQSkTK2tKP4&c=300&d=250&e=Zpz8aSoukkW_pyH7AsfO1rcmHMpMAN9i&g=f456c846e026287696fc94f0302a7029%2F12485168588469646935&i=69751%2C24905%2C65915&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach09_PRIVATKREDIT&r=1645341810795&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jjj57z5e3sjcfgxjs0nzsnk5z171k8cgydx4pbzq1mc6h0ch6dwr0vnghxrqnp69ay0ve39jhkkf5raqbqd3m1sz1r5mada8fjhv88y0r2faq44ydxt1gpae07daz5fq006x7shj4za6j8jvjas2vqdg0tz16j827sw4nnw4w8pwe5mrdfm3yp036wk40bkhfwc12x77hd1a0e8semv1rwp3wb72vd7rpksdj22gnjfdcw82frpwket21qtcxxpmvf3jsd3v2cxsvjwr1750pek%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC0UWocewRYv28FKKhrAS1mIDYDZDhgYRctqjCivACwI23ARABIABglfrwgYwHggEXY2EtcHViLTI2OTc2Nzk1MTg1MTU4ODagAcKu6N0DyAEJqQKdKQweaf6yPuACAKgDAaoEowJP0LTAGp1eMAjeA7AxWk6Ldftu1E0u9r29_BTiBeCDaZbYErho4rF5pVW3kfCmZu7CI5UzL7nmaNrNAAjs7GOxHNez1DXpOJApSezLkQqukjm9iuFrdj2bQNMxYIozCN9N0E5qCbvxwidDuUykfNFDNiQvH6lok3SDxUr1UFheR56cXf2MDg8Y7Vql3AF3BphWFdsaX7MQinNQwBSB39pvrXLl8WNRqj2JoP89C-dD3zMiqJPIPT7MFwe9kuW7AxLK6mMv36zi77ZfBLulg8v5XbGycFMbm8askJCoodH9bG12ZXaB8sAUeXU954OV6hHxVB0EENqi4S3k6JX3ZmvUNfylHn09r23Vooprw44wLBoLOalImA-Uyu_3RfhowDPgSWHgBAGABvCxjeX2iL7sb6AGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_2srrs_Ri6zCxnrr-Jf6E0tw1sukw%252526client%25253Dca-pub-2697679518515886%252526adurl%25253D&y=1&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5c4855666e3ecdd01da9664d8da573fab1c6eac6fdc34492d8a111754e39b902

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-goog-hash
crc32c=DuGJng==, md5=RwAuGSlkHvNUgba84nxt2g==
date
Sun, 20 Feb 2022 07:23:30 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
219151
cf-polished
qual=85, origFmt=jpeg, origSize=27926
x-guploader-uploadid
ADPycdvdig-m7c3gn9ukPWRfs6rImTtEveLA_i08UEYrXetiLrS-4B6Bpm1FmkJKYaS30nQ_hD9pBcLatt15AiF9NRA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
9624
last-modified
Fri, 04 Dec 2020 11:16:28 GMT
server
cloudflare
etag
"47002e1929641ef35481b6bce27c6dda"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DGBYQF6ECOhyiwPO%2BxKw4PfwFavHpnFN3rrozEuuHINfr%2BMwHcAVOopwwhbF2KZZNffF46YI8PqNa1N55mqjWNh6LztURxsQ1eAn74aA3vX%2FE728vMZit0t%2FJUbm%2FXlWc2W0EasNkVE84beh"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1607080588818548
content-type
image/webp
expires
Mon, 21 Feb 2022 07:23:30 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
27926
accept-ranges
bytes
cf-ray
6e05fd6e3cc483af-MXP
cf-bgj
imgq:85,h2pri
FECCE304185C1438795F6CFAE6B9B1E43CAE4BEF881C07F340D064682278609596ABCD52DD6AC9BB2F361B9C4B020BB847724EC6671823EA7A116895AD4BEA2E
assets.ad4m.at/product_image/ Frame 5179 		283 KB
284 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/FECCE304185C1438795F6CFAE6B9B1E43CAE4BEF881C07F340D064682278609596ABCD52DD6AC9BB2F361B9C4B020BB847724EC6671823EA7A116895AD4BEA2E
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=177536%2C61651%2C175059&b=jEJhEfGfq9Z1TYHEH2t6t4e3QSZSzTRWc8gx%2Cg6mT8frfkpAGaPHbH8t5tzDPhmSQT7Ecdzq%2C6qxtef3fMQx3ueHmHYtkt9VZ6SYS1TqxTVYP&f=x2xsQfAfEJ8VTPHdHztDCmEX9u7S6TkEhVx6%2CBgMSgfPfMJpAaxH6H3tgC37KsjSeTVQSbqg%2CXJjuzfrfKkdJH6H4Het1Cw8APCQSkTK2tKP4&c=300&d=250&e=Zpz8aSoukkW_pyH7AsfO1rcmHMpMAN9i&g=f456c846e026287696fc94f0302a7029%2F12485168588469646935&i=69751%2C24905%2C65915&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach09_PRIVATKREDIT&r=1645341810795&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jjj57z5e3sjcfgxjs0nzsnk5z171k8cgydx4pbzq1mc6h0ch6dwr0vnghxrqnp69ay0ve39jhkkf5raqbqd3m1sz1r5mada8fjhv88y0r2faq44ydxt1gpae07daz5fq006x7shj4za6j8jvjas2vqdg0tz16j827sw4nnw4w8pwe5mrdfm3yp036wk40bkhfwc12x77hd1a0e8semv1rwp3wb72vd7rpksdj22gnjfdcw82frpwket21qtcxxpmvf3jsd3v2cxsvjwr1750pek%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC0UWocewRYv28FKKhrAS1mIDYDZDhgYRctqjCivACwI23ARABIABglfrwgYwHggEXY2EtcHViLTI2OTc2Nzk1MTg1MTU4ODagAcKu6N0DyAEJqQKdKQweaf6yPuACAKgDAaoEowJP0LTAGp1eMAjeA7AxWk6Ldftu1E0u9r29_BTiBeCDaZbYErho4rF5pVW3kfCmZu7CI5UzL7nmaNrNAAjs7GOxHNez1DXpOJApSezLkQqukjm9iuFrdj2bQNMxYIozCN9N0E5qCbvxwidDuUykfNFDNiQvH6lok3SDxUr1UFheR56cXf2MDg8Y7Vql3AF3BphWFdsaX7MQinNQwBSB39pvrXLl8WNRqj2JoP89C-dD3zMiqJPIPT7MFwe9kuW7AxLK6mMv36zi77ZfBLulg8v5XbGycFMbm8askJCoodH9bG12ZXaB8sAUeXU954OV6hHxVB0EENqi4S3k6JX3ZmvUNfylHn09r23Vooprw44wLBoLOalImA-Uyu_3RfhowDPgSWHgBAGABvCxjeX2iL7sb6AGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_2srrs_Ri6zCxnrr-Jf6E0tw1sukw%252526client%25253Dca-pub-2697679518515886%252526adurl%25253D&y=1&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8b06ee7322964225af9c5f879971180be48ef42bac3933c73bfe6c1ea4c0f699

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-goog-hash
crc32c=ilt+Ow==, md5=8j+5NXW+OS1SycKXxzIzaA==
date
Sun, 20 Feb 2022 07:23:30 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
214132
cf-polished
origFmt=png, origSize=446787
x-guploader-uploadid
ADPycduvW4260CKWj1L2mN-ql_pvCFrNgaYsM7AqWgUcf4CUygx1V7kR89orLD9t0UAoZsp0EsPEIAcdLCbaYjUhEDU
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
289896
last-modified
Fri, 04 Dec 2020 12:36:47 GMT
server
cloudflare
etag
"f23fb93575be392d52c9c297c7323368"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DRARc%2B07IPJ%2F2d%2BTffkRNPiA9md8Nq2gFDDtezA7aKwN%2BkRFdoSwRCCHm7cKhrL8Ol2neSCZyDbBGV4ZpR%2FRy4WO9BiSj8yTHNzMTnBbU9HCFi70qySzwrgg2olI4neLZ93gSRv736nuPUvj"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1607085407473969
content-type
image/webp
expires
Mon, 21 Feb 2022 07:23:30 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
446787
accept-ranges
bytes
cf-ray
6e05fd6e3cc283af-MXP
cf-bgj
imgq:85,h2pri
8ACEA085DE47168BC3AAC3C47A8B8DEB2E8DD7CEA70835DEFB72AF0448F14C189BDCEE37956A27F9FDA8FBE6963C13CB9B41505A1CFDBB71E5D20FB500AD4A1B
assets.ad4m.at/logo/ Frame 5179 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/8ACEA085DE47168BC3AAC3C47A8B8DEB2E8DD7CEA70835DEFB72AF0448F14C189BDCEE37956A27F9FDA8FBE6963C13CB9B41505A1CFDBB71E5D20FB500AD4A1B
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=177536%2C61651%2C175059&b=jEJhEfGfq9Z1TYHEH2t6t4e3QSZSzTRWc8gx%2Cg6mT8frfkpAGaPHbH8t5tzDPhmSQT7Ecdzq%2C6qxtef3fMQx3ueHmHYtkt9VZ6SYS1TqxTVYP&f=x2xsQfAfEJ8VTPHdHztDCmEX9u7S6TkEhVx6%2CBgMSgfPfMJpAaxH6H3tgC37KsjSeTVQSbqg%2CXJjuzfrfKkdJH6H4Het1Cw8APCQSkTK2tKP4&c=300&d=250&e=Zpz8aSoukkW_pyH7AsfO1rcmHMpMAN9i&g=f456c846e026287696fc94f0302a7029%2F12485168588469646935&i=69751%2C24905%2C65915&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach09_PRIVATKREDIT&r=1645341810795&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jjj57z5e3sjcfgxjs0nzsnk5z171k8cgydx4pbzq1mc6h0ch6dwr0vnghxrqnp69ay0ve39jhkkf5raqbqd3m1sz1r5mada8fjhv88y0r2faq44ydxt1gpae07daz5fq006x7shj4za6j8jvjas2vqdg0tz16j827sw4nnw4w8pwe5mrdfm3yp036wk40bkhfwc12x77hd1a0e8semv1rwp3wb72vd7rpksdj22gnjfdcw82frpwket21qtcxxpmvf3jsd3v2cxsvjwr1750pek%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC0UWocewRYv28FKKhrAS1mIDYDZDhgYRctqjCivACwI23ARABIABglfrwgYwHggEXY2EtcHViLTI2OTc2Nzk1MTg1MTU4ODagAcKu6N0DyAEJqQKdKQweaf6yPuACAKgDAaoEowJP0LTAGp1eMAjeA7AxWk6Ldftu1E0u9r29_BTiBeCDaZbYErho4rF5pVW3kfCmZu7CI5UzL7nmaNrNAAjs7GOxHNez1DXpOJApSezLkQqukjm9iuFrdj2bQNMxYIozCN9N0E5qCbvxwidDuUykfNFDNiQvH6lok3SDxUr1UFheR56cXf2MDg8Y7Vql3AF3BphWFdsaX7MQinNQwBSB39pvrXLl8WNRqj2JoP89C-dD3zMiqJPIPT7MFwe9kuW7AxLK6mMv36zi77ZfBLulg8v5XbGycFMbm8askJCoodH9bG12ZXaB8sAUeXU954OV6hHxVB0EENqi4S3k6JX3ZmvUNfylHn09r23Vooprw44wLBoLOalImA-Uyu_3RfhowDPgSWHgBAGABvCxjeX2iL7sb6AGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_2srrs_Ri6zCxnrr-Jf6E0tw1sukw%252526client%25253Dca-pub-2697679518515886%252526adurl%25253D&y=1&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
98d3b0771f331f89f38b2c9d2d2d56fab4d0aefdb23654e95b866c2fe34eee5c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-goog-hash
crc32c=Oq+4tw==, md5=MJMeBDM1s90ND/HHlRs1qg==
date
Sun, 20 Feb 2022 07:23:30 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2098466
cf-polished
origFmt=png, origSize=25571
x-guploader-uploadid
ADPycdst2K6ezniatYEwpIltbb3gRT0tZyTkz45ubY-oFbD0N43ZtEfRNzYJT6XT1oTZCVm2HEMlQFlz0eHvtuJJAAH-SOKrFA
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
12692
last-modified
Wed, 24 Nov 2021 09:43:24 GMT
server
cloudflare
etag
"30931e043335b3dd0d0ff1c7951b35aa"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NnTx9ocX1lys%2FxDUATCg2KZzHJXjPx01yGi29qBdg5ztQt7FrjM1BwXp9Gf3uQaYd0jlnuHzeNLrDgfWH6QqTy%2FR%2BOuVJWAf%2BRVj3MDi7KFgcOSa8dn%2FP1%2BBsHFLnQ%2BNARfyAt%2B%2FOE6gH3fU"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1637747004833576
content-type
image/webp
expires
Mon, 21 Feb 2022 07:23:30 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
25571
accept-ranges
bytes
cf-ray
6e05fd6e3cc883af-MXP
cf-bgj
imgq:85,h2pri
FA17681A6192409492FC88577DB758F16025B285041C611EA8A28F2F19F7BBE2A120537A90DE45EBC787CDBDE772E1A4D462E5ECF4254EC171D041A3CF37EB6E
assets.ad4m.at/product_image/ Frame 5179 		318 KB
319 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/FA17681A6192409492FC88577DB758F16025B285041C611EA8A28F2F19F7BBE2A120537A90DE45EBC787CDBDE772E1A4D462E5ECF4254EC171D041A3CF37EB6E
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=177536%2C61651%2C175059&b=jEJhEfGfq9Z1TYHEH2t6t4e3QSZSzTRWc8gx%2Cg6mT8frfkpAGaPHbH8t5tzDPhmSQT7Ecdzq%2C6qxtef3fMQx3ueHmHYtkt9VZ6SYS1TqxTVYP&f=x2xsQfAfEJ8VTPHdHztDCmEX9u7S6TkEhVx6%2CBgMSgfPfMJpAaxH6H3tgC37KsjSeTVQSbqg%2CXJjuzfrfKkdJH6H4Het1Cw8APCQSkTK2tKP4&c=300&d=250&e=Zpz8aSoukkW_pyH7AsfO1rcmHMpMAN9i&g=f456c846e026287696fc94f0302a7029%2F12485168588469646935&i=69751%2C24905%2C65915&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach09_PRIVATKREDIT&r=1645341810795&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jjj57z5e3sjcfgxjs0nzsnk5z171k8cgydx4pbzq1mc6h0ch6dwr0vnghxrqnp69ay0ve39jhkkf5raqbqd3m1sz1r5mada8fjhv88y0r2faq44ydxt1gpae07daz5fq006x7shj4za6j8jvjas2vqdg0tz16j827sw4nnw4w8pwe5mrdfm3yp036wk40bkhfwc12x77hd1a0e8semv1rwp3wb72vd7rpksdj22gnjfdcw82frpwket21qtcxxpmvf3jsd3v2cxsvjwr1750pek%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC0UWocewRYv28FKKhrAS1mIDYDZDhgYRctqjCivACwI23ARABIABglfrwgYwHggEXY2EtcHViLTI2OTc2Nzk1MTg1MTU4ODagAcKu6N0DyAEJqQKdKQweaf6yPuACAKgDAaoEowJP0LTAGp1eMAjeA7AxWk6Ldftu1E0u9r29_BTiBeCDaZbYErho4rF5pVW3kfCmZu7CI5UzL7nmaNrNAAjs7GOxHNez1DXpOJApSezLkQqukjm9iuFrdj2bQNMxYIozCN9N0E5qCbvxwidDuUykfNFDNiQvH6lok3SDxUr1UFheR56cXf2MDg8Y7Vql3AF3BphWFdsaX7MQinNQwBSB39pvrXLl8WNRqj2JoP89C-dD3zMiqJPIPT7MFwe9kuW7AxLK6mMv36zi77ZfBLulg8v5XbGycFMbm8askJCoodH9bG12ZXaB8sAUeXU954OV6hHxVB0EENqi4S3k6JX3ZmvUNfylHn09r23Vooprw44wLBoLOalImA-Uyu_3RfhowDPgSWHgBAGABvCxjeX2iL7sb6AGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_2srrs_Ri6zCxnrr-Jf6E0tw1sukw%252526client%25253Dca-pub-2697679518515886%252526adurl%25253D&y=1&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c17f8a8ed2749178d868d47dccf3d190d7a7e9f1480e759356cf06cae595199f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-goog-hash
crc32c=eL6JSg==, md5=CWAPJ36Ypz+RsdxnhbHr5Q==
date
Sun, 20 Feb 2022 07:23:30 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
155259
cf-polished
origFmt=png, origSize=546905
x-guploader-uploadid
ADPycduc4rMAjVzpsU_wIiobub2HlSFZebtNM-EfLYCHr4NQ0jasL9tft7AyooHdwUd8_nlaW_TiIbvlRnrARBsvHw4
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
325586
last-modified
Wed, 01 Dec 2021 07:47:23 GMT
server
cloudflare
etag
"09600f277e98a73f91b1dc6785b1ebe5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1xOacRY3EwY2Y40vDA%2FVcEbRGCKSQeyUgUiaNG63coJqJs8upkpMc%2FWE6FjIZAdqsST4oYRLCxhSZkcCzMGO3eecgp8tRF5FI3zsxTqeHMFgYOPpmD4Q5tDezcrT39zXexBZp3TRx7pzA4te"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1638344843671814
content-type
image/webp
expires
Mon, 21 Feb 2022 07:23:30 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
546905
accept-ranges
bytes
cf-ray
6e05fd6e3cc583af-MXP
cf-bgj
imgq:85,h2pri
link.html
track.webgains.com/ Frame CCEC 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.webgains.com/link.html?wglinkid=713569&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1hb8jxrrjgbbbr2zazdnv4jghv0dqrx9z789wxr46v0afhspgbqv5p7j6d2av9n22q7fk4nm6qwhasyza5q2mz5a1efnczxcswsq20hssyqsr4k584x3x8az3dq15tc9ysxtfcyawdbn4hga8c5x889e71v2azw594m66qddyexb2hk5adtgpp80wv6r7kfccra6fcc4xexd0j4r0mkyfjnjg2ytwy09p04e4tbsa58hq3ve10tzegdfvekxcmsmrm7cmps8np6xk2vpedtz7mnf4pmnhr83rtqxpb8rsdfvrcx4jp97w%26a%3D&clickref=oneidP6rTBfbfRbzh9HjHbtgCPzEHJS9TMYH73Aoneid__asuidZpz8aSoukkW_pyH7AsfO1rcmHMpMAN9iasuid__suite_Netmix_Reach09_PRIVATKREDIT&viewref=oneidrW4FQf9fd3jTAH7HjtqtBwxuYS8TxmhX4Roneid__asuidZpz8aSoukkW_pyH7AsfO1rcmHMpMAN9iasuid__suite_Netmix_Reach09_PRIVATKREDIT
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15579%2C14044%2C24673&b=RA2hgfQfD4pTkHwH3tQtJgDS9SzTqxTG9x%2CeYET3fVfxBVcjHZHet1teW3swSQT81s7Ew%2CrW4FQf9fd3jTAH7HjtqtBwxuYS8TxmhX4R&f=QM4U4fjf4gRHxH5HYt9CXkWc6S4TqjTj9Y%2CDXEH3fwfbqPS3HmH9twCwAmFxSmT8jsRQE%2CP6rTBfbfRbzh9HjHbtgCPzEHJS9TMYH73A&c=728&d=90&e=Zpz8aSoukkW_pyH7AsfO1rcmHMpMAN9i&g=4270ac2e58bc27e735c845527c0fd0d6%2F16158092447222966745&i=26474%2C25007%2C20430&j=41%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach09_PRIVATKREDIT&r=1645341810790&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1g3za2m7svrm918csnxtczcqpqx7ef43twzbsbnkyg9xcdgnebe65r3yexn5esybksftr51ajtrqsg4yrc4s25dbdb7q7hx9bbvgs2f8z0191hs95c54pr7m1pbsadp3hqzaymp6jwxyqg53134gy0ekhkke3n13bww3z2dg1t3ce2ktbrja7ya69jcscf1kcdvh2e2yh966rzybxk9g2113r8d693jdzfzmdjdmjsj21cyq070q2bt9a4mtzspp99n0n2jq6p4bypg5f7tmntmp%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCtacfcewRYvavFJGtrASy078okOGBhFy2qMKK8ALAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItMjY5NzY3OTUxODUxNTg4NqABwq7o3QPIAQmpAp0pDB5p_rI-4AIAqAMBqgSeAk_QczSlLdcBlsF-mkzUz9sJadjP1bbZMu-SJiErm0Ekgcgx7gaf_JiipaxC40u6fGOCL7osbGiUwxFGo-mcNGQ0u3Xaj4a7NKeEB9vY7GAF9v20gaOQa1uzod7i4UUB-1SUJEGMqLyEklKC_NYToma5WnT9C--MsaTMvAFr0TsazeJDxEzpz6hED3hj-pwKaEQN6qJx0eJVI0TWPligNQipOvff4z9c62asDrYDe5MDEF8qMpE7m8zj6Ykl3NT0osUtZoeWE2U20SkLYfsNzcm--EkqGrqOu6Jx23g8ZFn3qoWmm9T99EihGo99LBZ8zPDP038kIe8BfTEhTw2uerl04Tj0QtuqfV7NMUuuwOHD_iuuxsS_aozvQ7AlWozgBAGABpmr2p2-gM3fP6AGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_0KhLFFwm7eYzkBLWJ74jgP9N0K9w%252526client%25253Dca-pub-2697679518515886%252526adurl%25253D&y=1&z=0
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
46.236.13.147 , United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS
46-236-13-147.servers.dedipower.net
Software
Apache /
Resource Hash
53c8822cdfa15aad566072d1b55cfd702583f3db48878092d806353e0f314c1a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 20 Feb 2022 07:23:31 GMT
Last-Modified
Sun, 20 Feb 2022 07:23:31 GMT
Server
Apache
P3P
policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache
hit
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
close
Content-Type
text/html;charset=utf-8
Content-Length
1474
Expires
Mon, 26 Jul 1997 05:00:00 GMT
link.html
track.webgains.com/ Frame 5179 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.webgains.com/link.html?wglinkid=3843981&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1gr1yh284gxw3x6v6qyzae4k16jmt4sb4p00qts2j2q5fd6dpyf7b55m539sk56jyegr1b3crwkv3qxgq76bpx25xvsz6dr6n3wtymr62ybk8h107gnv6zns9kxv3c0mberj6nv7qxmbrn4he75448fmt1kx8qv84dbdnpyf7rt4yk1d69fd2h7b9qznbssvs71y9r0d8tzczr7s1zj5zw71qs9qcxbfxnsqv7jvwskckbpzgxc3eh16jmpv8y27nsteycg4dd892rgeb9r6bs2b42php9r4rdwjz3gmv9hnq9vmzqnzet0%26a%3D&clickref=oneidx2xsQfAfEJ8VTPHdHztDCmEX9u7S6TkEhVx6oneid__asuidZpz8aSoukkW_pyH7AsfO1rcmHMpMAN9iasuid__suite_Netmix_Reach09_PRIVATKREDIT&viewref=oneidjEJhEfGfq9Z1TYHEH2t6t4e3QSZSzTRWc8gxoneid__asuidZpz8aSoukkW_pyH7AsfO1rcmHMpMAN9iasuid__suite_Netmix_Reach09_PRIVATKREDIT
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=177536%2C61651%2C175059&b=jEJhEfGfq9Z1TYHEH2t6t4e3QSZSzTRWc8gx%2Cg6mT8frfkpAGaPHbH8t5tzDPhmSQT7Ecdzq%2C6qxtef3fMQx3ueHmHYtkt9VZ6SYS1TqxTVYP&f=x2xsQfAfEJ8VTPHdHztDCmEX9u7S6TkEhVx6%2CBgMSgfPfMJpAaxH6H3tgC37KsjSeTVQSbqg%2CXJjuzfrfKkdJH6H4Het1Cw8APCQSkTK2tKP4&c=300&d=250&e=Zpz8aSoukkW_pyH7AsfO1rcmHMpMAN9i&g=f456c846e026287696fc94f0302a7029%2F12485168588469646935&i=69751%2C24905%2C65915&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach09_PRIVATKREDIT&r=1645341810795&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jjj57z5e3sjcfgxjs0nzsnk5z171k8cgydx4pbzq1mc6h0ch6dwr0vnghxrqnp69ay0ve39jhkkf5raqbqd3m1sz1r5mada8fjhv88y0r2faq44ydxt1gpae07daz5fq006x7shj4za6j8jvjas2vqdg0tz16j827sw4nnw4w8pwe5mrdfm3yp036wk40bkhfwc12x77hd1a0e8semv1rwp3wb72vd7rpksdj22gnjfdcw82frpwket21qtcxxpmvf3jsd3v2cxsvjwr1750pek%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC0UWocewRYv28FKKhrAS1mIDYDZDhgYRctqjCivACwI23ARABIABglfrwgYwHggEXY2EtcHViLTI2OTc2Nzk1MTg1MTU4ODagAcKu6N0DyAEJqQKdKQweaf6yPuACAKgDAaoEowJP0LTAGp1eMAjeA7AxWk6Ldftu1E0u9r29_BTiBeCDaZbYErho4rF5pVW3kfCmZu7CI5UzL7nmaNrNAAjs7GOxHNez1DXpOJApSezLkQqukjm9iuFrdj2bQNMxYIozCN9N0E5qCbvxwidDuUykfNFDNiQvH6lok3SDxUr1UFheR56cXf2MDg8Y7Vql3AF3BphWFdsaX7MQinNQwBSB39pvrXLl8WNRqj2JoP89C-dD3zMiqJPIPT7MFwe9kuW7AxLK6mMv36zi77ZfBLulg8v5XbGycFMbm8askJCoodH9bG12ZXaB8sAUeXU954OV6hHxVB0EENqi4S3k6JX3ZmvUNfylHn09r23Vooprw44wLBoLOalImA-Uyu_3RfhowDPgSWHgBAGABvCxjeX2iL7sb6AGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_2srrs_Ri6zCxnrr-Jf6E0tw1sukw%252526client%25253Dca-pub-2697679518515886%252526adurl%25253D&y=1&z=0
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
46.236.13.147 , United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS
46-236-13-147.servers.dedipower.net
Software
Apache /
Resource Hash
2c131c2ddd72cec81c69eef0b974aaf815551ce3f8ed54bdbbbd6c4fa763f20c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 20 Feb 2022 07:23:31 GMT
Last-Modified
Sun, 20 Feb 2022 07:23:31 GMT
Server
Apache
P3P
policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache
hit
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
close
Content-Type
text/html;charset=utf-8
Content-Length
1466
Expires
Mon, 26 Jul 1997 05:00:00 GMT
link.html
track.webgains.com/ Frame 5179 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.webgains.com/link.html?wglinkid=3354045&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1gpbmj51yd00ev1rnjy307mf4yqnt647ev0bhr91v3p7ketyj1zvex5rcc8q8ffe5xftmf0nek34nhtrxbg5mwyvpadt29d92w2zbcshvsz0chkq3mk0vdtbebvptpywryzc17pznb36pvv8gpt5ck9gpkb1xmy7qy10swkada602cfhn7sxs06xj7h6kmn012xcfwkpwasyh8kfjq8ghy7kv21qms8fj8y20g7c6z309g5dtpyshaewjpp1yhjj55rcr7j9qydaxn62szmrcbtkb03qzj03g078tdvd3er51q4v189m4%26a%3D&clickref=oneidBgMSgfPfMJpAaxH6H3tgC37KsjSeTVQSbqgoneid__asuidZpz8aSoukkW_pyH7AsfO1rcmHMpMAN9iasuid__suite_Netmix_Reach09_PRIVATKREDIT&viewref=oneidg6mT8frfkpAGaPHbH8t5tzDPhmSQT7Ecdzqoneid__asuidZpz8aSoukkW_pyH7AsfO1rcmHMpMAN9iasuid__suite_Netmix_Reach09_PRIVATKREDIT
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=177536%2C61651%2C175059&b=jEJhEfGfq9Z1TYHEH2t6t4e3QSZSzTRWc8gx%2Cg6mT8frfkpAGaPHbH8t5tzDPhmSQT7Ecdzq%2C6qxtef3fMQx3ueHmHYtkt9VZ6SYS1TqxTVYP&f=x2xsQfAfEJ8VTPHdHztDCmEX9u7S6TkEhVx6%2CBgMSgfPfMJpAaxH6H3tgC37KsjSeTVQSbqg%2CXJjuzfrfKkdJH6H4Het1Cw8APCQSkTK2tKP4&c=300&d=250&e=Zpz8aSoukkW_pyH7AsfO1rcmHMpMAN9i&g=f456c846e026287696fc94f0302a7029%2F12485168588469646935&i=69751%2C24905%2C65915&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach09_PRIVATKREDIT&r=1645341810795&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jjj57z5e3sjcfgxjs0nzsnk5z171k8cgydx4pbzq1mc6h0ch6dwr0vnghxrqnp69ay0ve39jhkkf5raqbqd3m1sz1r5mada8fjhv88y0r2faq44ydxt1gpae07daz5fq006x7shj4za6j8jvjas2vqdg0tz16j827sw4nnw4w8pwe5mrdfm3yp036wk40bkhfwc12x77hd1a0e8semv1rwp3wb72vd7rpksdj22gnjfdcw82frpwket21qtcxxpmvf3jsd3v2cxsvjwr1750pek%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC0UWocewRYv28FKKhrAS1mIDYDZDhgYRctqjCivACwI23ARABIABglfrwgYwHggEXY2EtcHViLTI2OTc2Nzk1MTg1MTU4ODagAcKu6N0DyAEJqQKdKQweaf6yPuACAKgDAaoEowJP0LTAGp1eMAjeA7AxWk6Ldftu1E0u9r29_BTiBeCDaZbYErho4rF5pVW3kfCmZu7CI5UzL7nmaNrNAAjs7GOxHNez1DXpOJApSezLkQqukjm9iuFrdj2bQNMxYIozCN9N0E5qCbvxwidDuUykfNFDNiQvH6lok3SDxUr1UFheR56cXf2MDg8Y7Vql3AF3BphWFdsaX7MQinNQwBSB39pvrXLl8WNRqj2JoP89C-dD3zMiqJPIPT7MFwe9kuW7AxLK6mMv36zi77ZfBLulg8v5XbGycFMbm8askJCoodH9bG12ZXaB8sAUeXU954OV6hHxVB0EENqi4S3k6JX3ZmvUNfylHn09r23Vooprw44wLBoLOalImA-Uyu_3RfhowDPgSWHgBAGABvCxjeX2iL7sb6AGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_2srrs_Ri6zCxnrr-Jf6E0tw1sukw%252526client%25253Dca-pub-2697679518515886%252526adurl%25253D&y=1&z=0
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
46.236.13.147 , United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS
46-236-13-147.servers.dedipower.net
Software
Apache /
Resource Hash
5b5188bc80403f23520a2665d8a974c62e629cd0aaeb0e50c8518dbfbca7c2d9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 20 Feb 2022 07:23:31 GMT
Last-Modified
Sun, 20 Feb 2022 07:23:31 GMT
Server
Apache
P3P
policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache
hit
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
close
Content-Type
text/html;charset=utf-8
Content-Length
1367
Expires
Mon, 26 Jul 1997 05:00:00 GMT
link.html
track.webgains.com/ Frame 5179 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.webgains.com/link.html?wglinkid=3756941&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1jqg414djyh6shw05nhzfgnmyp4twecbdvjkb5h36h8epmdr2h3gvtwcnrbpr2p1krbz2ccppxrpssevb6wqhte9hhw9j3d4kt1qa6a121p3m3vzc6ywk2qtekbkae36czzjnyhya1tzb73h9g0ethk445r2eabn1346xyq1r85vc394mwyfm0gk32hr5z9ahe4y4d6fj2de10fn77e9qxyfnm2w9bd5f64b9r7k1yc38nte9gg5kgeft97fmqqqcrxkgr7vs54vs5sncxkhh5y4xqsdkfqqa2f3xzyt80nd2nc0ejq0b10%26a%3D&clickref=oneidXJjuzfrfKkdJH6H4Het1Cw8APCQSkTK2tKP4oneid__asuidZpz8aSoukkW_pyH7AsfO1rcmHMpMAN9iasuid__suite_Netmix_Reach09_PRIVATKREDIT&viewref=oneid6qxtef3fMQx3ueHmHYtkt9VZ6SYS1TqxTVYPoneid__asuidZpz8aSoukkW_pyH7AsfO1rcmHMpMAN9iasuid__suite_Netmix_Reach09_PRIVATKREDIT
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=177536%2C61651%2C175059&b=jEJhEfGfq9Z1TYHEH2t6t4e3QSZSzTRWc8gx%2Cg6mT8frfkpAGaPHbH8t5tzDPhmSQT7Ecdzq%2C6qxtef3fMQx3ueHmHYtkt9VZ6SYS1TqxTVYP&f=x2xsQfAfEJ8VTPHdHztDCmEX9u7S6TkEhVx6%2CBgMSgfPfMJpAaxH6H3tgC37KsjSeTVQSbqg%2CXJjuzfrfKkdJH6H4Het1Cw8APCQSkTK2tKP4&c=300&d=250&e=Zpz8aSoukkW_pyH7AsfO1rcmHMpMAN9i&g=f456c846e026287696fc94f0302a7029%2F12485168588469646935&i=69751%2C24905%2C65915&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach09_PRIVATKREDIT&r=1645341810795&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jjj57z5e3sjcfgxjs0nzsnk5z171k8cgydx4pbzq1mc6h0ch6dwr0vnghxrqnp69ay0ve39jhkkf5raqbqd3m1sz1r5mada8fjhv88y0r2faq44ydxt1gpae07daz5fq006x7shj4za6j8jvjas2vqdg0tz16j827sw4nnw4w8pwe5mrdfm3yp036wk40bkhfwc12x77hd1a0e8semv1rwp3wb72vd7rpksdj22gnjfdcw82frpwket21qtcxxpmvf3jsd3v2cxsvjwr1750pek%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC0UWocewRYv28FKKhrAS1mIDYDZDhgYRctqjCivACwI23ARABIABglfrwgYwHggEXY2EtcHViLTI2OTc2Nzk1MTg1MTU4ODagAcKu6N0DyAEJqQKdKQweaf6yPuACAKgDAaoEowJP0LTAGp1eMAjeA7AxWk6Ldftu1E0u9r29_BTiBeCDaZbYErho4rF5pVW3kfCmZu7CI5UzL7nmaNrNAAjs7GOxHNez1DXpOJApSezLkQqukjm9iuFrdj2bQNMxYIozCN9N0E5qCbvxwidDuUykfNFDNiQvH6lok3SDxUr1UFheR56cXf2MDg8Y7Vql3AF3BphWFdsaX7MQinNQwBSB39pvrXLl8WNRqj2JoP89C-dD3zMiqJPIPT7MFwe9kuW7AxLK6mMv36zi77ZfBLulg8v5XbGycFMbm8askJCoodH9bG12ZXaB8sAUeXU954OV6hHxVB0EENqi4S3k6JX3ZmvUNfylHn09r23Vooprw44wLBoLOalImA-Uyu_3RfhowDPgSWHgBAGABvCxjeX2iL7sb6AGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_2srrs_Ri6zCxnrr-Jf6E0tw1sukw%252526client%25253Dca-pub-2697679518515886%252526adurl%25253D&y=1&z=0
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
46.236.13.147 , United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS
46-236-13-147.servers.dedipower.net
Software
Apache /
Resource Hash
a565b66c4a94275e00ed1aa38207333640f336ad1aea305593ab85728005d055

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 20 Feb 2022 07:23:31 GMT
Last-Modified
Sun, 20 Feb 2022 07:23:31 GMT
Server
Apache
P3P
policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache
hit
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
close
Content-Type
text/html;charset=utf-8
Content-Length
1443
Expires
Mon, 26 Jul 1997 05:00:00 GMT
pvClk.min.js
analytics.webgains.io/ Frame 5179 		51 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.webgains.io/pvClk.min.js
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=3756941&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1jqg414djyh6shw05nhzfgnmyp4twecbdvjkb5h36h8epmdr2h3gvtwcnrbpr2p1krbz2ccppxrpssevb6wqhte9hhw9j3d4kt1qa6a121p3m3vzc6ywk2qtekbkae36czzjnyhya1tzb73h9g0ethk445r2eabn1346xyq1r85vc394mwyfm0gk32hr5z9ahe4y4d6fj2de10fn77e9qxyfnm2w9bd5f64b9r7k1yc38nte9gg5kgeft97fmqqqcrxkgr7vs54vs5sncxkhh5y4xqsdkfqqa2f3xzyt80nd2nc0ejq0b10%26a%3D&clickref=oneidXJjuzfrfKkdJH6H4Het1Cw8APCQSkTK2tKP4oneid__asuidZpz8aSoukkW_pyH7AsfO1rcmHMpMAN9iasuid__suite_Netmix_Reach09_PRIVATKREDIT&viewref=oneid6qxtef3fMQx3ueHmHYtkt9VZ6SYS1TqxTVYPoneid__asuidZpz8aSoukkW_pyH7AsfO1rcmHMpMAN9iasuid__suite_Netmix_Reach09_PRIVATKREDIT
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-33.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c6ce2b47cde7cf913a3c34ddce355fa9c75012577dd34c35928add8676cb7fa0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id
wvDglZsFnxZ0eZ1mUErJkFMo1VNidWYJ
via
1.1 c90147ea5199ff7ce77981c8da4247c4.cloudfront.net (CloudFront)
last-modified
Tue, 09 Nov 2021 11:05:10 GMT
server
AmazonS3
age
4058
etag
"ec0ced40cbb5211db06b8a36f209e442"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Sun, 20 Feb 2022 06:15:54 GMT
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
content-length
51794
x-amz-cf-id
bVn4D5NagzcxIp5jbPuXE2YrPb0yZgfD2N0AYkrOeexg5j5P9GAf8Q==
link.html
track.webgains.com/ Frame 5179 		194 KB
194 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.webgains.com/link.html?wgcampaignid=1384975&viewref=oneid8gMfDf8fRkJbSkCJHEtxteA3zHGSwTkckoneid__asuidpD1oYRK3kh6QgM4XJmxL4nDSa9PnOkJKasuid__adf_Netmix_Reach10_Mweb&wglinkid=3756941
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=177536%2C61651%2C175059&b=jEJhEfGfq9Z1TYHEH2t6t4e3QSZSzTRWc8gx%2Cg6mT8frfkpAGaPHbH8t5tzDPhmSQT7Ecdzq%2C6qxtef3fMQx3ueHmHYtkt9VZ6SYS1TqxTVYP&f=x2xsQfAfEJ8VTPHdHztDCmEX9u7S6TkEhVx6%2CBgMSgfPfMJpAaxH6H3tgC37KsjSeTVQSbqg%2CXJjuzfrfKkdJH6H4Het1Cw8APCQSkTK2tKP4&c=300&d=250&e=Zpz8aSoukkW_pyH7AsfO1rcmHMpMAN9i&g=f456c846e026287696fc94f0302a7029%2F12485168588469646935&i=69751%2C24905%2C65915&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach09_PRIVATKREDIT&r=1645341810795&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jjj57z5e3sjcfgxjs0nzsnk5z171k8cgydx4pbzq1mc6h0ch6dwr0vnghxrqnp69ay0ve39jhkkf5raqbqd3m1sz1r5mada8fjhv88y0r2faq44ydxt1gpae07daz5fq006x7shj4za6j8jvjas2vqdg0tz16j827sw4nnw4w8pwe5mrdfm3yp036wk40bkhfwc12x77hd1a0e8semv1rwp3wb72vd7rpksdj22gnjfdcw82frpwket21qtcxxpmvf3jsd3v2cxsvjwr1750pek%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC0UWocewRYv28FKKhrAS1mIDYDZDhgYRctqjCivACwI23ARABIABglfrwgYwHggEXY2EtcHViLTI2OTc2Nzk1MTg1MTU4ODagAcKu6N0DyAEJqQKdKQweaf6yPuACAKgDAaoEowJP0LTAGp1eMAjeA7AxWk6Ldftu1E0u9r29_BTiBeCDaZbYErho4rF5pVW3kfCmZu7CI5UzL7nmaNrNAAjs7GOxHNez1DXpOJApSezLkQqukjm9iuFrdj2bQNMxYIozCN9N0E5qCbvxwidDuUykfNFDNiQvH6lok3SDxUr1UFheR56cXf2MDg8Y7Vql3AF3BphWFdsaX7MQinNQwBSB39pvrXLl8WNRqj2JoP89C-dD3zMiqJPIPT7MFwe9kuW7AxLK6mMv36zi77ZfBLulg8v5XbGycFMbm8askJCoodH9bG12ZXaB8sAUeXU954OV6hHxVB0EENqi4S3k6JX3ZmvUNfylHn09r23Vooprw44wLBoLOalImA-Uyu_3RfhowDPgSWHgBAGABvCxjeX2iL7sb6AGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_2srrs_Ri6zCxnrr-Jf6E0tw1sukw%252526client%25253Dca-pub-2697679518515886%252526adurl%25253D&y=1&z=0
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
46.236.13.147 , United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS
46-236-13-147.servers.dedipower.net
Software
Apache /
Resource Hash
2a80ee1043487569f505922244e1492b20a4d8ef92cc5994f346bf7a202d6794

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 20 Feb 2022 07:23:31 GMT
Last-Modified
Sun, 20 Feb 2022 07:23:31 GMT
Server
Apache
Transfer-Encoding
chunked
P3P
policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache
hit
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
close
Content-Type
image/gif
Expires
Mon, 26 Jul 1997 05:00:00 GMT
link.html
track.webgains.com/ Frame 5179 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.webgains.com/link.html?wgcampaignid=1384975&viewref=oneidRG3CgfQfGrKqhrCwH3tQtw824C9SzTE8a15oneid__asuidKLFgdUB30n0GqK5BLu8H_KVlbw0aewF6asuid__suite_Netmix_Reach14_Mweb_AKTION&wglinkid=3843981
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=177536%2C61651%2C175059&b=jEJhEfGfq9Z1TYHEH2t6t4e3QSZSzTRWc8gx%2Cg6mT8frfkpAGaPHbH8t5tzDPhmSQT7Ecdzq%2C6qxtef3fMQx3ueHmHYtkt9VZ6SYS1TqxTVYP&f=x2xsQfAfEJ8VTPHdHztDCmEX9u7S6TkEhVx6%2CBgMSgfPfMJpAaxH6H3tgC37KsjSeTVQSbqg%2CXJjuzfrfKkdJH6H4Het1Cw8APCQSkTK2tKP4&c=300&d=250&e=Zpz8aSoukkW_pyH7AsfO1rcmHMpMAN9i&g=f456c846e026287696fc94f0302a7029%2F12485168588469646935&i=69751%2C24905%2C65915&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach09_PRIVATKREDIT&r=1645341810795&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jjj57z5e3sjcfgxjs0nzsnk5z171k8cgydx4pbzq1mc6h0ch6dwr0vnghxrqnp69ay0ve39jhkkf5raqbqd3m1sz1r5mada8fjhv88y0r2faq44ydxt1gpae07daz5fq006x7shj4za6j8jvjas2vqdg0tz16j827sw4nnw4w8pwe5mrdfm3yp036wk40bkhfwc12x77hd1a0e8semv1rwp3wb72vd7rpksdj22gnjfdcw82frpwket21qtcxxpmvf3jsd3v2cxsvjwr1750pek%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC0UWocewRYv28FKKhrAS1mIDYDZDhgYRctqjCivACwI23ARABIABglfrwgYwHggEXY2EtcHViLTI2OTc2Nzk1MTg1MTU4ODagAcKu6N0DyAEJqQKdKQweaf6yPuACAKgDAaoEowJP0LTAGp1eMAjeA7AxWk6Ldftu1E0u9r29_BTiBeCDaZbYErho4rF5pVW3kfCmZu7CI5UzL7nmaNrNAAjs7GOxHNez1DXpOJApSezLkQqukjm9iuFrdj2bQNMxYIozCN9N0E5qCbvxwidDuUykfNFDNiQvH6lok3SDxUr1UFheR56cXf2MDg8Y7Vql3AF3BphWFdsaX7MQinNQwBSB39pvrXLl8WNRqj2JoP89C-dD3zMiqJPIPT7MFwe9kuW7AxLK6mMv36zi77ZfBLulg8v5XbGycFMbm8askJCoodH9bG12ZXaB8sAUeXU954OV6hHxVB0EENqi4S3k6JX3ZmvUNfylHn09r23Vooprw44wLBoLOalImA-Uyu_3RfhowDPgSWHgBAGABvCxjeX2iL7sb6AGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_2srrs_Ri6zCxnrr-Jf6E0tw1sukw%252526client%25253Dca-pub-2697679518515886%252526adurl%25253D&y=1&z=0
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
46.236.13.147 , United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS
46-236-13-147.servers.dedipower.net
Software
Apache /
Resource Hash
c23104a7a6c8ab6192ffebf74a7e671078656837b4f7d99c5a6260fd6f1e515d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 20 Feb 2022 07:23:31 GMT
Last-Modified
Sun, 20 Feb 2022 07:23:31 GMT
Server
Apache
P3P
policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache
hit
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
close
Content-Type
image/jpeg
Content-Length
2225
Expires
Mon, 26 Jul 1997 05:00:00 GMT
container.html
05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame DAAB 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gptprebidnative/202202161834/wrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Sun, 20 Feb 2022 07:23:29 GMT
expires
Mon, 20 Feb 2023 07:23:29 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
content-type
text/html
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
container.html
05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 0F0A 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gptprebidnative/202202161834/wrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Sun, 20 Feb 2022 07:23:29 GMT
expires
Mon, 20 Feb 2023 07:23:29 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
content-type
text/html
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
d3plfjw9uod7ab.cloudfront.net/ad/ Frame 8544 		94 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3plfjw9uod7ab.cloudfront.net/ad/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:da00:13:a391:88c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b82b3b26f73cec97530fe064182ec7fad83a326a45ba746d58d69bd4de4b04e5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id
NoC6YGt5eCR14CGF_CePZnGYd_hZgCkD
content-encoding
br
last-modified
Thu, 17 Feb 2022 17:56:17 GMT
server
AmazonS3
age
203
etag
W/"ee61816da156df01dc9c34b3cece567f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 f8895de4463e8d120a0f4b4a1f7703e4.cloudfront.net (CloudFront)
cache-control
max-age=7200, public
date
Sun, 20 Feb 2022 07:23:29 GMT
x-amz-cf-pop
FRA53-C1
x-amz-cf-id
NxECYu2an2Hedb9bFCNI58mLHMijttnZ5FyzQcs1sDKs1m8vUl-XnQ==
8371589084167766340
tpc.googlesyndication.com/simgad/ Frame 8544 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/8371589084167766340
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c92aaf89b1a34c214af4217404c264f9f7e96fb66dc1e00327572344f6f77d43
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 22:10:29 GMT
x-content-type-options
nosniff
age
378782
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33239
x-xss-protection
0
last-modified
Tue, 08 Feb 2022 20:26:25 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 15 Feb 2023 22:10:29 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220216/r20110914/ Frame 8544 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220216/r20110914/abg_lite_fy2019.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cb0a1ac121b8aa9b8e2912768985ee6341cdd33d4c7b4db39052731d4b5248e2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:05:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1107
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7876
x-xss-protection
0
server
cafe
etag
1930320615972901081
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 06 Mar 2022 07:05:04 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220216/r20110914/client/ Frame 8544 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220216/r20110914/client/window_focus_fy2019.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:00:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1371
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1233
x-xss-protection
0
server
cafe
etag
16517525077337815633
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 06 Mar 2022 07:00:40 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 8544 		124 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5b9794842e89dcec3790d21b95acce36c08673d4162e745dc440e6766534ed53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38723
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1645015031201889"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 20 Feb 2022 07:23:31 GMT
l
www.google.com/ads/measurement/ Frame 8544 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQO-jjDTjfV5tz7WNb-JjsXY6RZn-q8iMDe8-8oITJe3yow7aILZGJ5Plk3TjuwCtArD-Lr
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers
41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
d3plfjw9uod7ab.cloudfront.net/ad/ Frame 12BB 		94 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3plfjw9uod7ab.cloudfront.net/ad/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:da00:13:a391:88c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b82b3b26f73cec97530fe064182ec7fad83a326a45ba746d58d69bd4de4b04e5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id
NoC6YGt5eCR14CGF_CePZnGYd_hZgCkD
content-encoding
br
last-modified
Thu, 17 Feb 2022 17:56:17 GMT
server
AmazonS3
age
203
etag
W/"ee61816da156df01dc9c34b3cece567f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 f8895de4463e8d120a0f4b4a1f7703e4.cloudfront.net (CloudFront)
cache-control
max-age=7200, public
date
Sun, 20 Feb 2022 07:23:29 GMT
x-amz-cf-pop
FRA53-C1
x-amz-cf-id
E9V72WDbw8Eru1yGxtLYp0bo9oKaotMi6NnZTjcmfJBoEuHnVf8OFQ==
9537269065379333373
tpc.googlesyndication.com/simgad/ Frame 12BB 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/9537269065379333373
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8636de21b30228459adae804db94c0659cfe7bad89c2dac4cb3753ac1c279d90
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 19 Feb 2022 05:04:34 GMT
x-content-type-options
nosniff
age
94737
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32971
x-xss-protection
0
last-modified
Sat, 11 Dec 2021 00:56:36 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 19 Feb 2023 05:04:34 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220216/r20110914/ Frame 12BB 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220216/r20110914/abg_lite_fy2019.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cb0a1ac121b8aa9b8e2912768985ee6341cdd33d4c7b4db39052731d4b5248e2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:05:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1107
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7876
x-xss-protection
0
server
cafe
etag
1930320615972901081
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 06 Mar 2022 07:05:04 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220216/r20110914/client/ Frame 12BB 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220216/r20110914/client/window_focus_fy2019.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:00:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1371
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1233
x-xss-protection
0
server
cafe
etag
16517525077337815633
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 06 Mar 2022 07:00:40 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 12BB 		124 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5b9794842e89dcec3790d21b95acce36c08673d4162e745dc440e6766534ed53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38723
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1645015031201889"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 20 Feb 2022 07:23:31 GMT
l
www.google.com/ads/measurement/ Frame 12BB 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaR0Lurp4Po0RT3yOfPPKLXd-5WiSGIV2fJzbfkbGLT7EiEXXnflwNycNST_fsxfABCYEAjg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers
41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
d3plfjw9uod7ab.cloudfront.net/ad/ Frame 729F 		94 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3plfjw9uod7ab.cloudfront.net/ad/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:da00:13:a391:88c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b82b3b26f73cec97530fe064182ec7fad83a326a45ba746d58d69bd4de4b04e5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id
NoC6YGt5eCR14CGF_CePZnGYd_hZgCkD
content-encoding
br
last-modified
Thu, 17 Feb 2022 17:56:17 GMT
server
AmazonS3
age
203
etag
W/"ee61816da156df01dc9c34b3cece567f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 f8895de4463e8d120a0f4b4a1f7703e4.cloudfront.net (CloudFront)
cache-control
max-age=7200, public
date
Sun, 20 Feb 2022 07:23:29 GMT
x-amz-cf-pop
FRA53-C1
x-amz-cf-id
13pFZ4_rQG9sil-wOV-1-FyRJpyaCcyloalWLFbuBgUJzR2aFjvCKg==
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 729F 		124 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5b9794842e89dcec3790d21b95acce36c08673d4162e745dc440e6766534ed53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38723
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1645015031201889"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 20 Feb 2022 07:23:31 GMT
41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
d3plfjw9uod7ab.cloudfront.net/ad/ Frame F245 		94 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3plfjw9uod7ab.cloudfront.net/ad/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:da00:13:a391:88c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b82b3b26f73cec97530fe064182ec7fad83a326a45ba746d58d69bd4de4b04e5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id
NoC6YGt5eCR14CGF_CePZnGYd_hZgCkD
content-encoding
br
last-modified
Thu, 17 Feb 2022 17:56:17 GMT
server
AmazonS3
age
203
etag
W/"ee61816da156df01dc9c34b3cece567f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 f8895de4463e8d120a0f4b4a1f7703e4.cloudfront.net (CloudFront)
cache-control
max-age=7200, public
date
Sun, 20 Feb 2022 07:23:29 GMT
x-amz-cf-pop
FRA53-C1
x-amz-cf-id
zG0fTdZLwssxDx8BCTiSQQd6LdsSIPte8BPTZLC-uNiqSlN7mwrCsQ==
9732373841908293548
tpc.googlesyndication.com/simgad/ Frame F245 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/9732373841908293548
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f01b7e8f8cc6ca431444fd006083bd8412195c0973ff20552348169a38158f1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 18 Feb 2022 18:12:32 GMT
x-content-type-options
nosniff
age
133859
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32432
x-xss-protection
0
last-modified
Thu, 24 Sep 2020 03:17:37 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 18 Feb 2023 18:12:32 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220216/r20110914/ Frame F245 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220216/r20110914/abg_lite_fy2019.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cb0a1ac121b8aa9b8e2912768985ee6341cdd33d4c7b4db39052731d4b5248e2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:05:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1107
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7876
x-xss-protection
0
server
cafe
etag
1930320615972901081
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 06 Mar 2022 07:05:04 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220216/r20110914/client/ Frame F245 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220216/r20110914/client/window_focus_fy2019.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:00:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1371
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1233
x-xss-protection
0
server
cafe
etag
16517525077337815633
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 06 Mar 2022 07:00:40 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame F245 		124 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5b9794842e89dcec3790d21b95acce36c08673d4162e745dc440e6766534ed53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38723
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1645015031201889"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 20 Feb 2022 07:23:31 GMT
l
www.google.com/ads/measurement/ Frame F245 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQExISGfRyU-aN--01U3CMsEeKBrFAeRKtwYzVKgBdRh5uTEfZmSlQGgn5xZUdvpup-SwF6
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers
container.html
05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame E07B 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gptprebidnative/202202161834/wrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Sun, 20 Feb 2022 07:23:29 GMT
expires
Mon, 20 Feb 2023 07:23:29 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
content-type
text/html
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
d3plfjw9uod7ab.cloudfront.net/ad/ Frame A51E 		94 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3plfjw9uod7ab.cloudfront.net/ad/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:da00:13:a391:88c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b82b3b26f73cec97530fe064182ec7fad83a326a45ba746d58d69bd4de4b04e5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id
NoC6YGt5eCR14CGF_CePZnGYd_hZgCkD
content-encoding
br
last-modified
Thu, 17 Feb 2022 17:56:17 GMT
server
AmazonS3
age
203
etag
W/"ee61816da156df01dc9c34b3cece567f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 f8895de4463e8d120a0f4b4a1f7703e4.cloudfront.net (CloudFront)
cache-control
max-age=7200, public
date
Sun, 20 Feb 2022 07:23:29 GMT
x-amz-cf-pop
FRA53-C1
x-amz-cf-id
Wda6htIMNg2oLVlk2PENrD1c3pgPz-Q3IgHAnd0yCNJ5jOd7idLglg==
11027584259180826615
tpc.googlesyndication.com/simgad/ Frame A51E 		151 KB
151 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/11027584259180826615
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b221bfce0004225f790446e12499afc28ccc55a1745e8f19df1357c97e61ebc2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 18 Feb 2022 16:54:18 GMT
x-content-type-options
nosniff
age
138553
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
154401
x-xss-protection
0
last-modified
Thu, 27 Jan 2022 19:55:57 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 18 Feb 2023 16:54:18 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220216/r20110914/ Frame A51E 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220216/r20110914/abg_lite_fy2019.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cb0a1ac121b8aa9b8e2912768985ee6341cdd33d4c7b4db39052731d4b5248e2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:05:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1107
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7876
x-xss-protection
0
server
cafe
etag
1930320615972901081
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 06 Mar 2022 07:05:04 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220216/r20110914/client/ Frame A51E 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220216/r20110914/client/window_focus_fy2019.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:00:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1371
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1233
x-xss-protection
0
server
cafe
etag
16517525077337815633
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 06 Mar 2022 07:00:40 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame A51E 		124 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5b9794842e89dcec3790d21b95acce36c08673d4162e745dc440e6766534ed53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38723
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1645015031201889"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 20 Feb 2022 07:23:31 GMT
41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
d3plfjw9uod7ab.cloudfront.net/ad/ Frame ECB4 		94 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3plfjw9uod7ab.cloudfront.net/ad/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:da00:13:a391:88c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b82b3b26f73cec97530fe064182ec7fad83a326a45ba746d58d69bd4de4b04e5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id
NoC6YGt5eCR14CGF_CePZnGYd_hZgCkD
content-encoding
br
last-modified
Thu, 17 Feb 2022 17:56:17 GMT
server
AmazonS3
age
203
etag
W/"ee61816da156df01dc9c34b3cece567f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 f8895de4463e8d120a0f4b4a1f7703e4.cloudfront.net (CloudFront)
cache-control
max-age=7200, public
date
Sun, 20 Feb 2022 07:23:29 GMT
x-amz-cf-pop
FRA53-C1
x-amz-cf-id
-AqyoWQ9uvFJUnZQJktH4D5agiQpcyc22RzhSAKZVqwYHsAI4cxEkw==
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame ECB4 		124 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5b9794842e89dcec3790d21b95acce36c08673d4162e745dc440e6766534ed53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38723
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1645015031201889"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 20 Feb 2022 07:23:31 GMT
41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
d3plfjw9uod7ab.cloudfront.net/ad/ Frame 0A64 		94 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3plfjw9uod7ab.cloudfront.net/ad/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:da00:13:a391:88c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b82b3b26f73cec97530fe064182ec7fad83a326a45ba746d58d69bd4de4b04e5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id
NoC6YGt5eCR14CGF_CePZnGYd_hZgCkD
content-encoding
br
last-modified
Thu, 17 Feb 2022 17:56:17 GMT
server
AmazonS3
age
203
etag
W/"ee61816da156df01dc9c34b3cece567f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 f8895de4463e8d120a0f4b4a1f7703e4.cloudfront.net (CloudFront)
cache-control
max-age=7200, public
date
Sun, 20 Feb 2022 07:23:29 GMT
x-amz-cf-pop
FRA53-C1
x-amz-cf-id
SwHpiBQP-D7d_ejqC_-L4AMJ4em5218PXONmN-9KRatO9J8sx1kGpA==
4368687680176042270
tpc.googlesyndication.com/simgad/ Frame 0A64 		39 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/4368687680176042270
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
959fb6e64577f5524b9de3c5110a43d9255257e9876eeae5ed390b65f6b1a949
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 15:14:08 GMT
x-content-type-options
nosniff
age
403763
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39579
x-xss-protection
0
last-modified
Tue, 06 Mar 2018 02:39:23 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 15 Feb 2023 15:14:08 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220216/r20110914/ Frame 0A64 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220216/r20110914/abg_lite_fy2019.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cb0a1ac121b8aa9b8e2912768985ee6341cdd33d4c7b4db39052731d4b5248e2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:05:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1107
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7876
x-xss-protection
0
server
cafe
etag
1930320615972901081
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 06 Mar 2022 07:05:04 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220216/r20110914/client/ Frame 0A64 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220216/r20110914/client/window_focus_fy2019.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:00:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1371
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1233
x-xss-protection
0
server
cafe
etag
16517525077337815633
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 06 Mar 2022 07:00:40 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 0A64 		124 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5b9794842e89dcec3790d21b95acce36c08673d4162e745dc440e6766534ed53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38723
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1645015031201889"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 20 Feb 2022 07:23:31 GMT
l
www.google.com/ads/measurement/ Frame 0A64 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaT0w6rRuLypcvBWfA3GJs2yyOUDLs0Lhtzxu-NqmdZVeSQFedvctZ5egtj69ZWd9bshRH0b
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012202072236000/ Frame E858 		220 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012202072236000/amp4ads-v0.mjs
Requested by
Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gptprebidnative/202202161834/wrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
332dd9d8872171a7ce122129c088ef587eb876ee04f178f5e62310dff3747514
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
277569
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
61519
x-xss-protection
0
server
sffe
date
Thu, 17 Feb 2022 02:17:22 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"609f9f524fc23ab6"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 17 Feb 2023 02:17:22 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012202072236000/v0/ Frame E858 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012202072236000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gptprebidnative/202202161834/wrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
372ddb86deaa3e11e5a4b1eec16924bcd6e6232bc8bab79338426b2faff7e7dd
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
277569
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5708
x-xss-protection
0
server
sffe
date
Thu, 17 Feb 2022 02:17:22 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"4c9170e21c83610c"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 17 Feb 2023 02:17:22 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012202072236000/v0/ Frame E858 		96 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012202072236000/v0/amp-analytics-0.1.mjs
Requested by
Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gptprebidnative/202202161834/wrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
af42f8a986eefec222a68474cc9c9591028b07b082157631d810ecbbf4a652fe
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
277569
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29623
x-xss-protection
0
server
sffe
date
Thu, 17 Feb 2022 02:17:22 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"f660f99fdfd5d6c6"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 17 Feb 2023 02:17:22 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012202072236000/v0/ Frame E858 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012202072236000/v0/amp-fit-text-0.1.mjs
Requested by
Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gptprebidnative/202202161834/wrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d3ef00ccf0d1329768a9546012c96ecb5ac031695b0418da9ae3297979ad60bb
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
277569
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1844
x-xss-protection
0
server
sffe
date
Thu, 17 Feb 2022 02:17:22 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"b0f41eb8e6d0a727"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 17 Feb 2023 02:17:22 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012202072236000/v0/ Frame E858 		42 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012202072236000/v0/amp-form-0.1.mjs
Requested by
Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gptprebidnative/202202161834/wrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
93b1f78578f169d4f472ecda3c79d72e81fa9e199bdb979d13139f5ddbe5a06d
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
277569
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13623
x-xss-protection
0
server
sffe
date
Thu, 17 Feb 2022 02:17:22 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"14164defe327400f"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 17 Feb 2023 02:17:22 GMT
truncated
/ Frame E858 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6b56ddca814af131ef57e54b933590ed1ed8e2f40f8ccce38c2e99ad9e22ee63

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type
image/png
container.html
05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame B1E9 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gptprebidnative/202202161834/wrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Sun, 20 Feb 2022 07:23:29 GMT
expires
Mon, 20 Feb 2023 07:23:29 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
content-type
text/html
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
4606847193486639217
tpc.googlesyndication.com/simgad/ Frame E858 		140 KB
140 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/4606847193486639217
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
703a46b7ea39f2c1ad0b05cb3ebd6d4bb52c8920f6f2523384e446de9570b478
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 18 Feb 2022 07:03:04 GMT
x-content-type-options
nosniff
age
174027
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
143172
x-xss-protection
0
last-modified
Wed, 11 Aug 2021 08:00:25 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 18 Feb 2023 07:03:04 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame E858 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 19 Feb 2022 09:41:38 GMT
x-content-type-options
nosniff
server
cafe
age
78113
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
14819457070020093239
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Sun, 20 Feb 2022 09:41:38 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame E858 		295 B
323 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 19 Feb 2022 09:53:05 GMT
x-content-type-options
nosniff
server
cafe
age
77426
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
426692510519060060
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Sun, 20 Feb 2022 09:53:05 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame E858 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=Cs8q7cuwRYuqgNM_k3wPQrpzYDceiitFm5anqrI4OrMeYytAoEAEguY6QH2CV-vCBjAegAYC5jNgDyAED4AIAqAMByAMIqgSZAk_QZr6yS1ip_hkzMX3UPKFf78Vu0p8h7jaCQnmUSYZtMR9eUPhCZt6Ore4-RD256YZrTRUxTeT7UUC5h-Td3zzoznobICbtUufrxArv1Zam-U6KQTMfSEWPQpfl3xG4AF9KpMglemmrsFySSfyZbNCz0dF6XWIj1ZweKW_Dinh_6jdBbrysf4CRz-3G0_6wl0iGfjtKvIwL-2xSdMgddnnUR6yvM7uNxWALRAij4KPVTQoouwgNaB93ZQaVfcYF1JPULex8GMy2qAHJn9eBiUNh1QAjz5JUL0mYKO1etomaI1jtyf9rOJweRtwCHdnYGOImRyMTCKS4fDi5nCAstw_-yyOgvdvGE17xrh9MROS9tWj8SbwoFcP6wATv1IyP1QPgBAGSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGA4AH6MbzJ6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcB8gcEEITEK9IICQiA4YBwEAEYHYAKA8gLAdgTAtAVAYAXAbIXHgocCAASFHB1Yi0zMjM4NTU1MjE4NTg4NDM5GLGzDA&sigh=8ECwESQb7x8&uach_m=[UACH]
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers
log_event
www.youtube.com/youtubei/v1/ Frame 429E 		28 B
54 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/c3125ad0/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/json
X-YouTube-Utc-Offset
0
X-YouTube-Client-Name
56
Referer
https://www.youtube.com/embed/videoseries?list=PL4hYTOAQ-Qk4ksml-4NKgz3JafpO-tfY-
X-YouTube-Client-Version
1.20220216.01.00
X-YouTube-Time-Zone
Etc/Unknown
X-Goog-Visitor-Id
CgtudFh3UG9nM1lpQSjv2MeQBg%3D%3D
X-YouTube-Ad-Signals
dt=1645341808864&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C299%2C168&vis=1&wgl=true&ca_type=image

Response headers

date
Sun, 20 Feb 2022 07:23:31 GMT
content-encoding
br
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
x-frame-options
SAMEORIGIN
vary
Origin, X-Origin, Referer
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31
x-xss-protection
0
expires
Sun, 20 Feb 2022 07:23:31 GMT
41e899d4-eecb-4906-b3ea-3f7a3f7fae2f
analyticssystems.net/api/v2/ad/impression/ Frame 8544 		0
553 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analyticssystems.net/api/v2/ad/impression/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f?rand=933638
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:251b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:31 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Isd9icmzIfexnmDmhvEZlidnsXQbPnuwZhRfYjfxCHs775i%2FzdtgYkLk1ewS2GSuVjG4AKv%2BPzZBEqIfdABJXeYKqf%2F64pYa2OCFvxeEWRtEnTHNHchH2InrH4pjTUMYf2o%2BT2zeFKUu%2BUqMTbi0Oxc6Ig%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
cf-ray
6e05fd72d8ba5a07-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-request-id
FtVtqQ0_x3A6w7YAdOji
view
securepubads.g.doubleclick.net/pcs/ Frame 8544 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstXLug7swRWSfPCDkxtHsNhKSzZWDa1iPpcU2i-WkXU8CCYHXh32ZvlcQL94dY5gp8azMchclRrVdWQLe7B10V8yBw6OnUaw05-naXyOIOtLD150cSew98lUqHON8WprnjUuXCiPaVtYqglPKPelaZw4yEhOGwt2W7AMfC3WoX_yX0kzdsmsx7KmZdm2dQ8SdvLdOMZATBd4iiiqpLDRuNhRBnNIeXcZvrR90OQBHhNeWnoq6rBqell12Hgw1sFYa8z31dday5dnCAyFSIYxfA9jh6toTEj31Ej0eRvHi39wm538obysXISqMYwZ-3CCCc&sig=Cg0ArKJSzNF-MH_LP1v1EAE&uach_m=[UACH]&adurl=
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 20 Feb 2022 07:23:31 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
41e899d4-eecb-4906-b3ea-3f7a3f7fae2f
analyticssystems.net/api/v2/ad/impression/ Frame 12BB 		0
553 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analyticssystems.net/api/v2/ad/impression/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f?rand=984999
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:251b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:31 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gM8LTXmMMphTpzk5aOUEDjEyVtJPN4W0wkogkM5gAuLnsAac6TeDhzDCQXwGpqwz6tr2EqazoiFmiB8Ox8yPTBZ9fLNWOFqqElWgnlgMynUjAX%2FAXskJO%2FpvgPY9irDR5l5vD4SwHe3Kzk%2BsxZHFkht5eA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
cf-ray
6e05fd72f90c5a07-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-request-id
FtVtqQ5epQIjjWoBCVzR
view
securepubads.g.doubleclick.net/pcs/ Frame 12BB 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuBf_epzEdCaXqdLTW4k6qXGkQuAaaOIhLmtsEAWi0ZGTdEwyPsf23Jodb6pA1Gi3_gQFo4UDc9igeKLDHGKfeSpVM-9nxiob3KImg3NPtt8IVJU0B-5VJKKkydbF4e_Gxdwk4lPNIP911HscNQq-hY9RzaF-TwUBVeqTnERQRsN74O-Ofd7b-exR6rGpQ1z6d1MkowzT-eDD1rPTcjBTkrH5jZBNoGXioCc4BKbP6Fr2wyR86ZmjK5D1qEhKmznQE9VnuDWuitPXLYSp5E-fZnQXOnl9QN1Br6UZBib5YtHvYjyHiw_S3OpmKXHzhSto7y9SLXxl8&sig=Cg0ArKJSzNam4-J5XfGdEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 20 Feb 2022 07:23:31 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
41e899d4-eecb-4906-b3ea-3f7a3f7fae2f
analyticssystems.net/api/v2/ad/impression/ Frame 729F 		0
552 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analyticssystems.net/api/v2/ad/impression/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f?rand=476514
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:251b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:31 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8Otpqc1Drn2vbubeE%2FidVIzKJNllXw50iLpolZX4ez%2F6MJtKi5h06m2u3rEOOohwGNF%2BfND4%2FmXfaplL7DEpOELmRlJ7eozZMFmRyfILqI8FXfo8lVTcz7fQJ8QMmuIEgiOHypHKc36X7lE2%2Bzf2Vr7jVQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
cf-ray
6e05fd73093d5a07-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-request-id
FtVtqQ97deC1sCsAG-4y
view
securepubads.g.doubleclick.net/pcs/ Frame 729F 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvpBmcj0CeZmUOjuMFhjlv4BR1gnmpHER5C-OyX3eLFqlfPlnbnJ5W_DdjJRHn0jgjShh9DT6UWg-2e8ttEbY7jRC2EL1X7cWwnnkqFQoZWRRjvawTHugVL2qQh2gDh2uDTOQ1hxC0SDDzq0vXS_T4rgr6pCCPCjFBAakFJc7E8AkEKB4-eCu0uJrJNHkCfo4xz-WIu7F6xJ7ZPMcCRbTb7KKGmoQ0emouQMNKWcVaBkGyQAYONy5BnLCORM7castqimA758wRhVLVJv8jn9YNt-Ilk5BnVXyt-tVuZ0Dl9LSHdCesLK8Y93_hlTlBr3VDKEoQV&sig=Cg0ArKJSzFyEKg6KzMJCEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 20 Feb 2022 07:23:31 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
134cd2a0-7eab-4f89-ad56-f416cc5743c6.js
d3lcz8vpax4lo2.cloudfront.net/ads-code/ Frame 729F 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3lcz8vpax4lo2.cloudfront.net/ads-code/134cd2a0-7eab-4f89-ad56-f416cc5743c6.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:8800:1c:386f:ec80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b6635617488fc4222e37a13cdbf287ad4ce92706f3a97c5c23b9f8d10e33c069

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id
MUe9_TZZLhlPUJAyhsqdzJ95c0911WwJ
content-encoding
gzip
last-modified
Mon, 14 Feb 2022 17:56:45 GMT
server
AmazonS3
age
58
etag
W/"b1e3d9e44cf1c9b4e3a9f3acabad1361"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 89cb19c6f2c9ed0983294d3b12e80e42.cloudfront.net (CloudFront)
cache-control
max-age=60
date
Sun, 20 Feb 2022 07:23:31 GMT
x-amz-cf-pop
FRA53-C1
x-amz-cf-id
k-ELA0CzMgt7GeW2zF5aYGmxeGhD9v3iQUWdMxPTCtntx964y3kXrg==
41e899d4-eecb-4906-b3ea-3f7a3f7fae2f
analyticssystems.net/api/v2/ad/impression/ Frame F245 		0
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analyticssystems.net/api/v2/ad/impression/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f?rand=407243
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:251b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:31 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I%2BFaOokDDDEdf%2BMG2achfMPEpHkTKzPtA%2FG37V1v9HeAGDzQdgF6VruOxNzVOcBk93aiJQfui6WBn8lTrnhwxDsIK%2BvCW1qYbJS4k5WdzSfBbIj6Bipzq6%2BTvOuKBTFm6OMXTBstX5NzedFkgEDwGZkQqA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
cf-ray
6e05fd73299b5a07-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-request-id
FtVtqRZiImjrEK4AwjaR
view
securepubads.g.doubleclick.net/pcs/ Frame F245 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvNq5he3cbVpc063cX3Am-bPe-gQSq78v2wAeTd-M8z2ENvjn3NEPfr5hy7D-K4Uf1DcRLXbjB7tqxEdAGCoc5h9XEU3NDFhDlcIlEPONn0qGYESZ9JEY7Q3ovxChJvMxFiL1d0W42UabEnl7USkwgpB7wkUK4d6EQWat4f2QK6X4wXMKt4kxVRdHXNkAL37WFhLloqr4bb6JuvjDW0sKO937vi5csedJDh4U5sibY3RvCwuufWKecXQQZCgg6wDTG7xwzu7Cy0pHWFjJWL6E-YLN-3iPUW3rSpB9uZEAsudX3odTz5rHeExtWMcCUrrTO8&sig=Cg0ArKJSzP2P264ZyMW2EAE&uach_m=[UACH]&adurl=
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 20 Feb 2022 07:23:31 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
41e899d4-eecb-4906-b3ea-3f7a3f7fae2f
analyticssystems.net/api/v2/ad/impression/ Frame A51E 		0
550 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analyticssystems.net/api/v2/ad/impression/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f?rand=817296
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:251b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:31 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iWqaEgcJR1Ib%2F6TME9X9lhinQLGMhnLgqXGdLdJzP1zdwusXu7QofOObTSUZWfYgyYfoCeQaZCAlWIxkp7R70qGBZPieRVMPAylx3MykbgSKRQr2ZfX7SXXuYLZA7kr9Rt1sAvMvJqF5OSVKTUxc8hhLuA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
cf-ray
6e05fd7349e35a07-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-request-id
FtVtqRf3IL3uty0CgOZi
view
securepubads.g.doubleclick.net/pcs/ Frame A51E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstVUTIKV2v7aCK2wknnWPovfeVfWeO1WmF1SQ5T8BquDNdC3H4MZweh4J6g8zOUqGtzusPHo1EwWuHHXDKVnh13SHs2_TZ1A9ECq_9TNJzwcRicSo_aIm5Q7ZHuhy41da4oGmZpx8EYt6UIRp22zJLqlnmTXGNyMq1ZHYK357CkS2MLuTE2UAXx1P-djd4iRW3gz-TzlyoGNw-tnjr0MBpnAlEgXVUzzid6Q1_33szf3YqnlV31ytvS4I_5N3wRvNrTgv3-gspPDXr7R1LPPKWs309izj1erf2SX_ZJ5HRe1yd1Y16XOr7SNK-KPlAdU8JmR8JuOA&sig=Cg0ArKJSzKMbqkL2dY9JEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 20 Feb 2022 07:23:31 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
41e899d4-eecb-4906-b3ea-3f7a3f7fae2f
analyticssystems.net/api/v2/ad/impression/ Frame 0A64 		0
549 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analyticssystems.net/api/v2/ad/impression/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f?rand=534762
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:251b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:31 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vFuWUI5EATlymCa8Sjk089wBUpsohnZUGDjBpfCu%2BwV9j4Ou66PdG2hwDetNz3yAj2Ora0tPKwvxEJZfjWUZD0K1HkGUmt8lQUOGNCJYfoY8m8zWfbFyP0O5KAbgUfqnNuqiCxYnHe4PW6EBDGHIBNBW5g%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
cf-ray
6e05fd735a0f5a07-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-request-id
FtVtqRiPn1FlDHEAwjax
view
securepubads.g.doubleclick.net/pcs/ Frame 0A64 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstwCVg3lTlJOCcMer-kViMK8BUn400ius5l4Ro2nFPTScjRAPRcdL6aFdZ0BWE7ES1XXRzyeCnc9vFWexcgpexiyKep6ectKGqyqKl1ObWIzbAxukfgiTCET5Nw-iYlsFyzE-TpVY9fvhPKYNs-mGGTWq-fBickCD-yQhg9G6fgCJ8hL6czk9-SBCdmVp8P0-N1ve_Wg83hE2kP08aR153xCqrDgSfUmZpleAKfG2mt3mN07Sb9YEYidr_XENVFMPr_owp8F5DqmLvvGkElqgxzuQIsdXrFT4g2tQkLBPHf7M4-jLif-yQfUp9eb-ea2y2To4X9&sig=Cg0ArKJSzPJVAOZWsipSEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 20 Feb 2022 07:23:31 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
41e899d4-eecb-4906-b3ea-3f7a3f7fae2f
analyticssystems.net/api/v2/ad/impression/ Frame ECB4 		0
558 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analyticssystems.net/api/v2/ad/impression/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f?rand=359243
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:251b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:31 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tYN%2FN6%2FyEIQyD55edieWhJTOcC%2FvH3QaG3N%2BOdG%2Be3o2eg4uRNLJTPWuoEGjPRziLNnsfDmpg6eVIvHvMO1SYdb1bcUM4X%2FR%2FgDz8viQKafDXBFbYPr9fY4O7ay4YAiY0LsRj2UhLYzdgOGapL5Ba%2FAQEQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
cf-ray
6e05fd738a655a07-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-request-id
FtVtqRnQrDzCAVgAwjbx
view
securepubads.g.doubleclick.net/pcs/ Frame ECB4 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuOVKVoqTgWsIphKly3mqL9jTJFmova7wwzbksHNBsNYGUnISkPXhMRDJkCiacr6i2gDob-UM0IMM467BXUMP2Ofe_dCvtMKoMnaGDQsxgI8DquTXFny5ZI78aM_jXeRxUq7xYiqdVbRStsfKCq1i1oDKLnGDORdyEUP2kF3yLyCGNjCY6ieN6ftqYQ06nS7P_g4XNnFesla-plHtw86_gfp1Vf7caJpMFxdsXxUVA5jgNe0yrw2-RxYr1ibigdlqlb82l9_B6ZSe04F7-audpmcEEAmvRmsh90W5aqXrb5NO2N582WPdWKo9qxjeDzAzgt8GiDIw&sig=Cg0ArKJSzEynZWDfLIgnEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 20 Feb 2022 07:23:31 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
zone
tradehouse.advertserve.com/servlet/view/banner/javascript/ Frame ECB4 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://tradehouse.advertserve.com/servlet/view/banner/javascript/zone?zid=382&friendly=friendly_1426692162&pid=0&fr=400&frlm=1&random=1426692162&encode=1&origin=https%3A%2F%2Fwww.staradvertiser.com&referrer=https://www.staradvertiser.com/&cturl=https://adclick.g.doubleclick.net/pcs/click?xai=AKAOjst8PDKu_A1hcBx7X1ursO075PYSjBLoVdycHz36bpk4iAGsi8tmro2XDtg6lNOjU3uBCP8Bndl_3NN6nUvNrBjQcza_WUi4-kih8PqwOLamPPAOLTmnGJw8vA2XjLzQ1LynoP9GlhHQ_HoiQMdJe6sONSqewwt9OTPU2Ifgt7DkDpfakTmegDhruW1Ar6TEm1vxN5IQvdxodBPWEaV0OXWpB1ecP_Qv91cjNRM2eeYSS-Otk_uUmjnAglxvTnEdTEcVES1b_jmCc7jSNzjX-Mg6KLPJvfKa6aLcagfJrYItDR0OYaRahjJtcqxXxtObEypZZg&sig=Cg0ArKJSzEzA61Xo11xQEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
172.255.62.200 London, United Kingdom, ASN36483 (GOSSAMERTHREADS, CA),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers
8018fd98-c63a-4a4d-a842-27c90b80e905
https://www.staradvertiser.com/ Frame 8544 		789 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.staradvertiser.com/8018fd98-c63a-4a4d-a842-27c90b80e905
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
af79010f58afe12a54ef84b6e5c79b3c1c1542dfd88ff5ba29c0507a71f00d8a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Length
789
Content-Type
application/javascript
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		151 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/fi_client.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
665212ec564d4b083b48f54a2c239761b1f261dedfd77f00ed8cedc4076d8def
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
53702
x-xss-protection
0
server
cafe
etag
13712110883550163727
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sun, 20 Feb 2022 07:23:31 GMT
b1739a13-4c7b-41c3-b466-e41cfed02ab9
https://www.staradvertiser.com/ Frame 12BB 		789 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.staradvertiser.com/b1739a13-4c7b-41c3-b466-e41cfed02ab9
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
af79010f58afe12a54ef84b6e5c79b3c1c1542dfd88ff5ba29c0507a71f00d8a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Length
789
Content-Type
application/javascript
6ab65579-8ef2-4474-89e4-8499f2d8ab84
https://www.staradvertiser.com/ Frame 729F 		789 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.staradvertiser.com/6ab65579-8ef2-4474-89e4-8499f2d8ab84
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
af79010f58afe12a54ef84b6e5c79b3c1c1542dfd88ff5ba29c0507a71f00d8a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Length
789
Content-Type
application/javascript
c11ef457-361c-4b95-af74-77ece74f6a77
https://www.staradvertiser.com/ Frame F245 		789 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.staradvertiser.com/c11ef457-361c-4b95-af74-77ece74f6a77
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
af79010f58afe12a54ef84b6e5c79b3c1c1542dfd88ff5ba29c0507a71f00d8a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Length
789
Content-Type
application/javascript
09250d9d-aecb-4848-abb2-8a4b5be60bee
https://www.staradvertiser.com/ Frame A51E 		789 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.staradvertiser.com/09250d9d-aecb-4848-abb2-8a4b5be60bee
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
af79010f58afe12a54ef84b6e5c79b3c1c1542dfd88ff5ba29c0507a71f00d8a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Length
789
Content-Type
application/javascript
3a3d2f1e-bdd6-4a44-bd78-4306150a55c6
https://www.staradvertiser.com/ Frame 0A64 		789 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.staradvertiser.com/3a3d2f1e-bdd6-4a44-bd78-4306150a55c6
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
af79010f58afe12a54ef84b6e5c79b3c1c1542dfd88ff5ba29c0507a71f00d8a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Length
789
Content-Type
application/javascript
74cc248f-b8e5-4929-b784-7ea76e63cb6e
https://www.staradvertiser.com/ Frame ECB4 		789 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.staradvertiser.com/74cc248f-b8e5-4929-b784-7ea76e63cb6e
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
af79010f58afe12a54ef84b6e5c79b3c1c1542dfd88ff5ba29c0507a71f00d8a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Length
789
Content-Type
application/javascript
css
fonts.googleapis.com/ Frame DAAB 		8 KB
892 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: 05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com
URL: https://05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3ad8c90cec1318c90852dc018d75e7afadcb71c36508344fc1c133021007bb3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 20 Feb 2022 06:14:47 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sun, 20 Feb 2022 07:23:31 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 20 Feb 2022 07:23:31 GMT
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220216/r20110914/client/ Frame DAAB 		2 KB
914 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220216/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: 05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com
URL: https://05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:19:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
252
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
877
x-xss-protection
0
server
cafe
etag
13035868154101442325
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 06 Mar 2022 07:19:19 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame DAAB 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CCCKNcuwRYt-gNM_k3wPQrpzYDbz1nKRn0tXh-NcOZBABILmOkB9glfrwgYwHoAGwp6-7AcgBCakCnSkMHmn-sj7gAgCoAwHIA5sEqgSVAk_QH6l9GrW6XX2hgWtnyW5HaqzV7mP0YYy7Qt6RAYxXfc0k_E3kEw9xOeSkXBMDa10Bak0yEeTqlhb2pus3V-_FhDFdP-JiQsnrxVbp6jUJsIiW0CRURBQmP6DbjjsDSjYjgjS0ZbQmKgTGdj9Gg_kRcUZOcQpXw4LhnSsgPk4dCrg62pPwLm2Nk69hwirB56tsX2IXpbpEbLzFZ0qmHAwsIp4ighzPvx6EUIoyF3a3duQj1wGoq2J4La02fdkfEod_jR0DncIbfQemuUT2ePcEH_KU91rX8p33DkWE0wKZJH-6_VPX0HlNutos3HcwstErgjkI8p4-saInihy4QSH0XwjKVs42G26AjS5cBY4cEpax4IrABOa6jszKA-AEAZIFBAgEGAGSBQQIBRgEoAYugAe42NDEAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcA8gcEEPaIEdIICQiA4YBwEAEYHYAKA8gLAZgMipzYvsIDuBODBNgTDtAVAZgWAYAXAbIXHgocCAASFHB1Yi0zMjM4NTU1MjE4NTg4NDM5GLGzDA&sigh=r-uI8oj-Oeg&uach_m=[UACH]&template_id=515
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220216/r20110914/ Frame DAAB 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220216/r20110914/abg_lite_fy2019.js
Requested by
Host: 05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com
URL: https://05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cb0a1ac121b8aa9b8e2912768985ee6341cdd33d4c7b4db39052731d4b5248e2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:05:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1107
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7876
x-xss-protection
0
server
cafe
etag
1930320615972901081
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 06 Mar 2022 07:05:04 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220216/r20110914/client/ Frame DAAB 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220216/r20110914/client/window_focus_fy2019.js
Requested by
Host: 05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com
URL: https://05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:00:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1371
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1233
x-xss-protection
0
server
cafe
etag
16517525077337815633
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 06 Mar 2022 07:00:40 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame DAAB 		124 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com
URL: https://05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5b9794842e89dcec3790d21b95acce36c08673d4162e745dc440e6766534ed53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38723
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1645015031201889"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 20 Feb 2022 07:23:31 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220216/r20110914/client/ Frame DAAB 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220216/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com
URL: https://05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
78ea6d7806beda2d76bb7d9abb14b034ad476a897376c270aefcf40a2f49316c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:05:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1111
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6438
x-xss-protection
0
server
cafe
etag
12093742715590823996
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 06 Mar 2022 07:05:00 GMT
6db0573cb067ea4557d3af56fc7062b8.js
www.gstatic.com/mysidia/ Frame DAAB 		28 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/6db0573cb067ea4557d3af56fc7062b8.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: 05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com
URL: https://05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a50761af47976acf2a9b1ed88cff6727c6c0fa4a18c2806a26f108c5268b4c1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 17 Feb 2022 10:18:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
248672
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11678
x-xss-protection
0
last-modified
Tue, 15 Feb 2022 08:01:33 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 18 May 2022 10:18:59 GMT
css
fonts.googleapis.com/ Frame 0F0A 		8 KB
892 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: 05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com
URL: https://05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3ad8c90cec1318c90852dc018d75e7afadcb71c36508344fc1c133021007bb3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 20 Feb 2022 06:19:11 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sun, 20 Feb 2022 07:23:31 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 20 Feb 2022 07:23:31 GMT
41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
d3plfjw9uod7ab.cloudfront.net/ad/ Frame 0F0A 		94 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3plfjw9uod7ab.cloudfront.net/ad/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Requested by
Host: 05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com
URL: https://05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:da00:13:a391:88c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b82b3b26f73cec97530fe064182ec7fad83a326a45ba746d58d69bd4de4b04e5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id
NoC6YGt5eCR14CGF_CePZnGYd_hZgCkD
content-encoding
br
last-modified
Thu, 17 Feb 2022 17:56:17 GMT
server
AmazonS3
age
203
etag
W/"ee61816da156df01dc9c34b3cece567f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 f8895de4463e8d120a0f4b4a1f7703e4.cloudfront.net (CloudFront)
cache-control
max-age=7200, public
date
Sun, 20 Feb 2022 07:23:29 GMT
x-amz-cf-pop
FRA53-C1
x-amz-cf-id
IFw4fUJ9T7VFwZRB7O8sIq-FLcOzFud4zm_w6eCdzislbJP5_an-uw==
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220216/r20110914/client/ Frame 0F0A 		2 KB
914 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220216/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: 05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com
URL: https://05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:19:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
253
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
877
x-xss-protection
0
server
cafe
etag
13035868154101442325
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 06 Mar 2022 07:19:19 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220216/r20110914/ Frame 0F0A 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220216/r20110914/abg_lite_fy2019.js
Requested by
Host: 05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com
URL: https://05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cb0a1ac121b8aa9b8e2912768985ee6341cdd33d4c7b4db39052731d4b5248e2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:05:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1107
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7876
x-xss-protection
0
server
cafe
etag
1930320615972901081
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 06 Mar 2022 07:05:04 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220216/r20110914/client/ Frame 0F0A 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220216/r20110914/client/window_focus_fy2019.js
Requested by
Host: 05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com
URL: https://05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:00:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1372
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1233
x-xss-protection
0
server
cafe
etag
16517525077337815633
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 06 Mar 2022 07:00:40 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 0F0A 		124 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com
URL: https://05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5b9794842e89dcec3790d21b95acce36c08673d4162e745dc440e6766534ed53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38723
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1645015031201889"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 20 Feb 2022 07:23:31 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220216/r20110914/client/ Frame 0F0A 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220216/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com
URL: https://05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
78ea6d7806beda2d76bb7d9abb14b034ad476a897376c270aefcf40a2f49316c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:05:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1111
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6438
x-xss-protection
0
server
cafe
etag
12093742715590823996
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 06 Mar 2022 07:05:00 GMT
6db0573cb067ea4557d3af56fc7062b8.js
www.gstatic.com/mysidia/ Frame 0F0A 		28 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/6db0573cb067ea4557d3af56fc7062b8.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: 05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com
URL: https://05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a50761af47976acf2a9b1ed88cff6727c6c0fa4a18c2806a26f108c5268b4c1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 17 Feb 2022 10:18:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
248673
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11678
x-xss-protection
0
last-modified
Tue, 15 Feb 2022 08:01:33 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 18 May 2022 10:18:59 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 8544 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv25cCrpDE8Azg9uJRKYFs6KA3rmeIim2Qd2lMSE62Ny9AvIKDvOe6EU3zeBFf8A09FWgUlpuPHp_BuoNv3A6L_uTbCY7k4mM3JqqRkZ6WgsyelK3fdGyVEpM71KzLeeSSB3L1CSmzaaECRlhQD6ycGsB92wpbfmlziD2LKuO3CSEO8ZVmjYMOmeyIhP-thWnyweUV_O4SrezBtM-9cFeha9V5_ktrNTeAT5oYt-agITHmJ5ZbAjWLeaaQYX5gCW6eBFV4ZO5pdWBVuvctdVZW-63OgJAddcflNSmSCKqp4k2jAdOV9jxsE2xx8gfWKljtjvg&sig=Cg0ArKJSzC19AOf7YQBnEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 20 Feb 2022 07:23:31 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Sun, 20 Feb 2022 07:23:31 GMT
truncated
/ Frame 8544 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
eb36257d0b421fdce28c72a3c869659cd390daf1930f302ff9022f64420c81f4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame 12BB 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsszIcc1BlgxSAFglDqdpdUavCmXTu5vx3M0lnku7Cq-vPthqdRKukFrX-gaF1r7AXje68Q2VYGmmwWpeqmZWJLuG2wJBaJtUAWVnCrFjCtMq9_7cV0YoaUOxfJ8sz6zZ5UrEC93KQOPGK6YW6SdwJZMtnXZuicxgaGndFbsE7STD4Zv0CzCiYOGrDuuu79RlkO5Uthnmbbacyi-bCREsb149hzpR7OZFObL6J4lARt33h72Ex99hVdA4ezGHf6OjJ3-TMmBi1HzCyDtxam-o3LTHP8kNgNsmZmLsyiL-EOPGCbjpxdIA9LR9AWyAtHiM_U-O1dO-5VSuA&sig=Cg0ArKJSzAhTNU6KrUbqEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 20 Feb 2022 07:23:31 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Sun, 20 Feb 2022 07:23:31 GMT
truncated
/ Frame 12BB 		218 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3b71cdf9a20592bc862ea050b14af5e0ee66f22b0837bceba918950ab7c90101

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type
image/png
3836428205810490512
tpc.googlesyndication.com/simgad/ Frame DAAB 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/3836428205810490512?w=100&h=100
Requested by
Host: 05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com
URL: https://05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
27c71a9e2cb0bb6595a57b297c1c94503b0fa7dac371945e68af53741592cc55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 19 Feb 2022 16:46:17 GMT
x-content-type-options
nosniff
age
52634
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3447
x-xss-protection
0
last-modified
Thu, 12 Aug 2021 09:30:40 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 19 Feb 2023 16:46:17 GMT
truncated
/ Frame 729F 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4edce7b814cd954fd5533ca8d7156df65a2f8a33242e1931c17a6dff95bac992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame F245 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsseesD5r00yyWG8G8ISRjdR-7oTV3FAS8Pw81G-q1ayPTsB0EeeLP2sUsEmWMLTHfm74U0HwLrMgtMK4hXUTtH7wA38gI0QccsyLk3JMgZ8bVUFY7nciMmE4KttlM0-ryzSxMJ2iWzhKSd1HTB_qkSN05-ndY2qhHrCtS7IqlqRyAX37TCJvFCJn3-3csNGBOX_1_uwmSdAcC4fwrTtQcK6sw9EwJFrlxu_5mKQGnc9ufPgnnQBguqmj-XaGTDmvBQmHlODnJYZY1bvOMbmDHs7wvETZ_Z0f7ra6Y5IGOWXdQjr7pNHIEUxQ_lNhJBAcsaUTKk&sig=Cg0ArKJSzEDAW8Gd7ME2EAE&uach_m=[UACH]&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 20 Feb 2022 07:23:31 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Sun, 20 Feb 2022 07:23:31 GMT
truncated
/ Frame F245 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
48de778fdc484c7c754bc789a052e166eafeb84dd8831130e4dfa5dad6e95939

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame A51E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstthCx5Hx5RD4x31DRcTj2p0ZZjhPkbHzAR167Scki3OvzAfJGnFU1TotEAulX0PcZh7Nhb-ImMORep_b07AyOdI_QvuXW45Y_lmzZlXRTcEzuJQ4xCRd92ta5ivk6okKP3j3vYpoUTlVwtItdxZQhPGVuhu5aQwbXSXM5r0ufbl2ZEMkCzdGTPrijxtShBrfjDMMDUmz4jZqgjs_YGtp_hWKRl5zVRwL3z4wQ6saVvp7Q20sv5axzYz8Xcrv8toHCrBDt7Zp0Twp871pIE3AZxvd1mHkYw5ps0wWNpSLecaJm2BI4aDbRVSYLxn3PBf_N-n4UB5dgb&sig=Cg0ArKJSzM4fVYgUnmRHEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 20 Feb 2022 07:23:31 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Sun, 20 Feb 2022 07:23:31 GMT
truncated
/ Frame A51E 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
01a9dabd902570e6db0f700e470c8824e04c88b12b33b1ee10f458386cfcfd63

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type
image/png
css
fonts.googleapis.com/ Frame E07B 		8 KB
892 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: 05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com
URL: https://05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3ad8c90cec1318c90852dc018d75e7afadcb71c36508344fc1c133021007bb3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 20 Feb 2022 06:42:59 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sun, 20 Feb 2022 07:23:31 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 20 Feb 2022 07:23:31 GMT
41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
d3plfjw9uod7ab.cloudfront.net/ad/ Frame E07B 		94 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3plfjw9uod7ab.cloudfront.net/ad/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Requested by
Host: 05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com
URL: https://05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:da00:13:a391:88c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b82b3b26f73cec97530fe064182ec7fad83a326a45ba746d58d69bd4de4b04e5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id
NoC6YGt5eCR14CGF_CePZnGYd_hZgCkD
content-encoding
br
last-modified
Thu, 17 Feb 2022 17:56:17 GMT
server
AmazonS3
age
203
etag
W/"ee61816da156df01dc9c34b3cece567f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 f8895de4463e8d120a0f4b4a1f7703e4.cloudfront.net (CloudFront)
cache-control
max-age=7200, public
date
Sun, 20 Feb 2022 07:23:29 GMT
x-amz-cf-pop
FRA53-C1
x-amz-cf-id
ON4aY7RlW8ISs2QbyXOtNofDwG3p5xed_3Xbpa_ccR2moRmWQkpf4w==
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220216/r20110914/client/ Frame E07B 		2 KB
914 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220216/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: 05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com
URL: https://05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:19:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
253
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
877
x-xss-protection
0
server
cafe
etag
13035868154101442325
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 06 Mar 2022 07:19:19 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220216/r20110914/ Frame E07B 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220216/r20110914/abg_lite_fy2019.js
Requested by
Host: 05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com
URL: https://05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cb0a1ac121b8aa9b8e2912768985ee6341cdd33d4c7b4db39052731d4b5248e2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:05:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1107
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7876
x-xss-protection
0
server
cafe
etag
1930320615972901081
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 06 Mar 2022 07:05:04 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220216/r20110914/client/ Frame E07B 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220216/r20110914/client/window_focus_fy2019.js
Requested by
Host: 05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com
URL: https://05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:00:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1372
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1233
x-xss-protection
0
server
cafe
etag
16517525077337815633
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 06 Mar 2022 07:00:40 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame E07B 		124 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com
URL: https://05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5b9794842e89dcec3790d21b95acce36c08673d4162e745dc440e6766534ed53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38723
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1645015031201889"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 20 Feb 2022 07:23:31 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220216/r20110914/client/ Frame E07B 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220216/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com
URL: https://05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
78ea6d7806beda2d76bb7d9abb14b034ad476a897376c270aefcf40a2f49316c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:05:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1111
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6438
x-xss-protection
0
server
cafe
etag
12093742715590823996
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 06 Mar 2022 07:05:00 GMT
l
www.google.com/ads/measurement/ Frame E07B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTpsLFL-04rAskcbydZixD3OPeuBWgr9AuVJNTLltUz0dz9F03PtvLy3Fb9t29V_0xe-wjn
Requested by
Host: 05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com
URL: https://05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers
6db0573cb067ea4557d3af56fc7062b8.js
www.gstatic.com/mysidia/ Frame E07B 		28 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/6db0573cb067ea4557d3af56fc7062b8.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: 05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com
URL: https://05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a50761af47976acf2a9b1ed88cff6727c6c0fa4a18c2806a26f108c5268b4c1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 17 Feb 2022 10:18:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
248673
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11678
x-xss-protection
0
last-modified
Tue, 15 Feb 2022 08:01:33 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 18 May 2022 10:18:59 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 0A64 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsviGbtl1PKSkqFo6wxJXJr7hMUmsH5U6R73BAvqjExP5VqMiUWG3hMqjFdSNDwzkDIWf26uJ6DlkTNw5eyqKxoQjS4BpkkG1mtwvD5_VD-1ZQZiaB6JJ9g7cVAq6ivfEylTBhfDRrZiL07xHpVGY4bhg8w7gmFYTuBnkexZtWy-COoKYx3gb1vlz6iq7wzj7CzImHPQwnxw0UF2mY9rhbsUkbabXNMe4zlpMutCQnuqlnqCo4t8U1WKOq08jH6DwB-Lk3SkL3WdKymZBSrb3uREIEgcQ-_lY8wLuZR7FDBVvW6riOy21vXslHDmz_oM7nm6enffCrU&sig=Cg0ArKJSzN-gAdZnrxBSEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 20 Feb 2022 07:23:31 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Sun, 20 Feb 2022 07:23:31 GMT
truncated
/ Frame 0A64 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
677abfa5e8392c317a482baa9bcb6544c261da51c0551de3af5d34ac0714c41e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type
image/png
41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
d3plfjw9uod7ab.cloudfront.net/ad/ Frame B1E9 		94 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3plfjw9uod7ab.cloudfront.net/ad/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Requested by
Host: 05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com
URL: https://05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:da00:13:a391:88c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b82b3b26f73cec97530fe064182ec7fad83a326a45ba746d58d69bd4de4b04e5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id
NoC6YGt5eCR14CGF_CePZnGYd_hZgCkD
content-encoding
br
last-modified
Thu, 17 Feb 2022 17:56:17 GMT
server
AmazonS3
age
204
etag
W/"ee61816da156df01dc9c34b3cece567f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 f8895de4463e8d120a0f4b4a1f7703e4.cloudfront.net (CloudFront)
cache-control
max-age=7200, public
date
Sun, 20 Feb 2022 07:23:29 GMT
x-amz-cf-pop
FRA53-C1
x-amz-cf-id
LWJ8qgpZPI86YZEJhbVIupbz0LgGauOnOeViZ78v4HNQBcN-quHocg==
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220216/r20110914/client/ Frame B1E9 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220216/r20110914/client/window_focus_fy2019.js
Requested by
Host: 05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com
URL: https://05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:00:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1372
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1233
x-xss-protection
0
server
cafe
etag
16517525077337815633
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 06 Mar 2022 07:00:40 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame B1E9 		124 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com
URL: https://05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5b9794842e89dcec3790d21b95acce36c08673d4162e745dc440e6766534ed53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38723
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1645015031201889"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 20 Feb 2022 07:23:32 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220216/r20110914/client/ Frame B1E9 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220216/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com
URL: https://05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
78ea6d7806beda2d76bb7d9abb14b034ad476a897376c270aefcf40a2f49316c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:05:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1112
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6438
x-xss-protection
0
server
cafe
etag
12093742715590823996
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 06 Mar 2022 07:05:00 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame B1E9 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: 05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com
URL: https://05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 19:07:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
389792
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 15 Feb 2023 19:07:00 GMT
truncated
/ Frame ECB4 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1d4ec7d6c3874679ce60a2089cc201a6300bca791ed0aa28ca0f36448d50e1ad

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type
image/png
si
googleads.g.doubleclick.net/pagead/drt/ Frame E858
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Redirect headers

date
Sun, 20 Feb 2022 07:23:32 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
lg.php
cdn.firstimpression.io/delivery/ 		1 B
454 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://cdn.firstimpression.io/delivery/lg.php?bannerid=67472&campaignid=32&zoneid=110722&dt=1&_fiid=A7&cb=94972336
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/fi_client.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-124.fra6.r.cloudfront.net
Software
nginx/1.18.0 / PHP/7.3.23
Resource Hash
cdb4ee2aea69cc6a83331bbe96dc2caa9a299d21329efb0336fc02a82e1839a8

Request headers

Referer
https://www.staradvertiser.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 20 Feb 2022 07:23:32 GMT
content-encoding
gzip
server
nginx/1.18.0
x-amz-cf-pop
FRA6-C1
x-powered-by
PHP/7.3.23
vary
Accept-Encoding
x-cache
Miss from cloudfront
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.staradvertiser.com
cache-control
no-cache, no-store, must-revalidate
content-type
text/html; charset=UTF-8
x-amz-cf-id
Yyx0JBQgUVAvstbuvPie1MOd3YUTEnia82R-DUiQNPVdopp26gwPxg==
via
1.1 71b147cd3102755b55ba8b6fd34e3f4a.cloudfront.net (CloudFront)
expires
0
58dd42ce-1cdb-4ab3-8524-38a7cdc64a9d.js
d3lcz8vpax4lo2.cloudfront.net/header-tags/134cd2a0-7eab-4f89-ad56-f416cc5743c6/ Frame 729F 		169 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3lcz8vpax4lo2.cloudfront.net/header-tags/134cd2a0-7eab-4f89-ad56-f416cc5743c6/58dd42ce-1cdb-4ab3-8524-38a7cdc64a9d.js
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/ads-code/134cd2a0-7eab-4f89-ad56-f416cc5743c6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:8800:1c:386f:ec80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d8f917b12778d4a22a9547d1725638c0c428398479c5dea57664d0045552b930

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id
Lx6K0etpQijmMYCfHMf5IsP1s4CQr02V
content-encoding
gzip
last-modified
Mon, 14 Feb 2022 17:56:45 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
etag
W/"ee311ae0819b9ba4d27cba803bb90140"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript
via
1.1 89cb19c6f2c9ed0983294d3b12e80e42.cloudfront.net (CloudFront)
cache-control
max-age=60
date
Sun, 20 Feb 2022 07:23:33 GMT
x-amz-cf-id
E3l1rcNVd5J2p_d9rYikGSn7N0c3IeYwKi_zwfkKBp3OhKLKp2A-1Q==
/
geoip.instiengage.com/json/ Frame 729F 		210 B
400 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://geoip.instiengage.com/json/
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/ads-code/134cd2a0-7eab-4f89-ad56-f416cc5743c6.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.202.78.124 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-202-78-124.compute-1.amazonaws.com
Software
/
Resource Hash
70fb114037fd9e681fa34ca7bfe2c107d7c85420d7511762e934eeaed9bc6d64

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

access-control-allow-origin
https://www.staradvertiser.com
date
Sun, 20 Feb 2022 07:23:32 GMT
access-control-allow-credentials
true
x-database-date
Sun, 20 Feb 2022 05:37:49 GMT
content-length
210
vary
Origin
content-type
application/json
index.html
auth.instiengage.com/auth/ Frame 25C5 		73 B
427 B 		Document
General
Check archive.org
Download Go to
Full URL
https://auth.instiengage.com/auth/index.html
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/ads-code/134cd2a0-7eab-4f89-ad56-f416cc5743c6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2182:8a00:9:78a:e540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fb7e70becd9b9f29c4afe8b2b82eef24739e120c0abafc812e24c8362657f37d

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/

Response headers

content-type
text/html
content-length
73
last-modified
Thu, 28 Oct 2021 14:58:38 GMT
x-amz-version-id
Z_9pWwT0klc7emOur8LDxIaKOSvjAB6l
accept-ranges
bytes
server
AmazonS3
date
Sun, 20 Feb 2022 07:21:03 GMT
etag
"d143b1e94cfb2dcb20bcad0f44fd1f0a"
x-cache
Hit from cloudfront
via
1.1 c51e3be89c14e3f859ea898f7e36ecec.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-C1
x-amz-cf-id
urSovFELsbYiup6RPC37eWNGbAePoVO8va0ow1SC5zx9zB6Z9Ok8nQ==
age
191
41e899d4-eecb-4906-b3ea-3f7a3f7fae2f
analyticssystems.net/api/v2/ad/impression/ Frame 0F0A 		0
555 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analyticssystems.net/api/v2/ad/impression/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f?rand=1074570
Requested by
Host: 05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com
URL: https://05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:251b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:32 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yrRXBSHJw8lV6OHNf1oAsd5KMWj50rXGZtOjIVVeNbw9H4aosjD2Rm8TN76YJtQAjrXuC3priaxS3O%2FKBiRzMJ3dK7VF%2ByN5naYMo2BkzhN3fVrz9JXGgWq%2BrJC683%2B7gDodmiJJg%2FMbdt94snThi%2F7wEg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
cf-ray
6e05fd7679405a07-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-request-id
FtVtqTASLQfNH9EAwjhB
41e899d4-eecb-4906-b3ea-3f7a3f7fae2f
analyticssystems.net/api/v2/ad/impression/ Frame E07B 		0
550 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analyticssystems.net/api/v2/ad/impression/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f?rand=805731
Requested by
Host: 05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com
URL: https://05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:251b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:32 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=31qaGP0A3Dtzg3RKX5UxvhhwvRJnmwuB16wsmgnPrzvdgBpbnzpwLouFfQ9coh%2BqWLLPRqZzdipLWFQ5RFOgDQZku6dUKtPJmvX4ie9McRiUviqdnEhUaJV2DP7QPRzk8%2FEhbzav6RziqE0rRFHrTwUVAA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
cf-ray
6e05fd76b9ad5a07-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-request-id
FtVtqTIcezKwUgIBCV8R
view
securepubads.g.doubleclick.net/pcs/ Frame ECB4 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvjLtBQkWx5pT_e2kh-GyWVjWUauFnXWzuCy0jX402BBzDV8p1D0gKssN9klAc2EjDpIJmVjXZMTRA4xzjxdagceDJAceU42EsErBQJ0N24GJhkqIqH-da2a2ZiGtyMhCKKgHZdIX8WjMZ1sg10mShtW14NfLygSjkyxb0pNaCd0G9rROPnvmNCnrcykhxIHMbv_FpVL0NAJt98NvcQ0y9_putmkhLj9m-5wb6Wv3g9NuQwhU0WC_8cf8VUeTYfHkSToAwNMJ_h_kkk7SIVM7j8ZFv1jBPwuuwgFac3oPsPFktPtHvt0ZEa3MIE9bKymlVRatQ8zcwx&sig=Cg0ArKJSzGsH6zHyPGSmEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 20 Feb 2022 07:23:32 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Sun, 20 Feb 2022 07:23:32 GMT
22e2c9d8-f932-4873-bbff-a44b6936e7fa
https://05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com/ Frame 0F0A 		789 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com/22e2c9d8-f932-4873-bbff-a44b6936e7fa
Requested by
Host: 05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com
URL: https://05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
af79010f58afe12a54ef84b6e5c79b3c1c1542dfd88ff5ba29c0507a71f00d8a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Length
789
Content-Type
application/javascript
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202090102/ 		290 KB
104 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202090102/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3622156405313063&plah=www.staradvertiser.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cde8796cabb7b93bbcf7c8a4bd2d39b926a22d2dfbbe6a37fdafd10c5bd8f965
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
106772
x-xss-protection
0
server
cafe
etag
16804192996499609317
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sun, 20 Feb 2022 07:23:32 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220216/r20190131/ Frame E548 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220216/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0ce5fc08d0f617e71e1d61bcd79fc7cc1855f4221945b0c09ac774685fe7f52c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4502
x-xss-protection
0
date
Sun, 20 Feb 2022 03:15:22 GMT
expires
Sun, 06 Mar 2022 03:15:22 GMT
cache-control
public, max-age=1209600
age
14890
etag
4044455266028820542
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
41e899d4-eecb-4906-b3ea-3f7a3f7fae2f
analyticssystems.net/api/v2/ad/impression/ Frame B1E9 		0
553 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analyticssystems.net/api/v2/ad/impression/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f?rand=333772
Requested by
Host: 05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com
URL: https://05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:251b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:32 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fBAaYE13j3Szvgnl6v7V%2FpLXWFRqzCroPW1FlMEKMzPGEJxKWNzo5wcA1q3wcYd03eHklB3LJiXt1QCND85v348GVnR%2BLW93z69Ba%2BnYbrdjnkNQejyDyZ3hdVA%2FduyZ0DQXeTngsd8hx5RnesXilXX1Mw%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
cf-ray
6e05fd76c9c95a07-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-request-id
FtVtqTLDi-26kkkBCV8x
95f14a21-499b-4b12-b7df-0e3e8fbeba32
https://05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com/ Frame E07B 		789 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com/95f14a21-499b-4b12-b7df-0e3e8fbeba32
Requested by
Host: 05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com
URL: https://05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
af79010f58afe12a54ef84b6e5c79b3c1c1542dfd88ff5ba29c0507a71f00d8a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Length
789
Content-Type
application/javascript
9babddc0-fdad-4a80-9306-b0d4d0b4e5be
https://05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com/ Frame B1E9 		789 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com/9babddc0-fdad-4a80-9306-b0d4d0b4e5be
Requested by
Host: 05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com
URL: https://05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
af79010f58afe12a54ef84b6e5c79b3c1c1542dfd88ff5ba29c0507a71f00d8a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Length
789
Content-Type
application/javascript
3836428205810490512
tpc.googlesyndication.com/simgad/ Frame 0F0A 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/3836428205810490512?w=100&h=100
Requested by
Host: 05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com
URL: https://05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
27c71a9e2cb0bb6595a57b297c1c94503b0fa7dac371945e68af53741592cc55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 19 Feb 2022 16:46:17 GMT
x-content-type-options
nosniff
age
52635
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3447
x-xss-protection
0
last-modified
Thu, 12 Aug 2021 09:30:40 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 19 Feb 2023 16:46:17 GMT
bundle.js
auth.instiengage.com/auth/ Frame 25C5 		74 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://auth.instiengage.com/auth/bundle.js
Requested by
Host: auth.instiengage.com
URL: https://auth.instiengage.com/auth/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2182:8a00:9:78a:e540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
454e275a24548d7c90f785185bef0f45a1a31227dbdf262e23663d3a1c893d34

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://auth.instiengage.com/auth/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id
z9_dsDhFEXvmKWuBLcY14W3grjGzZbNe
content-encoding
br
last-modified
Fri, 11 Feb 2022 18:07:15 GMT
server
AmazonS3
age
190
etag
W/"9bea1145c763a33ae96eac3f3997743f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 c51e3be89c14e3f859ea898f7e36ecec.cloudfront.net (CloudFront)
date
Sun, 20 Feb 2022 07:20:32 GMT
x-amz-cf-pop
DUS51-C1
x-amz-cf-id
hedj1hDTMUy2qgjUFKVO4ZGegVie7RgCG8qvnen6B0ceAxSuL3QkHA==
adview
securepubads.g.doubleclick.net/pagead/ Frame 0F0A 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CWPjEcuwRYuCgNM_k3wPQrpzYDbz1nKRn0tXh-NcOZBABILmOkB9glfrwgYwHoAGwp6-7AcgBCakCnSkMHmn-sj7gAgCoAwHIA5sEqgSYAk_QIpWwTSfiUaEAloxlNEMZrllW8e4bUn4hZjtW6uID8xiiTfKWpc7nV4NVr5ZXWPXzn-yjMl8USOaiE8mmwjhtpJ4D-ifC9h34gWyPC2rd_mSYUuQfL5KTdwlu8qaAO9rZ1aqqWkwY_d4yZZUbzVrQMHbiXwDM0zmvQ0rPG8XYpJEbmz8oTY-yWaF_amV2TPTzUGdR5j5_arXhum-l3su-NjAFKiF0gOgYPa_bIsqqLowSqw-oUPeBuO3GGgvKgP9GdgDC2tuLyecQqoGfFbhkgz6xtUqu5ofzbATMZHtfgEHJkBdUarw7CafelrmUFUrImmSh3dUQpr7euzojSaPyTZBqRf0rwK9pqF-efxiKej-qlm87hijABOa6jszKA-AEAZIFBAgEGAGSBQQIBRgEoAYugAe42NDEAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcA8gcEELfxENIICQiA4YBwEAEYHYAKA8gLAZgMipzYvsIDuBODBNgTDtAVAZgWAYAXAbIXHgocCAASFHB1Yi0zMjM4NTU1MjE4NTg4NDM5GLGzDA&sigh=nbODhFLPBbs&uach_m=[UACH]&template_id=515
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers
adview
securepubads.g.doubleclick.net/pagead/ Frame B1E9 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CkC_AcuwRYuugNM_k3wPQrpzYDcme0rFc1Z2R93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItMzIzODU1NTIxODU4ODQzOaAB1bbS6gPIAQmpAp0pDB5p_rI-4AIAqAMBqgSNAk_QIiYDpTOAkFDpln5z5S7ZETsjP4J7OuTppKobjfeTQxRa8pza14T92YsexYQj7EWCSjGJ4LkL0H1xZj-SdzwUFfS-E949nhTDsxcp4O6iHmPSJ03UruD6xMZdOZAnq7NjgffOSofrw-aB2XwCXof5ZjuO61tP9hNevOlRqey-Audo_YSyoEjbZIl3NO0ENErQPPRSoDcm9ESYnoeTOdOVd5sMwBIn7I1Hl6FmVYNvvBpVnjHSoH1xi0P582OtbAw9WWQRQryi5AEM8wO8aW9kFg1_Dt8jHknEnXWKhBHfBod-GuGWJU8mGFtdCseGwCSBknM8jIeq9ZT26ckDcHDcuVnnUEk2Jr3s5u0A4AQBgAbVhOaA36Xa8e8BoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YBwEAGACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItMzIzODU1NTIxODU4ODQzORixsww&sigh=hUeEtlZbwXc&uach_m=[UACH]&cid=CAQSOwCNIrLM6A4XDVSMz6KlP7JM45bwIq_GTEgq1-v4yeM6qxrodtnKdjJAi1jafX4YCAYfSLwpBIfkaX3HGAE
Requested by
Host: 05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com
URL: https://05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers
notify
rtb.fr.eu.criteo.com/google/auction/ Frame B1E9 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.fr.eu.criteo.com/google/auction/notify?profile=14&payload=U664EvKUWKwC-gGdg2ICAgAAAAoxdSRftf8VcNRne9E5FKgQcuwRYuMj435Lsyb5Bd7lABI&wp=YhHscgANEGsKd_JPAAcXUKaNS-Su82-AAaMWow
Requested by
Host: 05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com
URL: https://05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:32 GMT
server
Kestrel
server-processing-duration-in-ticks
260904
content-length
0
strict-transport-security
max-age=31536000; preload;
afr.php
ads.eu.criteo.com/delivery/r/ Frame A493 		123 KB
43 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=YhHscgANEGsKd_JPAAcXUKaNS-Su82-AAaMWow&u=%7C3Ae6XUVM5YsCZvO9ZfwGRLGqcLFowTnHs6qvc1hSm2A%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy4hWcTbYRg2vYoe_NV4-wFy2V2s43upahrm1qeVDeAQKUiYWqHKCPkZge7omYNjoQnM8fBorwc3VblsKUOcbG3WjmHU41i2x10lFMkQsgBqx1g0ALP2TEXDFZxMZUSEWn5hMax-Mj0jcaWr06qi9GrPbk3osEm_Yk2wlAohmCyJat5m2S2tx7yN39tr4dtdaqBTfvOchfGX61eW5hHHR-Fap3XFhRoKT6-v1VglpMRZD26lIEq35V7w-7d-Kz6j92a-nDjpjhlQtrztxjKmKCFGkSArKm1-Xei4S-agYp6XTqpOKKuapjBGK9toQXG7CHqYq5o1R6ERhVN0EWGBmcZ2dPMe2VXjDOd4McLhAnwWIf4JuQxq2iMB7AXHw-PahRqHg5D1p5b8w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCkRYXcuwRYuugNM_k3wPQrpzYDcme0rFc1Z2R93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItMzIzODU1NTIxODU4ODQzOaAB1bbS6gPIAQmpAp0pDB5p_rI-4AIAqAMBqgSQAk_QIiYDpTOAkFDpln5z5S7ZETsjP4J7OuTppKobjfeTQxRa8pza14T92YsexYQj7EWCSjGJ4LkL0H1xZj-SdzwUFfS-E949nhTDsxcp4O6iHmPSJ03UruD6xMZdOZAnq7NjgffOSofrw-aB2XwCXof5ZjuO61tP9hNevOlRqey-Audo_YSyoEjbZIl3NO0ENErQPPRSoDcm9ESYnoeTOdOVd5sMwBIn7I1Hl6FmVYNvvBpVnjHSoH1xi0P582OtbAw9WWQRQryi5AEM8wO8aW9kFg1_Dt8jHknEnXWKhBHfBod-GuGWJQ0kOcnahVuVf7iVMaMBKn-j4Z5A4-cb8sQUhP8V71caPjhGYv6_X0xH4AQBgAbVhOaA36Xa8e8BoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YBwEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1vQhiVqWRwKWjZN99kGFLpVSl_og%26client%3Dca-pub-3238555218588439%26adurl%3D
Requested by
Host: 05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com
URL: https://05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::18 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
a6be68a9d4749cc45950c096e74e6da90a6906acbf33556b8228c528c4ef9384
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com/

Response headers

date
Sun, 20 Feb 2022 07:23:31 GMT
content-type
text/html
server
Kestrel
cache-control
private, max-age=0, no-cache
pragma
no-cache
expires
Mon, 26 Jul 1997 05:00:00 GMT
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cross-origin-resource-policy
cross-origin
p3p
CP='CUR ADM OUR NOR STA NID'
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=fg_sK0aElC0RxHemYY73FlMdQOLDiXeGjFYRDPPLghvyqw0wor3eBCmCM4kYNBCfZujbKEW8WvhVpHOfa_JNPr2Qwn4G6OO9l12PbBYtInqKdJw2qlm0M_-hysFyWtYZaypYD8AsyMHu72HNSRfabWXRkgSKPyj211rljTlupIq_gWwMb8ejjXAnCd3q7AWb9rAr4IxNkquisdW2ejfaINl2paRQgLunB-YHEpvLTLk4de4SjT7a6yIov2aVI_y_CXBgWQ"}], "max_age": 86400}
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
server-processing-duration-in-ticks
62158402
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
vary
Accept-Encoding
truncated
/ Frame B1E9 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7a0fce4d652c87e7887e40fe40044a465387f81b644053052afa6040d3b52406

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type
image/png
3836428205810490512
tpc.googlesyndication.com/simgad/ Frame E07B 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/3836428205810490512?w=100&h=100
Requested by
Host: 05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com
URL: https://05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
27c71a9e2cb0bb6595a57b297c1c94503b0fa7dac371945e68af53741592cc55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 19 Feb 2022 16:46:17 GMT
x-content-type-options
nosniff
age
52635
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3447
x-xss-protection
0
last-modified
Thu, 12 Aug 2021 09:30:40 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 19 Feb 2023 16:46:17 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame E07B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C1VGWcuwRYuagNM_k3wPQrpzYDbz1nKRn0tXh-NcOZBABILmOkB9glfrwgYwHoAGwp6-7AcgBCakCnSkMHmn-sj7gAgCoAwHIA5sEqgSYAk_QLADBbVKR3kWcDKFMtnlg8vmMmBdq25aFM4QzqxLfqCxsiiMjNpoitkdqDXcGhqfvZNAk03MJOENl9CilHWLx-8pdlP2OjdL-2bWf7-_VOuOmlEqTFjLAIev20mTyGQYIJrKe3tKW0R6bUUsl9r3505zz2gaeqY9AYHH5yFMxmNFrYEclpVIcIzLvZA2HD1kuY5y2IeZjNXXmj8QwzWeHbanAy3YVUqggGtY9WEUYjRbjx8d4o3oJVv3dLJ6N3itnIdbC0HEIYKaW9V-aG0AtyavPuGUu2qsMndpy5lEdiEQfzz_6xeUvEs6nWB_LvqnJJw9wTlk7PFeUkT1QNq_xgLspL9k2D-OjbOk5xfwEE5NyN5xruyfABOa6jszKA-AEAZIFBAgEGAGSBQQIBRgEoAYugAe42NDEAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcA8gcEELPPEdIICQiA4YBwEAEYHYAKA8gLAZgMipzYvsIDuBODBNgTDtAVAZgWAYAXAbIXHgocCAASFHB1Yi0zMjM4NTU1MjE4NTg4NDM5GLGzDA&sigh=kAtalITVuVw&uach_m=[UACH]&template_id=515
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers
gen_204
pagead2.googlesyndication.com/pagead/ Frame DAAB 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=jca&jc=26&version=r20220216&sample=0.01
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/js/r20220216/r20110914/client/load_preloaded_resource_fy2019.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 20 Feb 2022 07:23:32 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ Frame DAAB 		218 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
47d95f274189db8cfcec62a09f345c8f8f71ec3e8b9dd5cc56aa4b0843c9b92c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 0F0A 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8b4d784549390c2f0d91427b78a1fc8085426d6dffa19d827e4e15605b728314

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame E07B 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d83f32899e2ffd78be6e1bf35ebb10dea45a132fb9e5c22b1adb36c4ce0ead6d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type
image/png
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v41/ Frame DAAB 		28 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v41/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
05e2888e835d97fe6e4cfb256f62f47d5dccf6d9ac202ea9d82a6bc2b1716c1d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 18 Feb 2022 00:52:22 GMT
x-content-type-options
nosniff
age
196270
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28196
x-xss-protection
0
last-modified
Tue, 18 Jan 2022 17:53:50 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sat, 18 Feb 2023 00:52:22 GMT
cookie.js
partner.googleadservices.com/gampad/ 		222 B
651 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.staradvertiser.com&callback=_gfp_s_&client=ca-pub-3622156405313063&cookie=ID%3D5ce8b7f408438eaa%3AT%3D1645341809%3AS%3DALNI_MYPTfGaIPvuRDooZfs1nJVx84JKUQ
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202090102/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3622156405313063&plah=www.staradvertiser.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
62fb3b623a9ce92db388f15f17a878c180f3a20d76d55e0923dc5f281e9544d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
207
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.staradvertiser.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202090102/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3622156405313063&plah=www.staradvertiser.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 20 Feb 2022 07:23:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.staradvertiser.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202090102/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3622156405313063&plah=www.staradvertiser.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 20 Feb 2022 07:23:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 3E87 		16 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-3622156405313063&output=html&h=90&slotname=e1c6b69.f9e07fc&adk=139176089&adf=3713705667&pi=t.ma~as.e1c6b69.f9e07fc&w=728&lmt=1645341812&psa=0&format=728x90&url=https%3A%2F%2Fwww.staradvertiser.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645341812162&bpp=4&bdt=5178&idt=587&shv=r20220216&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5ce8b7f408438eaa%3AT%3D1645341809%3AS%3DALNI_MYPTfGaIPvuRDooZfs1nJVx84JKUQ&correlator=6178148257708&frm=20&pv=2&ga_vid=565048288.1645341808&ga_sid=1645341809&ga_hid=907291583&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=140&ady=3427&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C44756084&oid=2&pvsid=3369027831208136&pem=161&tmod=1865825641&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CpoeEbr%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=33&uci=a!x&btvi=1&fsb=1&xpc=XdTEsGSshm&p=https%3A//www.staradvertiser.com&dtd=601
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202090102/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3622156405313063&plah=www.staradvertiser.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6ac2f9dbccc111645dbfd1aa2256b25ce23fc7396a9311099eed7f3077e842f1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Sun, 20 Feb 2022 07:23:32 GMT
server
cafe
content-length
8594
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
tracking-event
api.webgains.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.242.207.34 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-242-207-34.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://as.ad4m.at
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Sun, 20 Feb 2022 07:23:32 GMT
server
nginx
access-control-allow-origin
*
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
tracking-event
api.webgains.io/ Frame 5179 		16 B
232 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.242.207.34 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-242-207-34.eu-west-1.compute.amazonaws.com
Software
nginx / PHP/7.4.25
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 20 Feb 2022 07:23:33 GMT
x-content-type-options
nosniff
server
nginx
x-powered-by
PHP/7.4.25
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-xss-protection
1; mode=block
tracking-event
api.webgains.io/ Frame 5179 		16 B
232 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.242.207.34 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-242-207-34.eu-west-1.compute.amazonaws.com
Software
nginx / PHP/7.4.25
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 20 Feb 2022 07:23:33 GMT
x-content-type-options
nosniff
server
nginx
x-powered-by
PHP/7.4.25
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-xss-protection
1; mode=block
tracking-event
api.webgains.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.242.207.34 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-242-207-34.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://as.ad4m.at
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Sun, 20 Feb 2022 07:23:32 GMT
server
nginx
access-control-allow-origin
*
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v41/ Frame 0F0A 		28 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v41/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
05e2888e835d97fe6e4cfb256f62f47d5dccf6d9ac202ea9d82a6bc2b1716c1d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 18 Feb 2022 00:52:22 GMT
x-content-type-options
nosniff
age
196270
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28196
x-xss-protection
0
last-modified
Tue, 18 Jan 2022 17:53:50 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sat, 18 Feb 2023 00:52:22 GMT
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v41/ Frame E07B 		28 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v41/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
05e2888e835d97fe6e4cfb256f62f47d5dccf6d9ac202ea9d82a6bc2b1716c1d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 18 Feb 2022 00:52:22 GMT
x-content-type-options
nosniff
age
196270
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28196
x-xss-protection
0
last-modified
Tue, 18 Jan 2022 17:53:50 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sat, 18 Feb 2023 00:52:22 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fwww.staradvertiser.com%2F&tn=DIV&id=ToSPPAlert&cls=alert%20alert-info%20text-center%20alert-dismissible%20fixed-bottom%20mb-0%20py-md-4%20fade%20show%20rounded-0&ign=false&pw=1600&ph=1200&x=0&y=1130.4
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 20 Feb 2022 07:23:32 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fwww.staradvertiser.com%2F&tn=NAV&cls=topnav&ign=false&pw=1600&ph=1200&x=0&y=0
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 20 Feb 2022 07:23:32 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame D3E7 		0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-3622156405313063&output=html&adk=1812271804&adf=3025194257&lmt=1645341812&plat=1%3A16777216%2C2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&plas=123x990_l%7C123x990_r&format=0x0&url=https%3A%2F%2Fwww.staradvertiser.com%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645341812179&bpp=2&bdt=5195&idt=660&shv=r20220216&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5ce8b7f408438eaa%3AT%3D1645341809%3AS%3DALNI_MYPTfGaIPvuRDooZfs1nJVx84JKUQ&prev_fmts=728x90&nras=1&correlator=6178148257708&frm=20&pv=1&ga_vid=565048288.1645341808&ga_sid=1645341809&ga_hid=907291583&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C44756084&oid=2&pvsid=3369027831208136&pem=161&tmod=1865825641&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=34&uci=a!y&fsb=1&dtd=725
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202090102/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3622156405313063&plah=www.staradvertiser.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Sun, 20 Feb 2022 07:23:32 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
privacy_small.svg
static.criteo.net/flash/icon/ Frame A493 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YhHscgANEGsKd_JPAAcXUKaNS-Su82-AAaMWow&u=%7C3Ae6XUVM5YsCZvO9ZfwGRLGqcLFowTnHs6qvc1hSm2A%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy4hWcTbYRg2vYoe_NV4-wFy2V2s43upahrm1qeVDeAQKUiYWqHKCPkZge7omYNjoQnM8fBorwc3VblsKUOcbG3WjmHU41i2x10lFMkQsgBqx1g0ALP2TEXDFZxMZUSEWn5hMax-Mj0jcaWr06qi9GrPbk3osEm_Yk2wlAohmCyJat5m2S2tx7yN39tr4dtdaqBTfvOchfGX61eW5hHHR-Fap3XFhRoKT6-v1VglpMRZD26lIEq35V7w-7d-Kz6j92a-nDjpjhlQtrztxjKmKCFGkSArKm1-Xei4S-agYp6XTqpOKKuapjBGK9toQXG7CHqYq5o1R6ERhVN0EWGBmcZ2dPMe2VXjDOd4McLhAnwWIf4JuQxq2iMB7AXHw-PahRqHg5D1p5b8w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCkRYXcuwRYuugNM_k3wPQrpzYDcme0rFc1Z2R93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItMzIzODU1NTIxODU4ODQzOaAB1bbS6gPIAQmpAp0pDB5p_rI-4AIAqAMBqgSQAk_QIiYDpTOAkFDpln5z5S7ZETsjP4J7OuTppKobjfeTQxRa8pza14T92YsexYQj7EWCSjGJ4LkL0H1xZj-SdzwUFfS-E949nhTDsxcp4O6iHmPSJ03UruD6xMZdOZAnq7NjgffOSofrw-aB2XwCXof5ZjuO61tP9hNevOlRqey-Audo_YSyoEjbZIl3NO0ENErQPPRSoDcm9ESYnoeTOdOVd5sMwBIn7I1Hl6FmVYNvvBpVnjHSoH1xi0P582OtbAw9WWQRQryi5AEM8wO8aW9kFg1_Dt8jHknEnXWKhBHfBod-GuGWJQ0kOcnahVuVf7iVMaMBKn-j4Z5A4-cb8sQUhP8V71caPjhGYv6_X0xH4AQBgAbVhOaA36Xa8e8BoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YBwEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1vQhiVqWRwKWjZN99kGFLpVSl_og%26client%3Dca-pub-3238555218588439%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:32 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 15 Feb 2023 07:23:32 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame A493 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YhHscgANEGsKd_JPAAcXUKaNS-Su82-AAaMWow&u=%7C3Ae6XUVM5YsCZvO9ZfwGRLGqcLFowTnHs6qvc1hSm2A%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy4hWcTbYRg2vYoe_NV4-wFy2V2s43upahrm1qeVDeAQKUiYWqHKCPkZge7omYNjoQnM8fBorwc3VblsKUOcbG3WjmHU41i2x10lFMkQsgBqx1g0ALP2TEXDFZxMZUSEWn5hMax-Mj0jcaWr06qi9GrPbk3osEm_Yk2wlAohmCyJat5m2S2tx7yN39tr4dtdaqBTfvOchfGX61eW5hHHR-Fap3XFhRoKT6-v1VglpMRZD26lIEq35V7w-7d-Kz6j92a-nDjpjhlQtrztxjKmKCFGkSArKm1-Xei4S-agYp6XTqpOKKuapjBGK9toQXG7CHqYq5o1R6ERhVN0EWGBmcZ2dPMe2VXjDOd4McLhAnwWIf4JuQxq2iMB7AXHw-PahRqHg5D1p5b8w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCkRYXcuwRYuugNM_k3wPQrpzYDcme0rFc1Z2R93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItMzIzODU1NTIxODU4ODQzOaAB1bbS6gPIAQmpAp0pDB5p_rI-4AIAqAMBqgSQAk_QIiYDpTOAkFDpln5z5S7ZETsjP4J7OuTppKobjfeTQxRa8pza14T92YsexYQj7EWCSjGJ4LkL0H1xZj-SdzwUFfS-E949nhTDsxcp4O6iHmPSJ03UruD6xMZdOZAnq7NjgffOSofrw-aB2XwCXof5ZjuO61tP9hNevOlRqey-Audo_YSyoEjbZIl3NO0ENErQPPRSoDcm9ESYnoeTOdOVd5sMwBIn7I1Hl6FmVYNvvBpVnjHSoH1xi0P582OtbAw9WWQRQryi5AEM8wO8aW9kFg1_Dt8jHknEnXWKhBHfBod-GuGWJQ0kOcnahVuVf7iVMaMBKn-j4Z5A4-cb8sQUhP8V71caPjhGYv6_X0xH4AQBgAbVhOaA36Xa8e8BoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YBwEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1vQhiVqWRwKWjZN99kGFLpVSl_og%26client%3Dca-pub-3238555218588439%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:32 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 15 Feb 2023 07:23:32 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame A493 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YhHscgANEGsKd_JPAAcXUKaNS-Su82-AAaMWow&u=%7C3Ae6XUVM5YsCZvO9ZfwGRLGqcLFowTnHs6qvc1hSm2A%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy4hWcTbYRg2vYoe_NV4-wFy2V2s43upahrm1qeVDeAQKUiYWqHKCPkZge7omYNjoQnM8fBorwc3VblsKUOcbG3WjmHU41i2x10lFMkQsgBqx1g0ALP2TEXDFZxMZUSEWn5hMax-Mj0jcaWr06qi9GrPbk3osEm_Yk2wlAohmCyJat5m2S2tx7yN39tr4dtdaqBTfvOchfGX61eW5hHHR-Fap3XFhRoKT6-v1VglpMRZD26lIEq35V7w-7d-Kz6j92a-nDjpjhlQtrztxjKmKCFGkSArKm1-Xei4S-agYp6XTqpOKKuapjBGK9toQXG7CHqYq5o1R6ERhVN0EWGBmcZ2dPMe2VXjDOd4McLhAnwWIf4JuQxq2iMB7AXHw-PahRqHg5D1p5b8w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCkRYXcuwRYuugNM_k3wPQrpzYDcme0rFc1Z2R93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItMzIzODU1NTIxODU4ODQzOaAB1bbS6gPIAQmpAp0pDB5p_rI-4AIAqAMBqgSQAk_QIiYDpTOAkFDpln5z5S7ZETsjP4J7OuTppKobjfeTQxRa8pza14T92YsexYQj7EWCSjGJ4LkL0H1xZj-SdzwUFfS-E949nhTDsxcp4O6iHmPSJ03UruD6xMZdOZAnq7NjgffOSofrw-aB2XwCXof5ZjuO61tP9hNevOlRqey-Audo_YSyoEjbZIl3NO0ENErQPPRSoDcm9ESYnoeTOdOVd5sMwBIn7I1Hl6FmVYNvvBpVnjHSoH1xi0P582OtbAw9WWQRQryi5AEM8wO8aW9kFg1_Dt8jHknEnXWKhBHfBod-GuGWJQ0kOcnahVuVf7iVMaMBKn-j4Z5A4-cb8sQUhP8V71caPjhGYv6_X0xH4AQBgAbVhOaA36Xa8e8BoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YBwEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1vQhiVqWRwKWjZN99kGFLpVSl_og%26client%3Dca-pub-3238555218588439%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:32 GMT
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Wed, 15 Feb 2023 07:23:32 GMT
back_button.svg
static.criteo.net/flash/icon/ Frame A493 		507 B
835 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YhHscgANEGsKd_JPAAcXUKaNS-Su82-AAaMWow&u=%7C3Ae6XUVM5YsCZvO9ZfwGRLGqcLFowTnHs6qvc1hSm2A%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy4hWcTbYRg2vYoe_NV4-wFy2V2s43upahrm1qeVDeAQKUiYWqHKCPkZge7omYNjoQnM8fBorwc3VblsKUOcbG3WjmHU41i2x10lFMkQsgBqx1g0ALP2TEXDFZxMZUSEWn5hMax-Mj0jcaWr06qi9GrPbk3osEm_Yk2wlAohmCyJat5m2S2tx7yN39tr4dtdaqBTfvOchfGX61eW5hHHR-Fap3XFhRoKT6-v1VglpMRZD26lIEq35V7w-7d-Kz6j92a-nDjpjhlQtrztxjKmKCFGkSArKm1-Xei4S-agYp6XTqpOKKuapjBGK9toQXG7CHqYq5o1R6ERhVN0EWGBmcZ2dPMe2VXjDOd4McLhAnwWIf4JuQxq2iMB7AXHw-PahRqHg5D1p5b8w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCkRYXcuwRYuugNM_k3wPQrpzYDcme0rFc1Z2R93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItMzIzODU1NTIxODU4ODQzOaAB1bbS6gPIAQmpAp0pDB5p_rI-4AIAqAMBqgSQAk_QIiYDpTOAkFDpln5z5S7ZETsjP4J7OuTppKobjfeTQxRa8pza14T92YsexYQj7EWCSjGJ4LkL0H1xZj-SdzwUFfS-E949nhTDsxcp4O6iHmPSJ03UruD6xMZdOZAnq7NjgffOSofrw-aB2XwCXof5ZjuO61tP9hNevOlRqey-Audo_YSyoEjbZIl3NO0ENErQPPRSoDcm9ESYnoeTOdOVd5sMwBIn7I1Hl6FmVYNvvBpVnjHSoH1xi0P582OtbAw9WWQRQryi5AEM8wO8aW9kFg1_Dt8jHknEnXWKhBHfBod-GuGWJQ0kOcnahVuVf7iVMaMBKn-j4Z5A4-cb8sQUhP8V71caPjhGYv6_X0xH4AQBgAbVhOaA36Xa8e8BoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YBwEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1vQhiVqWRwKWjZN99kGFLpVSl_og%26client%3Dca-pub-3238555218588439%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:32 GMT
last-modified
Thu, 01 Apr 2021 14:03:13 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"6065d2a1-1fb"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
507
expires
Wed, 15 Feb 2023 07:23:32 GMT
lg.php
cat.fr.eu.criteo.com/m/delivery/ Frame A493 		43 B
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.fr.eu.criteo.com/m/delivery/lg.php?cppv=3&cpp=MVHWtxqlfRCyp23Y0LqCi4FXhftn0OTELH2VbNhFdE035rGgAMV0sEiqC-O0WKcGfc9tuj5jHDl_bPtHuONuBlsOaLjK09zPOy439ZGB8SeKrtLm5BmkyZzCpb84MfE3RvRe68hMsVcZD39TftfBIJ7hYqTS6DdmrnKY4cv4g9wldLgIEonvThNrzFj5Ksd5ttQmoaH92XrrGaxDqQ3QpZ2BMsyXJBuKxPc2SHQDc62jQgDSc0qgdQHLRCABqEzMypAfKB1bDMi4R-nYyy1XgvMvpoBOoarXRvop7_S5J-KmXscoGisYbUHUisczTbR48fG2Z96BkawbObggheFKJzZbSJWYbO39MNUryQk0gp9ZaJwObb-Zk15WFkcioaXWWXOQz28GYahJ2iRUtTJMcUcNYqfMww_Ty-OiyOEY3-VNl00FJh7e2mDi7F3dRhiDt1uzcw
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YhHscgANEGsKd_JPAAcXUKaNS-Su82-AAaMWow&u=%7C3Ae6XUVM5YsCZvO9ZfwGRLGqcLFowTnHs6qvc1hSm2A%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy4hWcTbYRg2vYoe_NV4-wFy2V2s43upahrm1qeVDeAQKUiYWqHKCPkZge7omYNjoQnM8fBorwc3VblsKUOcbG3WjmHU41i2x10lFMkQsgBqx1g0ALP2TEXDFZxMZUSEWn5hMax-Mj0jcaWr06qi9GrPbk3osEm_Yk2wlAohmCyJat5m2S2tx7yN39tr4dtdaqBTfvOchfGX61eW5hHHR-Fap3XFhRoKT6-v1VglpMRZD26lIEq35V7w-7d-Kz6j92a-nDjpjhlQtrztxjKmKCFGkSArKm1-Xei4S-agYp6XTqpOKKuapjBGK9toQXG7CHqYq5o1R6ERhVN0EWGBmcZ2dPMe2VXjDOd4McLhAnwWIf4JuQxq2iMB7AXHw-PahRqHg5D1p5b8w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCkRYXcuwRYuugNM_k3wPQrpzYDcme0rFc1Z2R93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItMzIzODU1NTIxODU4ODQzOaAB1bbS6gPIAQmpAp0pDB5p_rI-4AIAqAMBqgSQAk_QIiYDpTOAkFDpln5z5S7ZETsjP4J7OuTppKobjfeTQxRa8pza14T92YsexYQj7EWCSjGJ4LkL0H1xZj-SdzwUFfS-E949nhTDsxcp4O6iHmPSJ03UruD6xMZdOZAnq7NjgffOSofrw-aB2XwCXof5ZjuO61tP9hNevOlRqey-Audo_YSyoEjbZIl3NO0ENErQPPRSoDcm9ESYnoeTOdOVd5sMwBIn7I1Hl6FmVYNvvBpVnjHSoH1xi0P582OtbAw9WWQRQryi5AEM8wO8aW9kFg1_Dt8jHknEnXWKhBHfBod-GuGWJQ0kOcnahVuVf7iVMaMBKn-j4Z5A4-cb8sQUhP8V71caPjhGYv6_X0xH4AQBgAbVhOaA36Xa8e8BoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YBwEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1vQhiVqWRwKWjZN99kGFLpVSl_og%26client%3Dca-pub-3238555218588439%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.160 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 20 Feb 2022 07:23:32 GMT
server
Kestrel
strict-transport-security
max-age=31536000; preload;
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
3072312
content-type
image/gif
expires
Mon, 26 Jul 1997 05:00:00 GMT
/
geoip.insticator.com/json/ Frame 729F 		210 B
400 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://geoip.insticator.com/json/
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/header-tags/134cd2a0-7eab-4f89-ad56-f416cc5743c6/58dd42ce-1cdb-4ab3-8524-38a7cdc64a9d.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.210.11.204 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-210-11-204.compute-1.amazonaws.com
Software
/
Resource Hash
70fb114037fd9e681fa34ca7bfe2c107d7c85420d7511762e934eeaed9bc6d64

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

access-control-allow-origin
https://www.staradvertiser.com
date
Sun, 20 Feb 2022 07:23:32 GMT
access-control-allow-credentials
true
x-database-date
Sat, 19 Feb 2022 23:00:00 GMT
content-length
210
vary
Origin
content-type
application/json
134cd2a0-7eab-4f89-ad56-f416cc5743c6.js
df80k0z3fi8zg.cloudfront.net/files/instibid/ Frame 729F 		350 KB
108 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://df80k0z3fi8zg.cloudfront.net/files/instibid/134cd2a0-7eab-4f89-ad56-f416cc5743c6.js
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/header-tags/134cd2a0-7eab-4f89-ad56-f416cc5743c6/58dd42ce-1cdb-4ab3-8524-38a7cdc64a9d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2315:3c00:10:3422:3f00:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2f50df3f61cf01517d36e005388cb034af3d6ea3a884f0c1f97c76f624c58f61

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id
MkcR4VdDhlnqho9uwcj1qBLhtfbiwniJ
content-encoding
gzip
last-modified
Mon, 14 Feb 2022 17:56:43 GMT
server
AmazonS3
age
31318
etag
W/"f22e15e0413d09bdf152275e2d668305"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 ddd7d19501f4b19d560bfedbdd9b13ce.cloudfront.net (CloudFront)
date
Sat, 19 Feb 2022 22:41:35 GMT
x-amz-cf-pop
DUS51-P2
x-amz-cf-id
a73XiyOh2tMks1DXwEAykDD79Ts39TL7ezLmm6xoHpbFWlj_O0F2ZQ==
pwt.js
ads.pubmatic.com/AdServer/js/pwt/95054/2912/ Frame 729F 		199 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/pwt/95054/2912/pwt.js
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/header-tags/134cd2a0-7eab-4f89-ad56-f416cc5743c6/58dd42ce-1cdb-4ab3-8524-38a7cdc64a9d.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3d7a3dca6cb4bccb97b70de73a8246ca11e1945aa69114a16df27df7ade0102a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:32 GMT
content-encoding
gzip
last-modified
Wed, 02 Feb 2022 15:04:13 GMT
server
Apache/2.2.15 (CentOS)
etag
"1121321-31c24-5d70a54af7d58"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
public, max-age=44474
accept-ranges
bytes
content-type
text/javascript
content-length
63950
expires
Sun, 20 Feb 2022 19:44:46 GMT
config.js
confiant-integrations.global.ssl.fastly.net/Fseez_-nDyWQXIJsbnoKkKTHXC4/gpt_and_prebid/ Frame 729F 		81 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://confiant-integrations.global.ssl.fastly.net/Fseez_-nDyWQXIJsbnoKkKTHXC4/gpt_and_prebid/config.js
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/header-tags/134cd2a0-7eab-4f89-ad56-f416cc5743c6/58dd42ce-1cdb-4ab3-8524-38a7cdc64a9d.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1d4ea4fc124c2f08ec19fc1a0430fec3b1f3fc9e6c0464050c968b16a586a1d6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Sun, 20 Feb 2022 07:23:32 GMT
Content-Encoding
gzip
Age
1384
X-Cache
HIT
Connection
keep-alive
Content-Length
19544
x-amz-id-2
dsYopbP7BXW23JJ5vlE5c/elTZqVqJuyCIehLImFgSlfL1bK4spriB2s5jHFGbkN0GGUZGrasjQ=
X-Served-By
cache-hhn4041-HHN
Last-Modified
Sun, 20 Feb 2022 06:23:19 GMT
Server
AmazonS3
X-Timer
S1645341813.931064,VS0,VE0
ETag
"cef6f7b40dfc40bdaed580c74e931488"
x-amz-request-id
5G66117G7D2H1AWV
Via
1.1 varnish
Cache-Control
public, max-age=900, stale-while-revalidate=3600
Accept-Ranges
bytes
Content-Type
text/javascript
X-Cache-Hits
35
activeview
pagead2.googlesyndication.com/pcs/ Frame 8544 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst6QB2KgKFWwgfjjm5KiZBO1Ou6-c_AoB1yEnfH-NXTMBotg8zgb3KhBExpSomIpsfgk4FcS1C7mDPhGVPc7HOJTAP4eNf0ru0LDK3uOhJcJWumnWJq&sig=Cg0ArKJSzCOo2rbh5BcEEAE&id=lidar2&mcvt=1038&p=336,436,426,1164&mtos=1038,1038,1038,1038,1038&tos=1038,0,0,0,0&v=20220216&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=3&adk=776454535&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1645341811418&rpt=456&isd=0&lsd=0&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 20 Feb 2022 07:23:32 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
707a1560151844358bb31c9960693369_volte.woff
static.criteo.net/design/dt/ Frame A493 		16 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/dt/707a1560151844358bb31c9960693369_volte.woff
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YhHscgANEGsKd_JPAAcXUKaNS-Su82-AAaMWow&u=%7C3Ae6XUVM5YsCZvO9ZfwGRLGqcLFowTnHs6qvc1hSm2A%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy4hWcTbYRg2vYoe_NV4-wFy2V2s43upahrm1qeVDeAQKUiYWqHKCPkZge7omYNjoQnM8fBorwc3VblsKUOcbG3WjmHU41i2x10lFMkQsgBqx1g0ALP2TEXDFZxMZUSEWn5hMax-Mj0jcaWr06qi9GrPbk3osEm_Yk2wlAohmCyJat5m2S2tx7yN39tr4dtdaqBTfvOchfGX61eW5hHHR-Fap3XFhRoKT6-v1VglpMRZD26lIEq35V7w-7d-Kz6j92a-nDjpjhlQtrztxjKmKCFGkSArKm1-Xei4S-agYp6XTqpOKKuapjBGK9toQXG7CHqYq5o1R6ERhVN0EWGBmcZ2dPMe2VXjDOd4McLhAnwWIf4JuQxq2iMB7AXHw-PahRqHg5D1p5b8w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCkRYXcuwRYuugNM_k3wPQrpzYDcme0rFc1Z2R93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItMzIzODU1NTIxODU4ODQzOaAB1bbS6gPIAQmpAp0pDB5p_rI-4AIAqAMBqgSQAk_QIiYDpTOAkFDpln5z5S7ZETsjP4J7OuTppKobjfeTQxRa8pza14T92YsexYQj7EWCSjGJ4LkL0H1xZj-SdzwUFfS-E949nhTDsxcp4O6iHmPSJ03UruD6xMZdOZAnq7NjgffOSofrw-aB2XwCXof5ZjuO61tP9hNevOlRqey-Audo_YSyoEjbZIl3NO0ENErQPPRSoDcm9ESYnoeTOdOVd5sMwBIn7I1Hl6FmVYNvvBpVnjHSoH1xi0P582OtbAw9WWQRQryi5AEM8wO8aW9kFg1_Dt8jHknEnXWKhBHfBod-GuGWJQ0kOcnahVuVf7iVMaMBKn-j4Z5A4-cb8sQUhP8V71caPjhGYv6_X0xH4AQBgAbVhOaA36Xa8e8BoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YBwEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1vQhiVqWRwKWjZN99kGFLpVSl_og%26client%3Dca-pub-3238555218588439%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
bdaf440044f36045a52fe5fb8148688d18cd9c550a59113d775466fb394aae0e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
Origin
https://ads.eu.criteo.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:33 GMT
content-encoding
gzip
last-modified
Mon, 12 Apr 2021 13:10:07 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"607446af-41dc"
strict-transport-security
max-age=31536000; preload;
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 15 Feb 2023 07:23:33 GMT
webfontloader.js
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame A493 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YhHscgANEGsKd_JPAAcXUKaNS-Su82-AAaMWow&u=%7C3Ae6XUVM5YsCZvO9ZfwGRLGqcLFowTnHs6qvc1hSm2A%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy4hWcTbYRg2vYoe_NV4-wFy2V2s43upahrm1qeVDeAQKUiYWqHKCPkZge7omYNjoQnM8fBorwc3VblsKUOcbG3WjmHU41i2x10lFMkQsgBqx1g0ALP2TEXDFZxMZUSEWn5hMax-Mj0jcaWr06qi9GrPbk3osEm_Yk2wlAohmCyJat5m2S2tx7yN39tr4dtdaqBTfvOchfGX61eW5hHHR-Fap3XFhRoKT6-v1VglpMRZD26lIEq35V7w-7d-Kz6j92a-nDjpjhlQtrztxjKmKCFGkSArKm1-Xei4S-agYp6XTqpOKKuapjBGK9toQXG7CHqYq5o1R6ERhVN0EWGBmcZ2dPMe2VXjDOd4McLhAnwWIf4JuQxq2iMB7AXHw-PahRqHg5D1p5b8w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCkRYXcuwRYuugNM_k3wPQrpzYDcme0rFc1Z2R93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItMzIzODU1NTIxODU4ODQzOaAB1bbS6gPIAQmpAp0pDB5p_rI-4AIAqAMBqgSQAk_QIiYDpTOAkFDpln5z5S7ZETsjP4J7OuTppKobjfeTQxRa8pza14T92YsexYQj7EWCSjGJ4LkL0H1xZj-SdzwUFfS-E949nhTDsxcp4O6iHmPSJ03UruD6xMZdOZAnq7NjgffOSofrw-aB2XwCXof5ZjuO61tP9hNevOlRqey-Audo_YSyoEjbZIl3NO0ENErQPPRSoDcm9ESYnoeTOdOVd5sMwBIn7I1Hl6FmVYNvvBpVnjHSoH1xi0P582OtbAw9WWQRQryi5AEM8wO8aW9kFg1_Dt8jHknEnXWKhBHfBod-GuGWJQ0kOcnahVuVf7iVMaMBKn-j4Z5A4-cb8sQUhP8V71caPjhGYv6_X0xH4AQBgAbVhOaA36Xa8e8BoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YBwEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1vQhiVqWRwKWjZN99kGFLpVSl_og%26client%3Dca-pub-3238555218588439%26adurl%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:33 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
271544
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4420
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:17:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb04030-30d9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=soZ4EzFFe5ABFDwDNe92xE9FlpRcwEOOysnov9WkH9NlC2MLG1PPC%2BcThieL0bZFhRR9PbifntG0cB7r2MynuvksqBM24eKBqnJnsWaSH9jtbZXR4J28b2X2m2SMZ0PsGfThwXsV%2FJ6tClMQraHZ7F2X"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6e05fd7b3eab0f72-MXP
expires
Fri, 10 Feb 2023 07:23:33 GMT
animejs.js
static.criteo.net/animejs/ Frame A493 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YhHscgANEGsKd_JPAAcXUKaNS-Su82-AAaMWow&u=%7C3Ae6XUVM5YsCZvO9ZfwGRLGqcLFowTnHs6qvc1hSm2A%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy4hWcTbYRg2vYoe_NV4-wFy2V2s43upahrm1qeVDeAQKUiYWqHKCPkZge7omYNjoQnM8fBorwc3VblsKUOcbG3WjmHU41i2x10lFMkQsgBqx1g0ALP2TEXDFZxMZUSEWn5hMax-Mj0jcaWr06qi9GrPbk3osEm_Yk2wlAohmCyJat5m2S2tx7yN39tr4dtdaqBTfvOchfGX61eW5hHHR-Fap3XFhRoKT6-v1VglpMRZD26lIEq35V7w-7d-Kz6j92a-nDjpjhlQtrztxjKmKCFGkSArKm1-Xei4S-agYp6XTqpOKKuapjBGK9toQXG7CHqYq5o1R6ERhVN0EWGBmcZ2dPMe2VXjDOd4McLhAnwWIf4JuQxq2iMB7AXHw-PahRqHg5D1p5b8w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCkRYXcuwRYuugNM_k3wPQrpzYDcme0rFc1Z2R93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItMzIzODU1NTIxODU4ODQzOaAB1bbS6gPIAQmpAp0pDB5p_rI-4AIAqAMBqgSQAk_QIiYDpTOAkFDpln5z5S7ZETsjP4J7OuTppKobjfeTQxRa8pza14T92YsexYQj7EWCSjGJ4LkL0H1xZj-SdzwUFfS-E949nhTDsxcp4O6iHmPSJ03UruD6xMZdOZAnq7NjgffOSofrw-aB2XwCXof5ZjuO61tP9hNevOlRqey-Audo_YSyoEjbZIl3NO0ENErQPPRSoDcm9ESYnoeTOdOVd5sMwBIn7I1Hl6FmVYNvvBpVnjHSoH1xi0P582OtbAw9WWQRQryi5AEM8wO8aW9kFg1_Dt8jHknEnXWKhBHfBod-GuGWJQ0kOcnahVuVf7iVMaMBKn-j4Z5A4-cb8sQUhP8V71caPjhGYv6_X0xH4AQBgAbVhOaA36Xa8e8BoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YBwEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1vQhiVqWRwKWjZN99kGFLpVSl_og%26client%3Dca-pub-3238555218588439%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:32 GMT
content-encoding
gzip
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 15 Feb 2023 07:23:32 GMT
img
pix.eu.criteo.net/img/ Frame A493 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?h=76&m=0&partner=25856&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F25860%2F211020%2Fc0cb5efd4cd14d1d980185497b14c7ef_logo_n_horizontal_white.png&v=3&w=596&s=zadkD2HJpGeaVSmQsEAoSt55
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YhHscgANEGsKd_JPAAcXUKaNS-Su82-AAaMWow&u=%7C3Ae6XUVM5YsCZvO9ZfwGRLGqcLFowTnHs6qvc1hSm2A%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy4hWcTbYRg2vYoe_NV4-wFy2V2s43upahrm1qeVDeAQKUiYWqHKCPkZge7omYNjoQnM8fBorwc3VblsKUOcbG3WjmHU41i2x10lFMkQsgBqx1g0ALP2TEXDFZxMZUSEWn5hMax-Mj0jcaWr06qi9GrPbk3osEm_Yk2wlAohmCyJat5m2S2tx7yN39tr4dtdaqBTfvOchfGX61eW5hHHR-Fap3XFhRoKT6-v1VglpMRZD26lIEq35V7w-7d-Kz6j92a-nDjpjhlQtrztxjKmKCFGkSArKm1-Xei4S-agYp6XTqpOKKuapjBGK9toQXG7CHqYq5o1R6ERhVN0EWGBmcZ2dPMe2VXjDOd4McLhAnwWIf4JuQxq2iMB7AXHw-PahRqHg5D1p5b8w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCkRYXcuwRYuugNM_k3wPQrpzYDcme0rFc1Z2R93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItMzIzODU1NTIxODU4ODQzOaAB1bbS6gPIAQmpAp0pDB5p_rI-4AIAqAMBqgSQAk_QIiYDpTOAkFDpln5z5S7ZETsjP4J7OuTppKobjfeTQxRa8pza14T92YsexYQj7EWCSjGJ4LkL0H1xZj-SdzwUFfS-E949nhTDsxcp4O6iHmPSJ03UruD6xMZdOZAnq7NjgffOSofrw-aB2XwCXof5ZjuO61tP9hNevOlRqey-Audo_YSyoEjbZIl3NO0ENErQPPRSoDcm9ESYnoeTOdOVd5sMwBIn7I1Hl6FmVYNvvBpVnjHSoH1xi0P582OtbAw9WWQRQryi5AEM8wO8aW9kFg1_Dt8jHknEnXWKhBHfBod-GuGWJQ0kOcnahVuVf7iVMaMBKn-j4Z5A4-cb8sQUhP8V71caPjhGYv6_X0xH4AQBgAbVhOaA36Xa8e8BoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YBwEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1vQhiVqWRwKWjZN99kGFLpVSl_og%26client%3Dca-pub-3238555218588439%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
738ef412cbbe9c94faaa7c2d2e950b5f909e8c569c96fc2ed6e0eb2f27a92ac1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:32 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=28535086
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
7885
expires
Mon, 16 Jan 2023 13:48:19 GMT
img
pix.eu.criteo.net/img/ Frame A493 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=25856&q=80&r=0&u=https%3A%2F%2Fwww.desigual.com%2Fdw%2Fimage%2Fv2%2FBCVV_PRD%2Fon%2Fdemandware.static%2F-%2FSites-desigual-m-catalog%2Fdefault%2Fdw63beac24%2Fimages%2FB2C%2F19WWVW46_2000_4.jpg&v=3&w=400&s=K3YZ7SDJfKNsZto1VNG8DHP8&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YhHscgANEGsKd_JPAAcXUKaNS-Su82-AAaMWow&u=%7C3Ae6XUVM5YsCZvO9ZfwGRLGqcLFowTnHs6qvc1hSm2A%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy4hWcTbYRg2vYoe_NV4-wFy2V2s43upahrm1qeVDeAQKUiYWqHKCPkZge7omYNjoQnM8fBorwc3VblsKUOcbG3WjmHU41i2x10lFMkQsgBqx1g0ALP2TEXDFZxMZUSEWn5hMax-Mj0jcaWr06qi9GrPbk3osEm_Yk2wlAohmCyJat5m2S2tx7yN39tr4dtdaqBTfvOchfGX61eW5hHHR-Fap3XFhRoKT6-v1VglpMRZD26lIEq35V7w-7d-Kz6j92a-nDjpjhlQtrztxjKmKCFGkSArKm1-Xei4S-agYp6XTqpOKKuapjBGK9toQXG7CHqYq5o1R6ERhVN0EWGBmcZ2dPMe2VXjDOd4McLhAnwWIf4JuQxq2iMB7AXHw-PahRqHg5D1p5b8w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCkRYXcuwRYuugNM_k3wPQrpzYDcme0rFc1Z2R93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItMzIzODU1NTIxODU4ODQzOaAB1bbS6gPIAQmpAp0pDB5p_rI-4AIAqAMBqgSQAk_QIiYDpTOAkFDpln5z5S7ZETsjP4J7OuTppKobjfeTQxRa8pza14T92YsexYQj7EWCSjGJ4LkL0H1xZj-SdzwUFfS-E949nhTDsxcp4O6iHmPSJ03UruD6xMZdOZAnq7NjgffOSofrw-aB2XwCXof5ZjuO61tP9hNevOlRqey-Audo_YSyoEjbZIl3NO0ENErQPPRSoDcm9ESYnoeTOdOVd5sMwBIn7I1Hl6FmVYNvvBpVnjHSoH1xi0P582OtbAw9WWQRQryi5AEM8wO8aW9kFg1_Dt8jHknEnXWKhBHfBod-GuGWJQ0kOcnahVuVf7iVMaMBKn-j4Z5A4-cb8sQUhP8V71caPjhGYv6_X0xH4AQBgAbVhOaA36Xa8e8BoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YBwEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1vQhiVqWRwKWjZN99kGFLpVSl_og%26client%3Dca-pub-3238555218588439%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
6b0cf7478269a97c612935a1ddeded01b0f1fcccfcd522f1194d991e4350678b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:32 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=2532047
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
8550
expires
Mon, 21 Mar 2022 14:44:20 GMT
img
pix.eu.criteo.net/img/ Frame A493 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=25856&q=80&r=0&u=https%3A%2F%2Fwww.desigual.com%2Fdw%2Fimage%2Fv2%2FBCVV_PRD%2Fon%2Fdemandware.static%2F-%2FSites-desigual-m-catalog%2Fdefault%2Fdw9086113b%2Fimages%2FB2C%2F19WWVWXH_3122_4.jpg&v=3&w=400&s=irzpDfyWxKOGjm-pFrCAhgvW&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YhHscgANEGsKd_JPAAcXUKaNS-Su82-AAaMWow&u=%7C3Ae6XUVM5YsCZvO9ZfwGRLGqcLFowTnHs6qvc1hSm2A%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy4hWcTbYRg2vYoe_NV4-wFy2V2s43upahrm1qeVDeAQKUiYWqHKCPkZge7omYNjoQnM8fBorwc3VblsKUOcbG3WjmHU41i2x10lFMkQsgBqx1g0ALP2TEXDFZxMZUSEWn5hMax-Mj0jcaWr06qi9GrPbk3osEm_Yk2wlAohmCyJat5m2S2tx7yN39tr4dtdaqBTfvOchfGX61eW5hHHR-Fap3XFhRoKT6-v1VglpMRZD26lIEq35V7w-7d-Kz6j92a-nDjpjhlQtrztxjKmKCFGkSArKm1-Xei4S-agYp6XTqpOKKuapjBGK9toQXG7CHqYq5o1R6ERhVN0EWGBmcZ2dPMe2VXjDOd4McLhAnwWIf4JuQxq2iMB7AXHw-PahRqHg5D1p5b8w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCkRYXcuwRYuugNM_k3wPQrpzYDcme0rFc1Z2R93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItMzIzODU1NTIxODU4ODQzOaAB1bbS6gPIAQmpAp0pDB5p_rI-4AIAqAMBqgSQAk_QIiYDpTOAkFDpln5z5S7ZETsjP4J7OuTppKobjfeTQxRa8pza14T92YsexYQj7EWCSjGJ4LkL0H1xZj-SdzwUFfS-E949nhTDsxcp4O6iHmPSJ03UruD6xMZdOZAnq7NjgffOSofrw-aB2XwCXof5ZjuO61tP9hNevOlRqey-Audo_YSyoEjbZIl3NO0ENErQPPRSoDcm9ESYnoeTOdOVd5sMwBIn7I1Hl6FmVYNvvBpVnjHSoH1xi0P582OtbAw9WWQRQryi5AEM8wO8aW9kFg1_Dt8jHknEnXWKhBHfBod-GuGWJQ0kOcnahVuVf7iVMaMBKn-j4Z5A4-cb8sQUhP8V71caPjhGYv6_X0xH4AQBgAbVhOaA36Xa8e8BoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YBwEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1vQhiVqWRwKWjZN99kGFLpVSl_og%26client%3Dca-pub-3238555218588439%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
1169c1eeeca49d9e93c954501d19587dfe9032d90e17cbf198beb8bf7901b011
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:32 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=2532877
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
8908
expires
Mon, 21 Mar 2022 14:58:10 GMT
all
csm.eu.criteo.net/ Frame A493 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=fg_sK0aElC0RxHemYY73FlMdQOLDiXeGjFYRDPPLghvyqw0wor3eBCmCM4kYNBCfZujbKEW8WvhVpHOfa_JNPr2Qwn4G6OO9l12PbBYtInqKdJw2qlm0M_-hysFyWtYZaypYD8AsyMHu72HNSRfabWXRkgSKPyj211rljTlupIq_gWwMb8ejjXAnCd3q7AWb9rAr4IxNkquisdW2ejfaINl2paRQgLunB-YHEpvLTLk4de4SjT7a6yIov2aVI_y_CXBgWQ&sds=2&rev=unknown&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YhHscgANEGsKd_JPAAcXUKaNS-Su82-AAaMWow&u=%7C3Ae6XUVM5YsCZvO9ZfwGRLGqcLFowTnHs6qvc1hSm2A%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy4hWcTbYRg2vYoe_NV4-wFy2V2s43upahrm1qeVDeAQKUiYWqHKCPkZge7omYNjoQnM8fBorwc3VblsKUOcbG3WjmHU41i2x10lFMkQsgBqx1g0ALP2TEXDFZxMZUSEWn5hMax-Mj0jcaWr06qi9GrPbk3osEm_Yk2wlAohmCyJat5m2S2tx7yN39tr4dtdaqBTfvOchfGX61eW5hHHR-Fap3XFhRoKT6-v1VglpMRZD26lIEq35V7w-7d-Kz6j92a-nDjpjhlQtrztxjKmKCFGkSArKm1-Xei4S-agYp6XTqpOKKuapjBGK9toQXG7CHqYq5o1R6ERhVN0EWGBmcZ2dPMe2VXjDOd4McLhAnwWIf4JuQxq2iMB7AXHw-PahRqHg5D1p5b8w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCkRYXcuwRYuugNM_k3wPQrpzYDcme0rFc1Z2R93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItMzIzODU1NTIxODU4ODQzOaAB1bbS6gPIAQmpAp0pDB5p_rI-4AIAqAMBqgSQAk_QIiYDpTOAkFDpln5z5S7ZETsjP4J7OuTppKobjfeTQxRa8pza14T92YsexYQj7EWCSjGJ4LkL0H1xZj-SdzwUFfS-E949nhTDsxcp4O6iHmPSJ03UruD6xMZdOZAnq7NjgffOSofrw-aB2XwCXof5ZjuO61tP9hNevOlRqey-Audo_YSyoEjbZIl3NO0ENErQPPRSoDcm9ESYnoeTOdOVd5sMwBIn7I1Hl6FmVYNvvBpVnjHSoH1xi0P582OtbAw9WWQRQryi5AEM8wO8aW9kFg1_Dt8jHknEnXWKhBHfBod-GuGWJQ0kOcnahVuVf7iVMaMBKn-j4Z5A4-cb8sQUhP8V71caPjhGYv6_X0xH4AQBgAbVhOaA36Xa8e8BoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YBwEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1vQhiVqWRwKWjZN99kGFLpVSl_og%26client%3Dca-pub-3238555218588439%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.162 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sun, 20 Feb 2022 07:23:32 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame A493 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YhHscgANEGsKd_JPAAcXUKaNS-Su82-AAaMWow&u=%7C3Ae6XUVM5YsCZvO9ZfwGRLGqcLFowTnHs6qvc1hSm2A%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy4hWcTbYRg2vYoe_NV4-wFy2V2s43upahrm1qeVDeAQKUiYWqHKCPkZge7omYNjoQnM8fBorwc3VblsKUOcbG3WjmHU41i2x10lFMkQsgBqx1g0ALP2TEXDFZxMZUSEWn5hMax-Mj0jcaWr06qi9GrPbk3osEm_Yk2wlAohmCyJat5m2S2tx7yN39tr4dtdaqBTfvOchfGX61eW5hHHR-Fap3XFhRoKT6-v1VglpMRZD26lIEq35V7w-7d-Kz6j92a-nDjpjhlQtrztxjKmKCFGkSArKm1-Xei4S-agYp6XTqpOKKuapjBGK9toQXG7CHqYq5o1R6ERhVN0EWGBmcZ2dPMe2VXjDOd4McLhAnwWIf4JuQxq2iMB7AXHw-PahRqHg5D1p5b8w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCkRYXcuwRYuugNM_k3wPQrpzYDcme0rFc1Z2R93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItMzIzODU1NTIxODU4ODQzOaAB1bbS6gPIAQmpAp0pDB5p_rI-4AIAqAMBqgSQAk_QIiYDpTOAkFDpln5z5S7ZETsjP4J7OuTppKobjfeTQxRa8pza14T92YsexYQj7EWCSjGJ4LkL0H1xZj-SdzwUFfS-E949nhTDsxcp4O6iHmPSJ03UruD6xMZdOZAnq7NjgffOSofrw-aB2XwCXof5ZjuO61tP9hNevOlRqey-Audo_YSyoEjbZIl3NO0ENErQPPRSoDcm9ESYnoeTOdOVd5sMwBIn7I1Hl6FmVYNvvBpVnjHSoH1xi0P582OtbAw9WWQRQryi5AEM8wO8aW9kFg1_Dt8jHknEnXWKhBHfBod-GuGWJQ0kOcnahVuVf7iVMaMBKn-j4Z5A4-cb8sQUhP8V71caPjhGYv6_X0xH4AQBgAbVhOaA36Xa8e8BoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YBwEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1vQhiVqWRwKWjZN99kGFLpVSl_og%26client%3Dca-pub-3238555218588439%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:33 GMT
content-encoding
gzip
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 15 Feb 2023 07:23:33 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame A493 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YhHscgANEGsKd_JPAAcXUKaNS-Su82-AAaMWow&u=%7C3Ae6XUVM5YsCZvO9ZfwGRLGqcLFowTnHs6qvc1hSm2A%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy4hWcTbYRg2vYoe_NV4-wFy2V2s43upahrm1qeVDeAQKUiYWqHKCPkZge7omYNjoQnM8fBorwc3VblsKUOcbG3WjmHU41i2x10lFMkQsgBqx1g0ALP2TEXDFZxMZUSEWn5hMax-Mj0jcaWr06qi9GrPbk3osEm_Yk2wlAohmCyJat5m2S2tx7yN39tr4dtdaqBTfvOchfGX61eW5hHHR-Fap3XFhRoKT6-v1VglpMRZD26lIEq35V7w-7d-Kz6j92a-nDjpjhlQtrztxjKmKCFGkSArKm1-Xei4S-agYp6XTqpOKKuapjBGK9toQXG7CHqYq5o1R6ERhVN0EWGBmcZ2dPMe2VXjDOd4McLhAnwWIf4JuQxq2iMB7AXHw-PahRqHg5D1p5b8w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCkRYXcuwRYuugNM_k3wPQrpzYDcme0rFc1Z2R93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItMzIzODU1NTIxODU4ODQzOaAB1bbS6gPIAQmpAp0pDB5p_rI-4AIAqAMBqgSQAk_QIiYDpTOAkFDpln5z5S7ZETsjP4J7OuTppKobjfeTQxRa8pza14T92YsexYQj7EWCSjGJ4LkL0H1xZj-SdzwUFfS-E949nhTDsxcp4O6iHmPSJ03UruD6xMZdOZAnq7NjgffOSofrw-aB2XwCXof5ZjuO61tP9hNevOlRqey-Audo_YSyoEjbZIl3NO0ENErQPPRSoDcm9ESYnoeTOdOVd5sMwBIn7I1Hl6FmVYNvvBpVnjHSoH1xi0P582OtbAw9WWQRQryi5AEM8wO8aW9kFg1_Dt8jHknEnXWKhBHfBod-GuGWJQ0kOcnahVuVf7iVMaMBKn-j4Z5A4-cb8sQUhP8V71caPjhGYv6_X0xH4AQBgAbVhOaA36Xa8e8BoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YBwEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1vQhiVqWRwKWjZN99kGFLpVSl_og%26client%3Dca-pub-3238555218588439%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:33 GMT
content-encoding
gzip
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 15 Feb 2023 07:23:33 GMT
apstag.js
c.amazon-adsystem.com/aax2/ Frame AC67 		134 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.250.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-250-78.fra6.r.cloudfront.net
Software
Server /
Resource Hash
784acd540b5fcfb87c47dfe12e5311084ce692366a2ac196fd5cc8eb28ff4c23

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:22:42 GMT
content-encoding
gzip
age
50
x-cache
Hit from cloudfront
timing-allow-origin
*
server
Server
x-amz-rid
12AJZT2HNTNTRN9XWCBQ
etag
c1da564f59b83b9805e8df92eca012f5
vary
Accept-Encoding
x-amz-version-id
GtBleBshAfJx9KFXwg43LDlo50FXi9le
via
1.1 f038e7175be9761825b2eefc2b0a832e.cloudfront.net (CloudFront)
cache-control
public, max-age=900
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
MN8faH6EncKQjHXc0oJ_qvmsJ3p2DSGGZwhKnnbGkOWC_WRKRq5pmA==
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3E87 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CN1BoCUAZlYss3SkM21jxhr1sp2sCm2F1UHmgGMQIBxusJ5QaiXlwOC8wkXgiCTHodpYr3L_pmLUbAy3qTk4rLMmZFVy8GeI4QQ1WpRQaCf-aIzXI
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-3622156405313063&output=html&h=90&slotname=e1c6b69.f9e07fc&adk=139176089&adf=3713705667&pi=t.ma~as.e1c6b69.f9e07fc&w=728&lmt=1645341812&psa=0&format=728x90&url=https%3A%2F%2Fwww.staradvertiser.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645341812162&bpp=4&bdt=5178&idt=587&shv=r20220216&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5ce8b7f408438eaa%3AT%3D1645341809%3AS%3DALNI_MYPTfGaIPvuRDooZfs1nJVx84JKUQ&correlator=6178148257708&frm=20&pv=2&ga_vid=565048288.1645341808&ga_sid=1645341809&ga_hid=907291583&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=140&ady=3427&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C44756084&oid=2&pvsid=3369027831208136&pem=161&tmod=1865825641&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CpoeEbr%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=33&uci=a!x&btvi=1&fsb=1&xpc=XdTEsGSshm&p=https%3A//www.staradvertiser.com&dtd=601
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 20 Feb 2022 07:23:33 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220216/r20110914/client/ Frame 3E87 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220216/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-3622156405313063&output=html&h=90&slotname=e1c6b69.f9e07fc&adk=139176089&adf=3713705667&pi=t.ma~as.e1c6b69.f9e07fc&w=728&lmt=1645341812&psa=0&format=728x90&url=https%3A%2F%2Fwww.staradvertiser.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645341812162&bpp=4&bdt=5178&idt=587&shv=r20220216&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5ce8b7f408438eaa%3AT%3D1645341809%3AS%3DALNI_MYPTfGaIPvuRDooZfs1nJVx84JKUQ&correlator=6178148257708&frm=20&pv=2&ga_vid=565048288.1645341808&ga_sid=1645341809&ga_hid=907291583&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=140&ady=3427&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C44756084&oid=2&pvsid=3369027831208136&pem=161&tmod=1865825641&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CpoeEbr%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=33&uci=a!x&btvi=1&fsb=1&xpc=XdTEsGSshm&p=https%3A//www.staradvertiser.com&dtd=601
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:00:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1373
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1233
x-xss-protection
0
server
cafe
etag
16517525077337815633
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 06 Mar 2022 07:00:40 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 3E87 		124 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-3622156405313063&output=html&h=90&slotname=e1c6b69.f9e07fc&adk=139176089&adf=3713705667&pi=t.ma~as.e1c6b69.f9e07fc&w=728&lmt=1645341812&psa=0&format=728x90&url=https%3A%2F%2Fwww.staradvertiser.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645341812162&bpp=4&bdt=5178&idt=587&shv=r20220216&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5ce8b7f408438eaa%3AT%3D1645341809%3AS%3DALNI_MYPTfGaIPvuRDooZfs1nJVx84JKUQ&correlator=6178148257708&frm=20&pv=2&ga_vid=565048288.1645341808&ga_sid=1645341809&ga_hid=907291583&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=140&ady=3427&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C44756084&oid=2&pvsid=3369027831208136&pem=161&tmod=1865825641&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CpoeEbr%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=33&uci=a!x&btvi=1&fsb=1&xpc=XdTEsGSshm&p=https%3A//www.staradvertiser.com&dtd=601
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5b9794842e89dcec3790d21b95acce36c08673d4162e745dc440e6766534ed53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38723
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1645015031201889"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 20 Feb 2022 07:23:33 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220216/r20110914/client/ Frame 3E87 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220216/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-3622156405313063&output=html&h=90&slotname=e1c6b69.f9e07fc&adk=139176089&adf=3713705667&pi=t.ma~as.e1c6b69.f9e07fc&w=728&lmt=1645341812&psa=0&format=728x90&url=https%3A%2F%2Fwww.staradvertiser.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645341812162&bpp=4&bdt=5178&idt=587&shv=r20220216&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5ce8b7f408438eaa%3AT%3D1645341809%3AS%3DALNI_MYPTfGaIPvuRDooZfs1nJVx84JKUQ&correlator=6178148257708&frm=20&pv=2&ga_vid=565048288.1645341808&ga_sid=1645341809&ga_hid=907291583&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=140&ady=3427&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C44756084&oid=2&pvsid=3369027831208136&pem=161&tmod=1865825641&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CpoeEbr%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=33&uci=a!x&btvi=1&fsb=1&xpc=XdTEsGSshm&p=https%3A//www.staradvertiser.com&dtd=601
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
78ea6d7806beda2d76bb7d9abb14b034ad476a897376c270aefcf40a2f49316c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:05:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1113
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6438
x-xss-protection
0
server
cafe
etag
12093742715590823996
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 06 Mar 2022 07:05:00 GMT
l
www.google.com/ads/measurement/ Frame 3E87 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRUx6yoWvJHlg-kJpnk2oYDgGznwXAhJWahBiiq-8YA14eL_xWUypBZ181H1w9aefIQvp7j
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-3622156405313063&output=html&h=90&slotname=e1c6b69.f9e07fc&adk=139176089&adf=3713705667&pi=t.ma~as.e1c6b69.f9e07fc&w=728&lmt=1645341812&psa=0&format=728x90&url=https%3A%2F%2Fwww.staradvertiser.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645341812162&bpp=4&bdt=5178&idt=587&shv=r20220216&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5ce8b7f408438eaa%3AT%3D1645341809%3AS%3DALNI_MYPTfGaIPvuRDooZfs1nJVx84JKUQ&correlator=6178148257708&frm=20&pv=2&ga_vid=565048288.1645341808&ga_sid=1645341809&ga_hid=907291583&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=140&ady=3427&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C44756084&oid=2&pvsid=3369027831208136&pem=161&tmod=1865825641&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CpoeEbr%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=33&uci=a!x&btvi=1&fsb=1&xpc=XdTEsGSshm&p=https%3A//www.staradvertiser.com&dtd=601
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers
pixel
googleads.g.doubleclick.net/xbbe/ Frame 4FDF 		0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CMT39QIQv8Sq9wEYtsXXvgEwAQ&v=APEucNXxZpdfBvHsH7EsIarX9Zj7_TlGgkpiPy7aie5rC1f9HopED2t08NVh6CGf-IQmDRzP72CGZRuDkGVxuJdE2GNURp4xiQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-3622156405313063&output=html&h=90&slotname=e1c6b69.f9e07fc&adk=139176089&adf=3713705667&pi=t.ma~as.e1c6b69.f9e07fc&w=728&lmt=1645341812&psa=0&format=728x90&url=https%3A%2F%2Fwww.staradvertiser.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645341812162&bpp=4&bdt=5178&idt=587&shv=r20220216&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5ce8b7f408438eaa%3AT%3D1645341809%3AS%3DALNI_MYPTfGaIPvuRDooZfs1nJVx84JKUQ&correlator=6178148257708&frm=20&pv=2&ga_vid=565048288.1645341808&ga_sid=1645341809&ga_hid=907291583&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=140&ady=3427&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C44756084&oid=2&pvsid=3369027831208136&pem=161&tmod=1865825641&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CpoeEbr%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=33&uci=a!x&btvi=1&fsb=1&xpc=XdTEsGSshm&p=https%3A//www.staradvertiser.com&dtd=601
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-3622156405313063&output=html&h=90&slotname=e1c6b69.f9e07fc&adk=139176089&adf=3713705667&pi=t.ma~as.e1c6b69.f9e07fc&w=728&lmt=1645341812&psa=0&format=728x90&url=https%3A%2F%2Fwww.staradvertiser.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645341812162&bpp=4&bdt=5178&idt=587&shv=r20220216&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5ce8b7f408438eaa%3AT%3D1645341809%3AS%3DALNI_MYPTfGaIPvuRDooZfs1nJVx84JKUQ&correlator=6178148257708&frm=20&pv=2&ga_vid=565048288.1645341808&ga_sid=1645341809&ga_hid=907291583&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=140&ady=3427&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C44756084&oid=2&pvsid=3369027831208136&pem=161&tmod=1865825641&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CpoeEbr%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=33&uci=a!x&btvi=1&fsb=1&xpc=XdTEsGSshm&p=https%3A//www.staradvertiser.com&dtd=601

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Sun, 20 Feb 2022 07:23:33 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ad
googleads.g.doubleclick.net/dbm/ Frame 3E87 		58 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CUTS4cyl9GD6BQRP3kEpaEiIuHr3WpG15MW5uD3k3RaOhefyBjcqPz-I8MjqcSz5kXmk6iU6Fs0fWg9TZStNiBrsR5wUP2qQquQsiMkWlziSkqQbZeUCLJzBneMkRXNv_yQdIAh6wGXxm_zlgSrsjSPMvAkw&cry=1&dbm_d=AKAmf-CnWHewPS6D3sVjmh2-5giH59JvHtry379x9rkFYo6x2_I9ZcY9I4Ggs_xeULiEV1gDrD_dWl4shWF1p0WsiIw8kYKBVtejFbZreIZeK4bD6CUzqin3sKMlUEYY_0o_WQAhuOClZYdtERJpt702WY_0OxxqOu1U3efIStMzVGAiAO4Jg_FQIg43Lrdags4hJbc5Q9t8nKC0RhzLfc68VF7dQSHDZT4JfezenoDTIq7Idv0JFJ654_yBJx9OPz2OH1q-hagkGEaHLkud1UwiLoZIg4znTEDNCCvE9SGnHUKsTgVvtcxnOOA6syQYS2NyIK1SqRQU7FWYx1s6qcwTE2y4Qu5ONF6QRNYGFnEhDc4ec7XEe0ktFuJocRY5NVi6ONmBIFmVSHfK2SONJuNr96irdvfCzA0xP2KxCblkyBJT7hdOyWsTkYlgIJZTfhXhOr2Mi1KmLTowgVVP0iwdiXJoYvsxjjCKqZBWMaECe-4LA9F_UydAxjMwhU0G8WxrssitA-LH8t3pCbEElI0Bq4dITLyzs7DcazeiwNHfix2S3vi1HC7jYWVHgEP7tf2-MXMkW27OtGlNUOc2j7Av89erhD_dYiXO-J_sZvc1Yx2D8KQtPIaPSMLtPL4DPTya6N5MDcgO2ER2RV2CHEdXaZukHRkwutqKLiY2sck3oBHED9d5IiEjZd_SGSbEDxQCyjK1J4a39cnGwE5PH98FMo9_gzHf6VL6ArdzK0IkkalfoOY3sVWd7-bEkADmo8XBQ3b0xl-tRp0bZfxoh2dH8WlnMvPsg5xbrVD1oXIeYXKXL9i_Lb2qJdU7CZbjhxIThPxVponhklUTOqJxjV0IwJLZkVSun6ScvQe59SgQnsgofkJUsEBXw6Dgacj7jP9esP63nEbHoSsYMDfcmL5rH2CK0RBbauh4y75QQOR7_p2Yekd-EvtciBNCCct54uvpYNX4U1CJBwoReE3BEbzjh4NgPqYtUtWNb4xQVrBZK8MSgYq-Zd2hx4M2C7gkklSDNj4zmMtk6V2roMeEbVen5_qj1us54xiwfWJpcdg5VvR8IYaXpnrzbMH28XIAfWGIlQeGzNgzQo_XKBtI1xZgVzs6QMLq4G_tINRL66PkUSRzEiAPE_q_9h5X00FSJYaQ92e43AoFiOKR9ZkaPtRvksSrrUixNg7LqbECtO2gmcpJpSzjAjeVaj_mhjPcorHBoFm760KdVfCJhIyKUF0rZlrdrPfmCb78sWr_kwhnF0lZy1ou6jsXnEfcNNeRMR0klAIfSCwo5lv0T2N0rPfVWq4IbnpRp46ZU2i8yv1gnzAvqooBLR_PDijtRm5Dy8hgTgHRYQq63dJPDW9F56CzpMe_EajVxt9SF0hPr2aoWaoC-SZgGWPAUNVVz5plzp2ZKAUklKRw68spZa4tpVncY2IDLxW20EDQ-EwXK-8HvCsPA8Cx13om15LPSyN8y4RRdEbaqRJo3wEfgbTN42EuuP3klCYqyV9CzPWyVDBa-aqo3egWyGTiY9Mpz0vXOEZjW376lMyqRQVsZvS7mw9m4iPH0hbqdXr7ZYr5ZRhO_kgJzJP3mUBK62gteN1iPRWTvPjPWIK-BAc4a_3PMQuwyMN5sbMPPidPdOBBNR3itZjByxfiWdFG3V8hmI0T_2Ncjavr5MPquQOLiVRrYyG0KB8UIaYDHQvcS9-XpnVPl5YMC0OmtO0cguhI_oOGWXqDwc0cDqrhSILo2woSDvav-nR9SDW5tsh6gOFcU-9mGm4DD5BXb_xTdfX9hDGGHM1f6glFkEnaVsDJo361lUcmr6BADzcW9p7mzgWDSVtUFNBEK0WO5fWDkhcaJAHlDHzWvZoQTV5t00WE7AqWakTwRF9iykMS0nasBXiC43aMmJPffZXnuyvWmoRPZni-SKGSLVsE9DMGiacpPsoMS5XYZFBxQfwe1_ScaIPuxO1Gp-IG09cKEFaio0CmLgWWrwGAMIb7efC3dTldxlaty8S3b9VqWF89tkT9XoW2n8_uJ5pc2S3Jf0U02to1YBEnmUvL354rgCxo86IAoKXxSFeE5Dr5VcJJiFg8J6SDtKI8Armn7UooI0P7AU2yV2CvXJifV-iPnRZjGzwLUTS3MgVMpDVspHQj0ywj-bakYV5xn8m5jj0Hr5j-EUv6dsoDock8i_8RCLjJ4vXsbs3KkayQPNLmcrmJcADjoynQOlqC26hifhjVFiaMP1-fO0c_aFgjaznPeJKtYw-NVwB9jIrggc3uSdxXrfoKScdKTujqEprULRw47-09U8RlRvmRsTHwcqZEDdVMLqh7-URlbgtypRjJG8rS2nryOh90TV_udm0xP6dibZMhnQEcMxeTOiIMEMSQsilib33flVLFdI_tvhcEEPMb4NwYVYZ_B4vgRmu7Dyhlb6K58hDp8pQe2dvOVJarlDDSM7xIEqdFuU78HA5nnyUdBzxMjNX_eVdfHvBpz8GZBUCG54sB3S2clGa-bNvFPWMR_f71As85Hm1DGQWwWSsME2JDgivlVrruwWdfa6pjLWEqw5zkSRiOGCZiQCiPjgLH5aLplOpwnVAp5VyRLwIy6YwDYltRzLR948MkIe1UvlULnznRM50GEIpBCT89w-Qjqn1X_S8sMf4uIWZ4DOqH1UYIif6-1YaFxFTr9TeZGXTQw16X76wd5U76g0v79Rbm2A_B90BCUpJ-bpTMUUSh-sSS9qe5Z5wNjkkNK1BhQT_Byzr31mt3q0TzQcA3bu5jDtcClZ7nK9UVhmabPpMRlM1dAl0h3R9KCYqebJpEMWRnPz3Z52JHsuBukjgEG-NlwDxIffhGAPB1zMQuCuIeSWynzku6d6HsnrwjrMagmfVJ34HVUAImFUgojvilf5ax4qhc8Ifx757VjoE4PglekP8hU_YAeKsY_Tev4DRQkbiT1hc7KWViI0426b14yfAhZJPDOYAJJ8L462yWMbSxhlrK3G562Ua9oxhISDBnga_j43mWzuDqoUe1d1lF5pAdeH1syb51WwKNo-U1Axw29cMfwczBOaW5-MWKWmTmLrahh6MCp-79rOnu3zpo3Z53suvgqmnMtQHjVSfl38qWekbAjOwCjND4MVDo32SakV8d5edSFRKgWPYWDi1skaCfnrc-EqMnjSsE_5k0smAb-Oghyo8Kcsc1UIYu7sGbUGbKzUXJBGdHSEsJKAFzRs8taAWq6A_ZL6U04-1PxJc9sMlypWYd6eDt2EGiRUmWgDUsNStrJnylgvL8fE6OqqDf37y6atbPArTx_wnlgrQFo1gmVWurPberv2sI7TkzwBscVkVNqsPvl0nc3RHnHBrfI4eblMmAeEi2wQCF4QbwfcCa_UsdlNsgSKOSiDOfWq-O4GYGTzPkm6WFaSzHJkQgY4lVglr_HiYRcMEf0Ioe6X2_5stCXHYEfwMnGEqOS1euFNC_vtm9PjLuZIdlcb6TXv05zqAibpEeIYwS1qY8zXDfvnVznTdDIsTdEYgs3YJDxamYV0_DCl0HvZW4IBnDjZGzlEYt0gEbcVUZxOcqFXS3MngG0KDXrm33r18SgoVDiLbtLNCfEtqGcM7dUCwm69SLzcniIIGUrKRHeKa-jvT2Qfd_7RF5D_JQO593vbDqHsjcS8K-CnbOjVxFmJhzwGOu0_HDMip_GaePKy046O9TNKr_BwEIkssbNYfnBBlCH4VbgqEo-bHRUbyXzUZXhYPy6PS4lM08GDRvROHShrsNRHkRqgaSwfJE96xGAC9KsjwexH3IHILNKVOgLfLfrb78WNnp6bBPBLuJ7hw8NGRBXow22GCcyFB4YuN98z6KF3NeONmCtrVDuUPNbalXllNLZ4wyxTyd0xbsQu12n9EZRgH4WjDdVFfOFEVczIJMPkw81LNfv3thF2wB7WNd&cid=CAASPeRovW5vnEdNXjbRBG6A32fLe_sOBI2-uu9d7NEgoMl9CVvgaqUWAhBgFmGp7Fz3C3yOCfir9lWRe0-gZp0&rfl=1%2Chttps%253A%252F%252Fwww.staradvertiser.com%252F%240
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-3622156405313063&output=html&h=90&slotname=e1c6b69.f9e07fc&adk=139176089&adf=3713705667&pi=t.ma~as.e1c6b69.f9e07fc&w=728&lmt=1645341812&psa=0&format=728x90&url=https%3A%2F%2Fwww.staradvertiser.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645341812162&bpp=4&bdt=5178&idt=587&shv=r20220216&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5ce8b7f408438eaa%3AT%3D1645341809%3AS%3DALNI_MYPTfGaIPvuRDooZfs1nJVx84JKUQ&correlator=6178148257708&frm=20&pv=2&ga_vid=565048288.1645341808&ga_sid=1645341809&ga_hid=907291583&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=140&ady=3427&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C44756084&oid=2&pvsid=3369027831208136&pem=161&tmod=1865825641&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CpoeEbr%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=33&uci=a!x&btvi=1&fsb=1&xpc=XdTEsGSshm&p=https%3A//www.staradvertiser.com&dtd=601
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6aeaddaf921193b89640ff690d4fa10def5b35df03b04756fd154740e319673f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-3622156405313063&output=html&h=90&slotname=e1c6b69.f9e07fc&adk=139176089&adf=3713705667&pi=t.ma~as.e1c6b69.f9e07fc&w=728&lmt=1645341812&psa=0&format=728x90&url=https%3A%2F%2Fwww.staradvertiser.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645341812162&bpp=4&bdt=5178&idt=587&shv=r20220216&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5ce8b7f408438eaa%3AT%3D1645341809%3AS%3DALNI_MYPTfGaIPvuRDooZfs1nJVx84JKUQ&correlator=6178148257708&frm=20&pv=2&ga_vid=565048288.1645341808&ga_sid=1645341809&ga_hid=907291583&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=140&ady=3427&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C44756084&oid=2&pvsid=3369027831208136&pem=161&tmod=1865825641&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CpoeEbr%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=33&uci=a!x&btvi=1&fsb=1&xpc=XdTEsGSshm&p=https%3A//www.staradvertiser.com&dtd=601
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 20 Feb 2022 07:23:33 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29447
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
wrap.js
confiant-integrations.global.ssl.fastly.net/gptprebidnative/202202161834/ Frame 729F 		184 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://confiant-integrations.global.ssl.fastly.net/gptprebidnative/202202161834/wrap.js
Requested by
Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/Fseez_-nDyWQXIJsbnoKkKTHXC4/gpt_and_prebid/config.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
38e27f6cbe86b26bf65dff11b6d203ecc3231ddcd010cc89a3889f3c03bc3f73

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Sun, 20 Feb 2022 07:23:33 GMT
Content-Encoding
gzip
Age
609
X-Cache
HIT
Connection
keep-alive
Content-Length
59645
x-amz-id-2
M5VyQhY8WTEvqYhgzGZ1GXZ0F5OL3J1CSRR0M5FESKZJfwqMk5mWYHJVqcywx2G4vEvtmfHR6yU=
X-Served-By
cache-hhn4041-HHN
Last-Modified
Thu, 17 Feb 2022 18:21:30 GMT
Server
AmazonS3
X-Timer
S1645341813.037044,VS0,VE0
ETag
"724754dd331b2038d7b614ac5d8a9900"
x-amz-request-id
RZXQQ1BZETZHQ713
Via
1.1 varnish
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Content-Type
application/javascript; charset=utf-8
X-Cache-Hits
1563
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.staradvertiser.com%2F&domain=www.staradvertiser.com&bundle=2rX7QV84Rkl2dVZuVjNnRXlMZWtFQlhwQmVyYTFkTWx6TENNTG1IUmclMkZUZyUyRmpJS3VqS3NDZXBLbzFSODhBdWtCS1BBQlFxMEtUaUhNJTJGSHZOVXJoTk5ENG5raVBRNnFobDlScEJMVHhRRHdjeVZqT2kzWjJRenh1SkZpbVlDZGhPeks4eg&cw=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
https://www.staradvertiser.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
content-type
application/json; charset=utf-8
expires
0
access-control-allow-origin
https://www.staradvertiser.com
access-control-allow-headers
content-type
access-control-allow-credentials
true
access-control-allow-methods
GET
server-processing-duration-in-ticks
1479
date
Sun, 20 Feb 2022 07:23:32 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
vary
Accept-Encoding
sid
mug.criteo.com/ Frame 729F
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.staradvertiser.com%2F&domain=www.staradvertiser.com&bundle=2rX7QV84Rkl2dVZuVjNnRXlMZWtFQlhwQmVyYTFkTWx6TENNTG1IUmclMkZUZyUyRmp...
  • https://mug.criteo.com/sid?cpp=ChfMNHxPb3o5ZC9vU3ZwajU2TGVMZFFBUE5Id3BKZmFEZldkZitWeHNxQUp0SXQ4WGRqTjFuZldLZzYrWXlZa0VKLzNEbDFDWWF1WXJNRjYrS2FKa1o0NmdFWFJTVVNmMlRJaGE4ZW1ieXRQY2dLZm9hNERDdmVaTStKbE...
352 B
614 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=ChfMNHxPb3o5ZC9vU3ZwajU2TGVMZFFBUE5Id3BKZmFEZldkZitWeHNxQUp0SXQ4WGRqTjFuZldLZzYrWXlZa0VKLzNEbDFDWWF1WXJNRjYrS2FKa1o0NmdFWFJTVVNmMlRJaGE4ZW1ieXRQY2dLZm9hNERDdmVaTStKbE52STlUOTBOSFd4dTJKZGZQZGwxOEZEY2V4S1NWNEFjRkYvQUQvRmgzRjQzeEtSQWI0Wm83a0NyRlhkZjR5bWR5MDhLbnJaNWxGUGc5MVQwZWdOT2NhNy9CMW5adGhYQzRrVG8vY3lBa0kweW8wc3BFVk5oU1ZvcHRqenNHejkvaGlPeExRbysyVHpYTmRIRXk3ajVuUWNQN1Axb25hUT09fA&cppv=2
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
7282cc9f1e2327c8c367c669bdc814d46b464e37c3997fbfc7acd7fb7f99c24b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 20 Feb 2022 07:23:32 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2439
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Sun, 20 Feb 2022 07:23:32 GMT
location
https://mug.criteo.com/sid?cpp=ChfMNHxPb3o5ZC9vU3ZwajU2TGVMZFFBUE5Id3BKZmFEZldkZitWeHNxQUp0SXQ4WGRqTjFuZldLZzYrWXlZa0VKLzNEbDFDWWF1WXJNRjYrS2FKa1o0NmdFWFJTVVNmMlRJaGE4ZW1ieXRQY2dLZm9hNERDdmVaTStKbE52STlUOTBOSFd4dTJKZGZQZGwxOEZEY2V4S1NWNEFjRkYvQUQvRmgzRjQzeEtSQWI0Wm83a0NyRlhkZjR5bWR5MDhLbnJaNWxGUGc5MVQwZWdOT2NhNy9CMW5adGhYQzRrVG8vY3lBa0kweW8wc3BFVk5oU1ZvcHRqenNHejkvaGlPeExRbysyVHpYTmRIRXk3ajVuUWNQN1Axb25hUT09fA&cppv=2
strict-transport-security
max-age=31536000; preload;
access-control-allow-methods
GET
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.staradvertiser.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2116
content-length
541
expires
0
tag.min.js
get.s-onetag.com/42a30fdd-c1da-4d85-ab06-c212412bd9ab/ Frame 729F 		18 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://get.s-onetag.com/42a30fdd-c1da-4d85-ab06-c212412bd9ab/tag.min.js
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/header-tags/134cd2a0-7eab-4f89-ad56-f416cc5743c6/58dd42ce-1cdb-4ab3-8524-38a7cdc64a9d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.4.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-157-4-91.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
83af3eed9bc9713193f2ad86f6214e2554ec29f8022e054dcf696a10d59ff9d2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id
aT8uF5QDZCsxz_FuCjV0EGzNRrUyg9DX
content-encoding
gzip
last-modified
Thu, 17 Jun 2021 18:02:42 GMT
server
AmazonS3
age
17503
etag
W/"51ed6db266476896c6fe9a06992898e2"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
via
1.1 7ef588f1ad9c3a185cdaf4119943040e.cloudfront.net (CloudFront)
cache-control
max-age=86400
date
Sun, 20 Feb 2022 02:31:51 GMT
x-amz-cf-pop
DUS51-P2
x-amz-cf-id
ffCNDXF6HQiURije73AKXC6jRdXzFLCI2OosED4IS1Xp7WhYHY-kUQ==
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 729F 		82 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/header-tags/134cd2a0-7eab-4f89-ad56-f416cc5743c6/58dd42ce-1cdb-4ab3-8524-38a7cdc64a9d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
sffe /
Resource Hash
a488cee7bab7278931b4d7a47849849028671fca61526356ced58a6ae1d89993
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27505
x-xss-protection
0
server
sffe
etag
"1137 / 786 of 1000 / last-modified: 1645225613"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 20 Feb 2022 07:23:33 GMT
config
c.amazon-adsystem.com/cdn/prod/ Frame AC67 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.staradvertiser.com&pubid=70fb13d1-ab65-42ac-a7ca-0b4e680d5c92
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.250.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-250-78.fra6.r.cloudfront.net
Software
Server /
Resource Hash
2e0b76760753ecabd92d6562f5900f745acbefc7226fd4af4127f9aaeea9dba2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 01:44:38 GMT
via
1.1 f038e7175be9761825b2eefc2b0a832e.cloudfront.net (CloudFront)
server
Server
age
20334
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.staradvertiser.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-pop
FRA6-C1
content-length
1897
x-amz-cf-id
qr-QDEkhP_fVgUlvDpGM10USVrIq9Ark_IZAsQANUjJ2cMzkMDun2g==
bid
c.amazon-adsystem.com/e/dtb/ Frame AC67 		23 B
495 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.staradvertiser.com%2F&pid=S0ykhJ0HrjU8k&cb=0&ws=0x0&v=7.73.0&t=3000&slots=%5B%7B%22sd%22%3A%22div-insticator-ad-4%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F2507246%2Fstaradvertiser.com_Web_728x90_1%22%7D%5D&cfgv=1&schain=1.0%2C1!insticator.com%2C0eda47e1-3a3f-4444-8ab9-a525f4133e8d%2C1%2C%2C%2C&pubid=70fb13d1-ab65-42ac-a7ca-0b4e680d5c92&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.250.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-250-78.fra6.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:33 GMT
via
1.1 f038e7175be9761825b2eefc2b0a832e.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA6-C1
x-amz-rid
E693QWYG9VVMR6KVGH3F
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.staradvertiser.com
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
23
x-amz-cf-id
Zbkee6iK7eH2IfCZXn3CxQNOwiFvqa_G3l7QUN59RLoBeq4cH1lVDw==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame AC67 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.250.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-250-78.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id
kI14R7urpxgHjeMWGWlNpVn0IgFose_t
content-encoding
gzip
etag
W/"a4d296427fc806b21335359e398c025c"
age
21229
x-cache
Hit from cloudfront
access-control-max-age
3000
access-control-allow-origin
*
last-modified
Sat, 19 Feb 2022 01:26:04 GMT
server
AmazonS3
date
Sun, 20 Feb 2022 01:29:45 GMT
vary
Origin
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 f0a97a8c56cd2bb79a1739863489ed4c.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
FRA6-C1
x-amz-cf-id
LFhhgN0QdPBgoOJfBc7C7mDS6QM4liXLN-nlkoP6bxZLsm_zv6Op3A==
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=ChfMNHxPb3o5ZC9vU3ZwajU2TGVMZFFBUE5Id3BKZmFEZldkZitWeHNxQUp0SXQ4WGRqTjFuZldLZzYrWXlZa0VKLzNEbDFDWWF1WXJNRjYrS2FKa1o0NmdFWFJTVVNmMlRJaGE4ZW1ieXRQY2dLZm9hNERDdmVaTStKbE52STlUOTBOSFd4dTJKZGZQZGwxOEZEY2V4S1NWNEFjRkYvQUQvRmgzRjQzeEtSQWI0Wm83a0NyRlhkZjR5bWR5MDhLbnJaNWxGUGc5MVQwZWdOT2NhNy9CMW5adGhYQzRrVG8vY3lBa0kweW8wc3BFVk5oU1ZvcHRqenNHejkvaGlPeExRbysyVHpYTmRIRXk3ajVuUWNQN1Axb25hUT09fA&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
null
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
content-type
application/json; charset=utf-8
expires
0
access-control-allow-origin
null
access-control-allow-headers
content-type
access-control-allow-credentials
true
access-control-allow-methods
GET
server-processing-duration-in-ticks
1187
date
Sun, 20 Feb 2022 07:23:32 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
vary
Accept-Encoding
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220216/r20110914/ Frame 3E87 		25 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220216/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CUTS4cyl9GD6BQRP3kEpaEiIuHr3WpG15MW5uD3k3RaOhefyBjcqPz-I8MjqcSz5kXmk6iU6Fs0fWg9TZStNiBrsR5wUP2qQquQsiMkWlziSkqQbZeUCLJzBneMkRXNv_yQdIAh6wGXxm_zlgSrsjSPMvAkw&cry=1&dbm_d=AKAmf-CnWHewPS6D3sVjmh2-5giH59JvHtry379x9rkFYo6x2_I9ZcY9I4Ggs_xeULiEV1gDrD_dWl4shWF1p0WsiIw8kYKBVtejFbZreIZeK4bD6CUzqin3sKMlUEYY_0o_WQAhuOClZYdtERJpt702WY_0OxxqOu1U3efIStMzVGAiAO4Jg_FQIg43Lrdags4hJbc5Q9t8nKC0RhzLfc68VF7dQSHDZT4JfezenoDTIq7Idv0JFJ654_yBJx9OPz2OH1q-hagkGEaHLkud1UwiLoZIg4znTEDNCCvE9SGnHUKsTgVvtcxnOOA6syQYS2NyIK1SqRQU7FWYx1s6qcwTE2y4Qu5ONF6QRNYGFnEhDc4ec7XEe0ktFuJocRY5NVi6ONmBIFmVSHfK2SONJuNr96irdvfCzA0xP2KxCblkyBJT7hdOyWsTkYlgIJZTfhXhOr2Mi1KmLTowgVVP0iwdiXJoYvsxjjCKqZBWMaECe-4LA9F_UydAxjMwhU0G8WxrssitA-LH8t3pCbEElI0Bq4dITLyzs7DcazeiwNHfix2S3vi1HC7jYWVHgEP7tf2-MXMkW27OtGlNUOc2j7Av89erhD_dYiXO-J_sZvc1Yx2D8KQtPIaPSMLtPL4DPTya6N5MDcgO2ER2RV2CHEdXaZukHRkwutqKLiY2sck3oBHED9d5IiEjZd_SGSbEDxQCyjK1J4a39cnGwE5PH98FMo9_gzHf6VL6ArdzK0IkkalfoOY3sVWd7-bEkADmo8XBQ3b0xl-tRp0bZfxoh2dH8WlnMvPsg5xbrVD1oXIeYXKXL9i_Lb2qJdU7CZbjhxIThPxVponhklUTOqJxjV0IwJLZkVSun6ScvQe59SgQnsgofkJUsEBXw6Dgacj7jP9esP63nEbHoSsYMDfcmL5rH2CK0RBbauh4y75QQOR7_p2Yekd-EvtciBNCCct54uvpYNX4U1CJBwoReE3BEbzjh4NgPqYtUtWNb4xQVrBZK8MSgYq-Zd2hx4M2C7gkklSDNj4zmMtk6V2roMeEbVen5_qj1us54xiwfWJpcdg5VvR8IYaXpnrzbMH28XIAfWGIlQeGzNgzQo_XKBtI1xZgVzs6QMLq4G_tINRL66PkUSRzEiAPE_q_9h5X00FSJYaQ92e43AoFiOKR9ZkaPtRvksSrrUixNg7LqbECtO2gmcpJpSzjAjeVaj_mhjPcorHBoFm760KdVfCJhIyKUF0rZlrdrPfmCb78sWr_kwhnF0lZy1ou6jsXnEfcNNeRMR0klAIfSCwo5lv0T2N0rPfVWq4IbnpRp46ZU2i8yv1gnzAvqooBLR_PDijtRm5Dy8hgTgHRYQq63dJPDW9F56CzpMe_EajVxt9SF0hPr2aoWaoC-SZgGWPAUNVVz5plzp2ZKAUklKRw68spZa4tpVncY2IDLxW20EDQ-EwXK-8HvCsPA8Cx13om15LPSyN8y4RRdEbaqRJo3wEfgbTN42EuuP3klCYqyV9CzPWyVDBa-aqo3egWyGTiY9Mpz0vXOEZjW376lMyqRQVsZvS7mw9m4iPH0hbqdXr7ZYr5ZRhO_kgJzJP3mUBK62gteN1iPRWTvPjPWIK-BAc4a_3PMQuwyMN5sbMPPidPdOBBNR3itZjByxfiWdFG3V8hmI0T_2Ncjavr5MPquQOLiVRrYyG0KB8UIaYDHQvcS9-XpnVPl5YMC0OmtO0cguhI_oOGWXqDwc0cDqrhSILo2woSDvav-nR9SDW5tsh6gOFcU-9mGm4DD5BXb_xTdfX9hDGGHM1f6glFkEnaVsDJo361lUcmr6BADzcW9p7mzgWDSVtUFNBEK0WO5fWDkhcaJAHlDHzWvZoQTV5t00WE7AqWakTwRF9iykMS0nasBXiC43aMmJPffZXnuyvWmoRPZni-SKGSLVsE9DMGiacpPsoMS5XYZFBxQfwe1_ScaIPuxO1Gp-IG09cKEFaio0CmLgWWrwGAMIb7efC3dTldxlaty8S3b9VqWF89tkT9XoW2n8_uJ5pc2S3Jf0U02to1YBEnmUvL354rgCxo86IAoKXxSFeE5Dr5VcJJiFg8J6SDtKI8Armn7UooI0P7AU2yV2CvXJifV-iPnRZjGzwLUTS3MgVMpDVspHQj0ywj-bakYV5xn8m5jj0Hr5j-EUv6dsoDock8i_8RCLjJ4vXsbs3KkayQPNLmcrmJcADjoynQOlqC26hifhjVFiaMP1-fO0c_aFgjaznPeJKtYw-NVwB9jIrggc3uSdxXrfoKScdKTujqEprULRw47-09U8RlRvmRsTHwcqZEDdVMLqh7-URlbgtypRjJG8rS2nryOh90TV_udm0xP6dibZMhnQEcMxeTOiIMEMSQsilib33flVLFdI_tvhcEEPMb4NwYVYZ_B4vgRmu7Dyhlb6K58hDp8pQe2dvOVJarlDDSM7xIEqdFuU78HA5nnyUdBzxMjNX_eVdfHvBpz8GZBUCG54sB3S2clGa-bNvFPWMR_f71As85Hm1DGQWwWSsME2JDgivlVrruwWdfa6pjLWEqw5zkSRiOGCZiQCiPjgLH5aLplOpwnVAp5VyRLwIy6YwDYltRzLR948MkIe1UvlULnznRM50GEIpBCT89w-Qjqn1X_S8sMf4uIWZ4DOqH1UYIif6-1YaFxFTr9TeZGXTQw16X76wd5U76g0v79Rbm2A_B90BCUpJ-bpTMUUSh-sSS9qe5Z5wNjkkNK1BhQT_Byzr31mt3q0TzQcA3bu5jDtcClZ7nK9UVhmabPpMRlM1dAl0h3R9KCYqebJpEMWRnPz3Z52JHsuBukjgEG-NlwDxIffhGAPB1zMQuCuIeSWynzku6d6HsnrwjrMagmfVJ34HVUAImFUgojvilf5ax4qhc8Ifx757VjoE4PglekP8hU_YAeKsY_Tev4DRQkbiT1hc7KWViI0426b14yfAhZJPDOYAJJ8L462yWMbSxhlrK3G562Ua9oxhISDBnga_j43mWzuDqoUe1d1lF5pAdeH1syb51WwKNo-U1Axw29cMfwczBOaW5-MWKWmTmLrahh6MCp-79rOnu3zpo3Z53suvgqmnMtQHjVSfl38qWekbAjOwCjND4MVDo32SakV8d5edSFRKgWPYWDi1skaCfnrc-EqMnjSsE_5k0smAb-Oghyo8Kcsc1UIYu7sGbUGbKzUXJBGdHSEsJKAFzRs8taAWq6A_ZL6U04-1PxJc9sMlypWYd6eDt2EGiRUmWgDUsNStrJnylgvL8fE6OqqDf37y6atbPArTx_wnlgrQFo1gmVWurPberv2sI7TkzwBscVkVNqsPvl0nc3RHnHBrfI4eblMmAeEi2wQCF4QbwfcCa_UsdlNsgSKOSiDOfWq-O4GYGTzPkm6WFaSzHJkQgY4lVglr_HiYRcMEf0Ioe6X2_5stCXHYEfwMnGEqOS1euFNC_vtm9PjLuZIdlcb6TXv05zqAibpEeIYwS1qY8zXDfvnVznTdDIsTdEYgs3YJDxamYV0_DCl0HvZW4IBnDjZGzlEYt0gEbcVUZxOcqFXS3MngG0KDXrm33r18SgoVDiLbtLNCfEtqGcM7dUCwm69SLzcniIIGUrKRHeKa-jvT2Qfd_7RF5D_JQO593vbDqHsjcS8K-CnbOjVxFmJhzwGOu0_HDMip_GaePKy046O9TNKr_BwEIkssbNYfnBBlCH4VbgqEo-bHRUbyXzUZXhYPy6PS4lM08GDRvROHShrsNRHkRqgaSwfJE96xGAC9KsjwexH3IHILNKVOgLfLfrb78WNnp6bBPBLuJ7hw8NGRBXow22GCcyFB4YuN98z6KF3NeONmCtrVDuUPNbalXllNLZ4wyxTyd0xbsQu12n9EZRgH4WjDdVFfOFEVczIJMPkw81LNfv3thF2wB7WNd&cid=CAASPeRovW5vnEdNXjbRBG6A32fLe_sOBI2-uu9d7NEgoMl9CVvgaqUWAhBgFmGp7Fz3C3yOCfir9lWRe0-gZp0&rfl=1%2Chttps%253A%252F%252Fwww.staradvertiser.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d44b84e0471d9d1ac53ce061c9becfa720931b7364c7b55a6325d03859781782
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:22:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
73
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9648
x-xss-protection
0
server
cafe
etag
2224892065184813991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 06 Mar 2022 07:22:20 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220216/r20110914/elements/html/ Frame 3E87 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220216/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CUTS4cyl9GD6BQRP3kEpaEiIuHr3WpG15MW5uD3k3RaOhefyBjcqPz-I8MjqcSz5kXmk6iU6Fs0fWg9TZStNiBrsR5wUP2qQquQsiMkWlziSkqQbZeUCLJzBneMkRXNv_yQdIAh6wGXxm_zlgSrsjSPMvAkw&cry=1&dbm_d=AKAmf-CnWHewPS6D3sVjmh2-5giH59JvHtry379x9rkFYo6x2_I9ZcY9I4Ggs_xeULiEV1gDrD_dWl4shWF1p0WsiIw8kYKBVtejFbZreIZeK4bD6CUzqin3sKMlUEYY_0o_WQAhuOClZYdtERJpt702WY_0OxxqOu1U3efIStMzVGAiAO4Jg_FQIg43Lrdags4hJbc5Q9t8nKC0RhzLfc68VF7dQSHDZT4JfezenoDTIq7Idv0JFJ654_yBJx9OPz2OH1q-hagkGEaHLkud1UwiLoZIg4znTEDNCCvE9SGnHUKsTgVvtcxnOOA6syQYS2NyIK1SqRQU7FWYx1s6qcwTE2y4Qu5ONF6QRNYGFnEhDc4ec7XEe0ktFuJocRY5NVi6ONmBIFmVSHfK2SONJuNr96irdvfCzA0xP2KxCblkyBJT7hdOyWsTkYlgIJZTfhXhOr2Mi1KmLTowgVVP0iwdiXJoYvsxjjCKqZBWMaECe-4LA9F_UydAxjMwhU0G8WxrssitA-LH8t3pCbEElI0Bq4dITLyzs7DcazeiwNHfix2S3vi1HC7jYWVHgEP7tf2-MXMkW27OtGlNUOc2j7Av89erhD_dYiXO-J_sZvc1Yx2D8KQtPIaPSMLtPL4DPTya6N5MDcgO2ER2RV2CHEdXaZukHRkwutqKLiY2sck3oBHED9d5IiEjZd_SGSbEDxQCyjK1J4a39cnGwE5PH98FMo9_gzHf6VL6ArdzK0IkkalfoOY3sVWd7-bEkADmo8XBQ3b0xl-tRp0bZfxoh2dH8WlnMvPsg5xbrVD1oXIeYXKXL9i_Lb2qJdU7CZbjhxIThPxVponhklUTOqJxjV0IwJLZkVSun6ScvQe59SgQnsgofkJUsEBXw6Dgacj7jP9esP63nEbHoSsYMDfcmL5rH2CK0RBbauh4y75QQOR7_p2Yekd-EvtciBNCCct54uvpYNX4U1CJBwoReE3BEbzjh4NgPqYtUtWNb4xQVrBZK8MSgYq-Zd2hx4M2C7gkklSDNj4zmMtk6V2roMeEbVen5_qj1us54xiwfWJpcdg5VvR8IYaXpnrzbMH28XIAfWGIlQeGzNgzQo_XKBtI1xZgVzs6QMLq4G_tINRL66PkUSRzEiAPE_q_9h5X00FSJYaQ92e43AoFiOKR9ZkaPtRvksSrrUixNg7LqbECtO2gmcpJpSzjAjeVaj_mhjPcorHBoFm760KdVfCJhIyKUF0rZlrdrPfmCb78sWr_kwhnF0lZy1ou6jsXnEfcNNeRMR0klAIfSCwo5lv0T2N0rPfVWq4IbnpRp46ZU2i8yv1gnzAvqooBLR_PDijtRm5Dy8hgTgHRYQq63dJPDW9F56CzpMe_EajVxt9SF0hPr2aoWaoC-SZgGWPAUNVVz5plzp2ZKAUklKRw68spZa4tpVncY2IDLxW20EDQ-EwXK-8HvCsPA8Cx13om15LPSyN8y4RRdEbaqRJo3wEfgbTN42EuuP3klCYqyV9CzPWyVDBa-aqo3egWyGTiY9Mpz0vXOEZjW376lMyqRQVsZvS7mw9m4iPH0hbqdXr7ZYr5ZRhO_kgJzJP3mUBK62gteN1iPRWTvPjPWIK-BAc4a_3PMQuwyMN5sbMPPidPdOBBNR3itZjByxfiWdFG3V8hmI0T_2Ncjavr5MPquQOLiVRrYyG0KB8UIaYDHQvcS9-XpnVPl5YMC0OmtO0cguhI_oOGWXqDwc0cDqrhSILo2woSDvav-nR9SDW5tsh6gOFcU-9mGm4DD5BXb_xTdfX9hDGGHM1f6glFkEnaVsDJo361lUcmr6BADzcW9p7mzgWDSVtUFNBEK0WO5fWDkhcaJAHlDHzWvZoQTV5t00WE7AqWakTwRF9iykMS0nasBXiC43aMmJPffZXnuyvWmoRPZni-SKGSLVsE9DMGiacpPsoMS5XYZFBxQfwe1_ScaIPuxO1Gp-IG09cKEFaio0CmLgWWrwGAMIb7efC3dTldxlaty8S3b9VqWF89tkT9XoW2n8_uJ5pc2S3Jf0U02to1YBEnmUvL354rgCxo86IAoKXxSFeE5Dr5VcJJiFg8J6SDtKI8Armn7UooI0P7AU2yV2CvXJifV-iPnRZjGzwLUTS3MgVMpDVspHQj0ywj-bakYV5xn8m5jj0Hr5j-EUv6dsoDock8i_8RCLjJ4vXsbs3KkayQPNLmcrmJcADjoynQOlqC26hifhjVFiaMP1-fO0c_aFgjaznPeJKtYw-NVwB9jIrggc3uSdxXrfoKScdKTujqEprULRw47-09U8RlRvmRsTHwcqZEDdVMLqh7-URlbgtypRjJG8rS2nryOh90TV_udm0xP6dibZMhnQEcMxeTOiIMEMSQsilib33flVLFdI_tvhcEEPMb4NwYVYZ_B4vgRmu7Dyhlb6K58hDp8pQe2dvOVJarlDDSM7xIEqdFuU78HA5nnyUdBzxMjNX_eVdfHvBpz8GZBUCG54sB3S2clGa-bNvFPWMR_f71As85Hm1DGQWwWSsME2JDgivlVrruwWdfa6pjLWEqw5zkSRiOGCZiQCiPjgLH5aLplOpwnVAp5VyRLwIy6YwDYltRzLR948MkIe1UvlULnznRM50GEIpBCT89w-Qjqn1X_S8sMf4uIWZ4DOqH1UYIif6-1YaFxFTr9TeZGXTQw16X76wd5U76g0v79Rbm2A_B90BCUpJ-bpTMUUSh-sSS9qe5Z5wNjkkNK1BhQT_Byzr31mt3q0TzQcA3bu5jDtcClZ7nK9UVhmabPpMRlM1dAl0h3R9KCYqebJpEMWRnPz3Z52JHsuBukjgEG-NlwDxIffhGAPB1zMQuCuIeSWynzku6d6HsnrwjrMagmfVJ34HVUAImFUgojvilf5ax4qhc8Ifx757VjoE4PglekP8hU_YAeKsY_Tev4DRQkbiT1hc7KWViI0426b14yfAhZJPDOYAJJ8L462yWMbSxhlrK3G562Ua9oxhISDBnga_j43mWzuDqoUe1d1lF5pAdeH1syb51WwKNo-U1Axw29cMfwczBOaW5-MWKWmTmLrahh6MCp-79rOnu3zpo3Z53suvgqmnMtQHjVSfl38qWekbAjOwCjND4MVDo32SakV8d5edSFRKgWPYWDi1skaCfnrc-EqMnjSsE_5k0smAb-Oghyo8Kcsc1UIYu7sGbUGbKzUXJBGdHSEsJKAFzRs8taAWq6A_ZL6U04-1PxJc9sMlypWYd6eDt2EGiRUmWgDUsNStrJnylgvL8fE6OqqDf37y6atbPArTx_wnlgrQFo1gmVWurPberv2sI7TkzwBscVkVNqsPvl0nc3RHnHBrfI4eblMmAeEi2wQCF4QbwfcCa_UsdlNsgSKOSiDOfWq-O4GYGTzPkm6WFaSzHJkQgY4lVglr_HiYRcMEf0Ioe6X2_5stCXHYEfwMnGEqOS1euFNC_vtm9PjLuZIdlcb6TXv05zqAibpEeIYwS1qY8zXDfvnVznTdDIsTdEYgs3YJDxamYV0_DCl0HvZW4IBnDjZGzlEYt0gEbcVUZxOcqFXS3MngG0KDXrm33r18SgoVDiLbtLNCfEtqGcM7dUCwm69SLzcniIIGUrKRHeKa-jvT2Qfd_7RF5D_JQO593vbDqHsjcS8K-CnbOjVxFmJhzwGOu0_HDMip_GaePKy046O9TNKr_BwEIkssbNYfnBBlCH4VbgqEo-bHRUbyXzUZXhYPy6PS4lM08GDRvROHShrsNRHkRqgaSwfJE96xGAC9KsjwexH3IHILNKVOgLfLfrb78WNnp6bBPBLuJ7hw8NGRBXow22GCcyFB4YuN98z6KF3NeONmCtrVDuUPNbalXllNLZ4wyxTyd0xbsQu12n9EZRgH4WjDdVFfOFEVczIJMPkw81LNfv3thF2wB7WNd&cid=CAASPeRovW5vnEdNXjbRBG6A32fLe_sOBI2-uu9d7NEgoMl9CVvgaqUWAhBgFmGp7Fz3C3yOCfir9lWRe0-gZp0&rfl=1%2Chttps%253A%252F%252Fwww.staradvertiser.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:20:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
177
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3159
x-xss-protection
0
server
cafe
etag
1394524276809619753
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 06 Mar 2022 07:20:36 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 3E87 		0
571 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjss6EltoS973S7Iox7cuTa9zSTjRAFTLzvNjFM8dgUS5fSRFcJxow5619GejAiVzAGRbF9uBHuf15eawI8ivSam-pVVfjzmXp4Lry4mMNp35xZXWjQXJlGrrh8M6o0FZuE1WXMFkHcPxNthVo8xJIKCOzpz-mmTtSpn3_ymXNv29zvvGxs2SZd0d3KRASwy96Bg1D6PfwzYBr17uzYTt8auOKKz5y6dnhVWxw07OjX_9uqC-_MJF7jXrvLELFwIpf7G3XT57WCXiYXpuGBmuhVTXYLJWZdPHWl0RAtAFA0Gi50FGR-F3uHWKGI5RzT7Xq8Uw-PhpM_rU1s64Bz9ObbeGKzLBT8Yv6i3zK1RUIStxU8cS6RtyqWpaHHgUWSsbbPMbaCHPO60vslN02_aSX3zGPCP5vQGC8aP2PP1gOrSPUTdPEw6N_SvOmCAQL3cioYPxdzWJI2Em5TjlzwGqMMAN0GNKyEjboNnEanJ7R0mV6f383AcoXT4BVyhgrhWYEoo4Ym3Ccji8f0QF8q2PieaL8FSM3wpl-OtrqPn_JfWVnx5LsLVMZcEuQg8cz9ou5KFGooHfj2BJ70dYs0GHaQ1b8AV31KwYGlXE6Q4Jvm79RW9XUDqpzq0culk7ScO9-GSJ54qpSCEHNOOVBDXguKZETmFN2F1eORzGIyQA37QD4BIPNUyKsxRYbA7AV_ZWhXxXaKVJ19znPq87sj5_ibij5np8XMvlqLogQYOYiUZHXMPxSGW9it6tUBT28xfyWRCWeLZhZ6jA3ktVvCvKtaZeag4Gxdkb3F6Fs6ZKcOvkxlGbHKdi94yiiwY3j0XwnyNRQhi1qo6ZQJbtyzcL3dP7Wqq59qgTZzhl4ruuJsK0xkzt_8F0TqY4Yg1AgwkgqtD-HeCcrbXNKYoHaY8IBhDbH8u1gnzNdMM4WBvYER_YDsX0zMgLftG6m6lJJjW_10hyfddeBNtBwla5w5FGt3BwrMsMZ7ZB7tJIawpowcYq3_cXA7I7islZZ1YmpeZKR7B5b6wNBp1kDfPx1erkLq5HipuKUpWlMTtuCAo3MPS8HykS8qUfr3ErJ3lLQeyBCxtngzVXUU-dAC22Majx99CyfUzqAmGyqaVzk9ccIP9s-hSSm0sStnqnyYLYa3u7r4R2xY3mMhH1D_LIO0IzHT5VzafeeVbReCUdMMAEqOO0Z6o_NdWyOhfZIFGI4_tCQTVqc3UkTiueo9ViNEm7C-mDSGYur_6ney8s1kJ-KM7wRWFrcjJGuRJtarYqsoyM-2euEg2IB1IuAnDAaeSzGgPWOfIp7OmY7_PtXfRiZhip-4oSeCAyjCPR6YlocnJnsueOFAxSpKLiE0c8aKScDYd-H04VM0lT_wNUNzeNGmbnoQ&sai=AMfl-YSTgOwtNhlDSB4WgPbRaWdgcQ1Sogc_PiJYWWy-RsQaU5s1PlSwAs2MBNe-FAbFyR1S8_ahdOnGR-b0bQa25tOnxUwSocUlyBZ72yUqzmxzfdDzwt0jk2wvdXD6JM2oYEDWOdzcfL9F1OcKyik7gFXIcu-zc0p9yaIeE1aiXe1v_qjf6KvjiwB3yuNyyzkcc3NgBaN9406ufXIYONYS0wENySgsgaYzBHXbnkaGbpSxd4mSQuoxNbxS3wtVuyUabR0&sig=Cg0ArKJSzDaQ6tDc4yjREAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=0&cbvp=1&cstd=0&cisv=r20220216.64012&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CUTS4cyl9GD6BQRP3kEpaEiIuHr3WpG15MW5uD3k3RaOhefyBjcqPz-I8MjqcSz5kXmk6iU6Fs0fWg9TZStNiBrsR5wUP2qQquQsiMkWlziSkqQbZeUCLJzBneMkRXNv_yQdIAh6wGXxm_zlgSrsjSPMvAkw&cry=1&dbm_d=AKAmf-CnWHewPS6D3sVjmh2-5giH59JvHtry379x9rkFYo6x2_I9ZcY9I4Ggs_xeULiEV1gDrD_dWl4shWF1p0WsiIw8kYKBVtejFbZreIZeK4bD6CUzqin3sKMlUEYY_0o_WQAhuOClZYdtERJpt702WY_0OxxqOu1U3efIStMzVGAiAO4Jg_FQIg43Lrdags4hJbc5Q9t8nKC0RhzLfc68VF7dQSHDZT4JfezenoDTIq7Idv0JFJ654_yBJx9OPz2OH1q-hagkGEaHLkud1UwiLoZIg4znTEDNCCvE9SGnHUKsTgVvtcxnOOA6syQYS2NyIK1SqRQU7FWYx1s6qcwTE2y4Qu5ONF6QRNYGFnEhDc4ec7XEe0ktFuJocRY5NVi6ONmBIFmVSHfK2SONJuNr96irdvfCzA0xP2KxCblkyBJT7hdOyWsTkYlgIJZTfhXhOr2Mi1KmLTowgVVP0iwdiXJoYvsxjjCKqZBWMaECe-4LA9F_UydAxjMwhU0G8WxrssitA-LH8t3pCbEElI0Bq4dITLyzs7DcazeiwNHfix2S3vi1HC7jYWVHgEP7tf2-MXMkW27OtGlNUOc2j7Av89erhD_dYiXO-J_sZvc1Yx2D8KQtPIaPSMLtPL4DPTya6N5MDcgO2ER2RV2CHEdXaZukHRkwutqKLiY2sck3oBHED9d5IiEjZd_SGSbEDxQCyjK1J4a39cnGwE5PH98FMo9_gzHf6VL6ArdzK0IkkalfoOY3sVWd7-bEkADmo8XBQ3b0xl-tRp0bZfxoh2dH8WlnMvPsg5xbrVD1oXIeYXKXL9i_Lb2qJdU7CZbjhxIThPxVponhklUTOqJxjV0IwJLZkVSun6ScvQe59SgQnsgofkJUsEBXw6Dgacj7jP9esP63nEbHoSsYMDfcmL5rH2CK0RBbauh4y75QQOR7_p2Yekd-EvtciBNCCct54uvpYNX4U1CJBwoReE3BEbzjh4NgPqYtUtWNb4xQVrBZK8MSgYq-Zd2hx4M2C7gkklSDNj4zmMtk6V2roMeEbVen5_qj1us54xiwfWJpcdg5VvR8IYaXpnrzbMH28XIAfWGIlQeGzNgzQo_XKBtI1xZgVzs6QMLq4G_tINRL66PkUSRzEiAPE_q_9h5X00FSJYaQ92e43AoFiOKR9ZkaPtRvksSrrUixNg7LqbECtO2gmcpJpSzjAjeVaj_mhjPcorHBoFm760KdVfCJhIyKUF0rZlrdrPfmCb78sWr_kwhnF0lZy1ou6jsXnEfcNNeRMR0klAIfSCwo5lv0T2N0rPfVWq4IbnpRp46ZU2i8yv1gnzAvqooBLR_PDijtRm5Dy8hgTgHRYQq63dJPDW9F56CzpMe_EajVxt9SF0hPr2aoWaoC-SZgGWPAUNVVz5plzp2ZKAUklKRw68spZa4tpVncY2IDLxW20EDQ-EwXK-8HvCsPA8Cx13om15LPSyN8y4RRdEbaqRJo3wEfgbTN42EuuP3klCYqyV9CzPWyVDBa-aqo3egWyGTiY9Mpz0vXOEZjW376lMyqRQVsZvS7mw9m4iPH0hbqdXr7ZYr5ZRhO_kgJzJP3mUBK62gteN1iPRWTvPjPWIK-BAc4a_3PMQuwyMN5sbMPPidPdOBBNR3itZjByxfiWdFG3V8hmI0T_2Ncjavr5MPquQOLiVRrYyG0KB8UIaYDHQvcS9-XpnVPl5YMC0OmtO0cguhI_oOGWXqDwc0cDqrhSILo2woSDvav-nR9SDW5tsh6gOFcU-9mGm4DD5BXb_xTdfX9hDGGHM1f6glFkEnaVsDJo361lUcmr6BADzcW9p7mzgWDSVtUFNBEK0WO5fWDkhcaJAHlDHzWvZoQTV5t00WE7AqWakTwRF9iykMS0nasBXiC43aMmJPffZXnuyvWmoRPZni-SKGSLVsE9DMGiacpPsoMS5XYZFBxQfwe1_ScaIPuxO1Gp-IG09cKEFaio0CmLgWWrwGAMIb7efC3dTldxlaty8S3b9VqWF89tkT9XoW2n8_uJ5pc2S3Jf0U02to1YBEnmUvL354rgCxo86IAoKXxSFeE5Dr5VcJJiFg8J6SDtKI8Armn7UooI0P7AU2yV2CvXJifV-iPnRZjGzwLUTS3MgVMpDVspHQj0ywj-bakYV5xn8m5jj0Hr5j-EUv6dsoDock8i_8RCLjJ4vXsbs3KkayQPNLmcrmJcADjoynQOlqC26hifhjVFiaMP1-fO0c_aFgjaznPeJKtYw-NVwB9jIrggc3uSdxXrfoKScdKTujqEprULRw47-09U8RlRvmRsTHwcqZEDdVMLqh7-URlbgtypRjJG8rS2nryOh90TV_udm0xP6dibZMhnQEcMxeTOiIMEMSQsilib33flVLFdI_tvhcEEPMb4NwYVYZ_B4vgRmu7Dyhlb6K58hDp8pQe2dvOVJarlDDSM7xIEqdFuU78HA5nnyUdBzxMjNX_eVdfHvBpz8GZBUCG54sB3S2clGa-bNvFPWMR_f71As85Hm1DGQWwWSsME2JDgivlVrruwWdfa6pjLWEqw5zkSRiOGCZiQCiPjgLH5aLplOpwnVAp5VyRLwIy6YwDYltRzLR948MkIe1UvlULnznRM50GEIpBCT89w-Qjqn1X_S8sMf4uIWZ4DOqH1UYIif6-1YaFxFTr9TeZGXTQw16X76wd5U76g0v79Rbm2A_B90BCUpJ-bpTMUUSh-sSS9qe5Z5wNjkkNK1BhQT_Byzr31mt3q0TzQcA3bu5jDtcClZ7nK9UVhmabPpMRlM1dAl0h3R9KCYqebJpEMWRnPz3Z52JHsuBukjgEG-NlwDxIffhGAPB1zMQuCuIeSWynzku6d6HsnrwjrMagmfVJ34HVUAImFUgojvilf5ax4qhc8Ifx757VjoE4PglekP8hU_YAeKsY_Tev4DRQkbiT1hc7KWViI0426b14yfAhZJPDOYAJJ8L462yWMbSxhlrK3G562Ua9oxhISDBnga_j43mWzuDqoUe1d1lF5pAdeH1syb51WwKNo-U1Axw29cMfwczBOaW5-MWKWmTmLrahh6MCp-79rOnu3zpo3Z53suvgqmnMtQHjVSfl38qWekbAjOwCjND4MVDo32SakV8d5edSFRKgWPYWDi1skaCfnrc-EqMnjSsE_5k0smAb-Oghyo8Kcsc1UIYu7sGbUGbKzUXJBGdHSEsJKAFzRs8taAWq6A_ZL6U04-1PxJc9sMlypWYd6eDt2EGiRUmWgDUsNStrJnylgvL8fE6OqqDf37y6atbPArTx_wnlgrQFo1gmVWurPberv2sI7TkzwBscVkVNqsPvl0nc3RHnHBrfI4eblMmAeEi2wQCF4QbwfcCa_UsdlNsgSKOSiDOfWq-O4GYGTzPkm6WFaSzHJkQgY4lVglr_HiYRcMEf0Ioe6X2_5stCXHYEfwMnGEqOS1euFNC_vtm9PjLuZIdlcb6TXv05zqAibpEeIYwS1qY8zXDfvnVznTdDIsTdEYgs3YJDxamYV0_DCl0HvZW4IBnDjZGzlEYt0gEbcVUZxOcqFXS3MngG0KDXrm33r18SgoVDiLbtLNCfEtqGcM7dUCwm69SLzcniIIGUrKRHeKa-jvT2Qfd_7RF5D_JQO593vbDqHsjcS8K-CnbOjVxFmJhzwGOu0_HDMip_GaePKy046O9TNKr_BwEIkssbNYfnBBlCH4VbgqEo-bHRUbyXzUZXhYPy6PS4lM08GDRvROHShrsNRHkRqgaSwfJE96xGAC9KsjwexH3IHILNKVOgLfLfrb78WNnp6bBPBLuJ7hw8NGRBXow22GCcyFB4YuN98z6KF3NeONmCtrVDuUPNbalXllNLZ4wyxTyd0xbsQu12n9EZRgH4WjDdVFfOFEVczIJMPkw81LNfv3thF2wB7WNd&cid=CAASPeRovW5vnEdNXjbRBG6A32fLe_sOBI2-uu9d7NEgoMl9CVvgaqUWAhBgFmGp7Fz3C3yOCfir9lWRe0-gZp0&rfl=1%2Chttps%253A%252F%252Fwww.staradvertiser.com%252F%240
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f98.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date
Sun, 20 Feb 2022 07:23:33 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 3E87 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CUTS4cyl9GD6BQRP3kEpaEiIuHr3WpG15MW5uD3k3RaOhefyBjcqPz-I8MjqcSz5kXmk6iU6Fs0fWg9TZStNiBrsR5wUP2qQquQsiMkWlziSkqQbZeUCLJzBneMkRXNv_yQdIAh6wGXxm_zlgSrsjSPMvAkw&cry=1&dbm_d=AKAmf-CnWHewPS6D3sVjmh2-5giH59JvHtry379x9rkFYo6x2_I9ZcY9I4Ggs_xeULiEV1gDrD_dWl4shWF1p0WsiIw8kYKBVtejFbZreIZeK4bD6CUzqin3sKMlUEYY_0o_WQAhuOClZYdtERJpt702WY_0OxxqOu1U3efIStMzVGAiAO4Jg_FQIg43Lrdags4hJbc5Q9t8nKC0RhzLfc68VF7dQSHDZT4JfezenoDTIq7Idv0JFJ654_yBJx9OPz2OH1q-hagkGEaHLkud1UwiLoZIg4znTEDNCCvE9SGnHUKsTgVvtcxnOOA6syQYS2NyIK1SqRQU7FWYx1s6qcwTE2y4Qu5ONF6QRNYGFnEhDc4ec7XEe0ktFuJocRY5NVi6ONmBIFmVSHfK2SONJuNr96irdvfCzA0xP2KxCblkyBJT7hdOyWsTkYlgIJZTfhXhOr2Mi1KmLTowgVVP0iwdiXJoYvsxjjCKqZBWMaECe-4LA9F_UydAxjMwhU0G8WxrssitA-LH8t3pCbEElI0Bq4dITLyzs7DcazeiwNHfix2S3vi1HC7jYWVHgEP7tf2-MXMkW27OtGlNUOc2j7Av89erhD_dYiXO-J_sZvc1Yx2D8KQtPIaPSMLtPL4DPTya6N5MDcgO2ER2RV2CHEdXaZukHRkwutqKLiY2sck3oBHED9d5IiEjZd_SGSbEDxQCyjK1J4a39cnGwE5PH98FMo9_gzHf6VL6ArdzK0IkkalfoOY3sVWd7-bEkADmo8XBQ3b0xl-tRp0bZfxoh2dH8WlnMvPsg5xbrVD1oXIeYXKXL9i_Lb2qJdU7CZbjhxIThPxVponhklUTOqJxjV0IwJLZkVSun6ScvQe59SgQnsgofkJUsEBXw6Dgacj7jP9esP63nEbHoSsYMDfcmL5rH2CK0RBbauh4y75QQOR7_p2Yekd-EvtciBNCCct54uvpYNX4U1CJBwoReE3BEbzjh4NgPqYtUtWNb4xQVrBZK8MSgYq-Zd2hx4M2C7gkklSDNj4zmMtk6V2roMeEbVen5_qj1us54xiwfWJpcdg5VvR8IYaXpnrzbMH28XIAfWGIlQeGzNgzQo_XKBtI1xZgVzs6QMLq4G_tINRL66PkUSRzEiAPE_q_9h5X00FSJYaQ92e43AoFiOKR9ZkaPtRvksSrrUixNg7LqbECtO2gmcpJpSzjAjeVaj_mhjPcorHBoFm760KdVfCJhIyKUF0rZlrdrPfmCb78sWr_kwhnF0lZy1ou6jsXnEfcNNeRMR0klAIfSCwo5lv0T2N0rPfVWq4IbnpRp46ZU2i8yv1gnzAvqooBLR_PDijtRm5Dy8hgTgHRYQq63dJPDW9F56CzpMe_EajVxt9SF0hPr2aoWaoC-SZgGWPAUNVVz5plzp2ZKAUklKRw68spZa4tpVncY2IDLxW20EDQ-EwXK-8HvCsPA8Cx13om15LPSyN8y4RRdEbaqRJo3wEfgbTN42EuuP3klCYqyV9CzPWyVDBa-aqo3egWyGTiY9Mpz0vXOEZjW376lMyqRQVsZvS7mw9m4iPH0hbqdXr7ZYr5ZRhO_kgJzJP3mUBK62gteN1iPRWTvPjPWIK-BAc4a_3PMQuwyMN5sbMPPidPdOBBNR3itZjByxfiWdFG3V8hmI0T_2Ncjavr5MPquQOLiVRrYyG0KB8UIaYDHQvcS9-XpnVPl5YMC0OmtO0cguhI_oOGWXqDwc0cDqrhSILo2woSDvav-nR9SDW5tsh6gOFcU-9mGm4DD5BXb_xTdfX9hDGGHM1f6glFkEnaVsDJo361lUcmr6BADzcW9p7mzgWDSVtUFNBEK0WO5fWDkhcaJAHlDHzWvZoQTV5t00WE7AqWakTwRF9iykMS0nasBXiC43aMmJPffZXnuyvWmoRPZni-SKGSLVsE9DMGiacpPsoMS5XYZFBxQfwe1_ScaIPuxO1Gp-IG09cKEFaio0CmLgWWrwGAMIb7efC3dTldxlaty8S3b9VqWF89tkT9XoW2n8_uJ5pc2S3Jf0U02to1YBEnmUvL354rgCxo86IAoKXxSFeE5Dr5VcJJiFg8J6SDtKI8Armn7UooI0P7AU2yV2CvXJifV-iPnRZjGzwLUTS3MgVMpDVspHQj0ywj-bakYV5xn8m5jj0Hr5j-EUv6dsoDock8i_8RCLjJ4vXsbs3KkayQPNLmcrmJcADjoynQOlqC26hifhjVFiaMP1-fO0c_aFgjaznPeJKtYw-NVwB9jIrggc3uSdxXrfoKScdKTujqEprULRw47-09U8RlRvmRsTHwcqZEDdVMLqh7-URlbgtypRjJG8rS2nryOh90TV_udm0xP6dibZMhnQEcMxeTOiIMEMSQsilib33flVLFdI_tvhcEEPMb4NwYVYZ_B4vgRmu7Dyhlb6K58hDp8pQe2dvOVJarlDDSM7xIEqdFuU78HA5nnyUdBzxMjNX_eVdfHvBpz8GZBUCG54sB3S2clGa-bNvFPWMR_f71As85Hm1DGQWwWSsME2JDgivlVrruwWdfa6pjLWEqw5zkSRiOGCZiQCiPjgLH5aLplOpwnVAp5VyRLwIy6YwDYltRzLR948MkIe1UvlULnznRM50GEIpBCT89w-Qjqn1X_S8sMf4uIWZ4DOqH1UYIif6-1YaFxFTr9TeZGXTQw16X76wd5U76g0v79Rbm2A_B90BCUpJ-bpTMUUSh-sSS9qe5Z5wNjkkNK1BhQT_Byzr31mt3q0TzQcA3bu5jDtcClZ7nK9UVhmabPpMRlM1dAl0h3R9KCYqebJpEMWRnPz3Z52JHsuBukjgEG-NlwDxIffhGAPB1zMQuCuIeSWynzku6d6HsnrwjrMagmfVJ34HVUAImFUgojvilf5ax4qhc8Ifx757VjoE4PglekP8hU_YAeKsY_Tev4DRQkbiT1hc7KWViI0426b14yfAhZJPDOYAJJ8L462yWMbSxhlrK3G562Ua9oxhISDBnga_j43mWzuDqoUe1d1lF5pAdeH1syb51WwKNo-U1Axw29cMfwczBOaW5-MWKWmTmLrahh6MCp-79rOnu3zpo3Z53suvgqmnMtQHjVSfl38qWekbAjOwCjND4MVDo32SakV8d5edSFRKgWPYWDi1skaCfnrc-EqMnjSsE_5k0smAb-Oghyo8Kcsc1UIYu7sGbUGbKzUXJBGdHSEsJKAFzRs8taAWq6A_ZL6U04-1PxJc9sMlypWYd6eDt2EGiRUmWgDUsNStrJnylgvL8fE6OqqDf37y6atbPArTx_wnlgrQFo1gmVWurPberv2sI7TkzwBscVkVNqsPvl0nc3RHnHBrfI4eblMmAeEi2wQCF4QbwfcCa_UsdlNsgSKOSiDOfWq-O4GYGTzPkm6WFaSzHJkQgY4lVglr_HiYRcMEf0Ioe6X2_5stCXHYEfwMnGEqOS1euFNC_vtm9PjLuZIdlcb6TXv05zqAibpEeIYwS1qY8zXDfvnVznTdDIsTdEYgs3YJDxamYV0_DCl0HvZW4IBnDjZGzlEYt0gEbcVUZxOcqFXS3MngG0KDXrm33r18SgoVDiLbtLNCfEtqGcM7dUCwm69SLzcniIIGUrKRHeKa-jvT2Qfd_7RF5D_JQO593vbDqHsjcS8K-CnbOjVxFmJhzwGOu0_HDMip_GaePKy046O9TNKr_BwEIkssbNYfnBBlCH4VbgqEo-bHRUbyXzUZXhYPy6PS4lM08GDRvROHShrsNRHkRqgaSwfJE96xGAC9KsjwexH3IHILNKVOgLfLfrb78WNnp6bBPBLuJ7hw8NGRBXow22GCcyFB4YuN98z6KF3NeONmCtrVDuUPNbalXllNLZ4wyxTyd0xbsQu12n9EZRgH4WjDdVFfOFEVczIJMPkw81LNfv3thF2wB7WNd&cid=CAASPeRovW5vnEdNXjbRBG6A32fLe_sOBI2-uu9d7NEgoMl9CVvgaqUWAhBgFmGp7Fz3C3yOCfir9lWRe0-gZp0&rfl=1%2Chttps%253A%252F%252Fwww.staradvertiser.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 19 Feb 2022 17:22:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
50468
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 19 Feb 2023 17:22:25 GMT
239770368241995806
s0.2mdn.net/simgad/ Frame 3E87 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/239770368241995806
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-3622156405313063&output=html&h=90&slotname=e1c6b69.f9e07fc&adk=139176089&adf=3713705667&pi=t.ma~as.e1c6b69.f9e07fc&w=728&lmt=1645341812&psa=0&format=728x90&url=https%3A%2F%2Fwww.staradvertiser.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645341812162&bpp=4&bdt=5178&idt=587&shv=r20220216&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5ce8b7f408438eaa%3AT%3D1645341809%3AS%3DALNI_MYPTfGaIPvuRDooZfs1nJVx84JKUQ&correlator=6178148257708&frm=20&pv=2&ga_vid=565048288.1645341808&ga_sid=1645341809&ga_hid=907291583&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=140&ady=3427&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C44756084&oid=2&pvsid=3369027831208136&pem=161&tmod=1865825641&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CpoeEbr%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=33&uci=a!x&btvi=1&fsb=1&xpc=XdTEsGSshm&p=https%3A//www.staradvertiser.com&dtd=601
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
be4c1c3298d4c57fdb2068a8df5822d8166fa09a5b2abd2fcb4f0be705395ed0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 05:23:05 GMT
x-content-type-options
nosniff
age
7228
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13921
x-xss-protection
0
last-modified
Wed, 29 Dec 2021 11:00:54 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 20 Feb 2023 05:23:05 GMT
ats.js
ats.rlcdn.com/ Frame AC67 		109 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ats.rlcdn.com/ats.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-86.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
72c5d10e99c6620a2561415895a84064b5b5616c2b1914602263886be4cdc229

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id
28x_tDvW9kJ.rWgfbdZIcgxbFDdgh9p3
content-encoding
gzip
etag
W/"d7dfa2940a5d5ce3beedd8774c961dd7"
age
10128
x-amz-server-side-encryption
AES256
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:eu-west-1:469675294282:build/ATSLibrary-prod:6fbe2bf4-0d3f-4234-a84e-c584de5ecb5e
x-cache
Hit from cloudfront
x-amz-meta-codebuild-content-md5
8c7650e47b7f894f6ae5a1fc4919cee6
last-modified
Thu, 16 Dec 2021 12:45:56 GMT
server
AmazonS3
date
Sun, 20 Feb 2022 04:34:46 GMT
vary
Accept-Encoding
x-amz-meta-codebuild-content-sha256
ae589a6335869a8948d0172dfafea0c42638763d87ea89591504c580a5c4f6c7
via
1.1 a350f357b825293e306b1b0a2cb490c0.cloudfront.net (CloudFront)
cache-control
must-revalidate,public,max-age=86400
x-amz-cf-pop
FRA6-C1
content-type
application/x-javascript
x-amz-cf-id
HPRFpWYb2ukcr2uQoFhfulqNts7C2FKGOTs3C7eoX516vdkSZPDHNw==
pubcid.min.js
secure.cdn.fastclick.net/js/pubcid/latest/ Frame AC67 		53 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.219.144 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-219-144.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
a4350fed8ed92bbf4f462fc245028928ac33afa25d2231b28c334b91cd0d3952

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:33 GMT
content-encoding
gzip
last-modified
Tue, 01 Jun 2021 17:06:57 GMT
server
Apache
etag
"d398-5c3b75e9ebb41-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
17087
expires
Sun, 20 Feb 2022 07:38:33 GMT
config.js
confiant-integrations.global.ssl.fastly.net/pOIAx-8QWovHK9PBpEctv-fzgXs/gpt_and_prebid/ Frame AC67 		63 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://confiant-integrations.global.ssl.fastly.net/pOIAx-8QWovHK9PBpEctv-fzgXs/gpt_and_prebid/config.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2b8351122b4c595aabf558ac61bd606f706974f14bcd21be575536ca6472e2a4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Sun, 20 Feb 2022 07:23:33 GMT
Content-Encoding
gzip
Age
3068
X-Cache
HIT
Connection
keep-alive
Content-Length
15229
x-amz-id-2
Ijqrb6YTxtvhNnq8IOqeBmCtrFn7xCGGsxARHFVor3kkEP2XftRhLslqq0pEVxlSDCkAR7sbcjc=
X-Served-By
cache-hhn4041-HHN
Last-Modified
Sun, 20 Feb 2022 05:29:18 GMT
Server
AmazonS3
X-Timer
S1645341813.116897,VS0,VE0
ETag
"4856ec002dbe86c5d418dde169a1a545"
x-amz-request-id
N0C8XFPTJADB8QZ0
Via
1.1 varnish
Cache-Control
public, max-age=900, stale-while-revalidate=3600
Accept-Ranges
bytes
Content-Type
text/javascript
X-Cache-Hits
106
id5-api.js
cdn.id5-sync.com/api/1.0/ Frame AC67 		38 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.105.202.126 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
60d76e5d3d47c3f67063f6ad8c4c19906031164734d901e60a8842d0a292a1cd
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
br
x-cacheable
Matched cache
x-cdn-pop-ip
137.74.120.0/27
date
Sun, 20 Feb 2022 07:16:59 GMT
content-type
text/javascript;charset=utf-8
cache-control
max-age=3600
x-cdn-pop
sbg
content-disposition
attachment;filename="id5-api.js"
accept-ranges
bytes
content-length
10638
x-request-id
150341566
pubads_impl_2022021401.js
securepubads.g.doubleclick.net/gpt/ Frame 729F 		360 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021401.js?31065011
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
sffe /
Resource Hash
8e2dcb9912e96ad6472e010d4e66d67c647dfc385f09d652c1ff8d4d752baf14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 17 Feb 2022 18:11:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
220300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
123280
x-xss-protection
0
last-modified
Mon, 14 Feb 2022 09:43:42 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 17 Feb 2023 18:11:53 GMT
bid
ap.lijit.com/rtb/ 		24 B
654 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_4.29.0-pre
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.4.6/rollbar.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.39 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
e3b990372c35ad2b0ab6a30b65a7ca00eff679f994ae676d9d7fde63a0c2a1f2

Request headers

Referer
https://www.staradvertiser.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sun, 20 Feb 2022 07:23:33 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.staradvertiser.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap7ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
24
cygnus
htlb.casalemedia.com/ 		36 B
335 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=359592&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22363635f237b459%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.staradvertiser.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allU%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%224.29.0-pre%22%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%224b31be121f5d95%22%2C%22ext%22%3A%7B%22siteID%22%3A%22359592%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.4.6/rollbar.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.31.84.150 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-31-84-150.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
0e9f8888ba0d877eae41f416837a9f13218940e19235a9e05618629a1913e87a

Request headers

Referer
https://www.staradvertiser.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 20 Feb 2022 07:23:33 GMT
x-ak-initial-geo
CC:[DE], RC:[HE], CN:[EU], CIP:[217.64.151.29], XFF:[]
server
Apache
content-type
application/json
access-control-allow-origin
https://www.staradvertiser.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
36
x-ak-client-geo
12
expires
Sun, 20 Feb 2022 07:23:33 GMT
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
297 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969da301757594a0c49518afc10016&pos=8a9695e3017777b66e76bc36403401e5&cmd=bid&secure=1
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.4.6/rollbar.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
ecef554c207ca480661a975a7c2cf101a99c9af0e71cb21ef7004a40dbd6b2d8

Request headers

Referer
https://www.staradvertiser.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 20 Feb 2022 07:23:33 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.staradvertiser.com
access-control-allow-credentials
true
content-length
62
prebid
ib.adnxs.com/ut/v3/ 		138 B
979 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.4.6/rollbar.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.90 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
829f165f85543ce674f974b387840d52702662fcf469e222147948b9a1f2625e
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.staradvertiser.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 20 Feb 2022 07:23:33 GMT
X-Proxy-Origin
217.64.151.29; 217.64.151.29; 727.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
c9e9ddd4-c421-4e89-9428-75d818890831
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.staradvertiser.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
138
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
trinity.json
apex.go.sonobi.com/ 		95 B
851 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%2210817be9e8fb65b%22%3A%225ada8bc6024f756e9ec4%7C300x250%22%7D&ref=https%3A%2F%2Fwww.staradvertiser.com%2F&s=86e16290-e780-48a3-b471-c453a0084ddb&pv=46994a65-16d3-425c-9498-ccedc633c2b1&vp=desktop&lib_name=prebid&lib_v=4.29.0-pre&us=5&ius=1
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.4.6/rollbar.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.150 Rijswijk, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-apex.go.sonobi.com
Software
sonobi-go /
Resource Hash
ce6b908ccefa0c7b809b1c85f9e8e4c70e4fb37aa2c3e5e2ba8d2174840d47e6
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.staradvertiser.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 20 Feb 2022 07:23:33 GMT
Content-Encoding
gzip
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
apex-ams-1-6-8
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
https://www.staradvertiser.com
Cache-Control
no-cache, no-store, private
Access-Control-Allow-Credentials
true
Tcn
Choice
Content-Type
application/json
Content-Length
120
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
truncated
/ Frame 3E87 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3f2d221b99f75987a9edf966049883c19b5a9237af1746261423a87fbb85556f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type
image/png
wrap.js
confiant-integrations.global.ssl.fastly.net/gptprebidnative/202202161834/ Frame AC67 		184 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://confiant-integrations.global.ssl.fastly.net/gptprebidnative/202202161834/wrap.js
Requested by
Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/pOIAx-8QWovHK9PBpEctv-fzgXs/gpt_and_prebid/config.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
38e27f6cbe86b26bf65dff11b6d203ecc3231ddcd010cc89a3889f3c03bc3f73

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Sun, 20 Feb 2022 07:23:33 GMT
Content-Encoding
gzip
Age
609
X-Cache
HIT
Connection
keep-alive
Content-Length
59645
x-amz-id-2
M5VyQhY8WTEvqYhgzGZ1GXZ0F5OL3J1CSRR0M5FESKZJfwqMk5mWYHJVqcywx2G4vEvtmfHR6yU=
X-Served-By
cache-hhn4041-HHN
Last-Modified
Thu, 17 Feb 2022 18:21:30 GMT
Server
AmazonS3
X-Timer
S1645341813.186137,VS0,VE0
ETag
"724754dd331b2038d7b614ac5d8a9900"
x-amz-request-id
RZXQQ1BZETZHQ713
Via
1.1 varnish
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Content-Type
application/javascript; charset=utf-8
X-Cache-Hits
1564
view
googleads4.g.doubleclick.net/pcs/ Frame 3E87 		0
60 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjss6EltoS973S7Iox7cuTa9zSTjRAFTLzvNjFM8dgUS5fSRFcJxow5619GejAiVzAGRbF9uBHuf15eawI8ivSam-pVVfjzmXp4Lry4mMNp35xZXWjQXJlGrrh8M6o0FZuE1WXMFkHcPxNthVo8xJIKCOzpz-mmTtSpn3_ymXNv29zvvGxs2SZd0d3KRASwy96Bg1D6PfwzYBr17uzYTt8auOKKz5y6dnhVWxw07OjX_9uqC-_MJF7jXrvLELFwIpf7G3XT57WCXiYXpuGBmuhVTXYLJWZdPHWl0RAtAFA0Gi50FGR-F3uHWKGI5RzT7Xq8Uw-PhpM_rU1s64Bz9ObbeGKzLBT8Yv6i3zK1RUIStxU8cS6RtyqWpaHHgUWSsbbPMbaCHPO60vslN02_aSX3zGPCP5vQGC8aP2PP1gOrSPUTdPEw6N_SvOmCAQL3cioYPxdzWJI2Em5TjlzwGqMMAN0GNKyEjboNnEanJ7R0mV6f383AcoXT4BVyhgrhWYEoo4Ym3Ccji8f0QF8q2PieaL8FSM3wpl-OtrqPn_JfWVnx5LsLVMZcEuQg8cz9ou5KFGooHfj2BJ70dYs0GHaQ1b8AV31KwYGlXE6Q4Jvm79RW9XUDqpzq0culk7ScO9-GSJ54qpSCEHNOOVBDXguKZETmFN2F1eORzGIyQA37QD4BIPNUyKsxRYbA7AV_ZWhXxXaKVJ19znPq87sj5_ibij5np8XMvlqLogQYOYiUZHXMPxSGW9it6tUBT28xfyWRCWeLZhZ6jA3ktVvCvKtaZeag4Gxdkb3F6Fs6ZKcOvkxlGbHKdi94yiiwY3j0XwnyNRQhi1qo6ZQJbtyzcL3dP7Wqq59qgTZzhl4ruuJsK0xkzt_8F0TqY4Yg1AgwkgqtD-HeCcrbXNKYoHaY8IBhDbH8u1gnzNdMM4WBvYER_YDsX0zMgLftG6m6lJJjW_10hyfddeBNtBwla5w5FGt3BwrMsMZ7ZB7tJIawpowcYq3_cXA7I7islZZ1YmpeZKR7B5b6wNBp1kDfPx1erkLq5HipuKUpWlMTtuCAo3MPS8HykS8qUfr3ErJ3lLQeyBCxtngzVXUU-dAC22Majx99CyfUzqAmGyqaVzk9ccIP9s-hSSm0sStnqnyYLYa3u7r4R2xY3mMhH1D_LIO0IzHT5VzafeeVbReCUdMMAEqOO0Z6o_NdWyOhfZIFGI4_tCQTVqc3UkTiueo9ViNEm7C-mDSGYur_6ney8s1kJ-KM7wRWFrcjJGuRJtarYqsoyM-2euEg2IB1IuAnDAaeSzGgPWOfIp7OmY7_PtXfRiZhip-4oSeCAyjCPR6YlocnJnsueOFAxSpKLiE0c8aKScDYd-H04VM0lT_wNUNzeNGmbnoQ&sai=AMfl-YSTgOwtNhlDSB4WgPbRaWdgcQ1Sogc_PiJYWWy-RsQaU5s1PlSwAs2MBNe-FAbFyR1S8_ahdOnGR-b0bQa25tOnxUwSocUlyBZ72yUqzmxzfdDzwt0jk2wvdXD6JM2oYEDWOdzcfL9F1OcKyik7gFXIcu-zc0p9yaIeE1aiXe1v_qjf6KvjiwB3yuNyyzkcc3NgBaN9406ufXIYONYS0wENySgsgaYzBHXbnkaGbpSxd4mSQuoxNbxS3wtVuyUabR0&sig=Cg0ArKJSzDaQ6tDc4yjREAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=76&vt=11&dtpt=76&dett=2&cstd=0&cisv=r20220216.64012&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CUTS4cyl9GD6BQRP3kEpaEiIuHr3WpG15MW5uD3k3RaOhefyBjcqPz-I8MjqcSz5kXmk6iU6Fs0fWg9TZStNiBrsR5wUP2qQquQsiMkWlziSkqQbZeUCLJzBneMkRXNv_yQdIAh6wGXxm_zlgSrsjSPMvAkw&cry=1&dbm_d=AKAmf-CnWHewPS6D3sVjmh2-5giH59JvHtry379x9rkFYo6x2_I9ZcY9I4Ggs_xeULiEV1gDrD_dWl4shWF1p0WsiIw8kYKBVtejFbZreIZeK4bD6CUzqin3sKMlUEYY_0o_WQAhuOClZYdtERJpt702WY_0OxxqOu1U3efIStMzVGAiAO4Jg_FQIg43Lrdags4hJbc5Q9t8nKC0RhzLfc68VF7dQSHDZT4JfezenoDTIq7Idv0JFJ654_yBJx9OPz2OH1q-hagkGEaHLkud1UwiLoZIg4znTEDNCCvE9SGnHUKsTgVvtcxnOOA6syQYS2NyIK1SqRQU7FWYx1s6qcwTE2y4Qu5ONF6QRNYGFnEhDc4ec7XEe0ktFuJocRY5NVi6ONmBIFmVSHfK2SONJuNr96irdvfCzA0xP2KxCblkyBJT7hdOyWsTkYlgIJZTfhXhOr2Mi1KmLTowgVVP0iwdiXJoYvsxjjCKqZBWMaECe-4LA9F_UydAxjMwhU0G8WxrssitA-LH8t3pCbEElI0Bq4dITLyzs7DcazeiwNHfix2S3vi1HC7jYWVHgEP7tf2-MXMkW27OtGlNUOc2j7Av89erhD_dYiXO-J_sZvc1Yx2D8KQtPIaPSMLtPL4DPTya6N5MDcgO2ER2RV2CHEdXaZukHRkwutqKLiY2sck3oBHED9d5IiEjZd_SGSbEDxQCyjK1J4a39cnGwE5PH98FMo9_gzHf6VL6ArdzK0IkkalfoOY3sVWd7-bEkADmo8XBQ3b0xl-tRp0bZfxoh2dH8WlnMvPsg5xbrVD1oXIeYXKXL9i_Lb2qJdU7CZbjhxIThPxVponhklUTOqJxjV0IwJLZkVSun6ScvQe59SgQnsgofkJUsEBXw6Dgacj7jP9esP63nEbHoSsYMDfcmL5rH2CK0RBbauh4y75QQOR7_p2Yekd-EvtciBNCCct54uvpYNX4U1CJBwoReE3BEbzjh4NgPqYtUtWNb4xQVrBZK8MSgYq-Zd2hx4M2C7gkklSDNj4zmMtk6V2roMeEbVen5_qj1us54xiwfWJpcdg5VvR8IYaXpnrzbMH28XIAfWGIlQeGzNgzQo_XKBtI1xZgVzs6QMLq4G_tINRL66PkUSRzEiAPE_q_9h5X00FSJYaQ92e43AoFiOKR9ZkaPtRvksSrrUixNg7LqbECtO2gmcpJpSzjAjeVaj_mhjPcorHBoFm760KdVfCJhIyKUF0rZlrdrPfmCb78sWr_kwhnF0lZy1ou6jsXnEfcNNeRMR0klAIfSCwo5lv0T2N0rPfVWq4IbnpRp46ZU2i8yv1gnzAvqooBLR_PDijtRm5Dy8hgTgHRYQq63dJPDW9F56CzpMe_EajVxt9SF0hPr2aoWaoC-SZgGWPAUNVVz5plzp2ZKAUklKRw68spZa4tpVncY2IDLxW20EDQ-EwXK-8HvCsPA8Cx13om15LPSyN8y4RRdEbaqRJo3wEfgbTN42EuuP3klCYqyV9CzPWyVDBa-aqo3egWyGTiY9Mpz0vXOEZjW376lMyqRQVsZvS7mw9m4iPH0hbqdXr7ZYr5ZRhO_kgJzJP3mUBK62gteN1iPRWTvPjPWIK-BAc4a_3PMQuwyMN5sbMPPidPdOBBNR3itZjByxfiWdFG3V8hmI0T_2Ncjavr5MPquQOLiVRrYyG0KB8UIaYDHQvcS9-XpnVPl5YMC0OmtO0cguhI_oOGWXqDwc0cDqrhSILo2woSDvav-nR9SDW5tsh6gOFcU-9mGm4DD5BXb_xTdfX9hDGGHM1f6glFkEnaVsDJo361lUcmr6BADzcW9p7mzgWDSVtUFNBEK0WO5fWDkhcaJAHlDHzWvZoQTV5t00WE7AqWakTwRF9iykMS0nasBXiC43aMmJPffZXnuyvWmoRPZni-SKGSLVsE9DMGiacpPsoMS5XYZFBxQfwe1_ScaIPuxO1Gp-IG09cKEFaio0CmLgWWrwGAMIb7efC3dTldxlaty8S3b9VqWF89tkT9XoW2n8_uJ5pc2S3Jf0U02to1YBEnmUvL354rgCxo86IAoKXxSFeE5Dr5VcJJiFg8J6SDtKI8Armn7UooI0P7AU2yV2CvXJifV-iPnRZjGzwLUTS3MgVMpDVspHQj0ywj-bakYV5xn8m5jj0Hr5j-EUv6dsoDock8i_8RCLjJ4vXsbs3KkayQPNLmcrmJcADjoynQOlqC26hifhjVFiaMP1-fO0c_aFgjaznPeJKtYw-NVwB9jIrggc3uSdxXrfoKScdKTujqEprULRw47-09U8RlRvmRsTHwcqZEDdVMLqh7-URlbgtypRjJG8rS2nryOh90TV_udm0xP6dibZMhnQEcMxeTOiIMEMSQsilib33flVLFdI_tvhcEEPMb4NwYVYZ_B4vgRmu7Dyhlb6K58hDp8pQe2dvOVJarlDDSM7xIEqdFuU78HA5nnyUdBzxMjNX_eVdfHvBpz8GZBUCG54sB3S2clGa-bNvFPWMR_f71As85Hm1DGQWwWSsME2JDgivlVrruwWdfa6pjLWEqw5zkSRiOGCZiQCiPjgLH5aLplOpwnVAp5VyRLwIy6YwDYltRzLR948MkIe1UvlULnznRM50GEIpBCT89w-Qjqn1X_S8sMf4uIWZ4DOqH1UYIif6-1YaFxFTr9TeZGXTQw16X76wd5U76g0v79Rbm2A_B90BCUpJ-bpTMUUSh-sSS9qe5Z5wNjkkNK1BhQT_Byzr31mt3q0TzQcA3bu5jDtcClZ7nK9UVhmabPpMRlM1dAl0h3R9KCYqebJpEMWRnPz3Z52JHsuBukjgEG-NlwDxIffhGAPB1zMQuCuIeSWynzku6d6HsnrwjrMagmfVJ34HVUAImFUgojvilf5ax4qhc8Ifx757VjoE4PglekP8hU_YAeKsY_Tev4DRQkbiT1hc7KWViI0426b14yfAhZJPDOYAJJ8L462yWMbSxhlrK3G562Ua9oxhISDBnga_j43mWzuDqoUe1d1lF5pAdeH1syb51WwKNo-U1Axw29cMfwczBOaW5-MWKWmTmLrahh6MCp-79rOnu3zpo3Z53suvgqmnMtQHjVSfl38qWekbAjOwCjND4MVDo32SakV8d5edSFRKgWPYWDi1skaCfnrc-EqMnjSsE_5k0smAb-Oghyo8Kcsc1UIYu7sGbUGbKzUXJBGdHSEsJKAFzRs8taAWq6A_ZL6U04-1PxJc9sMlypWYd6eDt2EGiRUmWgDUsNStrJnylgvL8fE6OqqDf37y6atbPArTx_wnlgrQFo1gmVWurPberv2sI7TkzwBscVkVNqsPvl0nc3RHnHBrfI4eblMmAeEi2wQCF4QbwfcCa_UsdlNsgSKOSiDOfWq-O4GYGTzPkm6WFaSzHJkQgY4lVglr_HiYRcMEf0Ioe6X2_5stCXHYEfwMnGEqOS1euFNC_vtm9PjLuZIdlcb6TXv05zqAibpEeIYwS1qY8zXDfvnVznTdDIsTdEYgs3YJDxamYV0_DCl0HvZW4IBnDjZGzlEYt0gEbcVUZxOcqFXS3MngG0KDXrm33r18SgoVDiLbtLNCfEtqGcM7dUCwm69SLzcniIIGUrKRHeKa-jvT2Qfd_7RF5D_JQO593vbDqHsjcS8K-CnbOjVxFmJhzwGOu0_HDMip_GaePKy046O9TNKr_BwEIkssbNYfnBBlCH4VbgqEo-bHRUbyXzUZXhYPy6PS4lM08GDRvROHShrsNRHkRqgaSwfJE96xGAC9KsjwexH3IHILNKVOgLfLfrb78WNnp6bBPBLuJ7hw8NGRBXow22GCcyFB4YuN98z6KF3NeONmCtrVDuUPNbalXllNLZ4wyxTyd0xbsQu12n9EZRgH4WjDdVFfOFEVczIJMPkw81LNfv3thF2wB7WNd&cid=CAASPeRovW5vnEdNXjbRBG6A32fLe_sOBI2-uu9d7NEgoMl9CVvgaqUWAhBgFmGp7Fz3C3yOCfir9lWRe0-gZp0&rfl=1%2Chttps%253A%252F%252Fwww.staradvertiser.com%252F%240
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f98.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 20 Feb 2022 07:23:33 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 61A7 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8395
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Sat, 19 Feb 2022 22:40:06 GMT
expires
Sun, 19 Feb 2023 22:40:06 GMT
cache-control
public, max-age=31536000
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
content-type
text/html
age
31407
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
securepubads.g.doubleclick.net/pcs/ Frame 729F 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsss45DkOwVZT8jIEvhPwchbU37v6rv4_v8LbSfZ0rYfy1136MKjjemj7cEwSq4g8sKFzjZ8ByphbkrBmuALne1BqwsUHLG1t7y6yfRQknJ81HfRsE3Owpt95TX1ZhWc-zynbW22PTYNdIbiENh1Pyo7cuoAPKJ4qpoXoUtX4QUwMCDwsc6ULWviYv3ALATkpacKF9mq2UKu_B_LElh7yyNmskSk2bvHhB1CGYp-pXN4vOAqo0BIrGs5RNwqwHLPRhTPHNMQlYUOi_04cw3NMumhDALRRu5MN1gDcPV4NleAmroU--3co51Iahm6On1ekeY5-hUc2dQ&sig=Cg0ArKJSzOpLy2gwHwFBEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 20 Feb 2022 07:23:33 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Sun, 20 Feb 2022 07:23:33 GMT
integrator.js
adservice.google.de/adsid/ Frame 729F 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.staradvertiser.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021401.js?31065011
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 20 Feb 2022 07:23:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 729F 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.staradvertiser.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021401.js?31065011
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 20 Feb 2022 07:23:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 729F 		26 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3064777730462492&correlator=3447023019495331&eid=31064685%2C31064905%2C31064966%2C31065011%2C31064869%2C44756432%2C44758229&output=ldjh&gdfp_req=1&vrg=2022021401&ptt=17&impl=fif&sc=1&sfv=1-0-38&ecs=20220220&iu_parts=2507246%3A5136785%2Cstaradvertiser.com_Web_728x90_1&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&prev_scp=h%3D7%26shb%3D1%26tg%3D1%26p%3DBTF%26at%3D1%26hostname%3Dwww.staradvertiser.com%26consent%3D0%26Exclude_Adx%3DN%26ib%3Dnofill%26iba%3D0%26iaid%3Dnofill%26it%3Dil&cust_params=ip%3D0%26he%3D0&cookie=ID%3D5ce8b7f408438eaa-2201df9943cd00a0%3AT%3D1645341809%3ART%3D1645341812%3AS%3DALNI_MbRYjXrEWoR8NSEOXpnO-gmoaq7ng&cdm=www.staradvertiser.com&bc=31&abxe=1&dt=1645341813274&lmt=1645341813&dlt=1645341811440&idt=1792&ea=0&frm=23&biw=1600&bih=1200&isw=728&ish=90&oid=2&adxs=436&adys=2118&adks=128770239&ucis=1sd6yn38md5m&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&nhd=1&url=https%3A%2F%2Fwww.staradvertiser.com%2F&top=https%3A%2F%2Fwww.staradvertiser.com%2F&vis=1&scr_x=0&scr_y=0&psz=0x0&msz=728x0&ga_vid=565048288.1645341808&ga_sid=1645341813&ga_hid=1560101950&ga_fc=true&fws=256&ohw=0&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021401.js?31065011
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
63eea4b56b4c73ec90a4a637240916d97f73c1d0d051666f1233566586302bcd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:33 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11556
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.staradvertiser.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 729F 		13 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022021401&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021401.js?31065011
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d40aaf285f56db2f3b92e687c475d91b45d05a3f0ee10a59ffc428449d2cbe9c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 20 Feb 2022 07:23:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9915
x-xss-protection
0
container.html
ad5918b77947989cf665778909eed784.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame F4EA 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad5918b77947989cf665778909eed784.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021401.js?31065011
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Sun, 20 Feb 2022 07:23:33 GMT
expires
Mon, 20 Feb 2023 07:23:33 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
RTAFWjK1oaY5MR175eart5uncqyuFBD5-f7_3Cl3Idw.js
pagead2.googlesyndication.com/bg/ Frame 61A7 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/RTAFWjK1oaY5MR175eart5uncqyuFBD5-f7_3Cl3Idw.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4530055a32b5a1a639311d7be5e6abb79ba772acae1410f9f9feffdc297721dc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 05:14:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
7767
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13529
x-xss-protection
0
last-modified
Mon, 14 Feb 2022 11:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 20 Feb 2023 05:14:06 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 729F 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021401.js?31065011
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 20 Feb 2022 07:23:33 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame E858 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss5BlbnHTKX-llOzOO1LwqnCniljWSlwq2xyWBgv4QUGr_pZ9KG0kr3cmco97LfmSZaAehEmVEELa5g7KnRp5sqPVx0Ecx8knJC1WK7VOhAsr60yRxLNwvoEtUZ_QOW4ktKwxvmwPpVblTk&sai=AMfl-YRs0ZUNNBoYZOtxgiPdPILLFFDr4c6G82S8f0EffoPx-3nngj0JQHZ8OMOsjFVd4DpJ9uoU2l7RzgmRVlgk7wb9sJ9YV7RF7tE5OwNPrFaDr2EzegUBBwJ6fWk&sig=Cg0ArKJSzNXnHCSLxBFEEAE&cid=CAASPeRogHcOlwhmGjZi8-CljGig6yAVRM-uM5pf34SK72-76pQC4sqivYqoamFNyZ-NcW9H0k0jfTgo9aphcWs&id=ampim&o=1161,493&d=300,250&ss=1600,1200&bs=1600,1200&mcvt=1001&mtos=0,0,1001,1001,1001&tos=0,0,1001,0,0&tfs=811&tls=1812&g=100&h=100&tt=1812&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&adk=713581990
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 20 Feb 2022 07:23:33 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame E1FF 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5046
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Sun, 20 Feb 2022 05:39:45 GMT
expires
Mon, 20 Feb 2023 05:39:45 GMT
cache-control
public, max-age=31536000
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
content-type
text/html
age
6228
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 0A67 		783 B
533 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
7368ecfb35893620cf152cf61b9e3f06bcbafd7a2e645846177b1bff1554bcc2
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-piNXsIinEYIcEzHNO4Qbbg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Sun, 20 Feb 2022 07:23:33 GMT
date
Sun, 20 Feb 2022 07:23:33 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-piNXsIinEYIcEzHNO4Qbbg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
511
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
RTAFWjK1oaY5MR175eart5uncqyuFBD5-f7_3Cl3Idw.js
pagead2.googlesyndication.com/bg/ Frame E1FF 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/RTAFWjK1oaY5MR175eart5uncqyuFBD5-f7_3Cl3Idw.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4530055a32b5a1a639311d7be5e6abb79ba772acae1410f9f9feffdc297721dc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 05:14:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
7767
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13529
x-xss-protection
0
last-modified
Mon, 14 Feb 2022 11:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 20 Feb 2023 05:14:06 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 0A67 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022021401&jk=3064777730462492&rc=null
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers
ping.gif
prd.jwpltx.com/v1/jwplayer6/ 		0
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prd.jwpltx.com/v1/jwplayer6/ping.gif?h=1457699638&e=e&n=1087755270233122&aid=53T65BNiEei3kAY3v_uBow&amp=0&at=1&c=-1&ccp=0&cp=0&d=0&eb=1&ed=9&emi=awi57q9t8u8t&i=0&id=xS1UI2RY&lid=1baieg6z7s70&lsa=set&mt=1&pbd=1&pbr=1&pgi=114w1i3q9bmx&ph=1&pid=ZoPFXSjg&pii=0&pl=0&plc=7&pli=17bc8chgwn27&pp=hlsjs&ppm=VOD&prc=1&ps=4&pss=1&pt=Hawaii%20News%20%7C%20Honolulu%20Star-Advertiser&pu=https%3A%2F%2Fwww.staradvertiser.com%2F&pv=8.24.3&pyc=0&s=0&sdk=0&stc=1&stpe=0&t=DOH%20P%26V%20Promo%202%20-%20Young%20People&tv=3.38.0&vb=0&vi=0&vl=90&wd=0&ab=0&cae=0&cb=0&cdid=partners-video-ads&cme=0&dd=0&flc=0&fv=&ga=1&lng=en-US&mk=hls&mu=https%3A%2F%2Fcdn.jwplayer.com%2Fmanifests%2FxS1UI2RY.m3u8&pbc=0&pd=1&pdr=&plng=en-US&plt=2000&pni=0&po=0&pogt=Hawaii%20News%20%7C%20Honolulu%20Star-Advertiser&sp=0&st=760&sa=1645341808469
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:33 GMT
via
1.1 varnish
server
nginx
accept-ranges
bytes
x-served-by
cache-mxp6932-MXP
x-cache
MISS
x-cache-hits
0
container.html
ad5918b77947989cf665778909eed784.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 3D39 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad5918b77947989cf665778909eed784.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gptprebidnative/202202161834/wrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Sun, 20 Feb 2022 07:23:33 GMT
expires
Mon, 20 Feb 2023 07:23:33 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
content-type
text/html
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
adview
securepubads.g.doubleclick.net/pagead/ Frame 3D39 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CwkzVdewRYqeBE9fr3wPV2YpIkOGBhFy2qMKK8ALAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItMjY5NzY3OTUxODUxNTg4NqABwq7o3QPIAQmpAp0pDB5p_rI-4AIAqAMBqgSbAk_QJ_dmV3k6IS9mdjaV7dnQPGpVKvhJFWdLAIjKqDPEruad0NgVjBfA9n1z83LkrXNNB4E7VvjrD-Q8h09LzzlEnphiAC0Stq_28y4tzmFvxxk0Vi8F2OniD4aw1O-glwEENjxobgx0V4gbxqSJq_2x0sALmVfCpgwNL7tVSxqUGXHDgae4JN2cSKhnZwK6tlod_9oBIO6rp6x667mmr37wEqRlUWt1SN9gEUi0DQ1ENXXJEAE7JFEiKoakdweWPN0yknAGpCthICTrsitnBC4p0tqWEFvXoxVOPIXc5bN2BGF_el-vtbXBc7B73uxOtM6SavMD_BSqrm6uocY1jmEkefEfzXajN3if2rl-CVOQ_hwwLXkfEaSdE2PgBAGABoKGjrL8sNmW-gGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAYAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi0yNjk3Njc5NTE4NTE1ODg2GNTEDA&sigh=lvKFaExxjZ8&uach_m=[UACH]&cid=CAQSOwCNIrLM9_Q3DYjXIQAb2HyKiTUFkTHhUNu9juq8eZQ8ir0flN1uR2PPQc1joq6mvRADR_LRo7fQQ_6JGAE
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad5918b77947989cf665778909eed784.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers
winResponse
prod-rtb.ad4mat.net/ Frame 3D39 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prod-rtb.ad4mat.net/winResponse?a=1grxy6am9ryf9xweqnbnf9ykpnn5j7mg2mzzagtmnhaqh4vssn58fvk3t0n386zx6cd5bs275zywjzs3fmq5vrmjd8jmh8bwyf5pswx7478m17ef08591tywv8kb6rrmbqa52nayp06nm9hcg25s8fasrqdy6mrqw5v913eps8j6asgm4aqtj0b6vd3yvt6zmr6www92443ev6avv5d7n9d2h1hdmmjgjaft78kfe9tgby15nf5tk6dbkzppz16qcavph8j4ffc6050qgmr5bekt5txfngwf89d73qacch53z1e7rkt21yw8tdgk87g8bw2jtvywz7z09eva90s1mt29k62ty908tdsncfc795xy3vw6wka7v1x9d4jq2yfjk0cq2sh47yn9nhv62h6myk37szrg2&b=YhHsdQAEwKcKd_XXAAKs1Q0mQoGeMtN8q2Zm2w
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad5918b77947989cf665778909eed784.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 20 Feb 2022 07:23:33 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
image/gif
dr
as.ad4m.at/ad/ Frame E1E4 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/dr?ed=1jnx77bjsg9p9jgfxygamxf4gbkredrex34ryk8azttpx5g6vppq1mfq944m76wpeanz2156h2yjjqvrzzs1rezf126swjf9x28rnzqak6h3be4r6hcxtxafs7hbac38ztjgm5fdh2b38n6kjgeskbtrq7m1n42ehxjp3p1h5ahhw4bg8pxq4mpms8zeq9dzmn871y118syppq53v3g1pw36h87g0nd1qtecbkzc0m0jz6h5xksq7azaaqzqpcca3ws33agshfjkm7f02xa1dbhts5s6x3qnzz4pyt39m0fpaj7gmxqs32m5m405b73y2yb526p5n7fya96cmqvn3c7ts285sf7cht8msvgmcx4pmtfpf83avammeg7dpbvt5v13cbvch5jdrq5kw236n94gvnsn4a4p6vp6q0jmw1c4vsn546sg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC55sidewRYqeBE9fr3wPV2YpIkOGBhFy2qMKK8ALAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItMjY5NzY3OTUxODUxNTg4NqABwq7o3QPIAQmpAp0pDB5p_rI-4AIAqAMBqgSeAk_QJ_dmV3k6IS9mdjaV7dnQPGpVKvhJFWdLAIjKqDPEruad0NgVjBfA9n1z83LkrXNNB4E7VvjrD-Q8h09LzzlEnphiAC0Stq_28y4tzmFvxxk0Vi8F2OniD4aw1O-glwEENjxobgx0V4gbxqSJq_2x0sALmVfCpgwNL7tVSxqUGXHDgae4JN2cSKhnZwK6tlod_9oBIO6rp6x667mmr37wEqRlUWt1SN9gEUi0DQ1ENXXJEAE7JFEiKoakdweWPN0yknAGpCthICTrsitnBC4p0tqWEFvXoxVOPIXc5bN2BGF_el-vtbXBc7B73uxOtM6SavMDvhaLPLlXJob9CSmyo7iNP0-3PdWV9KGjiZHZbOSkM1UHxHgCU6v0Y2zgBAGABoKGjrL8sNmW-gGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_17ZBsO6KkLD31sZCLcM7Ts6926_w%26client%3Dca-pub-2697679518515886%26adurl%3D
Requested by
Host: ad5918b77947989cf665778909eed784.safeframe.googlesyndication.com
URL: https://ad5918b77947989cf665778909eed784.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c2d15c7ca224a1d634d6b02f290a6705bd9f62902a89b377f98325465c4c249e
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ad5918b77947989cf665778909eed784.safeframe.googlesyndication.com/

Response headers

date
Sun, 20 Feb 2022 07:23:33 GMT
content-type
text/html; charset=utf-8
strict-transport-security
max-age=86400; includeSubDomains; preload
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options
noopen
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection
1; mode=block
cross-origin-embedder-policy
unsafe-none
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy
same-origin
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires
0
surrogate-control
no-store
pragma
no-cache
cross-origin-opener-policy
unsafe-none
via
1.1 google
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6e05fd7ebb070f82-MXP
content-encoding
br
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220216/r20110914/client/ Frame 3D39 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220216/r20110914/client/window_focus_fy2019.js
Requested by
Host: ad5918b77947989cf665778909eed784.safeframe.googlesyndication.com
URL: https://ad5918b77947989cf665778909eed784.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad5918b77947989cf665778909eed784.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:00:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1373
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1233
x-xss-protection
0
server
cafe
etag
16517525077337815633
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 06 Mar 2022 07:00:40 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 9F6E 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: ad5918b77947989cf665778909eed784.safeframe.googlesyndication.com
URL: https://ad5918b77947989cf665778909eed784.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ad5918b77947989cf665778909eed784.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
date
Sat, 19 Feb 2022 13:26:12 GMT
expires
Sun, 20 Feb 2022 13:26:12 GMT
cache-control
public, max-age=86400
age
64641
etag
48472445140208031
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 3D39 		124 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: ad5918b77947989cf665778909eed784.safeframe.googlesyndication.com
URL: https://ad5918b77947989cf665778909eed784.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5b9794842e89dcec3790d21b95acce36c08673d4162e745dc440e6766534ed53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad5918b77947989cf665778909eed784.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38723
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1645015031201889"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 20 Feb 2022 07:23:33 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220216/r20110914/client/ Frame 3D39 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220216/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: ad5918b77947989cf665778909eed784.safeframe.googlesyndication.com
URL: https://ad5918b77947989cf665778909eed784.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
78ea6d7806beda2d76bb7d9abb14b034ad476a897376c270aefcf40a2f49316c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad5918b77947989cf665778909eed784.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:05:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1113
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6438
x-xss-protection
0
server
cafe
etag
12093742715590823996
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 06 Mar 2022 07:05:00 GMT
l
www.google.com/ads/measurement/ Frame 3D39 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTGETJX73yEI8nO3Zai7UmLDsxU1YM_whEP1Goba_6RIF79iCfwh7jKVLU6gOy8VAOQl99AE2B-paLBoADsDQVlceEETA
Requested by
Host: ad5918b77947989cf665778909eed784.safeframe.googlesyndication.com
URL: https://ad5918b77947989cf665778909eed784.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad5918b77947989cf665778909eed784.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 3D39 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: ad5918b77947989cf665778909eed784.safeframe.googlesyndication.com
URL: https://ad5918b77947989cf665778909eed784.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad5918b77947989cf665778909eed784.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 19:07:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
389793
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 15 Feb 2023 19:07:00 GMT
pixel
protected-by.clarium.io/ Frame 3D39 		68 B
345 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://protected-by.clarium.io/pixel?tag=wt_RnNlZXpfLW5EeVdRWElKc2Jub0trS1RIWEM0LzI4OTYyMTcyNDA6NzI4eDkw&v=5&s=v31fsb07ap8&id=eyJkZnAiOnsiYWQiOjQ5NzM3Mzc2LCJjIjpudWxsLCJsIjowLCJvIjoyODk2MjE3MjQwLCJBIjoiLzI1MDcyNDYsNTEzNjc4NS9zdGFyYWR2ZXJ0aXNlci5jb21fV2ViXzcyOHg5MF8xIiwieSI6MCwiY28iOjAsInMiOiJkaXYtaW5zdGljYXRvci1hZC00In19&sb=undefined&cb=5631200&h=www.staradvertiser.com&d=eyJ3aCI6IlJuTmxaWHBmTFc1RWVWZFJXRWxLYzJKdWIwdHJTMVJJV0VNMEx6STRPVFl5TVRjeU5EQTZOekk0ZURrdyIsIndkIjp7Im8iOjI4OTYyMTcyNDAsInciOiI3MjgiLCJoIjoiOTAifSwid3IiOjJ9
Requested by
Host: ad5918b77947989cf665778909eed784.safeframe.googlesyndication.com
URL: https://ad5918b77947989cf665778909eed784.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.192.208.234 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-192-208-234.eu-central-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad5918b77947989cf665778909eed784.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 20 Feb 2022 07:23:33 GMT
Server
nginx/1.14.0 (Ubuntu)
Content-Type
image/png
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
68
Expires
Sat, 26 Jul 1997 05:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 61A7 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BkY-5dewRYpPSAuO4lQelybPQDQAAAAA4AeAEAg&bg=!xcalxoLNAAbf-5Dq3_s7ACkAdvg8WovuE6hLzjQau-1TblvYwMg-M2SSkdgV1sEYs9yIKO4hs3WCZwIAAADIUgAAAAFoAQeZAuNwIUIV-IuqoZdsPUDO1Yvr8FNJR4PsQUYSeslxbmpn0yoeRm-nmDufl6QaHNmOwjF53nOhP8qgtGA98VcURvr1g4XsVtLeWEIC575Ly_osvSvxW6wvP31CHHFMBvaIraCTfDmATRXa5XfPnkUOSBShh5CuN4kdN-ldneZ9U2fOn6VZ_O2XX05CqQtkYA4XDw-gza6TwSPRml_uQ8IAAACjc48O8JX0T28OS7_ifljNfR8AS95WpM3Ckw8-FQuNNpmc7EHmQvT7H8s575VD73ljEiNVA1SBu3f9YF5DfzsIWrdLYYe1Kffoo2cFAaE9Jyf50RJvl95wanj1YKSiwlTaehs12dE7w8PPT_h5MEt1XwdrhbHfC5kx99i8-RUdH7ELaywt94H7d-Y9OJ76IoaDD_KkTL6rKGM7spstYc5To4HATvDqACEMpfIfT6F4XTe5DWd_ZyYDWKrxPPJpumQcBnaX7BlKtdxyc83fUnIMB1xP06H11jfh1eNC0BoVc6wLPLkRDn07_0Ys-MlMLmlf8OFCL-9N-b82M116_3Ipk2xycgksGxMkpubN4z8LBv-MY80llR1CsU1dAzZm3i2CpegN6BqofxR5jwM_txDxTz0rx2-AqHP2qscJyryRtB1EA6AYMoqUQpLQBLVgbOyPRZBMGAcMBrk2vjaM-6WtSSn8jb6BbnihoFKRwSZjBGFKFC9qTz-bJ-2UCcXQabqMVJ2IaB8Av005S3ksM7k_KM1pmd5ckqjGwSEPIfwmVgZglvpYGN7BSh65ilRh-CrXdwg-3Eq_-y6NCCJpNI7d29UehLrInfwf4EVVJJeQVRAu7rS0EkQzU-tKTZvYOVNRcP4i66cDA3dUlokX_HVIQMuJFiIPyI_NGQiHiOpwHrQFfsSIcOZW3CV2YXF6S8tk78UGauBdx90umV2q-bcNWc2Kj9pFKGCCQkAyo5or3cai_QKRDvRGRV2vM1m3WuOAxEKz
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 20 Feb 2022 07:23:33 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
generate_204
tpc.googlesyndication.com/ Frame E1FF 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?WDDnsg
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:33 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
default.css
as.ad4m.at/ad/style/0.1.18/one-ad/ Frame E1E4 		81 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.18/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1jnx77bjsg9p9jgfxygamxf4gbkredrex34ryk8azttpx5g6vppq1mfq944m76wpeanz2156h2yjjqvrzzs1rezf126swjf9x28rnzqak6h3be4r6hcxtxafs7hbac38ztjgm5fdh2b38n6kjgeskbtrq7m1n42ehxjp3p1h5ahhw4bg8pxq4mpms8zeq9dzmn871y118syppq53v3g1pw36h87g0nd1qtecbkzc0m0jz6h5xksq7azaaqzqpcca3ws33agshfjkm7f02xa1dbhts5s6x3qnzz4pyt39m0fpaj7gmxqs32m5m405b73y2yb526p5n7fya96cmqvn3c7ts285sf7cht8msvgmcx4pmtfpf83avammeg7dpbvt5v13cbvch5jdrq5kw236n94gvnsn4a4p6vp6q0jmw1c4vsn546sg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC55sidewRYqeBE9fr3wPV2YpIkOGBhFy2qMKK8ALAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItMjY5NzY3OTUxODUxNTg4NqABwq7o3QPIAQmpAp0pDB5p_rI-4AIAqAMBqgSeAk_QJ_dmV3k6IS9mdjaV7dnQPGpVKvhJFWdLAIjKqDPEruad0NgVjBfA9n1z83LkrXNNB4E7VvjrD-Q8h09LzzlEnphiAC0Stq_28y4tzmFvxxk0Vi8F2OniD4aw1O-glwEENjxobgx0V4gbxqSJq_2x0sALmVfCpgwNL7tVSxqUGXHDgae4JN2cSKhnZwK6tlod_9oBIO6rp6x667mmr37wEqRlUWt1SN9gEUi0DQ1ENXXJEAE7JFEiKoakdweWPN0yknAGpCthICTrsitnBC4p0tqWEFvXoxVOPIXc5bN2BGF_el-vtbXBc7B73uxOtM6SavMDvhaLPLlXJob9CSmyo7iNP0-3PdWV9KGjiZHZbOSkM1UHxHgCU6v0Y2zgBAGABoKGjrL8sNmW-gGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_17ZBsO6KkLD31sZCLcM7Ts6926_w%26client%3Dca-pub-2697679518515886%26adurl%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0442de55e3838ce2b8cfca9a7ad2a6bcecfd94844453c13b38d7a9f1d31944b9
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/dr?ed=1jnx77bjsg9p9jgfxygamxf4gbkredrex34ryk8azttpx5g6vppq1mfq944m76wpeanz2156h2yjjqvrzzs1rezf126swjf9x28rnzqak6h3be4r6hcxtxafs7hbac38ztjgm5fdh2b38n6kjgeskbtrq7m1n42ehxjp3p1h5ahhw4bg8pxq4mpms8zeq9dzmn871y118syppq53v3g1pw36h87g0nd1qtecbkzc0m0jz6h5xksq7azaaqzqpcca3ws33agshfjkm7f02xa1dbhts5s6x3qnzz4pyt39m0fpaj7gmxqs32m5m405b73y2yb526p5n7fya96cmqvn3c7ts285sf7cht8msvgmcx4pmtfpf83avammeg7dpbvt5v13cbvch5jdrq5kw236n94gvnsn4a4p6vp6q0jmw1c4vsn546sg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC55sidewRYqeBE9fr3wPV2YpIkOGBhFy2qMKK8ALAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItMjY5NzY3OTUxODUxNTg4NqABwq7o3QPIAQmpAp0pDB5p_rI-4AIAqAMBqgSeAk_QJ_dmV3k6IS9mdjaV7dnQPGpVKvhJFWdLAIjKqDPEruad0NgVjBfA9n1z83LkrXNNB4E7VvjrD-Q8h09LzzlEnphiAC0Stq_28y4tzmFvxxk0Vi8F2OniD4aw1O-glwEENjxobgx0V4gbxqSJq_2x0sALmVfCpgwNL7tVSxqUGXHDgae4JN2cSKhnZwK6tlod_9oBIO6rp6x667mmr37wEqRlUWt1SN9gEUi0DQ1ENXXJEAE7JFEiKoakdweWPN0yknAGpCthICTrsitnBC4p0tqWEFvXoxVOPIXc5bN2BGF_el-vtbXBc7B73uxOtM6SavMDvhaLPLlXJob9CSmyo7iNP0-3PdWV9KGjiZHZbOSkM1UHxHgCU6v0Y2zgBAGABoKGjrL8sNmW-gGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_17ZBsO6KkLD31sZCLcM7Ts6926_w%26client%3Dca-pub-2697679518515886%26adurl%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:33 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age
917906
cross-origin-embedder-policy
unsafe-none
cf-polished
origSize=83581
surrogate-control
no-store
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=86400; includeSubDomains; preload
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
same-origin
expires
0
last-modified
Wed, 09 Feb 2022 16:25:07 GMT
server
cloudflare
cross-origin-opener-policy
unsafe-none
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options
noopen
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type
text/css; charset=utf-8
vary
Accept-Encoding
cache-control
max-age=3600, must-revalidate, proxy-revalidate
cf-ray
6e05fd7f5bb70f82-MXP
cf-bgj
minify
r62eglto.js
ad4m.at/ Frame E1E4 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/r62eglto.js
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1jnx77bjsg9p9jgfxygamxf4gbkredrex34ryk8azttpx5g6vppq1mfq944m76wpeanz2156h2yjjqvrzzs1rezf126swjf9x28rnzqak6h3be4r6hcxtxafs7hbac38ztjgm5fdh2b38n6kjgeskbtrq7m1n42ehxjp3p1h5ahhw4bg8pxq4mpms8zeq9dzmn871y118syppq53v3g1pw36h87g0nd1qtecbkzc0m0jz6h5xksq7azaaqzqpcca3ws33agshfjkm7f02xa1dbhts5s6x3qnzz4pyt39m0fpaj7gmxqs32m5m405b73y2yb526p5n7fya96cmqvn3c7ts285sf7cht8msvgmcx4pmtfpf83avammeg7dpbvt5v13cbvch5jdrq5kw236n94gvnsn4a4p6vp6q0jmw1c4vsn546sg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC55sidewRYqeBE9fr3wPV2YpIkOGBhFy2qMKK8ALAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItMjY5NzY3OTUxODUxNTg4NqABwq7o3QPIAQmpAp0pDB5p_rI-4AIAqAMBqgSeAk_QJ_dmV3k6IS9mdjaV7dnQPGpVKvhJFWdLAIjKqDPEruad0NgVjBfA9n1z83LkrXNNB4E7VvjrD-Q8h09LzzlEnphiAC0Stq_28y4tzmFvxxk0Vi8F2OniD4aw1O-glwEENjxobgx0V4gbxqSJq_2x0sALmVfCpgwNL7tVSxqUGXHDgae4JN2cSKhnZwK6tlod_9oBIO6rp6x667mmr37wEqRlUWt1SN9gEUi0DQ1ENXXJEAE7JFEiKoakdweWPN0yknAGpCthICTrsitnBC4p0tqWEFvXoxVOPIXc5bN2BGF_el-vtbXBc7B73uxOtM6SavMDvhaLPLlXJob9CSmyo7iNP0-3PdWV9KGjiZHZbOSkM1UHxHgCU6v0Y2zgBAGABoKGjrL8sNmW-gGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_17ZBsO6KkLD31sZCLcM7Ts6926_w%26client%3Dca-pub-2697679518515886%26adurl%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
533e8ab00e73a9a61f550b956a872f9091fe48b79b4072d87bdb07348af7f4bc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-goog-hash
crc32c=tEZe3A==, md5=Jdq10Kok9oEWJwphx1gWLw==
date
Sun, 20 Feb 2022 07:23:33 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
73328
x-guploader-uploadid
ADPycdtTlZwSK1bMGD4JQEha8dQcwS763YR_GQXAjnXnl2RCnFCDM45gCF-BWocTru8uS1y2F-7HId-qcu1T7AovokayCZ19hA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 26 Jan 2022 11:00:45 GMT
server
cloudflare
etag
W/"25dab5d0aa24f68116270a61c758162f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=canm05TcFtJBSEa7Bx0IYhuWeMGS81gjl0Wojh08Ls0LHQMlBWfyOPZOwQtwyc%2B1NnYhFrVxFuLJT49dL4tYnh25NXAzUoE1hBFQiNwWBzCo5hioaA%2FP%2Fpg69zFDHSpu8d5c7V8%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1643194845770575
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=300
x-goog-stored-content-length
11870
cf-ray
6e05fd7f5bb80f82-MXP
expires
Sat, 19 Feb 2022 11:01:25 GMT
truncated
/ Frame 3D39 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5e219178dd358a03f0847dccf3dc9c4f07825de5ba1b9a090aa00938480aab26

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type
image/png
current
dclk-match.dotomi.com/match/bounce/ Frame 9F6E 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEJbYHlz55RwqHHO0a_Ohg0s&google_cver=1&google_push=AYg5qPI8btkm6M27LxYVAr4Y_USrKRx8QBXmrp5oKPhIZ1W5dIxjII3g4SRcAW4S__xILrFI9bhRKFAxEkFiGp6swgrM7IXNj_fm
Requested by
Host: ad5918b77947989cf665778909eed784.safeframe.googlesyndication.com
URL: https://ad5918b77947989cf665778909eed784.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:12::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 20 Feb 2022 07:23:33 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
pixel
cm.g.doubleclick.net/ Frame 9F6E
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESELTaMp1IdrmmHm2jZD3ZPR8&google_cver=1&google_push=AYg5qPLXdp-NZNEV9lDIt9Xufkbvi33SLlmxqGcbmknf4Rx37b5f2iib6viPAxgBEPyiqQLqBF3lqCpKUsbDskc9...
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AYg5qPLXdp-NZNEV9lDIt9Xufkbvi33SLlmxqGcbmknf4Rx37b5f2iib6viPAxgBEPyiqQLqBF3lqCpKUsbDskc942ZsyFGNzMow
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AYg5qPLXdp-NZNEV9lDIt9Xufkbvi33SLlmxqGcbmknf4Rx37b5f2iib6viPAxgBEPyiqQLqBF3lqCpKUsbDskc942ZsyFGNzMow
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 20 Feb 2022 07:23:33 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Sun, 20 Feb 2022 07:23:33 GMT
Server
MT3 4133 baa842e master cdg-pixel-x7 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AYg5qPLXdp-NZNEV9lDIt9Xufkbvi33SLlmxqGcbmknf4Rx37b5f2iib6viPAxgBEPyiqQLqBF3lqCpKUsbDskc942ZsyFGNzMow
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Sun, 20 Feb 2022 07:23:32 GMT
google
match.adsrvr.org/track/cmf/ Frame 9F6E 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/google?google_gid=CAESEKLTVVd_A3parLfHBQzRslM&google_cver=1&google_push=AYg5qPJnv3bNyX7BoozpJle_8e6PXcGAnccSJs7iPKCPocTAhGXa_fTahpg_O86oiyDOLfdOvY9eY7hxt_OqIa-P_HTIz6Hz1DhQ
Requested by
Host: ad5918b77947989cf665778909eed784.safeframe.googlesyndication.com
URL: https://ad5918b77947989cf665778909eed784.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 20 Feb 2022 07:23:33 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame 9F6E
Redirect Chain
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEBAo3r0pLwdvi2Q6Lj3Uf0Y&google_cver=1&google_push=AYg5qPLlgyTPDq2tE5WmPNAIoE5m0zwAc_HwMUL974MyY6rIkblnjmcU3XlYpXApdDNRn4PhUuFGPevU6RPjHVR2...
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=y4jiZrZpTOyhA5ZBpwFvfQ2&google_push=AYg5qPLlgyTPDq2tE5WmPNAIoE5m0zwAc_HwMUL974MyY6rIkblnjmcU3XlYpXApdDNRn4PhUuFGPevU6RPjHVR2qlzh3wpwOl9J
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=y4jiZrZpTOyhA5ZBpwFvfQ2&google_push=AYg5qPLlgyTPDq2tE5WmPNAIoE5m0zwAc_HwMUL974MyY6rIkblnjmcU3XlYpXApdDNRn4PhUuFGPevU6RPjHVR2qlzh3wpwOl9J
Requested by
Host: ad5918b77947989cf665778909eed784.safeframe.googlesyndication.com
URL: https://ad5918b77947989cf665778909eed784.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 20 Feb 2022 07:23:33 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sun, 20 Feb 2022 07:23:33 GMT
via
1.1 google
x-engine-version
0.0.0
server
nginx/1.15.12
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=y4jiZrZpTOyhA5ZBpwFvfQ2&google_push=AYg5qPLlgyTPDq2tE5WmPNAIoE5m0zwAc_HwMUL974MyY6rIkblnjmcU3XlYpXApdDNRn4PhUuFGPevU6RPjHVR2qlzh3wpwOl9J
x-host
tde-deliveryengine-production-5f896b4797-zx6sj
alt-svc
clear
content-length
0
pixel
cm.g.doubleclick.net/ Frame 9F6E
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEDLz3nRevzMIKEGT9z6pKAc&google_cver=1&google_push=AYg5qPJb44ln1Qtf2XHdQEdm8gvlaEdBAM1GerP5imfMcA2EsgjAw_u8J9zcoh1942niHtRcDD9N1S13...
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEDLz3nRevzMIKEGT9z6pKAc&google_cver=1&google_push=AYg5qPJb44ln1Qtf2XHdQEdm8gvlaEdBAM1GerP5imfMcA2EsgjAw_u8J9zcoh1942niHtRcDD9...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjIxNjQ3NDc4NDE3Mzg2NDc2&google_push=AYg5qPJb44ln1Qtf2XHdQEdm8gvlaEdBAM1GerP5imfMcA2EsgjAw_u8J9zcoh1942niHtRcDD9N1S13...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjIxNjQ3NDc4NDE3Mzg2NDc2&google_push=AYg5qPJb44ln1Qtf2XHdQEdm8gvlaEdBAM1GerP5imfMcA2EsgjAw_u8J9zcoh1942niHtRcDD9N1S13Y3vjXoyD1KS8ucAeH70C
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 20 Feb 2022 07:23:33 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 20 Feb 2022 07:23:33 GMT
server
nginx
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjIxNjQ3NDc4NDE3Mzg2NDc2&google_push=AYg5qPJb44ln1Qtf2XHdQEdm8gvlaEdBAM1GerP5imfMcA2EsgjAw_u8J9zcoh1942niHtRcDD9N1S13Y3vjXoyD1KS8ucAeH70C
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
dds
rtb.openx.net/sync/ Frame 9F6E 		43 B
350 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?google_gid=CAESEAlqJ5AWt-1hzqrkZo0fzz4&google_cver=1&google_push=AYg5qPLlQD6o0RyyckbE8PMTJ_6fj6cG1zHsmex3RqC7EMwWkme46cWpPzjy7TArU6EoBsXQLS6jv98y0CEJGV-zPFeJZB7wHBQ
Requested by
Host: ad5918b77947989cf665778909eed784.safeframe.googlesyndication.com
URL: https://ad5918b77947989cf665778909eed784.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 20 Feb 2022 07:23:33 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
od0htagtnocfeiuhrke9h19f8k6hi41e
pixel
cm.g.doubleclick.net/ Frame 9F6E
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEOVONMwug-bSUVcnpg6ygbI&google_cver=1&googl...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YhHsco7XKNMGdNzVCN0FYgAABHwAAAAB&google_push=AYg5qPKJBlDrTCTC0GRoUQa0u0UXprK3dZtGqcJcJoWpw8rOGFQhMEX9xLgT6_92b3yWZCWpDzf6NDFGj167DPGk3z...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YhHsco7XKNMGdNzVCN0FYgAABHwAAAAB&google_push=AYg5qPKJBlDrTCTC0GRoUQa0u0UXprK3dZtGqcJcJoWpw8rOGFQhMEX9xLgT6_92b3yWZCWpDzf6NDFGj167DPGk3z...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YhHsco7XKNMGdNzVCN0FYgAABHwAAAAB&google_push=AYg5qPKJBlDrTCTC0GRoUQa0u0UXprK3dZtGqcJcJoWpw8rOGFQhMEX9xLgT6_92b3yWZCWpDzf6NDFGj167DPGk3z...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YhHsco7XKNMGdNzVCN0FYgAABHwAAAAB&google_push=AYg5qPKJBlDrTCTC0GRoUQa0u0UXprK3dZtGqcJcJoWpw8rOGFQhMEX9xLgT6_92b3yWZCWpDzf6NDFGj167DPGk3z...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YhHsco7XKNMGdNzVCN0FYgAABHwAAAAB&google_push=AYg5qPKJBlDrTCTC0GRoUQa0u0UXprK3dZtGqcJcJoWpw8rOGFQhMEX9xLgT6_92b3yWZCWpDzf6NDFGj167DPGk3z...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YhHsco7XKNMGdNzVCN0FYgAABHwAAAAB&google_push=AYg5qPKJBlDrTCTC0GRoUQa0u0UXprK3dZtGqcJcJoWpw8rOGFQhMEX9xLgT6_92b3yWZCWpDzf6NDFGj167DPGk3z...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YhHsco7XKNMGdNzVCN0FYgAABHwAAAAB&google_push=AYg5qPKJBlDrTCTC0GRoUQa0u0UXprK3dZtGqcJcJoWpw8rOGFQhMEX9xLgT6_92b3yWZCWpDzf6NDFGj167DPGk3z...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YhHsco7XKNMGdNzVCN0FYgAABHwAAAAB&google_push=AYg5qPKJBlDrTCTC0GRoUQa0u0UXprK3dZtGqcJcJoWpw8rOGFQhMEX9xLgT6_92b3yWZCWpDzf6NDFGj167DPGk3z...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YhHsco7XKNMGdNzVCN0FYgAABHwAAAAB&google_push=AYg5qPKJBlDrTCTC0GRoUQa0u0UXprK3dZtGqcJcJoWpw8rOGFQhMEX9xLgT6_92b3yWZCWpDzf6NDFGj167DPGk3z...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YhHsco7XKNMGdNzVCN0FYgAABHwAAAAB&google_push=AYg5qPKJBlDrTCTC0GRoUQa0u0UXprK3dZtGqcJcJoWpw8rOGFQhMEX9xLgT6_92b3yWZCWpDzf6NDFGj167DPGk3z...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YhHsco7XKNMGdNzVCN0FYgAABHwAAAAB&google_push=AYg5qPKJBlDrTCTC0GRoUQa0u0UXprK3dZtGqcJcJoWpw8rOGFQhMEX9xLgT6_92b3yWZCWpDzf6NDFGj167DPGk3z...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YhHsco7XKNMGdNzVCN0FYgAABHwAAAAB&google_push=AYg5qPKJBlDrTCTC0GRoUQa0u0UXprK3dZtGqcJcJoWpw8rOGFQhMEX9xLgT6_92b3yWZCWpDzf6NDFGj167DPGk3z...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YhHsco7XKNMGdNzVCN0FYgAABHwAAAAB&google_push=AYg5qPKJBlDrTCTC0GRoUQa0u0UXprK3dZtGqcJcJoWpw8rOGFQhMEX9xLgT6_92b3yWZCWpDzf6NDFGj167DPGk3z...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YhHsco7XKNMGdNzVCN0FYgAABHwAAAAB&google_push=AYg5qPKJBlDrTCTC0GRoUQa0u0UXprK3dZtGqcJcJoWpw8rOGFQhMEX9xLgT6_92b3yWZCWpDzf6NDFGj167DPGk3z...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YhHsco7XKNMGdNzVCN0FYgAABHwAAAAB&google_push=AYg5qPKJBlDrTCTC0GRoUQa0u0UXprK3dZtGqcJcJoWpw8rOGFQhMEX9xLgT6_92b3yWZCWpDzf6NDFGj167DPGk3z...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YhHsco7XKNMGdNzVCN0FYgAABHwAAAAB&google_push=AYg5qPKJBlDrTCTC0GRoUQa0u0UXprK3dZtGqcJcJoWpw8rOGFQhMEX9xLgT6_92b3yWZCWpDzf6NDFGj167DPGk3z...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YhHsco7XKNMGdNzVCN0FYgAABHwAAAAB&google_push=AYg5qPKJBlDrTCTC0GRoUQa0u0UXprK3dZtGqcJcJoWpw8rOGFQhMEX9xLgT6_92b3yWZCWpDzf6NDFGj167DPGk3z...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YhHsco7XKNMGdNzVCN0FYgAABHwAAAAB&google_push=AYg5qPKJBlDrTCTC0GRoUQa0u0UXprK3dZtGqcJcJoWpw8rOGFQhMEX9xLgT6_92b3yWZCWpDzf6NDFGj167DPGk3z...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YhHsco7XKNMGdNzVCN0FYgAABHwAAAAB&google_push=AYg5qPKJBlDrTCTC0GRoUQa0u0UXprK3dZtGqcJcJoWpw8rOGFQhMEX9xLgT6_92b3yWZCWpDzf6NDFGj167DPGk3z...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YhHsco7XKNMGdNzVCN0FYgAABHwAAAAB&google_push=AYg5qPKJBlDrTCTC0GRoUQa0u0UXprK3dZtGqcJcJoWpw8rOGFQhMEX9xLgT6_92b3yWZCWpDzf6NDFGj167DPGk3z...
0
0
attr
cm.g.doubleclick.net/pixel/ Frame 9F6E 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LBdmSSLSNOtKRQHbRQiqGRnBKns5BwqoP98oLZ5ixSYNkPvacnUjFF03PN04ABep1ho_Ym
Requested by
Host: ad5918b77947989cf665778909eed784.safeframe.googlesyndication.com
URL: https://ad5918b77947989cf665778909eed784.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:33 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
gen_204
pagead2.googlesyndication.com/pagead/ Frame 729F 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2022021401&jk=3064777730462492&bg=!WlmlWR3NAAbf-5Dq3_s7ACkAdvg8WqnP6NuFhe89yPM-YiPZIUiambUY_RxB2QbE4WhPFYUWKRD0lgIAAAEOUgAAAAJoAQeZAu00sKzwn2aHIa-kXGBr6K8hO6eOIpqU7n04OHKbShf4-YQV44L0KuHa6ck20b8byTNqJjwynQn5-4J0wC-LpecCGcwAQhGekZytryJBmK3Whe845ivVICec9cy5yPTO9YbWdz2Z_qy_AFqi6OLvy5wFjOpqH7UCjWjoGHJhzt6KXCsZBPI6Cmhr8EWP4pQsNaYUph7-qTO0UdeDZVM453NMhacV6rPGdgMSbbcx1kY6bHn-XiJsl9NIuyLva_os-djxXtol0sndHYy33WVhlkGsJlUL88Eh1SPrEngv8qY_QfLresDkvnqBotIU77x8_C_kGIAOxRJrheOoyifsEzaulCkisfnSLxtlOVK_ci5r7mFmKqYuJ9ft-r3ewR-u_pUGcPXKXMtBfwvkHT3HZr-2F5b-ULb-KfhuLJcErJRiDO7_qHYZiVgDZmOIKLGwqmPMQrw9mTsAstXWbrk6IrmYw13BdwfR-YI4BeMgYDlByxmUvLAFiX8xCQ11hs-khGzp-3t-xQqCyS3Ev0eIl_Lsr0GsSTo4adfsJggKkgX7kM71Ghaf-Ec-yC7z-GCngYCQ7Xx0CDX0ar7dq8YTB7P3siQPDYg3Ndd1wjaSC2GijqhF7E0a1GdOK77cQ9KEXiC5uKkq8iuNVe8ZGdRQR3Fr1gaVIMIL3VR0cH0yTTwv5nYpemsc6Is20eN0YdEFqMvOF8LTYvoug-Fqx5GEbqd5cMvQ0L_8faRmqpyeJ8Rr9Vuvb9kSpRdJW8nN3rQsScZt2ifuRLvy8_T7VuTlKYORGUewSpUKRPvIjCbwN7YSyeW6OM5WyGD6UHk-NoZpfboIFUwiHxjKMyoB3x5N79FLV2g2SceEddLt6jffoGzJQlZi4s3ARqpOAJ659twWvyCiiGDwUGfi-lLwLzAXi9qiqqbk15GP3-cGwDfxobyOwgtSV1q6kRsQ3-LE2LSoOaL554tPtzM7vlAu9_uh4l92xRYQ3j1051seL5Q_wQ
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 20 Feb 2022 07:23:33 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame E1E4 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.18/one-ad/default.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:71b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-goog-hash
crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
date
Sun, 20 Feb 2022 07:23:33 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6844127
x-guploader-uploadid
ADPycds9UegxUXswK4RzZzF6mXDfQy_y0GHXQmo_7EYAAHyEQ16keq-zOTSqb6YP04oikMtdLFTYNybr6iTpruHRyi30S7TEFw
x-goog-storage-class
STANDARD
x-goog-custom-time
1970-01-01T00:00:00Z
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3262
x-goog-meta-
last-modified
Wed, 09 Jun 2021 12:35:14 GMT
server
cloudflare
etag
"794c84d30e213ec6a144d64215f07551"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X30UpwpshChXlW2EJ5jD2cGHK%2Bvglkp7BSvtwvhCt7QkHy7hwyZl%2FzBOW9IHj5XYvkicfdGGphHace%2FuIFt42HbsXYTiA3%2B80aYzmxq5xWH158tYeD%2BgQsbfmrBC3TVb5pG%2Fmx1X5dDviup1v%2F2Qk7zy"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1623242114099744
content-type
image/png
cache-control
public, max-age=31536000, immutable
x-goog-stored-content-length
3262
accept-ranges
bytes
cf-ray
6e05fd7fcba183ac-MXP
expires
Sat, 03 Dec 2022 02:14:46 GMT
frame.html
ad4m.at/ Frame E2E1 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Sun, 20 Feb 2022 07:23:33 GMT
content-type
text/html
x-guploader-uploadid
ABg5-UzDP-_Q5h8v98b5VW6vAABBv-7Sd2Tb_7s7QJ26FBPINE08euLO0mAlQxDbiIDYlctrdb28pMZ34cWhMuFUd0w
expires
Sun, 20 Feb 2022 08:23:33 GMT
last-modified
Wed, 06 May 2020 15:09:30 GMT
x-goog-generation
1588777770164783
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
1681
content-language
en
x-goog-hash
crc32c=iTDHew== md5=c2ZaqCqAXxKd4MgeeQDU8g==
x-goog-storage-class
MULTI_REGIONAL
age
2099786
cache-control
public, max-age=3600
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
HIT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fJeGozMOQWpLs%2FF22xJE8bkVLk5M5kebLYHuH2kRLbY5S3GCAmDEWfQhLNIWCub7f01Cr%2B4p0jrABWF864RAoe6%2FaNwlo8RP%2F%2FKc7WHDI6cQuRWUh%2BU6ANdtjjXrL%2BFmUQgWp7U%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
server
cloudflare
cf-ray
6e05fd7fac140f82-MXP
content-encoding
br
rs
ad4m.at/ Frame E1E4 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
96c4020d417940dbf7a27cc94754813fd49493449bfaaac2ffdea1ec862ea0e0

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/json

Response headers

cf-ray
6e05fd803afa3745-MXP
date
Sun, 20 Feb 2022 07:23:33 GMT
via
1.1 google
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6OcG0v2l5WwYT6wPZLwrDl7fw6bJMCxKageKnq%2F%2FcQ%2FhFJdiEJCi5N63%2FFRyaAfQZWD7bmo0685U%2F%2Bi5TUlgfPU%2Fh9r%2FnKGXdLarxuFDZwTRtuHyFFOVvtIHoqbYso9cuwC7Grk%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
access-control-allow-origin
https://as.ad4m.at
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
access-control-allow-credentials
true
content-encoding
br
x-backend-server
aa-reachservice-group-europe-west1-b0tt
rs
ad4m.at/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://as.ad4m.at
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Sun, 20 Feb 2022 07:23:33 GMT
content-type
text/plain
content-length
24
access-control-allow-origin
https://as.ad4m.at
access-control-allow-credentials
true
access-control-max-age
1800
access-control-allow-methods
GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-headers
content-type
allow
HEAD,POST,GET,OPTIONS
x-backend-server
aa-reachservice-group-europe-west1-b0tt
via
1.1 google
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LRyBJ%2Fe%2BBo%2F1q48gewoGh2l31jC5UTsovqxJC5OHGS1t%2Bj7qggztDvFuUEEKDClGGWLgmBJRc4x4XD6VRiU09J6zALF88UdveAgaeY%2F7rMJTnYjHmTWvzq8lN2LQw2WsGl2wg5I%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6e05fd7fea813745-MXP
rar
as.ad4m.at/ad/ Frame 82BF 		7 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/rar?a=23576%2C167497%2C24673&b=YX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2Cj83uEfZeSqx2KSYHEH2t6tRRJUKTzTxJc9%2CEbGSDfqQSmEDszHAHjt4t48eTqTVT1dc7&f=qDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2CxDwUQfgPSEApdaPHdHztDCRRBUJT6T8ZsA%2CApEhYf9muK2PaAHRH4tMCMA2T7T4T1Ec9&c=728&d=90&e=Zpz8aSoukkW_pyH7AsfO1rcmHMpMAN9i&g=d4383d9a29e6a1a875e6df6bbbde8ebf%2F7468970434274980616&i=20774%2C20773%2C20430&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1645341813823&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jsy4b2r5ve6a337vg5c9fkkxgnq2htmmnztk82x3svyaah64pfcmkt5mc26ctw6a290jjka5wp8xj0cjq7w1cqbgrpgqjpn993w0py2ybj6k6r5faq6qwbmmv82zt9cbfhem8aqym2cxv3b2m90s396502x12fq9ajqxzrj4xea5mjbeaz8n739f3w6cgsyeaj02rzz9p1x9j5d66y5q462fj2g14hkamp3rd1yjnnwy8tf3xd00qm9q0e2r002y60a3xehmf9t3n813rgg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC55sidewRYqeBE9fr3wPV2YpIkOGBhFy2qMKK8ALAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItMjY5NzY3OTUxODUxNTg4NqABwq7o3QPIAQmpAp0pDB5p_rI-4AIAqAMBqgSeAk_QJ_dmV3k6IS9mdjaV7dnQPGpVKvhJFWdLAIjKqDPEruad0NgVjBfA9n1z83LkrXNNB4E7VvjrD-Q8h09LzzlEnphiAC0Stq_28y4tzmFvxxk0Vi8F2OniD4aw1O-glwEENjxobgx0V4gbxqSJq_2x0sALmVfCpgwNL7tVSxqUGXHDgae4JN2cSKhnZwK6tlod_9oBIO6rp6x667mmr37wEqRlUWt1SN9gEUi0DQ1ENXXJEAE7JFEiKoakdweWPN0yknAGpCthICTrsitnBC4p0tqWEFvXoxVOPIXc5bN2BGF_el-vtbXBc7B73uxOtM6SavMDvhaLPLlXJob9CSmyo7iNP0-3PdWV9KGjiZHZbOSkM1UHxHgCU6v0Y2zgBAGABoKGjrL8sNmW-gGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_17ZBsO6KkLD31sZCLcM7Ts6926_w%252526client%25253Dca-pub-2697679518515886%252526adurl%25253D&y=1&z=0
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
de14c0cd6ecbc935c54ad144fa3f668a09ff12e8c9457743a42d3d07e0970587
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/dr?ed=1jnx77bjsg9p9jgfxygamxf4gbkredrex34ryk8azttpx5g6vppq1mfq944m76wpeanz2156h2yjjqvrzzs1rezf126swjf9x28rnzqak6h3be4r6hcxtxafs7hbac38ztjgm5fdh2b38n6kjgeskbtrq7m1n42ehxjp3p1h5ahhw4bg8pxq4mpms8zeq9dzmn871y118syppq53v3g1pw36h87g0nd1qtecbkzc0m0jz6h5xksq7azaaqzqpcca3ws33agshfjkm7f02xa1dbhts5s6x3qnzz4pyt39m0fpaj7gmxqs32m5m405b73y2yb526p5n7fya96cmqvn3c7ts285sf7cht8msvgmcx4pmtfpf83avammeg7dpbvt5v13cbvch5jdrq5kw236n94gvnsn4a4p6vp6q0jmw1c4vsn546sg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC55sidewRYqeBE9fr3wPV2YpIkOGBhFy2qMKK8ALAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItMjY5NzY3OTUxODUxNTg4NqABwq7o3QPIAQmpAp0pDB5p_rI-4AIAqAMBqgSeAk_QJ_dmV3k6IS9mdjaV7dnQPGpVKvhJFWdLAIjKqDPEruad0NgVjBfA9n1z83LkrXNNB4E7VvjrD-Q8h09LzzlEnphiAC0Stq_28y4tzmFvxxk0Vi8F2OniD4aw1O-glwEENjxobgx0V4gbxqSJq_2x0sALmVfCpgwNL7tVSxqUGXHDgae4JN2cSKhnZwK6tlod_9oBIO6rp6x667mmr37wEqRlUWt1SN9gEUi0DQ1ENXXJEAE7JFEiKoakdweWPN0yknAGpCthICTrsitnBC4p0tqWEFvXoxVOPIXc5bN2BGF_el-vtbXBc7B73uxOtM6SavMDvhaLPLlXJob9CSmyo7iNP0-3PdWV9KGjiZHZbOSkM1UHxHgCU6v0Y2zgBAGABoKGjrL8sNmW-gGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_17ZBsO6KkLD31sZCLcM7Ts6926_w%26client%3Dca-pub-2697679518515886%26adurl%3D

Response headers

date
Sun, 20 Feb 2022 07:23:33 GMT
content-type
text/html; charset=utf-8
strict-transport-security
max-age=86400; includeSubDomains; preload
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options
noopen
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection
1; mode=block
cross-origin-embedder-policy
unsafe-none
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy
same-origin
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires
0
surrogate-control
no-store
pragma
no-cache
cross-origin-opener-policy
unsafe-none
via
1.1 google
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6e05fd809dd10f82-MXP
content-encoding
br
default.css
as.ad4m.at/ad/style/0.1.18/one-ad/ Frame 82BF 		81 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.18/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C167497%2C24673&b=YX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2Cj83uEfZeSqx2KSYHEH2t6tRRJUKTzTxJc9%2CEbGSDfqQSmEDszHAHjt4t48eTqTVT1dc7&f=qDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2CxDwUQfgPSEApdaPHdHztDCRRBUJT6T8ZsA%2CApEhYf9muK2PaAHRH4tMCMA2T7T4T1Ec9&c=728&d=90&e=Zpz8aSoukkW_pyH7AsfO1rcmHMpMAN9i&g=d4383d9a29e6a1a875e6df6bbbde8ebf%2F7468970434274980616&i=20774%2C20773%2C20430&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1645341813823&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jsy4b2r5ve6a337vg5c9fkkxgnq2htmmnztk82x3svyaah64pfcmkt5mc26ctw6a290jjka5wp8xj0cjq7w1cqbgrpgqjpn993w0py2ybj6k6r5faq6qwbmmv82zt9cbfhem8aqym2cxv3b2m90s396502x12fq9ajqxzrj4xea5mjbeaz8n739f3w6cgsyeaj02rzz9p1x9j5d66y5q462fj2g14hkamp3rd1yjnnwy8tf3xd00qm9q0e2r002y60a3xehmf9t3n813rgg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC55sidewRYqeBE9fr3wPV2YpIkOGBhFy2qMKK8ALAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItMjY5NzY3OTUxODUxNTg4NqABwq7o3QPIAQmpAp0pDB5p_rI-4AIAqAMBqgSeAk_QJ_dmV3k6IS9mdjaV7dnQPGpVKvhJFWdLAIjKqDPEruad0NgVjBfA9n1z83LkrXNNB4E7VvjrD-Q8h09LzzlEnphiAC0Stq_28y4tzmFvxxk0Vi8F2OniD4aw1O-glwEENjxobgx0V4gbxqSJq_2x0sALmVfCpgwNL7tVSxqUGXHDgae4JN2cSKhnZwK6tlod_9oBIO6rp6x667mmr37wEqRlUWt1SN9gEUi0DQ1ENXXJEAE7JFEiKoakdweWPN0yknAGpCthICTrsitnBC4p0tqWEFvXoxVOPIXc5bN2BGF_el-vtbXBc7B73uxOtM6SavMDvhaLPLlXJob9CSmyo7iNP0-3PdWV9KGjiZHZbOSkM1UHxHgCU6v0Y2zgBAGABoKGjrL8sNmW-gGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_17ZBsO6KkLD31sZCLcM7Ts6926_w%252526client%25253Dca-pub-2697679518515886%252526adurl%25253D&y=1&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0442de55e3838ce2b8cfca9a7ad2a6bcecfd94844453c13b38d7a9f1d31944b9
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/rar?a=23576%2C167497%2C24673&b=YX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2Cj83uEfZeSqx2KSYHEH2t6tRRJUKTzTxJc9%2CEbGSDfqQSmEDszHAHjt4t48eTqTVT1dc7&f=qDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2CxDwUQfgPSEApdaPHdHztDCRRBUJT6T8ZsA%2CApEhYf9muK2PaAHRH4tMCMA2T7T4T1Ec9&c=728&d=90&e=Zpz8aSoukkW_pyH7AsfO1rcmHMpMAN9i&g=d4383d9a29e6a1a875e6df6bbbde8ebf%2F7468970434274980616&i=20774%2C20773%2C20430&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1645341813823&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jsy4b2r5ve6a337vg5c9fkkxgnq2htmmnztk82x3svyaah64pfcmkt5mc26ctw6a290jjka5wp8xj0cjq7w1cqbgrpgqjpn993w0py2ybj6k6r5faq6qwbmmv82zt9cbfhem8aqym2cxv3b2m90s396502x12fq9ajqxzrj4xea5mjbeaz8n739f3w6cgsyeaj02rzz9p1x9j5d66y5q462fj2g14hkamp3rd1yjnnwy8tf3xd00qm9q0e2r002y60a3xehmf9t3n813rgg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC55sidewRYqeBE9fr3wPV2YpIkOGBhFy2qMKK8ALAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItMjY5NzY3OTUxODUxNTg4NqABwq7o3QPIAQmpAp0pDB5p_rI-4AIAqAMBqgSeAk_QJ_dmV3k6IS9mdjaV7dnQPGpVKvhJFWdLAIjKqDPEruad0NgVjBfA9n1z83LkrXNNB4E7VvjrD-Q8h09LzzlEnphiAC0Stq_28y4tzmFvxxk0Vi8F2OniD4aw1O-glwEENjxobgx0V4gbxqSJq_2x0sALmVfCpgwNL7tVSxqUGXHDgae4JN2cSKhnZwK6tlod_9oBIO6rp6x667mmr37wEqRlUWt1SN9gEUi0DQ1ENXXJEAE7JFEiKoakdweWPN0yknAGpCthICTrsitnBC4p0tqWEFvXoxVOPIXc5bN2BGF_el-vtbXBc7B73uxOtM6SavMDvhaLPLlXJob9CSmyo7iNP0-3PdWV9KGjiZHZbOSkM1UHxHgCU6v0Y2zgBAGABoKGjrL8sNmW-gGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_17ZBsO6KkLD31sZCLcM7Ts6926_w%252526client%25253Dca-pub-2697679518515886%252526adurl%25253D&y=1&z=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:33 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age
917906
cross-origin-embedder-policy
unsafe-none
cf-polished
origSize=83581
surrogate-control
no-store
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=86400; includeSubDomains; preload
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
same-origin
expires
0
last-modified
Wed, 09 Feb 2022 16:25:07 GMT
server
cloudflare
cross-origin-opener-policy
unsafe-none
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options
noopen
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type
text/css; charset=utf-8
vary
Accept-Encoding
cache-control
max-age=3600, must-revalidate, proxy-revalidate
cf-ray
6e05fd80fe750f82-MXP
cf-bgj
minify
D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
assets.ad4m.at/logo/ Frame 82BF 		53 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C167497%2C24673&b=YX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2Cj83uEfZeSqx2KSYHEH2t6tRRJUKTzTxJc9%2CEbGSDfqQSmEDszHAHjt4t48eTqTVT1dc7&f=qDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2CxDwUQfgPSEApdaPHdHztDCRRBUJT6T8ZsA%2CApEhYf9muK2PaAHRH4tMCMA2T7T4T1Ec9&c=728&d=90&e=Zpz8aSoukkW_pyH7AsfO1rcmHMpMAN9i&g=d4383d9a29e6a1a875e6df6bbbde8ebf%2F7468970434274980616&i=20774%2C20773%2C20430&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1645341813823&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jsy4b2r5ve6a337vg5c9fkkxgnq2htmmnztk82x3svyaah64pfcmkt5mc26ctw6a290jjka5wp8xj0cjq7w1cqbgrpgqjpn993w0py2ybj6k6r5faq6qwbmmv82zt9cbfhem8aqym2cxv3b2m90s396502x12fq9ajqxzrj4xea5mjbeaz8n739f3w6cgsyeaj02rzz9p1x9j5d66y5q462fj2g14hkamp3rd1yjnnwy8tf3xd00qm9q0e2r002y60a3xehmf9t3n813rgg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC55sidewRYqeBE9fr3wPV2YpIkOGBhFy2qMKK8ALAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItMjY5NzY3OTUxODUxNTg4NqABwq7o3QPIAQmpAp0pDB5p_rI-4AIAqAMBqgSeAk_QJ_dmV3k6IS9mdjaV7dnQPGpVKvhJFWdLAIjKqDPEruad0NgVjBfA9n1z83LkrXNNB4E7VvjrD-Q8h09LzzlEnphiAC0Stq_28y4tzmFvxxk0Vi8F2OniD4aw1O-glwEENjxobgx0V4gbxqSJq_2x0sALmVfCpgwNL7tVSxqUGXHDgae4JN2cSKhnZwK6tlod_9oBIO6rp6x667mmr37wEqRlUWt1SN9gEUi0DQ1ENXXJEAE7JFEiKoakdweWPN0yknAGpCthICTrsitnBC4p0tqWEFvXoxVOPIXc5bN2BGF_el-vtbXBc7B73uxOtM6SavMDvhaLPLlXJob9CSmyo7iNP0-3PdWV9KGjiZHZbOSkM1UHxHgCU6v0Y2zgBAGABoKGjrL8sNmW-gGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_17ZBsO6KkLD31sZCLcM7Ts6926_w%252526client%25253Dca-pub-2697679518515886%252526adurl%25253D&y=1&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7cdf71044448cb736733f5163fff96081d51ba4101567d61d22ee5998a7a399

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-goog-hash
crc32c=V11ayA==, md5=Cid9We/KA2mmmDZF4nNlng==
date
Sun, 20 Feb 2022 07:23:33 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
217301
cf-polished
origFmt=png, origSize=115129
x-guploader-uploadid
ADPycdsdK_jD6uSWe4zK9Onjh4fV5rs8wXhIyrcPBOQBelH7L1gmCDsUICGiZLhl4eL2lb2ClZJKx2tRhKI6QQfwhPa-hBSEKw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
54564
last-modified
Tue, 09 Feb 2021 15:11:24 GMT
server
cloudflare
etag
"0a277d59efca0369a6983645e273659e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=53cwhdGgaJJNjTgCSXEsx1pLkMvkh%2FhN0MNwi1ToljBrE9Demkn3UbOg1fsvrgj3urDlgXKLa1rPwpooW7gmaFTYzILqPDMigL3n9i1CkTTL3hd6EWxq8e5%2Fm1LGwQibuPdj98mlHr964NRN"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1612883484779402
content-type
image/webp
expires
Mon, 21 Feb 2022 07:23:33 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
115129
accept-ranges
bytes
cf-ray
6e05fd80fe760f82-MXP
cf-bgj
imgq:85,h2pri
F62A1DE9558535D0FF655677BD09A3CC277ACE3637CF682E0D52C0F5BBA2668E34C6194AEF65CBBC1F6ECA33D1332A3C8BE1215EA4AB0FD0FBE5F5B485AF1875
assets.ad4m.at/product_image/ Frame 82BF 		23 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/F62A1DE9558535D0FF655677BD09A3CC277ACE3637CF682E0D52C0F5BBA2668E34C6194AEF65CBBC1F6ECA33D1332A3C8BE1215EA4AB0FD0FBE5F5B485AF1875
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C167497%2C24673&b=YX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2Cj83uEfZeSqx2KSYHEH2t6tRRJUKTzTxJc9%2CEbGSDfqQSmEDszHAHjt4t48eTqTVT1dc7&f=qDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2CxDwUQfgPSEApdaPHdHztDCRRBUJT6T8ZsA%2CApEhYf9muK2PaAHRH4tMCMA2T7T4T1Ec9&c=728&d=90&e=Zpz8aSoukkW_pyH7AsfO1rcmHMpMAN9i&g=d4383d9a29e6a1a875e6df6bbbde8ebf%2F7468970434274980616&i=20774%2C20773%2C20430&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1645341813823&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jsy4b2r5ve6a337vg5c9fkkxgnq2htmmnztk82x3svyaah64pfcmkt5mc26ctw6a290jjka5wp8xj0cjq7w1cqbgrpgqjpn993w0py2ybj6k6r5faq6qwbmmv82zt9cbfhem8aqym2cxv3b2m90s396502x12fq9ajqxzrj4xea5mjbeaz8n739f3w6cgsyeaj02rzz9p1x9j5d66y5q462fj2g14hkamp3rd1yjnnwy8tf3xd00qm9q0e2r002y60a3xehmf9t3n813rgg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC55sidewRYqeBE9fr3wPV2YpIkOGBhFy2qMKK8ALAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItMjY5NzY3OTUxODUxNTg4NqABwq7o3QPIAQmpAp0pDB5p_rI-4AIAqAMBqgSeAk_QJ_dmV3k6IS9mdjaV7dnQPGpVKvhJFWdLAIjKqDPEruad0NgVjBfA9n1z83LkrXNNB4E7VvjrD-Q8h09LzzlEnphiAC0Stq_28y4tzmFvxxk0Vi8F2OniD4aw1O-glwEENjxobgx0V4gbxqSJq_2x0sALmVfCpgwNL7tVSxqUGXHDgae4JN2cSKhnZwK6tlod_9oBIO6rp6x667mmr37wEqRlUWt1SN9gEUi0DQ1ENXXJEAE7JFEiKoakdweWPN0yknAGpCthICTrsitnBC4p0tqWEFvXoxVOPIXc5bN2BGF_el-vtbXBc7B73uxOtM6SavMDvhaLPLlXJob9CSmyo7iNP0-3PdWV9KGjiZHZbOSkM1UHxHgCU6v0Y2zgBAGABoKGjrL8sNmW-gGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_17ZBsO6KkLD31sZCLcM7Ts6926_w%252526client%25253Dca-pub-2697679518515886%252526adurl%25253D&y=1&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
39ae6b1a1ba72fc9d48b1848e9bc88f4b9da10688232ccca39d85b878db7af32

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-goog-hash
crc32c=I4uEDQ==, md5=w0ixd5U6xXIINsBOGiFnPQ==
date
Sun, 20 Feb 2022 07:23:33 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
527285
cf-polished
qual=85, origFmt=jpeg, origSize=132437
x-guploader-uploadid
ADPycduY2sv1Gako2ORwnKYmEoS3fi-IgcHRk_EUz_ZzyxqSnC3k16ZBNpx7yb85RCDhmSSxxO5SshyQ71HDDtU5jzo
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
23154
last-modified
Thu, 09 Dec 2021 17:51:23 GMT
server
cloudflare
etag
"c348b177953ac5720836c04e1a21673d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tMR8Rz5Af%2FgtUCckRx%2BiHv2stJUnVyJu7jkTql53GY%2FXAzOWEh%2FEbJO8ozsQIiI6VY5vOlEgYty221TH48setwRIIUJsWZlvuUgt5llvdx1KGJcCPZIaexkIlGf2pDDwoLAFqR6aoSLOw%2F99"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1639072283176296
content-type
image/webp
expires
Mon, 21 Feb 2022 07:23:33 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
132437
accept-ranges
bytes
cf-ray
6e05fd80fe780f82-MXP
cf-bgj
imgq:85,h2pri
/
partner.o2online.de/a/ Frame 82BF
Redirect Chain
  • https://www.telefonica-partner.de/tpv.php?t=120211V1226132702M&subid=oneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__asuidZpz8aSoukkW_pyH7AsfO1rcmHMpMAN9iasuid__suite_Netmix_Reach13_BlackFridayPush&gd...
  • https://www.lead-alliance.net/tpv.php?t=120211V1226132702M&subid=oneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__asuidZpz8aSoukkW_pyH7AsfO1rcmHMpMAN9iasuid__suite_Netmix_Reach13_BlackFridayPush&gdpr_c...
  • https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=120211&s_id=2022022008233364228447533X120211V1226132702MSoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__asuidZpz8aSo...
49 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=120211&s_id=2022022008233364228447533X120211V1226132702MSoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__asuidZpz8aSoukkW_pyH7AsfO1rcmHMpMAN9iasuid__suite_Netmix_Reach13_BlackFridayPush&spid=2022022008233364228447533X120211V1226132702MSoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__asuidZpz8aSoukkW_pyH7AsfO1rcmHMpMAN9iasuid__suite_Netmix_Reach13_BlackFridayPush&wfid=120211
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C167497%2C24673&b=YX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2Cj83uEfZeSqx2KSYHEH2t6tRRJUKTzTxJc9%2CEbGSDfqQSmEDszHAHjt4t48eTqTVT1dc7&f=qDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2CxDwUQfgPSEApdaPHdHztDCRRBUJT6T8ZsA%2CApEhYf9muK2PaAHRH4tMCMA2T7T4T1Ec9&c=728&d=90&e=Zpz8aSoukkW_pyH7AsfO1rcmHMpMAN9i&g=d4383d9a29e6a1a875e6df6bbbde8ebf%2F7468970434274980616&i=20774%2C20773%2C20430&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1645341813823&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jsy4b2r5ve6a337vg5c9fkkxgnq2htmmnztk82x3svyaah64pfcmkt5mc26ctw6a290jjka5wp8xj0cjq7w1cqbgrpgqjpn993w0py2ybj6k6r5faq6qwbmmv82zt9cbfhem8aqym2cxv3b2m90s396502x12fq9ajqxzrj4xea5mjbeaz8n739f3w6cgsyeaj02rzz9p1x9j5d66y5q462fj2g14hkamp3rd1yjnnwy8tf3xd00qm9q0e2r002y60a3xehmf9t3n813rgg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC55sidewRYqeBE9fr3wPV2YpIkOGBhFy2qMKK8ALAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItMjY5NzY3OTUxODUxNTg4NqABwq7o3QPIAQmpAp0pDB5p_rI-4AIAqAMBqgSeAk_QJ_dmV3k6IS9mdjaV7dnQPGpVKvhJFWdLAIjKqDPEruad0NgVjBfA9n1z83LkrXNNB4E7VvjrD-Q8h09LzzlEnphiAC0Stq_28y4tzmFvxxk0Vi8F2OniD4aw1O-glwEENjxobgx0V4gbxqSJq_2x0sALmVfCpgwNL7tVSxqUGXHDgae4JN2cSKhnZwK6tlod_9oBIO6rp6x667mmr37wEqRlUWt1SN9gEUi0DQ1ENXXJEAE7JFEiKoakdweWPN0yknAGpCthICTrsitnBC4p0tqWEFvXoxVOPIXc5bN2BGF_el-vtbXBc7B73uxOtM6SavMDvhaLPLlXJob9CSmyo7iNP0-3PdWV9KGjiZHZbOSkM1UHxHgCU6v0Y2zgBAGABoKGjrL8sNmW-gGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_17ZBsO6KkLD31sZCLcM7Ts6926_w%252526client%25253Dca-pub-2697679518515886%252526adurl%25253D&y=1&z=0
Protocol
HTTP/1.1
Server
78.46.85.162 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
nonstopads1.sunbonet.de
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Sun, 20 Feb 2022 07:23:34 GMT
X-NODEIP
78.46.85.162
Server
nginx/1.10.3 (Ubuntu)
RM-PrivacyPolicy
https://www.nonstoppartner.net/
P3P
policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=10
Content-Length
49

Redirect headers

location
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=120211&s_id=2022022008233364228447533X120211V1226132702MSoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__asuidZpz8aSoukkW_pyH7AsfO1rcmHMpMAN9iasuid__suite_Netmix_Reach13_BlackFridayPush&spid=2022022008233364228447533X120211V1226132702MSoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__asuidZpz8aSoukkW_pyH7AsfO1rcmHMpMAN9iasuid__suite_Netmix_Reach13_BlackFridayPush&wfid=120211
date
Sun, 20 Feb 2022 07:23:33 GMT
x-content-type-options
nosniff
server
nginx
x-xss-protection
1; mode=block
content-type
text/html; charset=UTF-8
DF9A32151D42BCC835EC0C9BE62CF0094313EE46FD4E5D3DC0F1217B7F8F1AD49F0F4DDF5D50AE1511A12D11F97A6BCA3DF8CE9D056CE7A3DC11AF6ED1255D71
assets.ad4m.at/logo/ Frame 82BF 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/DF9A32151D42BCC835EC0C9BE62CF0094313EE46FD4E5D3DC0F1217B7F8F1AD49F0F4DDF5D50AE1511A12D11F97A6BCA3DF8CE9D056CE7A3DC11AF6ED1255D71
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C167497%2C24673&b=YX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2Cj83uEfZeSqx2KSYHEH2t6tRRJUKTzTxJc9%2CEbGSDfqQSmEDszHAHjt4t48eTqTVT1dc7&f=qDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2CxDwUQfgPSEApdaPHdHztDCRRBUJT6T8ZsA%2CApEhYf9muK2PaAHRH4tMCMA2T7T4T1Ec9&c=728&d=90&e=Zpz8aSoukkW_pyH7AsfO1rcmHMpMAN9i&g=d4383d9a29e6a1a875e6df6bbbde8ebf%2F7468970434274980616&i=20774%2C20773%2C20430&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1645341813823&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jsy4b2r5ve6a337vg5c9fkkxgnq2htmmnztk82x3svyaah64pfcmkt5mc26ctw6a290jjka5wp8xj0cjq7w1cqbgrpgqjpn993w0py2ybj6k6r5faq6qwbmmv82zt9cbfhem8aqym2cxv3b2m90s396502x12fq9ajqxzrj4xea5mjbeaz8n739f3w6cgsyeaj02rzz9p1x9j5d66y5q462fj2g14hkamp3rd1yjnnwy8tf3xd00qm9q0e2r002y60a3xehmf9t3n813rgg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC55sidewRYqeBE9fr3wPV2YpIkOGBhFy2qMKK8ALAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItMjY5NzY3OTUxODUxNTg4NqABwq7o3QPIAQmpAp0pDB5p_rI-4AIAqAMBqgSeAk_QJ_dmV3k6IS9mdjaV7dnQPGpVKvhJFWdLAIjKqDPEruad0NgVjBfA9n1z83LkrXNNB4E7VvjrD-Q8h09LzzlEnphiAC0Stq_28y4tzmFvxxk0Vi8F2OniD4aw1O-glwEENjxobgx0V4gbxqSJq_2x0sALmVfCpgwNL7tVSxqUGXHDgae4JN2cSKhnZwK6tlod_9oBIO6rp6x667mmr37wEqRlUWt1SN9gEUi0DQ1ENXXJEAE7JFEiKoakdweWPN0yknAGpCthICTrsitnBC4p0tqWEFvXoxVOPIXc5bN2BGF_el-vtbXBc7B73uxOtM6SavMDvhaLPLlXJob9CSmyo7iNP0-3PdWV9KGjiZHZbOSkM1UHxHgCU6v0Y2zgBAGABoKGjrL8sNmW-gGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_17ZBsO6KkLD31sZCLcM7Ts6926_w%252526client%25253Dca-pub-2697679518515886%252526adurl%25253D&y=1&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5eeedf9055f9efab9127642b4c44135be9f404caa7ce08e51a5ea734dfd28828

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-goog-hash
crc32c=euqM8A==, md5=F0uw3DVkfiBLCaoSCWVgSg==
date
Sun, 20 Feb 2022 07:23:33 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
276577
cf-polished
origFmt=png, origSize=24833
x-guploader-uploadid
ADPycdvB-sS4PGzX5Rb2V98BHSQe1hc6oYEiWlKEIwsoCmomvgxXY7K5g_gmlHd3N2uXCKNNSGRigRh4HBPD6o5g7u5i9utaZA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
9258
last-modified
Tue, 09 Feb 2021 15:11:57 GMT
server
cloudflare
etag
"174bb0dc35647e204b09aa120965604a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mM4RjHExjuNch%2Bz5IvQKLPNs2GiJTiOCF2E3DSDpisLhQWv6bRm5NJp4eL2t9lg1Jy9Pah0uCKf3nB810v74OJ%2FgkXqqXi4RAmewgmNa1ulIO92q0j09PZfqmrmCv1%2BgXdhMoDfmRX7nRb%2BX"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1612883517528266
content-type
image/webp
expires
Mon, 21 Feb 2022 07:23:33 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
24833
accept-ranges
bytes
cf-ray
6e05fd80fe7a0f82-MXP
cf-bgj
imgq:85,h2pri
0AC0DD533161B07A3BB2D72DC66FF10DF997383C63884E78FDBEF4BEDA8ED904DC259BD68D098814FB574FED8B566E90A3C1272EA9C368275203F9D628BB015E
assets.ad4m.at/product_image/ Frame 82BF 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/0AC0DD533161B07A3BB2D72DC66FF10DF997383C63884E78FDBEF4BEDA8ED904DC259BD68D098814FB574FED8B566E90A3C1272EA9C368275203F9D628BB015E
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C167497%2C24673&b=YX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2Cj83uEfZeSqx2KSYHEH2t6tRRJUKTzTxJc9%2CEbGSDfqQSmEDszHAHjt4t48eTqTVT1dc7&f=qDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2CxDwUQfgPSEApdaPHdHztDCRRBUJT6T8ZsA%2CApEhYf9muK2PaAHRH4tMCMA2T7T4T1Ec9&c=728&d=90&e=Zpz8aSoukkW_pyH7AsfO1rcmHMpMAN9i&g=d4383d9a29e6a1a875e6df6bbbde8ebf%2F7468970434274980616&i=20774%2C20773%2C20430&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1645341813823&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jsy4b2r5ve6a337vg5c9fkkxgnq2htmmnztk82x3svyaah64pfcmkt5mc26ctw6a290jjka5wp8xj0cjq7w1cqbgrpgqjpn993w0py2ybj6k6r5faq6qwbmmv82zt9cbfhem8aqym2cxv3b2m90s396502x12fq9ajqxzrj4xea5mjbeaz8n739f3w6cgsyeaj02rzz9p1x9j5d66y5q462fj2g14hkamp3rd1yjnnwy8tf3xd00qm9q0e2r002y60a3xehmf9t3n813rgg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC55sidewRYqeBE9fr3wPV2YpIkOGBhFy2qMKK8ALAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItMjY5NzY3OTUxODUxNTg4NqABwq7o3QPIAQmpAp0pDB5p_rI-4AIAqAMBqgSeAk_QJ_dmV3k6IS9mdjaV7dnQPGpVKvhJFWdLAIjKqDPEruad0NgVjBfA9n1z83LkrXNNB4E7VvjrD-Q8h09LzzlEnphiAC0Stq_28y4tzmFvxxk0Vi8F2OniD4aw1O-glwEENjxobgx0V4gbxqSJq_2x0sALmVfCpgwNL7tVSxqUGXHDgae4JN2cSKhnZwK6tlod_9oBIO6rp6x667mmr37wEqRlUWt1SN9gEUi0DQ1ENXXJEAE7JFEiKoakdweWPN0yknAGpCthICTrsitnBC4p0tqWEFvXoxVOPIXc5bN2BGF_el-vtbXBc7B73uxOtM6SavMDvhaLPLlXJob9CSmyo7iNP0-3PdWV9KGjiZHZbOSkM1UHxHgCU6v0Y2zgBAGABoKGjrL8sNmW-gGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_17ZBsO6KkLD31sZCLcM7Ts6926_w%252526client%25253Dca-pub-2697679518515886%252526adurl%25253D&y=1&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
769996a987ead923de78ded8af9ebbc0125bfdca436dfadfdc9755fd54270371

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-goog-hash
crc32c=1aKs/g==, md5=nBaxji7Rcg1LrHhoV5P3TA==
date
Sun, 20 Feb 2022 07:23:33 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
213545
cf-polished
qual=85, origFmt=jpeg, origSize=84530
x-guploader-uploadid
ADPycdt6jp9O_NMQ5DKmZJ8EzQPANbO32evkJ1SnvNdDPz9PdHu72KTJU_IWg4plcBNcYxTiJaTgSJc3iXkAFm1SwZ8
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
19022
last-modified
Wed, 10 Nov 2021 15:00:52 GMT
server
cloudflare
etag
"9c16b18e2ed1720d4bac78685793f74c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jzwpe%2BHf%2BUHtVRtQlME7S7iVcQ4stBOqdoEj8hEh3%2FIWJo0v5TE7THrdLYlum7zjQs%2F7Y4oDemBhnePdo2xHRHk9zeMmEd9Y9JBTZzUr2MzVTWqtRyAsRYjYsyzw6RKoqzmZ4Rmh2TgEQGwI"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1636556452656256
content-type
image/webp
expires
Mon, 21 Feb 2022 07:23:33 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
84530
accept-ranges
bytes
cf-ray
6e05fd80fe7b0f82-MXP
cf-bgj
imgq:85,h2pri
/
partner.blau.de/a/ Frame 82BF
Redirect Chain
  • https://www.telefonica-partner.de/tpv.php?t=113752V1225131106M&subid=oneidj83uEfZeSqx2KSYHEH2t6tRRJUKTzTxJc9oneid__asuidZpz8aSoukkW_pyH7AsfO1rcmHMpMAN9iasuid__suite_Netmix_Reach13_BlackFridayPush&g...
  • https://www.lead-alliance.net/tpv.php?t=113752V1225131106M&subid=oneidj83uEfZeSqx2KSYHEH2t6tRRJUKTzTxJc9oneid__asuidZpz8aSoukkW_pyH7AsfO1rcmHMpMAN9iasuid__suite_Netmix_Reach13_BlackFridayPush&gdpr_...
  • https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=113752&s_id=2022022008233364228447535X113752V1225131106MSoneidj83uEfZeSqx2KSYHEH2t6tRRJUKTzTxJc9oneid__asuidZpz8aSou...
49 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=113752&s_id=2022022008233364228447535X113752V1225131106MSoneidj83uEfZeSqx2KSYHEH2t6tRRJUKTzTxJc9oneid__asuidZpz8aSoukkW_pyH7AsfO1rcmHMpMAN9iasuid__suite_Netmix_Reach13_BlackFridayPush
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C167497%2C24673&b=YX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2Cj83uEfZeSqx2KSYHEH2t6tRRJUKTzTxJc9%2CEbGSDfqQSmEDszHAHjt4t48eTqTVT1dc7&f=qDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2CxDwUQfgPSEApdaPHdHztDCRRBUJT6T8ZsA%2CApEhYf9muK2PaAHRH4tMCMA2T7T4T1Ec9&c=728&d=90&e=Zpz8aSoukkW_pyH7AsfO1rcmHMpMAN9i&g=d4383d9a29e6a1a875e6df6bbbde8ebf%2F7468970434274980616&i=20774%2C20773%2C20430&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1645341813823&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jsy4b2r5ve6a337vg5c9fkkxgnq2htmmnztk82x3svyaah64pfcmkt5mc26ctw6a290jjka5wp8xj0cjq7w1cqbgrpgqjpn993w0py2ybj6k6r5faq6qwbmmv82zt9cbfhem8aqym2cxv3b2m90s396502x12fq9ajqxzrj4xea5mjbeaz8n739f3w6cgsyeaj02rzz9p1x9j5d66y5q462fj2g14hkamp3rd1yjnnwy8tf3xd00qm9q0e2r002y60a3xehmf9t3n813rgg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC55sidewRYqeBE9fr3wPV2YpIkOGBhFy2qMKK8ALAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItMjY5NzY3OTUxODUxNTg4NqABwq7o3QPIAQmpAp0pDB5p_rI-4AIAqAMBqgSeAk_QJ_dmV3k6IS9mdjaV7dnQPGpVKvhJFWdLAIjKqDPEruad0NgVjBfA9n1z83LkrXNNB4E7VvjrD-Q8h09LzzlEnphiAC0Stq_28y4tzmFvxxk0Vi8F2OniD4aw1O-glwEENjxobgx0V4gbxqSJq_2x0sALmVfCpgwNL7tVSxqUGXHDgae4JN2cSKhnZwK6tlod_9oBIO6rp6x667mmr37wEqRlUWt1SN9gEUi0DQ1ENXXJEAE7JFEiKoakdweWPN0yknAGpCthICTrsitnBC4p0tqWEFvXoxVOPIXc5bN2BGF_el-vtbXBc7B73uxOtM6SavMDvhaLPLlXJob9CSmyo7iNP0-3PdWV9KGjiZHZbOSkM1UHxHgCU6v0Y2zgBAGABoKGjrL8sNmW-gGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_17ZBsO6KkLD31sZCLcM7Ts6926_w%252526client%25253Dca-pub-2697679518515886%252526adurl%25253D&y=1&z=0
Protocol
HTTP/1.1
Server
46.4.41.145 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
nonstopads2.sunbonet.de
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Sun, 20 Feb 2022 07:23:34 GMT
X-NODEIP
46.4.41.145
Server
nginx/1.10.3 (Ubuntu)
RM-PrivacyPolicy
https://www.nonstoppartner.net/
P3P
policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=10
Content-Length
49

Redirect headers

location
https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=113752&s_id=2022022008233364228447535X113752V1225131106MSoneidj83uEfZeSqx2KSYHEH2t6tRRJUKTzTxJc9oneid__asuidZpz8aSoukkW_pyH7AsfO1rcmHMpMAN9iasuid__suite_Netmix_Reach13_BlackFridayPush
date
Sun, 20 Feb 2022 07:23:33 GMT
x-content-type-options
nosniff
server
nginx
x-xss-protection
1; mode=block
content-type
text/html; charset=UTF-8
E8A0B3404CF65D67FABF74F38D2E787E97D75F650E6720B8A047EFE226A7A598DA94FFCF3CDCC52A3B206A422DD3D5082778689277BC79BF962DEE607C6331D8
assets.ad4m.at/logo/ Frame 82BF 		38 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/E8A0B3404CF65D67FABF74F38D2E787E97D75F650E6720B8A047EFE226A7A598DA94FFCF3CDCC52A3B206A422DD3D5082778689277BC79BF962DEE607C6331D8
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C167497%2C24673&b=YX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2Cj83uEfZeSqx2KSYHEH2t6tRRJUKTzTxJc9%2CEbGSDfqQSmEDszHAHjt4t48eTqTVT1dc7&f=qDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2CxDwUQfgPSEApdaPHdHztDCRRBUJT6T8ZsA%2CApEhYf9muK2PaAHRH4tMCMA2T7T4T1Ec9&c=728&d=90&e=Zpz8aSoukkW_pyH7AsfO1rcmHMpMAN9i&g=d4383d9a29e6a1a875e6df6bbbde8ebf%2F7468970434274980616&i=20774%2C20773%2C20430&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1645341813823&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jsy4b2r5ve6a337vg5c9fkkxgnq2htmmnztk82x3svyaah64pfcmkt5mc26ctw6a290jjka5wp8xj0cjq7w1cqbgrpgqjpn993w0py2ybj6k6r5faq6qwbmmv82zt9cbfhem8aqym2cxv3b2m90s396502x12fq9ajqxzrj4xea5mjbeaz8n739f3w6cgsyeaj02rzz9p1x9j5d66y5q462fj2g14hkamp3rd1yjnnwy8tf3xd00qm9q0e2r002y60a3xehmf9t3n813rgg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC55sidewRYqeBE9fr3wPV2YpIkOGBhFy2qMKK8ALAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItMjY5NzY3OTUxODUxNTg4NqABwq7o3QPIAQmpAp0pDB5p_rI-4AIAqAMBqgSeAk_QJ_dmV3k6IS9mdjaV7dnQPGpVKvhJFWdLAIjKqDPEruad0NgVjBfA9n1z83LkrXNNB4E7VvjrD-Q8h09LzzlEnphiAC0Stq_28y4tzmFvxxk0Vi8F2OniD4aw1O-glwEENjxobgx0V4gbxqSJq_2x0sALmVfCpgwNL7tVSxqUGXHDgae4JN2cSKhnZwK6tlod_9oBIO6rp6x667mmr37wEqRlUWt1SN9gEUi0DQ1ENXXJEAE7JFEiKoakdweWPN0yknAGpCthICTrsitnBC4p0tqWEFvXoxVOPIXc5bN2BGF_el-vtbXBc7B73uxOtM6SavMDvhaLPLlXJob9CSmyo7iNP0-3PdWV9KGjiZHZbOSkM1UHxHgCU6v0Y2zgBAGABoKGjrL8sNmW-gGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_17ZBsO6KkLD31sZCLcM7Ts6926_w%252526client%25253Dca-pub-2697679518515886%252526adurl%25253D&y=1&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d997fba7832cb78b0933a9eb2ce191d53234c978e25c6c8fc50c75923ea8405e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-goog-hash
crc32c=RkBJ3g==, md5=Kw4C6d3nfjHTjXjXPcaeTw==
date
Sun, 20 Feb 2022 07:23:33 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
278046
cf-polished
origFmt=png, origSize=77267
x-guploader-uploadid
ADPycdtWKG0m-oQQR8NUboEf3pm6hHPkGL4-UHbGLuJCTmF3f1TYS5igHemYvGbj27HIfLZaSI5a-VHKnc-5490newiWhkpxqw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
38696
last-modified
Wed, 22 Jan 2020 13:11:48 GMT
server
cloudflare
etag
"2b0e02e9dde77e31d38d78d73dc69e4f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LulNEAuQ1%2BIAeBuCK5dgEHEQcyl8YRH69xdusg%2Bn5Rj27QOr1Pf8OjTTI2DZWdq%2BCIO%2FdoRCb%2BLohjh3SYLZAjN6KUhSa3EHjUbJJ0Ufw%2Fctm5i6XO36MM7ThjpqV6GYDOpGfasy%2F2v%2FB3ia"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1579698708801217
content-type
image/webp
expires
Mon, 21 Feb 2022 07:23:33 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
77267
accept-ranges
bytes
cf-ray
6e05fd80fe7d0f82-MXP
cf-bgj
imgq:85,h2pri
B45F893E9FFC024BF63F31BCCBD125167CBC3446F3678FC31F706A695A83CDCA7427229BCA4C5992B83E2F60A147FCD1B6148725AA0AF3ABB801A6BB7EA78390
assets.ad4m.at/ Frame 82BF 		84 KB
85 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/B45F893E9FFC024BF63F31BCCBD125167CBC3446F3678FC31F706A695A83CDCA7427229BCA4C5992B83E2F60A147FCD1B6148725AA0AF3ABB801A6BB7EA78390
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C167497%2C24673&b=YX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2Cj83uEfZeSqx2KSYHEH2t6tRRJUKTzTxJc9%2CEbGSDfqQSmEDszHAHjt4t48eTqTVT1dc7&f=qDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2CxDwUQfgPSEApdaPHdHztDCRRBUJT6T8ZsA%2CApEhYf9muK2PaAHRH4tMCMA2T7T4T1Ec9&c=728&d=90&e=Zpz8aSoukkW_pyH7AsfO1rcmHMpMAN9i&g=d4383d9a29e6a1a875e6df6bbbde8ebf%2F7468970434274980616&i=20774%2C20773%2C20430&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1645341813823&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jsy4b2r5ve6a337vg5c9fkkxgnq2htmmnztk82x3svyaah64pfcmkt5mc26ctw6a290jjka5wp8xj0cjq7w1cqbgrpgqjpn993w0py2ybj6k6r5faq6qwbmmv82zt9cbfhem8aqym2cxv3b2m90s396502x12fq9ajqxzrj4xea5mjbeaz8n739f3w6cgsyeaj02rzz9p1x9j5d66y5q462fj2g14hkamp3rd1yjnnwy8tf3xd00qm9q0e2r002y60a3xehmf9t3n813rgg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC55sidewRYqeBE9fr3wPV2YpIkOGBhFy2qMKK8ALAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItMjY5NzY3OTUxODUxNTg4NqABwq7o3QPIAQmpAp0pDB5p_rI-4AIAqAMBqgSeAk_QJ_dmV3k6IS9mdjaV7dnQPGpVKvhJFWdLAIjKqDPEruad0NgVjBfA9n1z83LkrXNNB4E7VvjrD-Q8h09LzzlEnphiAC0Stq_28y4tzmFvxxk0Vi8F2OniD4aw1O-glwEENjxobgx0V4gbxqSJq_2x0sALmVfCpgwNL7tVSxqUGXHDgae4JN2cSKhnZwK6tlod_9oBIO6rp6x667mmr37wEqRlUWt1SN9gEUi0DQ1ENXXJEAE7JFEiKoakdweWPN0yknAGpCthICTrsitnBC4p0tqWEFvXoxVOPIXc5bN2BGF_el-vtbXBc7B73uxOtM6SavMDvhaLPLlXJob9CSmyo7iNP0-3PdWV9KGjiZHZbOSkM1UHxHgCU6v0Y2zgBAGABoKGjrL8sNmW-gGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_17ZBsO6KkLD31sZCLcM7Ts6926_w%252526client%25253Dca-pub-2697679518515886%252526adurl%25253D&y=1&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c3a0321547809818914bf6666db8a6b4f882b487d3e08e334566d25d5d38e55

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-goog-hash
crc32c=e08Zuw==, md5=psibsHmVB2WUau7aQuE9AQ==
date
Sun, 20 Feb 2022 07:23:33 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2577704
cf-polished
origSize=90165, status=webp_bigger
x-guploader-uploadid
ADPycdsR3wmClnbStqlIFGhf2FiTi7ubPfyZEA-InECuOPihrOubIRoiNYK7ZH5V8g1SN9XkZ97OaiQVQpuNKbcOjFI
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
85727
last-modified
Wed, 09 Oct 2019 16:06:53 GMT
server
cloudflare
etag
"a6c89bb079950765946aeeda42e13d01"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LKTSQZVE1aongL735NHyFvXKiSWeHDFCiOGZHnkcS7IzMjINdYIEKuAjGTAMYzYRsMZuuZZ7pDrJk9bQS9xQdLlfv0hokKglz2xGVCb%2B%2FYPLID3g%2FXAuL8ltnlSZUwPMJGNvB7I6L9ePjiej"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1570637213281727
content-type
image/jpeg
expires
Mon, 21 Feb 2022 07:23:33 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
90165
accept-ranges
bytes
cf-ray
6e05fd80fe7e0f82-MXP
cf-bgj
imgq:85,h2pri
adview
securepubads.g.doubleclick.net/pagead/ Frame DAAB 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CGPPncuwRYt-gNM_k3wPQrpzYDbz1nKRn0tXh-NcOZBABILmOkB9glfrwgYwHoAGwp6-7AcgBCakCnSkMHmn-sj7gAgCoAwGqBJUCT9AfqX0atbpdfaGBa2fJbkdqrNXuY_RhjLtC3pEBjFd9zST8TeQTD3E55KRcEwNrXQFqTTIR5OqWFvam6zdX78WEMV0_4mJCyevFVunqNQmwiJbQJFREFCY_oNuOOwNKNiOCNLRltCYqBMZ2P0aD-RFxRk5xClfDguGdKyA-Th0KuDrak_AubY2Tr2HCKsHnq2xfYhelukRsvMVnSqYcDCwiniKCHM-_HoRQijIXdrd25CPXAairYngtrTZ92R8Sh3-NHQOdwht9B6a5RPZ49wQf8pT3WtfynfcORYTTApkkf7r9U9fQeU262izcdzCy0SuCOQjynj6xoieKHLhBIfRfCMpWzjYbboCNLlwFjhwSlrHgisAE5rqOzMoD4AQBkgUECAQYAZIFBAgFGASgBi6AB7jY0MQCqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwDyBwQQ9ogR0ggJCIDhgHAQARgdgAoDyAsBmAyKnNi-wgO4E4ME2BMO0BUBmBYBgBcBshceChwIABIUcHViLTMyMzg1NTUyMTg1ODg0MzkYsbMM&sigh=tPfhLGMc0t8&vt=1&template_id=515&uach_m=[UACH]&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers
activeview
pagead2.googlesyndication.com/pcs/ Frame DAAB 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuysFQ52P7hHm6olHSRULlzvfJjVbgrluBhrpGsE3nEErwwIGbFomIgKT4bhdhJBUnGWIe-feF7MtEyo0sh62VVSkspcxdMY5StDfYuF9DWCI3HuHZ2lkivIA21BK-LF3-5t26T7nAoGSeSKEabaZxhAwarXSAZZw&sai=AMfl-YQTFUVxzw3cOY08HrezUg2jnR4YZL48CX8FpZksjlOH0vOkLtFY7N_KIbKWuuDEhzhGUC97kig9_-axpz7TfB-N5uVQaMfEx78OAka9sVZhpv9wjv4Oz-LJDB0&sig=Cg0ArKJSzHI23YNEDSHEEAE&cid=CAASPeRosdSuMgOCP0IGXQjlPPHEempH-IgA1EE87_wEZRpuWNxFYRi9vX0qPvjOQrnd4cizvUaZSk5PXqm_49U&id=lidar2&mcvt=1000&p=78,1159,178,1459&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220216&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=323572193&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&pay=1&rst=1645341811406&rpt=1402&isd=0&lsd=0&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 20 Feb 2022 07:23:33 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
link.html
track.webgains.com/ Frame 82BF 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.webgains.com/link.html?wglinkid=713569&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1k8871xtz59s6wmg1183v43w1ek2bs6991gstmj887rk1zydgfj20wbnfn09vvdr8ve7e9ge1gnge3nt6phajx8n6ktpxvank6cs3gv1f5wc1p8caqdesy5g8x8btwc6hvf0bv4ev8fk5bwjcdgnckja3jxt913dyc5p6ce8k0j1ntp5czn61q33cn406w9dn8dj0dm1n8gpfncmtz7xjb21bg2dgsp3qdg3sz17f8g73t6h87tkswchczsvyvzs2529v60byx5mfbxjbz9aj73y2w859emw8w0q623ymfwr4f4b1dvdm%26a%3D&clickref=oneidApEhYf9muK2PaAHRH4tMCMA2T7T4T1Ec9oneid__asuidZpz8aSoukkW_pyH7AsfO1rcmHMpMAN9iasuid__suite_Netmix_Reach13_BlackFridayPush&viewref=oneidEbGSDfqQSmEDszHAHjt4t48eTqTVT1dc7oneid__asuidZpz8aSoukkW_pyH7AsfO1rcmHMpMAN9iasuid__suite_Netmix_Reach13_BlackFridayPush
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C167497%2C24673&b=YX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2Cj83uEfZeSqx2KSYHEH2t6tRRJUKTzTxJc9%2CEbGSDfqQSmEDszHAHjt4t48eTqTVT1dc7&f=qDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2CxDwUQfgPSEApdaPHdHztDCRRBUJT6T8ZsA%2CApEhYf9muK2PaAHRH4tMCMA2T7T4T1Ec9&c=728&d=90&e=Zpz8aSoukkW_pyH7AsfO1rcmHMpMAN9i&g=d4383d9a29e6a1a875e6df6bbbde8ebf%2F7468970434274980616&i=20774%2C20773%2C20430&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1645341813823&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jsy4b2r5ve6a337vg5c9fkkxgnq2htmmnztk82x3svyaah64pfcmkt5mc26ctw6a290jjka5wp8xj0cjq7w1cqbgrpgqjpn993w0py2ybj6k6r5faq6qwbmmv82zt9cbfhem8aqym2cxv3b2m90s396502x12fq9ajqxzrj4xea5mjbeaz8n739f3w6cgsyeaj02rzz9p1x9j5d66y5q462fj2g14hkamp3rd1yjnnwy8tf3xd00qm9q0e2r002y60a3xehmf9t3n813rgg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC55sidewRYqeBE9fr3wPV2YpIkOGBhFy2qMKK8ALAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItMjY5NzY3OTUxODUxNTg4NqABwq7o3QPIAQmpAp0pDB5p_rI-4AIAqAMBqgSeAk_QJ_dmV3k6IS9mdjaV7dnQPGpVKvhJFWdLAIjKqDPEruad0NgVjBfA9n1z83LkrXNNB4E7VvjrD-Q8h09LzzlEnphiAC0Stq_28y4tzmFvxxk0Vi8F2OniD4aw1O-glwEENjxobgx0V4gbxqSJq_2x0sALmVfCpgwNL7tVSxqUGXHDgae4JN2cSKhnZwK6tlod_9oBIO6rp6x667mmr37wEqRlUWt1SN9gEUi0DQ1ENXXJEAE7JFEiKoakdweWPN0yknAGpCthICTrsitnBC4p0tqWEFvXoxVOPIXc5bN2BGF_el-vtbXBc7B73uxOtM6SavMDvhaLPLlXJob9CSmyo7iNP0-3PdWV9KGjiZHZbOSkM1UHxHgCU6v0Y2zgBAGABoKGjrL8sNmW-gGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_17ZBsO6KkLD31sZCLcM7Ts6926_w%252526client%25253Dca-pub-2697679518515886%252526adurl%25253D&y=1&z=0
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
46.236.13.147 , United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS
46-236-13-147.servers.dedipower.net
Software
Apache /
Resource Hash
0c210905ddb44059dbf6f8e15dd1e58d01405b791b0ec7eabb18942ccc410768

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 20 Feb 2022 07:23:34 GMT
Last-Modified
Sun, 20 Feb 2022 07:23:34 GMT
Server
Apache
P3P
policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache
hit
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
close
Content-Type
text/html;charset=utf-8
Content-Length
1468
Expires
Mon, 26 Jul 1997 05:00:00 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 0F0A 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CcKpacuwRYuCgNM_k3wPQrpzYDbz1nKRn0tXh-NcOZBABILmOkB9glfrwgYwHoAGwp6-7AcgBCakCnSkMHmn-sj7gAgCoAwGqBJgCT9AilbBNJ-JRoQCWjGU0QxmuWVbx7htSfiFmO1bq4gPzGKJN8palzudXg1WvlldY9fOf7KMyXxRI5qITyabCOG2kngP6J8L2HfiBbI8Lat3-ZJhS5B8vkpN3CW7ypoA72tnVqqpaTBj93jJllRvNWtAwduJfAMzTOa9DSs8bxdikkRubPyhNj7JZoX9qZXZM9PNQZ1HmPn9qteG6b6Xey742MAUqIXSA6Bg9r9siyqoujBKrD6hQ94G47cYaC8qA_0Z2AMLa24vJ5xCqgZ8VuGSDPrG1Sq7mh_NsBMxke1-AQcmQF1RqvDsJp96WuZQVSsiaZKHd1RCmvt67OiNJo_JNkGpF_SvAr2moX55_GIp6P6qWbzuGKMAE5rqOzMoD4AQBkgUECAQYAZIFBAgFGASgBi6AB7jY0MQCqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwDyBwQQt_EQ0ggJCIDhgHAQARgdgAoDyAsBmAyKnNi-wgO4E4ME2BMO0BUBmBYBgBcBshceChwIABIUcHViLTMyMzg1NTUyMTg1ODg0MzkYsbMM&sigh=KSWdlay5il4&vt=1&template_id=515&uach_m=[UACH]&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers
activeview
pagead2.googlesyndication.com/pcs/ Frame 0F0A 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssXMWBWSd8OqWlP_Ygijx_b6UVxEFxswCmrF6PhJsU8LGeAC09sZgbR4sZy0n9r0gPUgRJzOQruXmYB89uNhKGued9xNhGwFYLyq-aAxWgYs1pRNBcLafasUGsQ38gN-8cQpd-8Lr9FPy10IIT_tAY_FvCJy8qEpg&sai=AMfl-YQiK6ewdfpCpvUMo6ZyXrHWHEt_m13eZSIKho8kV68xm5Y75QwbIH31u8HDFlVwP9PIk9Yl2GADPsfoJbN1UQXUHzvQ1pqN931W7CDs9scS9tbtwje_OnbCJh8&sig=Cg0ArKJSzNEAxgt1ugKnEAE&cid=CAASPeRomDTGTdKWVl6trf5QqpTT7iXaVI-EC5kL_qrZwIJEsEUFPrUA1SdYgwaGT8rKuTLDPwPW-9vfU5FoxvA&id=lidar2&mcvt=1003&p=78,140,178,440&mtos=1003,1003,1003,1003,1003&tos=1003,0,0,0,0&v=20220216&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=415600777&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&pay=1&rst=1645341811417&rpt=1519&isd=0&lsd=0&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 20 Feb 2022 07:23:33 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pvClk.min.js
analytics.webgains.io/ Frame 82BF 		51 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.webgains.io/pvClk.min.js
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=713569&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1k8871xtz59s6wmg1183v43w1ek2bs6991gstmj887rk1zydgfj20wbnfn09vvdr8ve7e9ge1gnge3nt6phajx8n6ktpxvank6cs3gv1f5wc1p8caqdesy5g8x8btwc6hvf0bv4ev8fk5bwjcdgnckja3jxt913dyc5p6ce8k0j1ntp5czn61q33cn406w9dn8dj0dm1n8gpfncmtz7xjb21bg2dgsp3qdg3sz17f8g73t6h87tkswchczsvyvzs2529v60byx5mfbxjbz9aj73y2w859emw8w0q623ymfwr4f4b1dvdm%26a%3D&clickref=oneidApEhYf9muK2PaAHRH4tMCMA2T7T4T1Ec9oneid__asuidZpz8aSoukkW_pyH7AsfO1rcmHMpMAN9iasuid__suite_Netmix_Reach13_BlackFridayPush&viewref=oneidEbGSDfqQSmEDszHAHjt4t48eTqTVT1dc7oneid__asuidZpz8aSoukkW_pyH7AsfO1rcmHMpMAN9iasuid__suite_Netmix_Reach13_BlackFridayPush
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-33.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c6ce2b47cde7cf913a3c34ddce355fa9c75012577dd34c35928add8676cb7fa0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id
wvDglZsFnxZ0eZ1mUErJkFMo1VNidWYJ
via
1.1 c90147ea5199ff7ce77981c8da4247c4.cloudfront.net (CloudFront)
last-modified
Tue, 09 Nov 2021 11:05:10 GMT
server
AmazonS3
age
4061
etag
"ec0ced40cbb5211db06b8a36f209e442"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Sun, 20 Feb 2022 06:15:54 GMT
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
content-length
51794
x-amz-cf-id
gUFb8mH_vSViXXxCKsYiwiTLcpg3vzqbrE5vZs-ykwMpiY2qz5Lilg==
link.html
track.webgains.com/ Frame 82BF 		85 KB
85 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.webgains.com/link.html?wgcampaignid=1384975&viewref=oneidEbGSDfqQSmEDszHAHjt4t48eTqTVT1dc7oneid__asuidTE4AEzYtC7m0Bh5yhtKm57uA3Vz4ohg6asuid__suite_Netmix_Reach13_BlackFridayPush&wglinkid=713569
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C167497%2C24673&b=YX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2Cj83uEfZeSqx2KSYHEH2t6tRRJUKTzTxJc9%2CEbGSDfqQSmEDszHAHjt4t48eTqTVT1dc7&f=qDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2CxDwUQfgPSEApdaPHdHztDCRRBUJT6T8ZsA%2CApEhYf9muK2PaAHRH4tMCMA2T7T4T1Ec9&c=728&d=90&e=Zpz8aSoukkW_pyH7AsfO1rcmHMpMAN9i&g=d4383d9a29e6a1a875e6df6bbbde8ebf%2F7468970434274980616&i=20774%2C20773%2C20430&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1645341813823&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jsy4b2r5ve6a337vg5c9fkkxgnq2htmmnztk82x3svyaah64pfcmkt5mc26ctw6a290jjka5wp8xj0cjq7w1cqbgrpgqjpn993w0py2ybj6k6r5faq6qwbmmv82zt9cbfhem8aqym2cxv3b2m90s396502x12fq9ajqxzrj4xea5mjbeaz8n739f3w6cgsyeaj02rzz9p1x9j5d66y5q462fj2g14hkamp3rd1yjnnwy8tf3xd00qm9q0e2r002y60a3xehmf9t3n813rgg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC55sidewRYqeBE9fr3wPV2YpIkOGBhFy2qMKK8ALAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItMjY5NzY3OTUxODUxNTg4NqABwq7o3QPIAQmpAp0pDB5p_rI-4AIAqAMBqgSeAk_QJ_dmV3k6IS9mdjaV7dnQPGpVKvhJFWdLAIjKqDPEruad0NgVjBfA9n1z83LkrXNNB4E7VvjrD-Q8h09LzzlEnphiAC0Stq_28y4tzmFvxxk0Vi8F2OniD4aw1O-glwEENjxobgx0V4gbxqSJq_2x0sALmVfCpgwNL7tVSxqUGXHDgae4JN2cSKhnZwK6tlod_9oBIO6rp6x667mmr37wEqRlUWt1SN9gEUi0DQ1ENXXJEAE7JFEiKoakdweWPN0yknAGpCthICTrsitnBC4p0tqWEFvXoxVOPIXc5bN2BGF_el-vtbXBc7B73uxOtM6SavMDvhaLPLlXJob9CSmyo7iNP0-3PdWV9KGjiZHZbOSkM1UHxHgCU6v0Y2zgBAGABoKGjrL8sNmW-gGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_17ZBsO6KkLD31sZCLcM7Ts6926_w%252526client%25253Dca-pub-2697679518515886%252526adurl%25253D&y=1&z=0
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
46.236.13.147 , United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS
46-236-13-147.servers.dedipower.net
Software
Apache /
Resource Hash
272d25a3bc4e780b90797dc968a382dbccaa40157d7612ace2f59f2768a6bb86

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 20 Feb 2022 07:23:34 GMT
Last-Modified
Sun, 20 Feb 2022 07:23:34 GMT
Server
Apache
Transfer-Encoding
chunked
P3P
policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache
hit
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
close
Content-Type
image/png
Expires
Mon, 26 Jul 1997 05:00:00 GMT
ats.js
ats.rlcdn.com/ Frame 729F 		109 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ats.rlcdn.com/ats.js
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/95054/2912/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-86.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
72c5d10e99c6620a2561415895a84064b5b5616c2b1914602263886be4cdc229

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id
28x_tDvW9kJ.rWgfbdZIcgxbFDdgh9p3
content-encoding
gzip
etag
W/"d7dfa2940a5d5ce3beedd8774c961dd7"
age
10129
x-amz-server-side-encryption
AES256
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:eu-west-1:469675294282:build/ATSLibrary-prod:6fbe2bf4-0d3f-4234-a84e-c584de5ecb5e
x-cache
Hit from cloudfront
x-amz-meta-codebuild-content-md5
8c7650e47b7f894f6ae5a1fc4919cee6
last-modified
Thu, 16 Dec 2021 12:45:56 GMT
server
AmazonS3
date
Sun, 20 Feb 2022 04:34:46 GMT
vary
Accept-Encoding
x-amz-meta-codebuild-content-sha256
ae589a6335869a8948d0172dfafea0c42638763d87ea89591504c580a5c4f6c7
via
1.1 a350f357b825293e306b1b0a2cb490c0.cloudfront.net (CloudFront)
cache-control
must-revalidate,public,max-age=86400
x-amz-cf-pop
FRA6-C1
content-type
application/x-javascript
x-amz-cf-id
7TLiOa1Y5q-yyd1antVaH33FrVXonSObKguLajTzTXWOW3oYlP0_dA==
ImgSync
image8.pubmatic.com/AdServer/
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160074
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RTdGNEJEOTItODA3Qi00NTRELUJEMTctN0VDMjRFRkEwOUMy&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEOQng9549nWWVg9ZNhlYzKs&google_cver=1
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
0
160 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Server
185.64.190.79 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:34 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
date
Sun, 20 Feb 2022 07:23:34 GMT
cache-control
no-store, no-cache, private
x-lat
sfopug003:0:588
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
tracking-event
api.webgains.io/ Frame 82BF 		16 B
232 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.242.207.34 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-242-207-34.eu-west-1.compute.amazonaws.com
Software
nginx / PHP/7.4.25
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 20 Feb 2022 07:23:35 GMT
x-content-type-options
nosniff
server
nginx
x-powered-by
PHP/7.4.25
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-xss-protection
1; mode=block
tracking-event
api.webgains.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.242.207.34 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-242-207-34.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://as.ad4m.at
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Sun, 20 Feb 2022 07:23:34 GMT
server
nginx
access-control-allow-origin
*
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.staradvertiser.com
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 20 Feb 2022 07:23:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.staradvertiser.com
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 20 Feb 2022 07:23:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		19 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3369027831208136&correlator=536041871320745&eid=31064151%2C31065013%2C31063223%2C31064869&output=ldjh&gdfp_req=1&vrg=2022021401&ptt=17&impl=fifs&sc=1&sfv=1-0-38&ecs=20220220&iu_parts=281191609%3A5136785%2Ccityspark_oahu&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C300x250&fluid=height&prev_scp=frstlk%3Dtrue&eri=1&cust_params=ip%3D0%26he%3D0&cookie=ID%3D5ce8b7f408438eaa%3AT%3D1645341809%3AS%3DALNI_MYPTfGaIPvuRDooZfs1nJVx84JKUQ&bc=31&abxe=1&dt=1645341814972&lmt=1645341814&dlt=1645341806985&idt=1693&frm=20&biw=1600&bih=1200&oid=2&adxs=1162&adys=3791&adks=1413280974&ucis=x&ifi=35&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fwww.staradvertiser.com%2F&vis=1&scr_x=0&scr_y=0&psz=298x-1&msz=300x-1&ga_vid=565048288.1645341808&ga_sid=1645341809&ga_hid=907291583&ga_fc=true&fws=4&ohw=298&btvi=19&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nvt=1
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.4.6/rollbar.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
4074e4ea6270f93ce360211baae5ba2e1afccd494648815e1bd0d8be0614119e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:35 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8465
x-xss-protection
0
google-lineitem-id
5817962342
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138368763301
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.staradvertiser.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
rid
match.adsrvr.org/track/ Frame 729F 		108 B
547 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=mp4hjl8&fmt=json
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/95054/2912/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
a9dfb29967e30ca67d364de2317a73ab4c8032742e18aa90d4ece9bdd53514b9

Request headers

Referer
https://www.staradvertiser.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 20 Feb 2022 07:23:35 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.staradvertiser.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
108
expires
Tue, 22 Mar 2022 07:23:35 GMT
container.html
05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame FC1B 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Sun, 20 Feb 2022 07:23:29 GMT
expires
Mon, 20 Feb 2023 07:23:29 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
content-type
text/html
age
6
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
d3plfjw9uod7ab.cloudfront.net/ad/ Frame FC1B 		94 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3plfjw9uod7ab.cloudfront.net/ad/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f.js
Requested by
Host: 05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com
URL: https://05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:da00:13:a391:88c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b82b3b26f73cec97530fe064182ec7fad83a326a45ba746d58d69bd4de4b04e5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id
NoC6YGt5eCR14CGF_CePZnGYd_hZgCkD
content-encoding
br
last-modified
Thu, 17 Feb 2022 17:56:17 GMT
server
AmazonS3
age
207
etag
W/"ee61816da156df01dc9c34b3cece567f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 f8895de4463e8d120a0f4b4a1f7703e4.cloudfront.net (CloudFront)
cache-control
max-age=7200, public
date
Sun, 20 Feb 2022 07:23:29 GMT
x-amz-cf-pop
FRA53-C1
x-amz-cf-id
VVgZemcseK8lVH4zf3y3WoNnf-AIpycjHrAKLdunhI9YgtuzIBSohg==
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame FC1B 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: 05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com
URL: https://05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 19:07:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
389795
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 15 Feb 2023 19:07:00 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame FC1B 		124 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com
URL: https://05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5b9794842e89dcec3790d21b95acce36c08673d4162e745dc440e6766534ed53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38723
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1645015031201889"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 20 Feb 2022 07:23:35 GMT
41e899d4-eecb-4906-b3ea-3f7a3f7fae2f
analyticssystems.net/api/v2/ad/impression/ Frame FC1B 		0
546 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analyticssystems.net/api/v2/ad/impression/41e899d4-eecb-4906-b3ea-3f7a3f7fae2f?rand=588767
Requested by
Host: 05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com
URL: https://05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:251b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:35 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3HMUoOtAhe7hZb33mhbEgRz8ZnxomyCrBQDSvR3VOJO93AYd5MF6xOVReD%2BwHd8d026xdu0jrl8DkEOORnT0dY1c1jh69ABJVfrebr7L0qN080M99jAjgmfjuKFuisMRXNE60HhW5AAdEFzb5iSNe5NDHQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
cf-ray
6e05fd88fbae5a07-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-request-id
FtVtqeA83pRZcSUOIdmx
5d611f51-b9ee-4e5c-bc42-47b14b73bfa0
https://05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com/ Frame FC1B 		789 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com/5d611f51-b9ee-4e5c-bc42-47b14b73bfa0
Requested by
Host: 05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com
URL: https://05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
af79010f58afe12a54ef84b6e5c79b3c1c1542dfd88ff5ba29c0507a71f00d8a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Length
789
Content-Type
application/javascript
cm
ws-na.assoc-amazon.com/widgets/ Frame AEDD
Redirect Chain
  • https://rcm-na.amazon-adsystem.com/e/cm?o=1&p=12&l=ur1&category=electronics&banner=1RJ5QAT5B55ECPXSXB82&f=ifr&linkID=2315e72a794f1cd0d83054eea5a6da5f&t=cityspark-20&tracking_id=cityspark-20
  • https://ws-na.assoc-amazon.com/widgets/cm?o=1&p=12&l=ur1&category=electronics&banner=1RJ5QAT5B55ECPXSXB82&f=ifr&linkID=2315e72a794f1cd0d83054eea5a6da5f&t=cityspark-20&tracking_id=cityspark-20
44 KB
44 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ws-na.assoc-amazon.com/widgets/cm?o=1&p=12&l=ur1&category=electronics&banner=1RJ5QAT5B55ECPXSXB82&f=ifr&linkID=2315e72a794f1cd0d83054eea5a6da5f&t=cityspark-20&tracking_id=cityspark-20
Requested by
Host: 05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com
URL: https://05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.94.230.46 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
2aa1867a871ad01ddd5ae738635916fe9fa7830b61b6dedf692939adb248a9d1

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com/

Response headers

Date
Sun, 20 Feb 2022 07:23:35 GMT
Server
Server
Cache-Control
must-revalidate
Pragma
no-cache
Expires
-1
p3p
policyref="http://www.amazon.com/w3c/p3p.xml",CP="CAO DSP LAW CUR ADM IVAo IVDo CONo OTPo OUR DELi PUBi OTRi BUS PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA HEA PRE LOC GOV OTC "
charset
UTF-8
Access-Control-Allow-Origin
*
Content-Length
44853
Vary
User-Agent
Connection
close
Content-Type
text/html;charset=UTF-8

Redirect headers

Server
Server
Date
Sun, 20 Feb 2022 07:23:35 GMT
Content-Type
text/html; charset=iso-8859-1
Content-Length
407
Connection
keep-alive
x-amz-rid
778ZATTX57YY4BC4RFSY
Location
https://ws-na.assoc-amazon.com/widgets/cm?o=1&p=12&l=ur1&category=electronics&banner=1RJ5QAT5B55ECPXSXB82&f=ifr&linkID=2315e72a794f1cd0d83054eea5a6da5f&t=cityspark-20&tracking_id=cityspark-20
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Permissions-Policy
interest-cohort=()
view
securepubads.g.doubleclick.net/pcs/ Frame FC1B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstcF_9nCad6IEKjUGQXrk3hzIC9tfgVaPsNhadU7oQ7DER6-VvTxkLPWQCUF3ueYj6_VUxabqs8KdSsSwgwDwVqd129NGthYW8WGPatojLZcJzfHuL3BOqy5zCpvetKRYZQdN3IxMFARJC8KKFbf7LNwVhkTbCYrt7mEGf1A01JTJ9e5CDj1beR55UkGn-iBj9SbIWaq88F3VPXxgmMeFPe3n-Guat-a-H-4DiCcJitZVOeOpcL4mrQxcl2_sWBOXMTqf-ZNmIz9FpyfC6DUyk5vH4f7TQIa-67HAY3AKrxBxnX4XxpbcAf9nk8P-gEkqgxL60E&sig=Cg0ArKJSzDFVkFeRlZPOEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 20 Feb 2022 07:23:35 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Sun, 20 Feb 2022 07:23:35 GMT
truncated
/ Frame FC1B 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
07c5036abd4bd439ede84adcd6c96b6761efc9dc86c4560441122f0acb72fe7b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame FC1B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss3u2_Sb7du02yLa8yLofGiTmwFlDWyUziTcb8vu2FOLt_oGmZ7X03KnxuaftCLqLutC70iSd7r0eNLnPejMX6tC7ZtFN86rMUDpxadw1cmpYklky9jnyyG_EQdAp6hbN6Pdi7xBJ4nz91c1hB-WyuHU_zhZHp0_AWbnwnsKT_3Vinn3Iru-k_wM420K37aoeOrIGZSohWAQITSSi_aPuMRV0SMExRktA-ZPq3ove7w4_0KnNsi-rPmV5x5ZCdJoVJCFmHOuBNDXRtodt9O6idi9V1RDGZtfPGKPmOt74UyNCDJL6pV81RXwlFhgln8p2S-nw&sig=Cg0ArKJSzHVjwDwzPllxEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&adurl=
Requested by
Host: 05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com
URL: https://05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 20 Feb 2022 07:23:35 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
YjJkZWQ0NTgt-N2JhZWMzMzYt-w300.jpeg
images-na.ssl-images-amazon.com//images/G/01/kindle/journeys/YjJkZWQ0NTgt/ Frame AEDD 		74 KB
74 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images-na.ssl-images-amazon.com//images/G/01/kindle/journeys/YjJkZWQ0NTgt/YjJkZWQ0NTgt-N2JhZWMzMzYt-w300.jpeg
Requested by
Host: ws-na.assoc-amazon.com
URL: https://ws-na.assoc-amazon.com/widgets/cm?o=1&p=12&l=ur1&category=electronics&banner=1RJ5QAT5B55ECPXSXB82&f=ifr&linkID=2315e72a794f1cd0d83054eea5a6da5f&t=cityspark-20&tracking_id=cityspark-20
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:fb:5b5::108 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Server /
Resource Hash
59920183728a98c992f20c4276dd296deb3b9dadc2d054c7ef8db8fb6ba91946

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ws-na.assoc-amazon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
https://www.amazon.com
date
Sun, 20 Feb 2022 07:23:36 GMT
surrogate-key
x-cache-353 /images/G/01/kindle/journeys/YjJkZWQ0NTgt/YjJkZWQ0NTgt-N2JhZWMzMzYt-w300
last-modified
Thu, 27 Aug 2020 12:03:24 GMT
server
Server
x-cache
Hit from akamai
x-nginx-cache-status
MISS
access-control-allow-origin
*
cache-control
public, max-age=86400
x-amz-ir-id
0ad29336-534b-42fb-973c-2fb5d566f9b4
accept-ranges
bytes
content-type
image/jpeg
content-length
75406
expires
Mon, 21 Feb 2022 07:23:36 GMT
json
fls-na.amazon-adsystem.com/1/associates-ads/1/OP/r/ Frame AEDD 		43 B
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fls-na.amazon-adsystem.com/1/associates-ads/1/OP/r/json?cb=1645341816228&logType=banner_impressions&p=%7B%22mobile_supported%22%3A%22true%22%2C%22action%22%3A%22onload%22%2C%22adunit_type%22%3A%22banners%22%2C%22adunit_properties%22%3A%7B%22height%22%3A%22%24%7Bheight%7D%22%2C%22width%22%3A%22%24%7Bwidth%7D%22%2C%22category%22%3A%22%24%7Bcampaigns%7D%22%2C%22marketplace%22%3A%22amazon%22%2C%22link_id%22%3A%22%24%7Blinkid%7D%22%2C%22region%22%3A%22US%22%7D%2C%22logType%22%3A%22banner_impressions%22%7D
Requested by
Host: ws-na.assoc-amazon.com
URL: https://ws-na.assoc-amazon.com/widgets/cm?o=1&p=12&l=ur1&category=electronics&banner=1RJ5QAT5B55ECPXSXB82&f=ifr&linkID=2315e72a794f1cd0d83054eea5a6da5f&t=cityspark-20&tracking_id=cityspark-20
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.94.237.66 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a3a64aea2e96ec58a163ddb8d4cf86cf236178ed2d225b8f44154bc1b010ddce

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ws-na.assoc-amazon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Sun, 20 Feb 2022 07:23:35 GMT
x-amzn-RequestId
6de39db4-af26-4ac4-a64d-b52da51c8ae7
Content-Length
43
Content-Type
image/gif
/
fls-na.amazon-adsystem.com/1/associates-ads/1/OP/ Frame AEDD 		43 B
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fls-na.amazon-adsystem.com/1/associates-ads/1/OP/?cb=1645341816228&p=%7B%22program%22%3A%221%22%2C%22tag%22%3A%22cityspark-20%22%2C%22linkCode%22%3A%22ur1%22%2C%22refUrl%22%3A%22https%3A%2F%2F05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com%2F%22%2C%22panda%22%3Atrue%7D
Requested by
Host: ws-na.assoc-amazon.com
URL: https://ws-na.assoc-amazon.com/widgets/cm?o=1&p=12&l=ur1&category=electronics&banner=1RJ5QAT5B55ECPXSXB82&f=ifr&linkID=2315e72a794f1cd0d83054eea5a6da5f&t=cityspark-20&tracking_id=cityspark-20
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.94.237.66 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a3a64aea2e96ec58a163ddb8d4cf86cf236178ed2d225b8f44154bc1b010ddce

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ws-na.assoc-amazon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Sun, 20 Feb 2022 07:23:35 GMT
x-amzn-RequestId
bd4b0317-ffa6-434a-8bc4-4fd6263da199
Content-Length
43
Content-Type
image/gif
pvClk.min.js
analytics.webgains.io/ Frame CCEC 		51 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.webgains.io/pvClk.min.js
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=713569&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1hb8jxrrjgbbbr2zazdnv4jghv0dqrx9z789wxr46v0afhspgbqv5p7j6d2av9n22q7fk4nm6qwhasyza5q2mz5a1efnczxcswsq20hssyqsr4k584x3x8az3dq15tc9ysxtfcyawdbn4hga8c5x889e71v2azw594m66qddyexb2hk5adtgpp80wv6r7kfccra6fcc4xexd0j4r0mkyfjnjg2ytwy09p04e4tbsa58hq3ve10tzegdfvekxcmsmrm7cmps8np6xk2vpedtz7mnf4pmnhr83rtqxpb8rsdfvrcx4jp97w%26a%3D&clickref=oneidP6rTBfbfRbzh9HjHbtgCPzEHJS9TMYH73Aoneid__asuidZpz8aSoukkW_pyH7AsfO1rcmHMpMAN9iasuid__suite_Netmix_Reach09_PRIVATKREDIT&viewref=oneidrW4FQf9fd3jTAH7HjtqtBwxuYS8TxmhX4Roneid__asuidZpz8aSoukkW_pyH7AsfO1rcmHMpMAN9iasuid__suite_Netmix_Reach09_PRIVATKREDIT
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-33.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c6ce2b47cde7cf913a3c34ddce355fa9c75012577dd34c35928add8676cb7fa0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id
wvDglZsFnxZ0eZ1mUErJkFMo1VNidWYJ
via
1.1 c90147ea5199ff7ce77981c8da4247c4.cloudfront.net (CloudFront)
last-modified
Tue, 09 Nov 2021 11:05:10 GMT
server
AmazonS3
age
4063
etag
"ec0ced40cbb5211db06b8a36f209e442"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Sun, 20 Feb 2022 06:15:54 GMT
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
content-length
51794
x-amz-cf-id
0_tCGZwQfJ5aRxVfFEL-EhyQv_gtWpPg-TlQra8_h0ji-j3FvW_l-w==
link.html
track.webgains.com/ Frame CCEC 		85 KB
85 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.webgains.com/link.html?wgcampaignid=1384975&viewref=oneid5kZuXfEfKWkapH7HMt3tE3QaYSktVj2f1oneid__asuidclj2vDqg_FpCOk-6LbRKmlPjdRDRrZYEasuid__webplexmedia_advancedad_Desktop_300x250&wglinkid=713569
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15579%2C14044%2C24673&b=RA2hgfQfD4pTkHwH3tQtJgDS9SzTqxTG9x%2CeYET3fVfxBVcjHZHet1teW3swSQT81s7Ew%2CrW4FQf9fd3jTAH7HjtqtBwxuYS8TxmhX4R&f=QM4U4fjf4gRHxH5HYt9CXkWc6S4TqjTj9Y%2CDXEH3fwfbqPS3HmH9twCwAmFxSmT8jsRQE%2CP6rTBfbfRbzh9HjHbtgCPzEHJS9TMYH73A&c=728&d=90&e=Zpz8aSoukkW_pyH7AsfO1rcmHMpMAN9i&g=4270ac2e58bc27e735c845527c0fd0d6%2F16158092447222966745&i=26474%2C25007%2C20430&j=41%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach09_PRIVATKREDIT&r=1645341810790&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1g3za2m7svrm918csnxtczcqpqx7ef43twzbsbnkyg9xcdgnebe65r3yexn5esybksftr51ajtrqsg4yrc4s25dbdb7q7hx9bbvgs2f8z0191hs95c54pr7m1pbsadp3hqzaymp6jwxyqg53134gy0ekhkke3n13bww3z2dg1t3ce2ktbrja7ya69jcscf1kcdvh2e2yh966rzybxk9g2113r8d693jdzfzmdjdmjsj21cyq070q2bt9a4mtzspp99n0n2jq6p4bypg5f7tmntmp%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCtacfcewRYvavFJGtrASy078okOGBhFy2qMKK8ALAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItMjY5NzY3OTUxODUxNTg4NqABwq7o3QPIAQmpAp0pDB5p_rI-4AIAqAMBqgSeAk_QczSlLdcBlsF-mkzUz9sJadjP1bbZMu-SJiErm0Ekgcgx7gaf_JiipaxC40u6fGOCL7osbGiUwxFGo-mcNGQ0u3Xaj4a7NKeEB9vY7GAF9v20gaOQa1uzod7i4UUB-1SUJEGMqLyEklKC_NYToma5WnT9C--MsaTMvAFr0TsazeJDxEzpz6hED3hj-pwKaEQN6qJx0eJVI0TWPligNQipOvff4z9c62asDrYDe5MDEF8qMpE7m8zj6Ykl3NT0osUtZoeWE2U20SkLYfsNzcm--EkqGrqOu6Jx23g8ZFn3qoWmm9T99EihGo99LBZ8zPDP038kIe8BfTEhTw2uerl04Tj0QtuqfV7NMUuuwOHD_iuuxsS_aozvQ7AlWozgBAGABpmr2p2-gM3fP6AGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_0KhLFFwm7eYzkBLWJ74jgP9N0K9w%252526client%25253Dca-pub-2697679518515886%252526adurl%25253D&y=1&z=0
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
46.236.13.147 , United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS
46-236-13-147.servers.dedipower.net
Software
Apache /
Resource Hash
272d25a3bc4e780b90797dc968a382dbccaa40157d7612ace2f59f2768a6bb86

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 20 Feb 2022 07:23:36 GMT
Last-Modified
Sun, 20 Feb 2022 07:23:36 GMT
Server
Apache
Transfer-Encoding
chunked
P3P
policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache
hit
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
close
Content-Type
image/png
Expires
Mon, 26 Jul 1997 05:00:00 GMT
link.html
track.webgains.com/ Frame 5179 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.webgains.com/link.html?wgcampaignid=1384975&viewref=oneidbRWHQfZfKBwmS7CbHztKtpMQfbSJTE9fJoneid__Stroeer_RON_mobile+300x250_2&wglinkid=3354045
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=177536%2C61651%2C175059&b=jEJhEfGfq9Z1TYHEH2t6t4e3QSZSzTRWc8gx%2Cg6mT8frfkpAGaPHbH8t5tzDPhmSQT7Ecdzq%2C6qxtef3fMQx3ueHmHYtkt9VZ6SYS1TqxTVYP&f=x2xsQfAfEJ8VTPHdHztDCmEX9u7S6TkEhVx6%2CBgMSgfPfMJpAaxH6H3tgC37KsjSeTVQSbqg%2CXJjuzfrfKkdJH6H4Het1Cw8APCQSkTK2tKP4&c=300&d=250&e=Zpz8aSoukkW_pyH7AsfO1rcmHMpMAN9i&g=f456c846e026287696fc94f0302a7029%2F12485168588469646935&i=69751%2C24905%2C65915&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach09_PRIVATKREDIT&r=1645341810795&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jjj57z5e3sjcfgxjs0nzsnk5z171k8cgydx4pbzq1mc6h0ch6dwr0vnghxrqnp69ay0ve39jhkkf5raqbqd3m1sz1r5mada8fjhv88y0r2faq44ydxt1gpae07daz5fq006x7shj4za6j8jvjas2vqdg0tz16j827sw4nnw4w8pwe5mrdfm3yp036wk40bkhfwc12x77hd1a0e8semv1rwp3wb72vd7rpksdj22gnjfdcw82frpwket21qtcxxpmvf3jsd3v2cxsvjwr1750pek%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC0UWocewRYv28FKKhrAS1mIDYDZDhgYRctqjCivACwI23ARABIABglfrwgYwHggEXY2EtcHViLTI2OTc2Nzk1MTg1MTU4ODagAcKu6N0DyAEJqQKdKQweaf6yPuACAKgDAaoEowJP0LTAGp1eMAjeA7AxWk6Ldftu1E0u9r29_BTiBeCDaZbYErho4rF5pVW3kfCmZu7CI5UzL7nmaNrNAAjs7GOxHNez1DXpOJApSezLkQqukjm9iuFrdj2bQNMxYIozCN9N0E5qCbvxwidDuUykfNFDNiQvH6lok3SDxUr1UFheR56cXf2MDg8Y7Vql3AF3BphWFdsaX7MQinNQwBSB39pvrXLl8WNRqj2JoP89C-dD3zMiqJPIPT7MFwe9kuW7AxLK6mMv36zi77ZfBLulg8v5XbGycFMbm8askJCoodH9bG12ZXaB8sAUeXU954OV6hHxVB0EENqi4S3k6JX3ZmvUNfylHn09r23Vooprw44wLBoLOalImA-Uyu_3RfhowDPgSWHgBAGABvCxjeX2iL7sb6AGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_2srrs_Ri6zCxnrr-Jf6E0tw1sukw%252526client%25253Dca-pub-2697679518515886%252526adurl%25253D&y=1&z=0
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
46.236.13.147 , United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS
46-236-13-147.servers.dedipower.net
Software
Apache /
Resource Hash
32156c8a346c5445b2068b5137c2ab4d354aa66c88de0c12f1d297f6f6a101a4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 20 Feb 2022 07:23:36 GMT
Last-Modified
Sun, 20 Feb 2022 07:23:36 GMT
Server
Apache
Transfer-Encoding
chunked
P3P
policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache
hit
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
close
Content-Type
image/png
Expires
Mon, 26 Jul 1997 05:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		13 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022021401&st=env
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.4.6/rollbar.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6e5d9270c6359a69b8cf4d13f64477d455582749c107848ae45fd77f68aa5d3c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 20 Feb 2022 07:23:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9785
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 20 Feb 2022 07:23:36 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 0221 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5046
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Sun, 20 Feb 2022 05:39:45 GMT
expires
Mon, 20 Feb 2023 05:39:45 GMT
cache-control
public, max-age=31536000
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
content-type
text/html
age
6231
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 8ECB 		783 B
535 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
08ec4ce9cea6c2e85c2b249ce2a994e4af6bf00c8840b221e896558fbe55e8cf
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-vV6isTw0IYBL1AfhpjNYWg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Sun, 20 Feb 2022 07:23:36 GMT
date
Sun, 20 Feb 2022 07:23:36 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-vV6isTw0IYBL1AfhpjNYWg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
513
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
RTAFWjK1oaY5MR175eart5uncqyuFBD5-f7_3Cl3Idw.js
pagead2.googlesyndication.com/bg/ Frame 0221 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/RTAFWjK1oaY5MR175eart5uncqyuFBD5-f7_3Cl3Idw.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4530055a32b5a1a639311d7be5e6abb79ba772acae1410f9f9feffdc297721dc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 05:14:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
7770
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13529
x-xss-protection
0
last-modified
Mon, 14 Feb 2022 11:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 20 Feb 2023 05:14:06 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 8ECB 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022021401&jk=3369027831208136&rc=null
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame 0221 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?4Bha0g
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 07:23:36 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2022021401&jk=3369027831208136&bg=!MzClMHTNAAbf-5Dq3_s7ACkAdvg8Wpoq_EoNvJKfhscUecmNiEAfKmxe6_fWSgSi_QKuVkEvMyfHygIAAABOUgAAAAJoAQcKANiBUjgIjKH3RtJEWaRpf80M3clrNnDqvum6Ksw92AZ_jjFanoWe7FqoXu4IcY9THd9O_YvdI5Kjd4AtnQfi8qA6WcwCeBLoSRIAGkWPZvh0dYEZUAAAkcOV9tUrN4MsyN9l2qFBch95_q6JkLUbdFNqI8hLHmaJ1bjCTreT2P4GSLLdJhflonf5F8fwT27-3VFiId8cX1wUwYkAzubK6c5YWJhGZd7CegiZnAxYqe5AND72l77FDyhOJat5xcEP-KdYm3GKMX7l98cUkq3JMUyEVZ1iU-YoTUyZAqxNQBUg674vu2u1ivxLjm7tkLwecj9LsIRaDiakHOmFYx7KmfKhzq2jmJGsYVkDXkSWXQKZYt_vSakpNlMlSP3Po9QRaVjmkaMOgGK2MsLl96vUzGuhnKuwJvTJnC3CJnXjIqGKCkdNcd4QeQWQpN5SP8clnaxoUPB-mJDX1SDij6QcFlLIl0nZMe9sKfLKe15QjaBjzcHfwWQLaV4UVmpEf171JGgYj7FMFffG63Esxe-T8eLuV2-IvvZ0DqccPHwiNmWmWD2p7nn6AwQ0Pov4DVZq7-bVOEaL9FBMK3jXNuXqAVWhlDnG-DaMuOSKQOl6lyDHm10G246eu3qfCHEMlhS0aWXYZydyfOYO9qCglIayKr3sktwJnzmlXgf9p6pR-3cKiROXxYNQWXpFqoPiRjrcvozjdkP5TVQoq65xSAfJ2656m-tIwXC5ho11I0AyFjlch0pmOffLZP25vHwL97LxQg3Hwk94CKMtf0g2W9hRR5dO0gI0dVAMJjXyg6A6VVOd3b3kQT9C3W2vtNbG-mcYi6u8cQR-1MxcBjDg4bjXdtXiBt-XuRd18eMV-LaTL0UnZS6dSNgUMhaWc3wEpU-V1hDBvGJ3jdR6Irly8RQbq6KdKHv9n0gUC6ZueuGGdtDbYWYtNZNLQ4CLuLFQWC76ExN6r998pxFNzFZsDklDKFR3OE4r31bXWMn0-Fx7opUGPDBmVLs-c45X-esX1M5FtMNr5G7v4n8Epu_6yKGMCGXrR9OtqwHZOu4XN_xd3wNEc5GyU2BOh8GEXaCGpxQpKAmsofEVo1erxLdebmNSaOXPEPztN5cvL9IYb6ExICdPvVEwA3B89OpJfWYyuSCSgppaiJfa1UOUl7yICDxaZlUrjPCE4S-YFeQlkU1Wu1cKj0b1n2ihYRk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 20 Feb 2022 07:23:36 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tracking-event
api.webgains.io/ Frame CCEC 		16 B
232 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.242.207.34 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-242-207-34.eu-west-1.compute.amazonaws.com
Software
nginx / PHP/7.4.25
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 20 Feb 2022 07:23:37 GMT
x-content-type-options
nosniff
server
nginx
x-powered-by
PHP/7.4.25
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-xss-protection
1; mode=block
tracking-event
api.webgains.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.242.207.34 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-242-207-34.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://as.ad4m.at
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Sun, 20 Feb 2022 07:23:36 GMT
server
nginx
access-control-allow-origin
*
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
tracking-event
api.webgains.io/ Frame 5179 		16 B
232 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.242.207.34 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-242-207-34.eu-west-1.compute.amazonaws.com
Software
nginx / PHP/7.4.25
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 20 Feb 2022 07:23:37 GMT
x-content-type-options
nosniff
server
nginx
x-powered-by
PHP/7.4.25
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-xss-protection
1; mode=block
tracking-event
api.webgains.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.242.207.34 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-242-207-34.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://as.ad4m.at
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Sun, 20 Feb 2022 07:23:37 GMT
server
nginx
access-control-allow-origin
*
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
ats.js
ats.rlcdn.com/ 		109 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ats.rlcdn.com/ats.js
Requested by
Host: www.staradvertiser.com
URL: https://www.staradvertiser.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-86.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
72c5d10e99c6620a2561415895a84064b5b5616c2b1914602263886be4cdc229

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.staradvertiser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id
28x_tDvW9kJ.rWgfbdZIcgxbFDdgh9p3
content-encoding
gzip
etag
W/"d7dfa2940a5d5ce3beedd8774c961dd7"
age
10132
x-amz-server-side-encryption
AES256
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:eu-west-1:469675294282:build/ATSLibrary-prod:6fbe2bf4-0d3f-4234-a84e-c584de5ecb5e
x-cache
Hit from cloudfront
x-amz-meta-codebuild-content-md5
8c7650e47b7f894f6ae5a1fc4919cee6
last-modified
Thu, 16 Dec 2021 12:45:56 GMT
server
AmazonS3
date
Sun, 20 Feb 2022 04:34:46 GMT
vary
Accept-Encoding
x-amz-meta-codebuild-content-sha256
ae589a6335869a8948d0172dfafea0c42638763d87ea89591504c580a5c4f6c7
via
1.1 a350f357b825293e306b1b0a2cb490c0.cloudfront.net (CloudFront)
cache-control
must-revalidate,public,max-age=86400
x-amz-cf-pop
FRA6-C1
content-type
application/x-javascript
x-amz-cf-id
lWXtj8XCrCX4boPWt3_OgDU010V2_Sl-LsqvieOfLgoptmNvW785wQ==

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
widgets.recruitology.com
URL
https://widgets.recruitology.com/lib/search-bar-autocomplete.css
Domain
widgets.recruitology.com
URL
https://widgets.recruitology.com/lib/search-bar-autocomplete.css
Domain
insiderdata360online.com
URL
https://insiderdata360online.com/service/platform.js?ran=0.6075309316317057
Domain
hbopenbid.pubmatic.com
URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Domain
hbopenbid.pubmatic.com
URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Domain
c.amazon-adsystem.com
URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.staradvertiser.com&pubid=4cd01fd0-0780-4b33-a4da-c39467660185
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIEoAXPDPrMxk60bDmQiH59_Q2GUe69vHv2A80LphZW_GxMwZ2WW1Z8G1UVduh3pqMrHhM8GBN_M62pYlzqMxX_1Csn08w
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YhHsco7XKNMGdNzVCN0FYgAABHwAAAAB&google_push=AYg5qPLtpS8gCuI1-56Vp045kEPYA46GeP5MlHc7tm7nF8HmUArtcfIljeQrUOQymuqHzCMeTxDzf8VOn0KIfW7kENNWtaU23YF0&google_gid=CAESEOVONMwug-bSUVcnpg6ygbI&google_cver=1
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YhHsco7XKNMGdNzVCN0FYgAABHwAAAAB&google_push=AYg5qPKJBlDrTCTC0GRoUQa0u0UXprK3dZtGqcJcJoWpw8rOGFQhMEX9xLgT6_92b3yWZCWpDzf6NDFGj167DPGk3zMTZxiOHJTZ&google_cver=1&google_gid=CAESEOVONMwug-bSUVcnpg6ygbI

Verdicts & Comments Add Verdict or Comment

284 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 object| 25 object| 26 object| 27 object| 28 object| 29 object| 30 function| structuredClone function| x00_0x412c function| x00_0x409d object| _Scanner function| pbjsSetConfig function| getGTagAdSizes function| getGTagAdSizesWithLimit function| executeParallelAuctionAlongsidePrebid object| PublisherCommonId object| PWT object| pbjs object| googletag boolean| gptRan object| prebid_bidders number| PREBID_TIMEOUT object| bidSlots object| outOfPageSlots function| loadPrebidAndGPT object| apstag object| slot1 object| slot2 object| slot3 object| slot4 object| slot5 object| slot6 object| slot7 object| slot8 object| slot9 object| slot10 object| slot11 object| slot12 object| slot13 object| slot14 object| slot15 object| slot16 object| slot17 object| slot18 function| $ function| jQuery string| GoogleAnalyticsObject function| ga object| GlobalAamNamespace function| aamsitecertifier object| _sf_async_config number| _sf_startpt object| jwDefaults object| webpackChunkjwplayer function| jwplayer function| createJWPlayer function| loadJSON function| shufflePlaylist function| updateJWPlayerThumbnail function| removeVideosOlderThan function| createModal function| openModal function| closeModal function| createJWPlayerVideoGallery function| populateGallery function| createJWPlayerAdbox function| createJWPlayerVideoGallery_homepage function| populateGallery_homepage function| createJWPlayerVideoGallery_dynamic function| populateGallery_dynamic object| Insticator object| _comscore function| fbq function| _fbq function| __handleUspapiMessage function| __uspapi object| str1 function| admiral object| dataLayer object| HSA_OBSERVE function| lozad object| _wpemojiSettings string| player1_element string| playlist1 object| player1 function| labnolThumbDBN function| labnolIframeDBN object| _cb_shared undefined| nQuery number| ntvLoadStart object| ntv object| prdom object| onFocusEvents function| ntvjQueryInit function| ntvExtends function| ntvAppendStylesheet function| ntvAppendScript function| ntvArticleTracker function| ntvGetElementViewability function| ntvViewableImpressionTracker object| PostRelease object| ntvToutAds boolean| onFocus object| _rollbarConfig object| _rollbarShims object| _rollbarWrappedError object| Rollbar function| rollbar function| labnolThumb_2 function| labnolIframe_2 function| owpbjsChunk object| owpbjs object| _pbjsGlobals object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client function| joinNewsletter function| isToSPPAccepted function| setToSPPCookie function| getTOSPPCookie function| createTOSPPCookie object| AdRefreshControl function| setHSACookie function| getHSACookie function| _ object| wp function| Popper object| bootstrap object| StyleFix object| PrefixFree object| _cbq object| apd_options number| ordnumber string| sscUrl number| x object| atsScript function| InvalidInputHelper object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| ggeac object| google_js_reporting_queue boolean| apstagLOADED object| Snowplow object| _cbm function| pbjsChunk number| _rollbarStartTime boolean| _rollbarDidLoad boolean| _rollbarInitialized object| twemoji object| pSUPERFLY_mab object| pSUPERFLY object| cswidgetoverR function| udm_ object| ns_p object| COMSCORE boolean| headerTagInjected number| insticator_tg object| InsticatorXmess object| google_tag_manager function| recruitologyAutoComplete object| recaptcha object| closure_lm_702781 boolean| fifabAlready function| fi_fab object| ats function| 4dm1r11545242527 undefined| commonInit function| visibilityEventsManagerDOM function| visibilityEventsManager function| scrollEventsManager function| DeviceDetector object| FI object| JSON_PIWIK object| _fipaq object| FIPiwik object| AnalyticsTracker function| fiQuery boolean| google_measure_js_timing object| outOfPageSlot11 object| outOfPageSlot7 object| outOfPageSlot8 object| outOfPageSlot9 object| outOfPageSlot10 object| outOfPageSlot1 object| outOfPageSlot2 object| outOfPageSlot3 object| outOfPageSlot4 object| outOfPageSlot5 object| outOfPageSlot6 object| $jscomp object| InsticatorApp string| insticatorHeaderCodeVersion object| instBid undefined| isChrome undefined| stackLineNum undefined| stackLineString undefined| errorLoc undefined| errorMsg object| ads_list object| embeds_list boolean| isPageviewSent boolean| insticatorIframeLoaded object| confiant function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO object| fiUtils object| $FIslowSelectors object| $waitOn function| instBidChunk object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| csWidget string| gaName object| gAservice function| csWGa object| __connect object| ampInaboxIframes object| ampInaboxPendingMessages string| ahm_cs_gtm boolean| ahm_cs_loaded function| postscribe object| google_tag_manager_external object| ahm_config function| ahmpbChunk object| ahmpb object| mnet object| ahm_adParent object| ahm_friendDiv object| pubgroup_config function| confiantDfpWrap object| adsbygoogle object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| google_reactive_ads_global_state object| google_persistent_state_async boolean| _gfp_a_ object| google_sa_queue function| google_process_slots boolean| google_apltlad function| google_spfd number| google_lpabyc object| google_sv_map string| google_user_agent_client_hint function| google_sa_impl boolean| _gfp_p_ number| google_global_correlator object| google_prev_clients object| google_image_requests object| _clrm object| GoogleGcLKhOms

82 Cookies

Domain/Path Name / Value
www.staradvertiser.com/ Name: _cb_ls
Value: 1
www.staradvertiser.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.youtube.com/ Name: YSC
Value: RbWBqDlhPO8
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: ntXwPog3YiA
.staradvertiser.com/ Name: _ga
Value: GA1.2.565048288.1645341808
.staradvertiser.com/ Name: _gid
Value: GA1.2.1208915351.1645341808
.staradvertiser.com/ Name: _gat
Value: 1
www.staradvertiser.com/ Name: _gada_ses.6fbe
Value: *
www.staradvertiser.com/ Name: _gada_id.6fbe
Value: 59fa82ea-b8c6-44d8-98cf-dddd4e421558.1645341808.1.1645341808.1645341808.7f127b73-075d-4cec-91b1-a28da29b2ece
www.staradvertiser.com/ Name: privAu
Value: 0
www.staradvertiser.com/ Name: _cb
Value: B2GukFn0vkJCN18Ql
www.staradvertiser.com/ Name: _chartbeat2
Value: .1645341808283.1645341808283.1.Cjpy9SXfx9lBAJXV9lkNN1BEbQ4k.1
www.staradvertiser.com/ Name: _cb_svref
Value: null
.postrelease.com/ Name: opt_out
Value: 1
.scorecardresearch.com/ Name: UID
Value: 1A76b455220ca0f664cbd3d1645341808
www.staradvertiser.com/ Name: ntvSession
Value: {"id":2474981,"placementID":1102376,"lastInteraction":1645341808667,"sessionStart":1645341808667,"sessionEndDate":1645401600000,"experiment":""}
www.staradvertiser.com/ Name: InstiSession
Value: eyJpZCI6ImExOWUzY2NmLThkMjAtNDlhYS04ZjBmLWEyNTA4MWIxNTgyNSIsInJlZmVycmVyIjoiIiwiY2FtcGFpZ24iOnsic291cmNlIjpudWxsLCJtZWRpdW0iOm51bGwsImNhbXBhaWduIjpudWxsLCJ0ZXJtIjpudWxsLCJjb250ZW50IjpudWxsfX0=
.staradvertiser.com/ Name: _fbp
Value: fb.1.1645341808846.1687757412
cdn.firstimpression.io/ Name: OAID
Value: GDPR
.facebook.com/ Name: fr
Value: 0loUIUJKnD0qAUqhU..BiEexx...1.0.BiEexx.
.trkn.us/ Name: barometric[cuid]
Value: cuid_a80b3dc2-d05a-4b14-8cf1-95d27e540cd1
www.staradvertiser.com/ Name: emailhashes
Value: []
www.staradvertiser.com/ Name: heCooldown
Value: 1
www.staradvertiser.com/ Name: _lr_geo_location
Value: DE
www.staradvertiser.com/ Name: _ga
Value: GA1.1.565048288.1645341808
www.staradvertiser.com/ Name: _gid
Value: GA1.1.1208915351.1645341808
www.staradvertiser.com/ Name: _sp_ses.6fbe
Value: *
.doubleclick.net/ Name: IDE
Value: AHWqTUnHrFJX0-BoOgQKKFq8o-mr1WJVu_75KKmnpO_Ul-SJu_Xv9bjNexR4c-a5KA4
www.staradvertiser.com/ Name: _sp_id.6fbe
Value: b70fb51b-ce07-4b05-aae5-6a5e9bd38f80.1645341809.1.1645341810.1645341809.0c886380-73bc-45b5-99ca-728a41b52c0f
.unsplash.com/ Name: ugid
Value: 3ffe9459363287c5c3bb14c1d8ae10615484472
.staradvertiser.com/ Name: _awl
Value: 2.1645341809.0.5-9f21e8dcad30179c9e4b1159e8b14d23-6763652d6575726f70652d7765737431-0
.adnxs.com/ Name: icu
Value: ChgIw6tREAoYASABKAEw8djHkAY4AUABSAEQ8djHkAYYAA..
.adnxs.com/ Name: uuid2
Value: 7674761473644569275
.rubiconproject.com/ Name: khaos
Value: KZUY15K2-21-JKNO
.rubiconproject.com/ Name: audit
Value: 1|naVuGyos1qpsjbWMJvgNbCAkF7RiBdb4AgvEG2sPPZq/zJBpTbUTS11/ZiLFW0BJ/f8FfiNlTgKgoxf/P6Ethu9CfqBt6P0RzG6FmltYou3rP6fFStNJCA==
www.staradvertiser.com/ Name: _lr_retry_request
Value: true
www.staradvertiser.com/ Name: _lr_env_src_ats
Value: false
.adsrvr.org/ Name: TDID
Value: e4d0773a-b72d-4fa4-9e1f-0cf6c6e1ff16
.staradvertiser.com/ Name: panoramaId_expiry
Value: 1645428210055
.ctnsnet.com/ Name: cid_bb302fc6654a4acea8ba3d4006b95a7a
Value: 1
.advertising.com/ Name: APID
Value: UP00d9caa5-921e-11ec-8b9a-0654c439bdde
.pubmatic.com/ Name: KTPCACOOKIE
Value: YES
.travelaudience.com/ Name: _tracker
Value: %7B%22UUID%22%3A%22CB88E266-B669-4CEC-A103-9641A7016F7D%22%7D
.pubmatic.com/ Name: KADUSERCOOKIE
Value: E7F4BD92-807B-454D-BD17-7EC24EFA09C2
.casalemedia.com/ Name: CMID
Value: YhHsco7XKNMGdNzVCN0FYgAA
.casalemedia.com/ Name: CMPS
Value: 5205
.turn.com/ Name: uid
Value: 8016607428580033320
.casalemedia.com/ Name: CMPRO
Value: 1148
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~YhHscgAHlVP6ogBB
.yahoo.com/ Name: A3
Value: d=AQABBHLsEWICECtZovWDQIo2Rd-cIC-5En4FEgEBAQE9E2IbYgAAAAAA_eMAAA&S=AQAAAmESKaZogXPROga1a_lXD0M
.analytics.yahoo.com/ Name: IDSYNC
Value: 18wq~23c7
.tribalfusion.com/ Name: ANON_ID
Value: aonseFq0I1e9yNy6Qw6YusCtF5NQ8LaOsfdElSjUGBijZbQYJovPT2RG89knE8ppZbmW25uQQTDhYnZbCqNMKhw
.awin1.com/ Name: awpv14098
Value: 412871|1645341810|014165a0-921e-11ec-93f0-22621c688fcf
.awin1.com/ Name: AWSESS
Value: 429086:2519498
pb.media01.eu/ Name: ASP.NET_SessionId
Value: ls1o0ijdhrqeyixnxszpyd1f
pb.media01.eu/ Name: DTU
Value: D4761DB8EB98AD2DADCD732D579D0489
tradehouse.advertserve.com/ Name: AVPUID
Value: 66b47623328e568c9e887eee48b513c3
.doubleclick.net/ Name: DSID
Value: NO_DATA
.staradvertiser.com/ Name: _pubcid
Value: 6aa87e51-5730-49ab-a2fa-dda3b905f0aa
www.staradvertiser.com/ Name: cto_bidid
Value: fpfnUV81emxtYjNKVHRtZGo3ZXpxYWhEJTJCWVZOJTJCanVUS08lMkJWNmglMkJCYmZtb3RpRmc4R09wS0dMOSUyQmt0cCUyRnowN1AybUozSlN5Mm5aMVNLNHR3QmclMkZQUDVWWHVRJTNEJTNE
www.staradvertiser.com/ Name: cto_bundle
Value: AebjDF84Rkl2dVZuVjNnRXlMZWtFQlhwQmVwRTRBWlVnVVBEUGhNYVVyamQ2dzZmdHFIbklJa2FVNjNGOWVpampHWDk4dTJVa1FJSWlSQXNkOUJLQmVTMUQ2Z2J5S3BVTkdhdlVHSEtXRndVRXBDdnR6UDk3ajJlM01JRmg5OXl4dkElMkZj
.go.sonobi.com/ Name: __uih
Value: 1
.go.sonobi.com/ Name: HAPLB5A
Value: s568|YhHse
.staradvertiser.com/ Name: __gads
Value: ID=5ce8b7f408438eaa:T=1645341809:S=ALNI_MYPTfGaIPvuRDooZfs1nJVx84JKUQ
.casalemedia.com/ Name: CMST
Value: YhHscmIR7HUA
.adform.net/ Name: C
Value: 1
.adform.net/ Name: uid
Value: 221647478417386476
.mathtag.com/ Name: uuid
Value: f6ea6211-ec75-4400-a67c-12d23dcf9ec5
.mathtag.com/ Name: mt_mop
Value: 4:1645341813
.o2online.de/ Name: nscT485
Value: v01MTQyMTExMzExMTExMTExMTEwMTQyMTcwMDAwMDAwMDA2MTY0NTM0MTgxNHZsZWExZGUyMDIyMDIyMDA4MjMzMzY0MjI4NDQ3NTMzWDEyMDIxMVYxMjI2MTMyNzAyTVNvbmVpZFlYMUhyZjE1c3BCcEhWSDlIZXRRdFJSOGNBVDFUNm1Icm9uZWlkX19hc3VpZFpwejhhU291a2tXX3B5SDdBc2ZPMXJjbUhNcE1BTjlpYXN1aWRfX3N1aXRlX05ldG1peF9SZWFjaDEzX0JsYWNrRnJpZGF5UHVzaDEyMDIxMQ
.o2online.de/ Name: nscQ485
Value: V
.o2online.de/ Name: webShopPV
Value: ?partnerId=O2_AFF_POV_EXA_15008&mediacode=AFF_la_120211_-HTLP&utm_term=AFF_la_120211_-HTLP&utm_content=O2_AFF_POV_EXA_15008&spid=2022022008233364228447533X120211V1226132702MSoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__asuidZpz8aSoukkW_pyH7AsfO1rcmHMpMAN9iasuid__suite_Netmix_Reach13_BlackFridayPush&wfid=120211
.blau.de/ Name: nscT486
Value: v01MTQyMTExMzExMTExMTExMTEwMTQyMTcxMDAwMDAwMDA2MTY0NTM0MTgxNHZsZWExZGUyMDIyMDIyMDA4MjMzMzY0MjI4NDQ3NTM1WDExMzc1MlYxMjI1MTMxMTA2TVNvbmVpZGo4M3VFZlplU3F4MktTWUhFSDJ0NnRSUkpVS1R6VHhKYzlvbmVpZF9fYXN1aWRacHo4YVNvdWtrV19weUg3QXNmTzFyY21ITXBNQU45aWFzdWlkX19zdWl0ZV9OZXRtaXhfUmVhY2gxM19CbGFja0ZyaWRheVB1c2gxMTM3NTI
.blau.de/ Name: nscQ486
Value: V
.blau.de/ Name: webShopPV
Value: ?partnerId=BLU_AFF_POV_EXA_35008&mediacode=AFF_la_113752_-HTLP&utm_term=AFF_la_113752_-HTLP&utm_content=BLU_AFF_POV_EXA_35008&spid=2022022008233364228447535X113752V1225131106MSoneidj83uEfZeSqx2KSYHEH2t6tRRJUKTzTxJc9oneid__asuidZpz8aSoukkW_pyH7AsfO1rcmHMpMAN9iasuid__suite_Netmix_Reach13_BlackFridayPush&wfid=113752
.pubmatic.com/ Name: pi
Value: 160074:3
www.staradvertiser.com/ Name: pbjs-unifiedid
Value: %7B%22TDID%22%3A%22e4d0773a-b72d-4fa4-9e1f-0cf6c6e1ff16%22%2C%22TDID_LOOKUP%22%3A%22TRUE%22%2C%22TDID_CREATED_AT%22%3A%222022-01-20T07%3A23%3A35%22%7D
.pubmatic.com/ Name: PUBMDCID
Value: 1
.pubmatic.com/ Name: SyncRTB3
Value: 1646524800%3A21_220
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESEOQng9549nWWVg9ZNhlYzKs&KRTB&16514-CAESEOQng9549nWWVg9ZNhlYzKs&KRTB&23025-CAESEOQng9549nWWVg9ZNhlYzKs
.pubmatic.com/ Name: PugT
Value: 1645341814
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 3

16 Console Messages

Source Level URL
Text
javascript error URL: https://www.staradvertiser.com/
Message:
Access to XMLHttpRequest at 'https://widgets.recruitology.com/lib/search-bar-autocomplete.css' from origin 'https://www.staradvertiser.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://widgets.recruitology.com/lib/search-bar-autocomplete.css
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://www.staradvertiser.com/
Message:
Access to XMLHttpRequest at 'https://widgets.recruitology.com/lib/search-bar-autocomplete.css' from origin 'https://www.staradvertiser.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://widgets.recruitology.com/lib/search-bar-autocomplete.css
Message:
Failed to load resource: net::ERR_FAILED
network error URL: https://insiderdata360online.com/service/platform.js?ran=0.6075309316317057
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://api.rlcdn.com/api/identity/envelope?pid=1273
Message:
Failed to load resource: the server responded with a status of 451 ()
javascript error URL: https://www.staradvertiser.com/
Message:
Access to XMLHttpRequest at 'https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.staradvertiser.com&pubid=4cd01fd0-0780-4b33-a4da-c39467660185' from origin 'https://www.staradvertiser.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.staradvertiser.com&pubid=4cd01fd0-0780-4b33-a4da-c39467660185
Message:
Failed to load resource: net::ERR_FAILED
network error URL: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIEoAXPDPrMxk60bDmQiH59_Q2GUe69vHv2A80LphZW_GxMwZ2WW1Z8G1UVduh3pqMrHhM8GBN_M62pYlzqMxX_1Csn08w
Message:
Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
network error URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YhHsco7XKNMGdNzVCN0FYgAABHwAAAAB&google_push=AYg5qPLtpS8gCuI1-56Vp045kEPYA46GeP5MlHc7tm7nF8HmUArtcfIljeQrUOQymuqHzCMeTxDzf8VOn0KIfW7kENNWtaU23YF0&google_gid=CAESEOVONMwug-bSUVcnpg6ygbI&google_cver=1
Message:
Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
network error URL: https://tradehouse.advertserve.com/servlet/view/banner/javascript/zone?zid=382&friendly=friendly_1426692162&pid=0&fr=400&frlm=1&random=1426692162&encode=1&origin=https%3A%2F%2Fwww.staradvertiser.com&referrer=https://www.staradvertiser.com/&cturl=https://adclick.g.doubleclick.net/pcs/click?xai=AKAOjst8PDKu_A1hcBx7X1ursO075PYSjBLoVdycHz36bpk4iAGsi8tmro2XDtg6lNOjU3uBCP8Bndl_3NN6nUvNrBjQcza_WUi4-kih8PqwOLamPPAOLTmnGJw8vA2XjLzQ1LynoP9GlhHQ_HoiQMdJe6sONSqewwt9OTPU2Ifgt7DkDpfakTmegDhruW1Ar6TEm1vxN5IQvdxodBPWEaV0OXWpB1ecP_Qv91cjNRM2eeYSS-Otk_uUmjnAglxvTnEdTEcVES1b_jmCc7jSNzjX-Mg6KLPJvfKa6aLcagfJrYItDR0OYaRahjJtcqxXxtObEypZZg&sig=Cg0ArKJSzEzA61Xo11xQEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=
Message:
Failed to load resource: the server responded with a status of 401 (Unauthorized)
other warning URL: https://cdn.ampproject.org/rtv/012202072236000/v0/amp-ad-exit-0.1.mjs
Message:
Unrecognized feature: 'attribution-reporting'.
network error URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YhHsco7XKNMGdNzVCN0FYgAABHwAAAAB&google_push=AYg5qPKJBlDrTCTC0GRoUQa0u0UXprK3dZtGqcJcJoWpw8rOGFQhMEX9xLgT6_92b3yWZCWpDzf6NDFGj167DPGk3zMTZxiOHJTZ&google_cver=1&google_gid=CAESEOVONMwug-bSUVcnpg6ygbI
Message:
Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
javascript warning URL: https://www.staradvertiser.com/
Message:
The resource https://ecdn.firstimpression.io/static/js/prebidamp.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript warning URL: https://www.staradvertiser.com/
Message:
The resource https://c.amazon-adsystem.com/aax2/apstag.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript warning URL: https://www.staradvertiser.com/
Message:
The resource https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

05f2ed50d3adff24f6957eb5afcb7e50.safeframe.googlesyndication.com
a.tribalfusion.com
aamcf.aamsitecertifier.com
aamcftag.aamsitecertifier.com
ad.doubleclick.net
ad.turn.com
ad4m.at
ad5918b77947989cf665778909eed784.safeframe.googlesyndication.com
ads.eu.criteo.com
ads.pubmatic.com
ads.travelaudience.com
adservice.google.com
adservice.google.de
ajax.googleapis.com
americanhometownmedia.com
analytics.webgains.io
analyticssystems.net
ap.lijit.com
apex.go.sonobi.com
api.rlcdn.com
api.webgains.io
as.ad4m.at
assets-jpcust.jwpsrv.com
assets.ad4m.at
ats.rlcdn.com
auth.instiengage.com
b2c.insticator.com
bidder.criteo.com
c.amazon-adsystem.com
c1.adform.net
c2shb.ssp.yahoo.com
cat.fr.eu.criteo.com
cdn.ampproject.org
cdn.cityspark.com
cdn.firstimpression.io
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.jwplayer.com
cdn.materialdesignicons.com
cdn.polyfill.io
cdnjs.cloudflare.com
citysparkstorage.blob.core.windows.net
cm.g.doubleclick.net
confiant-integrations.global.ssl.fastly.net
connect.facebook.net
content.jwplatform.com
csm.eu.criteo.net
csp.azureedge.net
d2na2p72vtqyok.cloudfront.net
d3lcz8vpax4lo2.cloudfront.net
d3plfjw9uod7ab.cloudfront.net
dclk-match.dotomi.com
df80k0z3fi8zg.cloudfront.net
dining.staradvertiser.com
ecdn.analysis.fi
ecdn.firstimpression.io
event.insticator.com
fastlane.rubiconproject.com
firstimpression-d.openx.net
fls-na.amazon-adsystem.com
fonts.googleapis.com
fonts.gstatic.com
gcm.ctnsnet.com
geo.privacymanager.io
geoip.insticator.com
geoip.instiengage.com
get.s-onetag.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
h99w9l39sa.execute-api.us-east-1.amazonaws.com
hawaiirenovation.staradvertiser.com
hb.emxdgt.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
i.ytimg.com
ib.adnxs.com
id.crwdcntrl.net
id5-sync.com
image2.pubmatic.com
image6.pubmatic.com
image8.pubmatic.com
images-na.ssl-images-amazon.com
images.unsplash.com
insiderdata360online.com
jadserve.postrelease.com
lorenzourban.com
mab.chartbeat.com
match.adsrvr.org
maxcdn.bootstrapcdn.com
mug.criteo.com
onetag-geo.s-onetag.com
onetag-sys.com
origami.secure.ownlocal.com
p.cityspark.com
p.typekit.net
pagead2.googlesyndication.com
partner.blau.de
partner.googleadservices.com
partner.o2online.de
pb.media01.eu
ping.chartbeat.net
pix.eu.criteo.net
pixel.advertising.com
polyfill.io
prd.jwpltx.com
prod-rtb.ad4mat.net
protected-by.clarium.io
pv.medialead.de
r.turn.com
rcm-na.amazon-adsystem.com
recruitology-static.s3.amazonaws.com
rsms.me
rtb.fr.eu.criteo.com
rtb.openx.net
s.ad.smaato.net
s.ntv.io
s.tribalfusion.com
s0.2mdn.net
sa-media.s3.amazonaws.com
sb.scorecardresearch.com
secure.cdn.fastclick.net
securepubads.g.doubleclick.net
signal-beacon.s-onetag.com
snowplow.ownlocal.com
ssl.p.jwpcdn.com
staradvertiser-hi.newsmemory.com
static-de.ad4mat.net
static.adsafeprotected.com
static.chartbeat.com
static.criteo.net
static.doubleclick.net
stats.g.doubleclick.net
storage.googleapis.com
sync-tm.everesttech.net
sync.mathtag.com
tag.1rx.io
tpc.googlesyndication.com
track.webgains.com
tradehouse.advertserve.com
trkn.us
unpkg.com
ups.analytics.yahoo.com
us-central1-kube-ownlocal.cloudfunctions.net
use.fontawesome.com
use.typekit.net
widgets.outbrain.com
widgets.recruitology.com
ws-na.assoc-amazon.com
www.awin1.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.lead-alliance.net
www.staradvertiser.com
www.telefonica-partner.de
www.youtube.com
yt3.ggpht.com
c.amazon-adsystem.com
cm.g.doubleclick.net
hbopenbid.pubmatic.com
insiderdata360online.com
widgets.recruitology.com
104.102.29.148
104.111.219.144
104.111.239.217
104.36.113.107
108.157.4.53
108.157.4.91
13.35.250.78
141.95.3.9
142.250.184.226
142.250.185.162
142.250.185.70
142.250.186.98
143.204.215.116
143.204.215.33
145.239.193.130
151.101.1.194
151.101.130.49
172.217.18.98
172.255.62.200
178.162.133.150
178.250.0.139
178.250.0.157
178.250.0.160
178.250.0.162
178.250.0.165
18.156.0.31
18.192.208.234
18.65.25.44
18.66.242.20
18.66.248.121
184.31.84.150
185.29.134.244
185.33.221.90
185.59.220.193
185.64.190.79
198.47.127.19
2.18.233.180
2.18.234.190
20.60.81.107
2001:4860:4802:36::36
2001:678:cb4:bbbb::11
213.19.147.42
216.52.2.39
2600:1901:0:76b9::
2600:9000:2057:9800:1b:5138:8a40:93a1
2600:9000:2134:c000:18:1fcd:34f:cdc1
2600:9000:214f:2e00:1:a3fa:7cc0:93a1
2600:9000:214f:8800:1c:386f:ec80:21
2600:9000:214f:da00:13:a391:88c0:21
2600:9000:2182:8a00:9:78a:e540:93a1
2600:9000:224a:6600:14:c3e7:6780:93a1
2600:9000:224a:e00:8:48e:53c0:93a1
2600:9000:2315:3c00:10:3422:3f00:21
2600:9000:2315:8000:1:a3fa:7cc0:93a1
2602:803:c003:200::31
2606:2800:233:1cb7:261b:1f9c:2074:3c
2606:4700:20::681a:71b
2606:4700:20::681a:ad1
2606:4700:3030::6815:251b
2606:4700:3036::ac43:9e2a
2606:4700::6810:125e
2606:4700::6810:5814
2606:4700::6810:7eaf
2606:4700::6812:acf
2606:4700::6812:c05
2a00:1450:4001:808::2001
2a00:1450:4001:808::200e
2a00:1450:4001:80e::2002
2a00:1450:4001:810::2003
2a00:1450:4001:810::2008
2a00:1450:4001:810::2010
2a00:1450:4001:812::2003
2a00:1450:4001:812::2006
2a00:1450:4001:812::200a
2a00:1450:4001:827::2002
2a00:1450:4001:827::2003
2a00:1450:4001:827::2016
2a00:1450:4001:828::2002
2a00:1450:4001:828::2006
2a00:1450:4001:829::2002
2a00:1450:4001:829::200e
2a00:1450:4001:82a::2001
2a00:1450:4001:82b::2004
2a00:1450:4001:82f::2002
2a00:1450:4001:830::200a
2a00:1450:4001:831::2001
2a00:1450:400c:c06::9b
2a02:2638:1::3
2a02:2638::18
2a02:2638::1c
2a02:2638::2
2a02:26f0:fb:5b5::108
2a02:26f0:fb::5f65:5949
2a02:fa8:8806:12::1400
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8083:face:b00c:0:25de
2a03:5f80:a::b212:e7c0
2a04:4e42:200::282
2a04:4e42:200::626
2a04:4e42:3::720
2a04:4e42:600::714
2a04:4e42::626
2a04:4e42:e00::282
2a06:98c1:3120::7
3.127.158.112
3.210.11.204
3.234.103.215
3.33.220.150
34.120.133.55
34.120.58.62
34.202.78.124
34.231.120.176
34.242.207.34
34.68.132.100
34.96.77.232
35.157.246.167
35.158.25.241
35.166.4.28
35.184.218.133
35.186.193.173
35.186.253.211
35.190.0.66
35.201.96.133
35.244.159.8
35.244.184.131
37.157.4.25
44.194.49.161
46.105.202.126
46.236.13.147
46.4.41.145
51.89.9.254
52.160.40.218
52.20.115.1
52.217.196.89
52.30.140.199
52.46.132.238
52.94.230.46
52.94.237.66
54.221.248.213
54.236.178.185
78.46.85.162
84.200.5.215
88.198.250.30
99.86.4.124
99.86.4.125
99.86.4.3
99.86.4.31
99.86.4.86
0159831273549544cb9ff04cb7f31edfa5797d9aa4bf1666636bdca542479b76
01a9dabd902570e6db0f700e470c8824e04c88b12b33b1ee10f458386cfcfd63
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
03019ccf62b2bc924f2ff0be6fd1b8757e9d957dd3f704edfd792fe9e7d8b22c
0442de55e3838ce2b8cfca9a7ad2a6bcecfd94844453c13b38d7a9f1d31944b9
0464dd44a33d105a36f74f111f68cce8e8708ddc2337607e2021e15927793b0e
05488f9b88e6509afa4c9438d1352309aee2b020a508c76d66f5691f03824ff1
05e2888e835d97fe6e4cfb256f62f47d5dccf6d9ac202ea9d82a6bc2b1716c1d
0697912270d4ad04615851261fa60a3db4bc88e3c0316d1c97fdd3a5a7c68931
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
06f6e711e79b57792ecb21e63f9909a2554c8a25f6b1b0a38004a06da8497adb
079720151f8e5a548186737593346110b3534909e074b4de98de5f1923dbb486
07c5036abd4bd439ede84adcd6c96b6761efc9dc86c4560441122f0acb72fe7b
083ec931e5517a4ab713afbe9561e72b9186cb54e21b8b1eface9caefb54a966
08ec4ce9cea6c2e85c2b249ce2a994e4af6bf00c8840b221e896558fbe55e8cf
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
09dc0765a9dd7efe2c16814e023c0509771ef4cf8dd880a306c59b765942d983
09f9f507e1b9603cb213244da6e536b850fc6934a4e28701a53a341562e62c34
0a2176bad5be68ea7fe742d9ea76084443f8891101898e212361a057b291ca62
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
0c210905ddb44059dbf6f8e15dd1e58d01405b791b0ec7eabb18942ccc410768
0c64f9e9a42862411ae74ba3506212eb549c5a3cba567793c622a09b1f18d406
0cbc45bb2105b7b487ea7200431abc2263c9bdadd1d4bf81f374b21838594b04
0ce5fc08d0f617e71e1d61bcd79fc7cc1855f4221945b0c09ac774685fe7f52c
0e2a560f13627bee0925e5e49243f611d9a4cef76f56f4c96d3d3a6510a1d29c
0e9f8888ba0d877eae41f416837a9f13218940e19235a9e05618629a1913e87a
0ef411b723ebbee3f50d098fc294c8161afb90234b5d1406e5b0e7110e55de78
0f0d78da6af508cd25fb36b2a7344833bdf92402b991ecd6affacf9aec023d8c
0f108d2c3e7133c2c1a890275e48a6e131cf7d4b1ec44a753a9916a9fd3a2a47
1045a244c3cdfa961611fa87438ab7b674f50b8365faffee81653ceedb26510d
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1169c1eeeca49d9e93c954501d19587dfe9032d90e17cbf198beb8bf7901b011
117e1f8b209d839543a1bbf79e841750966f3e0b7cb55ba0bcb659ca44860d71
125b1c5f96e7bd6829d8ce638c463f14c0a78f7cadee45d6ea4584b897aaf1e3
12617a86d84e318f81b68310fb64c66b79059877e1b550d2e7a43472e0c417f2
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
144af7bafe02560b9d2ef48a35c13844873b533d84db56b03b0f19263cb7437f
16e47e1514ae507eafc3a63a2687324b3b24a7ebb03338054d270cff9d2b4c4f
173cf4e361059ca9571ffa462b018c0cb3ab42f65ae1bfa04855067330138ccf
17fe38ab302c7e5dbfb5c3d87801092d79be958500db6412ed3bc0f126bd53d3
19a28e2d74e7eee25716e5a9e7bba44191ae28ada05995a5107d7a85cea3054f
19ec0616130bb6f2bd2afc3c24ff4d96e6b1f5caa326476cda1c7a358fef5255
1b07b3f8bc0ad363cd83e922c6c5863d9fcd10ef19a52049993dfe5000d23e82
1b5e82149bb569e42174a01a04ac361bb5e06447b68779ce179208314c5c38a6
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1bdd3e645e5be204ed300083ad58af70cd5eb69e6b4235bc5b6f7e98170951f0
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944
1d4ea4fc124c2f08ec19fc1a0430fec3b1f3fc9e6c0464050c968b16a586a1d6
1d4ec7d6c3874679ce60a2089cc201a6300bca791ed0aa28ca0f36448d50e1ad
2016e299fc127b10927ec39bea552104648c4bc9473949451c96743d06f0fbfc
21ae863e166094b37618bb195db2b44719d89ea2f7748b02ef140c6ed03f0370
221d3a2d426c59a6409d52c0479926772d85f1432c59b92d0997397567025897
245700ec8ef4a9acfb6088689f5b4867269393b8222cb1c75ea791621751ff87
24cca7efbc9a80a391cf36c86cd7dacffe4c4dc93aab29bc3e991751f2fd7054
25cbb0598f62d55b16729065a0955ce9efcdfb096c7f11fec31e731dcfa11e8a
272d25a3bc4e780b90797dc968a382dbccaa40157d7612ace2f59f2768a6bb86
2762f3937e71053b44bdac4e43b8764be0bf3bb5b5f67827497d30cb7bd6e5b6
27a248eda1fdeed115a09b6721edd068770883206d013e5b493a12aab50a7c41
27bcdc67e32fef9bdd86b785b1bafadd7f6915c49f6b49bed86bfbddf414b2f8
27c71a9e2cb0bb6595a57b297c1c94503b0fa7dac371945e68af53741592cc55
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
2a03771453248c5eb3ee390d87edddd490ac37484b6a6c95567ffc222fccd107
2a57a668e5bf41e41188cd8f8c3f53ca17c6b99e7c4aff660628ffe10a330b24
2a80ee1043487569f505922244e1492b20a4d8ef92cc5994f346bf7a202d6794
2aa1867a871ad01ddd5ae738635916fe9fa7830b61b6dedf692939adb248a9d1
2b8351122b4c595aabf558ac61bd606f706974f14bcd21be575536ca6472e2a4
2ba654812c16558059d496548e80457b8597ae034ecdba1dd7f17eb4d2eb13f6
2bfe57a23d8ef229c88a3d24babf237122d897f8f6f43e69c6cc4ebe14896687
2c0f3dcfe93d7e380c290fe4ab838ed8cadff1596d62697f5444be460d1f876d
2c131c2ddd72cec81c69eef0b974aaf815551ce3f8ed54bdbbbd6c4fa763f20c
2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e0b76760753ecabd92d6562f5900f745acbefc7226fd4af4127f9aaeea9dba2
2ee75722c46f8c4c50778322aa5e3f91b0bed1ddbc32df89525aba8ee2e3c869
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e
2f50df3f61cf01517d36e005388cb034af3d6ea3a884f0c1f97c76f624c58f61
317411aa4ace0961a35e28f5a79c28dd52b28cdda84efa46f80d697fbf695b02
32156c8a346c5445b2068b5137c2ab4d354aa66c88de0c12f1d297f6f6a101a4
328f288e539f179b91e6e8bd7932e412185f2bccc6bf383d1e224043ef0a1ca0
332dd9d8872171a7ce122129c088ef587eb876ee04f178f5e62310dff3747514
33c002e144d2f01a2b5ed89a40dca710f0ac4d04fe7e3ca0ccfedf93e4adbb63
343ea3c17fa2d9c0502e019abd2f22d748dc6926105fc21c2aaded55e783b38a
3596c8db4dfd165d2fa4af70f72fbb7d22caab7c9b7aa1cd7e91af4a663e6a8d
35e61779a97d89f284d8e838b50832061daca6f528a25a972928bc2c06de3cb8
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
36a588822bfb9e3d351da79c492ed62f9d98275d59f611a50b0f37ae11731a34
372ddb86deaa3e11e5a4b1eec16924bcd6e6232bc8bab79338426b2faff7e7dd
382424c3c506c90ec21cbcaa6c96bca5b1ef2db1c32e81d9cb2fd919973f515e
38e27f6cbe86b26bf65dff11b6d203ecc3231ddcd010cc89a3889f3c03bc3f73
39ae6b1a1ba72fc9d48b1848e9bc88f4b9da10688232ccca39d85b878db7af32
3b3043a59925da95728c8d505da11bc06e2c7a502486e1c84fcc9445dee2ab96
3b3ed4b191fdd529075b8e099f5daefd684e80acd4c9514a70b6ad746e949544
3b71cdf9a20592bc862ea050b14af5e0ee66f22b0837bceba918950ab7c90101
3c1e96b298d4071fec3936df7838e36961b7b6e361413ebdee9055698ed901e6
3c3a0321547809818914bf6666db8a6b4f882b487d3e08e334566d25d5d38e55
3cab875a2a392985fb6bc7269ea092a6b16d208b2ba247cba8bfc0f626d9caac
3cd0f7339e3fe1e7228f087ed90b78e9fdcbcc1db30e4f228e510ce6bb220f46
3cd7b4becc5b4e90ca6763c7fd1167376a7975610dbada54ce5506674ae7417a
3d34b2f2e02c7937501dd51255ee7900c9ec823f07b3d8d0fc19c5e242058cf9
3d54d65d1a3e03ee57b6b3bea623447a1d39393610bdd51bb389fe20c0b17f78
3d7a3dca6cb4bccb97b70de73a8246ca11e1945aa69114a16df27df7ade0102a
3d81ff0711054ae1e44ce4b60541bf26af068765af41211d131027b0132f4770
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3f2d221b99f75987a9edf966049883c19b5a9237af1746261423a87fbb85556f
4074e4ea6270f93ce360211baae5ba2e1afccd494648815e1bd0d8be0614119e
42197f868c8a022a8f36574a2ce910d007c7254e7282742500154471ca82408d
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
4477ee59b97030d6f35483b304d8bd6e71388e45c339d83c22cde5d1dead3d34
4530055a32b5a1a639311d7be5e6abb79ba772acae1410f9f9feffdc297721dc
454e275a24548d7c90f785185bef0f45a1a31227dbdf262e23663d3a1c893d34
47d95f274189db8cfcec62a09f345c8f8f71ec3e8b9dd5cc56aa4b0843c9b92c
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48de778fdc484c7c754bc789a052e166eafeb84dd8831130e4dfa5dad6e95939
48f67a152acf6ef2df67acd63779bee22382effa8a37b241811e04b683e312b1
496db6d47cb7396e6e92ea0d527d26f700d1719a5e993a26379d927da5fd9b20
4a17993276183fec7818ba36bce50b816903e7ed928fc3749ca8ba2b32f09c0d
4a2ce659bc7cf71e18e810c1e2a2d5f4557bb5b205e2ee7c78cf92df8d110f05
4c0b6c872c7e94af4fb9a7daed9dd3b48037402aa2bfa90df773913fd9d9ef6f
4d5679eb4ffe764c49e2fb1386bf3ef04139e7a5a9e867da46aa1045374d6925
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e3d0c1a29d170faef517706dcb30b339ecd93eb48be33783139f6e1c5e8c204
4e8b4d8d4f9431cca2f13ac27e5434d23777a271edcfb2161eef8bde0dc9e77d
4edce7b814cd954fd5533ca8d7156df65a2f8a33242e1931c17a6dff95bac992
4f410b9b350b1a76cab88e3c8014237da133cf66905a5b1f2034f1854b104e31
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
4fec1e2f5e242292dfbd7e85c4348343a7d509ae91ab09ab6cddffd0e8ec1048
5022fcf9de86b31fb30f480f4aa29fe96298d33242f5455a778da9f3079550b9
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
5195579e675db39e47a19d4925ea466868ed0558d68d9a9b9e7c02c7b7e4008d
523cc6ee59448f8d335cc6ac979dd10b6fad069588f96ee37a8a62c5dbf16c1f
533e8ab00e73a9a61f550b956a872f9091fe48b79b4072d87bdb07348af7f4bc
53c8822cdfa15aad566072d1b55cfd702583f3db48878092d806353e0f314c1a
54d35e66675f9cc2ab471d0c389573b5ab0902937b397914a177712b27678a46
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5965f82ddf197d8faf1530c477553d1e86d5f7a8f23d3c502b63e45345878d56
59920183728a98c992f20c4276dd296deb3b9dadc2d054c7ef8db8fb6ba91946
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5b5188bc80403f23520a2665d8a974c62e629cd0aaeb0e50c8518dbfbca7c2d9
5b9794842e89dcec3790d21b95acce36c08673d4162e745dc440e6766534ed53
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
5c4855666e3ecdd01da9664d8da573fab1c6eac6fdc34492d8a111754e39b902
5cf7b01e9bad3d3a9da846f6be9bde1e9e50625bc4c0c19ef3f2cc52ab0278b7
5dacc86b8a64742e60d70192353e5643da219a3f84c0b26cf6116b06b67fff32
5dbcc519703132c36d2ff69ede8cdd1b9593e31ac13914828ceacc8b4d8b3d50
5e219178dd358a03f0847dccf3dc9c4f07825de5ba1b9a090aa00938480aab26
5ee87b9eaccd7d5d0c4ac14ef1fc4468e72d5865d781459dc4c688cb345f7dd9
5eeedf9055f9efab9127642b4c44135be9f404caa7ce08e51a5ea734dfd28828
6032718d891bf126aecb035080cb80ff4f67419245ad05db993311def8b4da9e
60d76e5d3d47c3f67063f6ad8c4c19906031164734d901e60a8842d0a292a1cd
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62fb3b623a9ce92db388f15f17a878c180f3a20d76d55e0923dc5f281e9544d1
638097836bce5402a852fa4c73b205bfc0c65e376d8fb1ccb012d0517c356964
63eea4b56b4c73ec90a4a637240916d97f73c1d0d051666f1233566586302bcd
65c2f65aaef6f2b3b834ec69d322424aad3d2904ab22e17dbc330239818f5cd7
665212ec564d4b083b48f54a2c239761b1f261dedfd77f00ed8cedc4076d8def
677abfa5e8392c317a482baa9bcb6544c261da51c0551de3af5d34ac0714c41e
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
68a4eece4a674fd820a36d676f39d7f89857e75ced09dddf43762ba00ce12dd2
68ab0344cdcfdc5447aa23b5158c42b5aabf1825e326097d71092fa5cbf08a34
68b931411d1b32336caca78f0e52dc3a6f5d197c8d99d811dd5fae004f3a831a
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7
6959d051b212b334ab0726817194d078d87744ff5474a1420757e4a0904c21f0
69f0e66de394788011c9e0d5fcf53f1a0feb32aba17b18c4c78612cd92adb44f
6a526700a518d11ba17f9e4afc2fac0b2cfacda8a91a1975931bb30d6de3b479
6ac2f9dbccc111645dbfd1aa2256b25ce23fc7396a9311099eed7f3077e842f1
6aeaddaf921193b89640ff690d4fa10def5b35df03b04756fd154740e319673f
6b0cf7478269a97c612935a1ddeded01b0f1fcccfcd522f1194d991e4350678b
6b56ddca814af131ef57e54b933590ed1ed8e2f40f8ccce38c2e99ad9e22ee63
6e206304ef613bb43bbad63baeeef8a0fa2c96dc7295c45f025131467c14aee8
6e5d9270c6359a69b8cf4d13f64477d455582749c107848ae45fd77f68aa5d3c
703a46b7ea39f2c1ad0b05cb3ebd6d4bb52c8920f6f2523384e446de9570b478
70fb114037fd9e681fa34ca7bfe2c107d7c85420d7511762e934eeaed9bc6d64
7161dab7927e17051951fb435d3e2ae75487302cdf61e9a461c131f809087727
7282cc9f1e2327c8c367c669bdc814d46b464e37c3997fbfc7acd7fb7f99c24b
72c5d10e99c6620a2561415895a84064b5b5616c2b1914602263886be4cdc229
731dfd45b79101e70d1c0f998e9387be13fbe88dd19931deaa858b0605c3b343
7368ecfb35893620cf152cf61b9e3f06bcbafd7a2e645846177b1bff1554bcc2
738ef412cbbe9c94faaa7c2d2e950b5f909e8c569c96fc2ed6e0eb2f27a92ac1
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
7561df085a8f27438b99a4aa875e5941a296e8d7e771627ab6a904cebd5d0cdd
765c9fcc6adacf0f9b30ba7114992518ddf4a5a8e5a89756272cfa0b1c9c0923
769996a987ead923de78ded8af9ebbc0125bfdca436dfadfdc9755fd54270371
76dcada666862ba41775bf2b49f921cdc65a0fc6dfa0f6b1a5f1cc53d07b6114
772082343a8afb4bc481b2e252b6e1249bfb97ae1ddfb40e5dbc638d4a5a9a18
784acd540b5fcfb87c47dfe12e5311084ce692366a2ac196fd5cc8eb28ff4c23
78ea6d7806beda2d76bb7d9abb14b034ad476a897376c270aefcf40a2f49316c
7a0041e6fba8fb86423916591e96760803b6f21acf61cf9d0e9df50c12300053
7a0fce4d652c87e7887e40fe40044a465387f81b644053052afa6040d3b52406
7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb
7b812e796f59ce02cd9afa956d7827dca1457f2c379e8e801d9147d8f1e7ebac
7e539b890a0e58edd14392a51c5dc46940a19a19e840737de777d20a00e68f8d
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
80b0fa5a9b31ca5d5c2ae293930af0cbfca11fb0f8d793a98146eacfc65994c0
820465a45a0fc9606782c387a2a0d5d417e4c91d6afff04b11a60b18c44950ed
829f165f85543ce674f974b387840d52702662fcf469e222147948b9a1f2625e
83af3eed9bc9713193f2ad86f6214e2554ec29f8022e054dcf696a10d59ff9d2
842542e571b27f1586b2472b0f927e13973b6b47e5d9fe345abfd2436eb24fe6
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8636de21b30228459adae804db94c0659cfe7bad89c2dac4cb3753ac1c279d90
87228b5246ece9b12bac05b438794791bb67239aab563dafb7e43eb4ddfc8fa9
874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4
87ad39c8129e7a5cd0f058b927a1fe405a046d92efe25a6cb752ed556dcc75c5
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
8905d2adc8537ef18432a612f54387ef4e6562a2f6647f0620ffea63b4cea81f
896b8f17a43af25c26a4c5101c57516bb09e837bdaa8235e630aedf629c277e2
8a8badcb3cc1bebc9843702522f9c720a7ecd40dae88ab02e72a04253140f6fa
8b06ee7322964225af9c5f879971180be48ef42bac3933c73bfe6c1ea4c0f699
8b4d784549390c2f0d91427b78a1fc8085426d6dffa19d827e4e15605b728314
8b838fab476b0b972555361c19bfa11475adc6bcb3165ea3823eca1584fe6017
8c0565981eb5a20d24d63f5bfeec7ba1a2cc0326698e065f4a1013cad2b3a618
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8de3a19de0d4801a98e2a05f3fe425ba220f27c003ff4580f5a623148287c066
8e2d476a3da7d96d989379c7fb3be5ed4595a5dcdf7164cda8b5ecf0ed9a39fe
8e2dcb9912e96ad6472e010d4e66d67c647dfc385f09d652c1ff8d4d752baf14
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422
90a6ca0321a91a1d562e74d06adc6a575d59b74e56f9678c40a1831382d6982c
9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a
914e783ccb9b7d1fc826cc9a5f1f24c8a68f4d626008ca05ca43d3205e4d1843
9180f589b3c6ace89b0d577f9bbc4d136d2fab3e2c19831caa0bd815f0702d83
93b1f78578f169d4f472ecda3c79d72e81fa9e199bdb979d13139f5ddbe5a06d
948c224783bfc65ebe57eaca98e5968a10717272ed8120746501997509fa564c
959fb6e64577f5524b9de3c5110a43d9255257e9876eeae5ed390b65f6b1a949
95a97feb66166b8fb931e6a8d8b96eddfd76f2ea3b9b3c28fa999b0642350223
969c577b1459c03ad78597e6c1f13a836dc74a439e9c17b0094bedf4d312e57a
96c4020d417940dbf7a27cc94754813fd49493449bfaaac2ffdea1ec862ea0e0
982fd78f58ce2a94e199e5b624969a8e7261b31955160fce4d1ea98bb36bafb0
9839e0085a801af6df8e93ab2967a5fcd2640d9c537da2160b2c605e63bed10e
984bca55409990098cf74adc47ed650c3d22c68900739950bd14c04c9d45f8f7
98d3b0771f331f89f38b2c9d2d2d56fab4d0aefdb23654e95b866c2fe34eee5c
9a6fe74929c6b69a0a726b0387c4cec468b55e59a1bb4ac8e1a8e897e0e8bd2d
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b3fc157c518a0276ac25c2ff523f20eb3e7fa8a7966a3c8a45b89a67382238a
9baa573e4378873b7ac81ccb1d954ce9bb2b1a933947ad3012263ddc604d8505
9bc6380d3386011163277ffdcafd800121660e229e79d69abbeeea8c98479af3
9cf71774f1f1f6c394e18096287cb46b53cc4ba8e2f17af4625b2dde339f4776
9eb5cb26a1730c20ee1a11202c2a06c6cc7ff4312c9c9ee8dd805ded1edbf673
a04b865b86a5315881cdbb6dff10de7e84ce229089e10e01864c33b8253d7105
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a1bcd09518ee81a6a1f2b799ec5003619198761289be5cd44b8528cf89683c5b
a20c152c22c67c4d7c8b135742a5ee401c9af423c0b3f42a5f52cb351a52400c
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a3350e121d2695283aaaa94af7f24cbf7042310cde50f4f51f412b0578c7c08a
a3a64aea2e96ec58a163ddb8d4cf86cf236178ed2d225b8f44154bc1b010ddce
a3d2e1e7066775143da6681809d6f2c359736315cbc6457e1faacf8647f3e4b9
a4350fed8ed92bbf4f462fc245028928ac33afa25d2231b28c334b91cd0d3952
a460ff736cf024b7c896b059ce807a0d8d8e6388fcc7a74367f8f6ef25af536c
a488cee7bab7278931b4d7a47849849028671fca61526356ced58a6ae1d89993
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a50761af47976acf2a9b1ed88cff6727c6c0fa4a18c2806a26f108c5268b4c1f
a52f7aa54d7bcaafa056ee0a050262dfc5694ae28dee8b4cac3429af37ff0d66
a54bd7428972e1aed39d8774dade5ea086c4b5f4b6e36d2d8b0fd6da7beb2abb
a5603ec98056eb1fae466d03b0d66094257e14492a2bf2b1ab88a8b3b464a1ae
a565b66c4a94275e00ed1aa38207333640f336ad1aea305593ab85728005d055
a577e36e5d969ddf3f78d35584fd3186309bbcf56427a8b0e1faba9e126a2065
a6be68a9d4749cc45950c096e74e6da90a6906acbf33556b8228c528c4ef9384
a6bf8637eaf0f2b7053e23e8344585e298bb815cb51044ef5a284e37b33a4775
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a947001574f5b7696a074ea564b7d211cde2e3c67468520e7fd0e7aa85f22f15
a9b1a3a1f111d31d2055b2a273749688337613925faab6bf73b08dae0ed311b2
a9dfb29967e30ca67d364de2317a73ab4c8032742e18aa90d4ece9bdd53514b9
aa4b31008b7b03a32fdcf70497969c51801ddcf8606f1e480b4a3207f8270288
ab37320e79d1aeb68fe01ebdf2ead6c7d012c73466bd197fd5b1e0f294333339
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
aefe09194c600df28a1d55fd7148031678d5d7a19d337d532cb4efcecff81869
af42f8a986eefec222a68474cc9c9591028b07b082157631d810ecbbf4a652fe
af79010f58afe12a54ef84b6e5c79b3c1c1542dfd88ff5ba29c0507a71f00d8a
afd2447f77118df6fd4b8710c2b23e7bb4edb557795c643e3d8a7c12df4e6586
b0b5553c8c13275dab9dbd8c4ab595592099aa8b297f4e7b65ba0659d61fc744
b221bfce0004225f790446e12499afc28ccc55a1745e8f19df1357c97e61ebc2
b2c78c910f5ea29e3a9d223dabc203c055c8708b1fe7d83788b490638126db4d
b36242f8baafe46cbe8379817d2534399d0301110d78b73dfa0433d6040536f9
b426330e7356578186744fc43edcf2ddf9380c8ed9d42a36fd77ba3ca81b8b57
b435a521e09261f07e2cfcd18c0a4673edbcfe63284e217caf5341516bb24546
b5e627a6a302154ef2b927c31a48ca17d13a3e68ed923661a86f5efb1f0ebc79
b6146e21cf454aea82492ee74d67bcc9fdd67204c279a457b88c851de2fe2594
b6635617488fc4222e37a13cdbf287ad4ce92706f3a97c5c23b9f8d10e33c069
b69fe287551669409c2878bd1dd655e36fe7f7e7c8b8acdc784c257ab49e241b
b79246726fd5a7f0fedb0161908e184e994411ac37a147a29e3636a8f3ec0114
b82b3b26f73cec97530fe064182ec7fad83a326a45ba746d58d69bd4de4b04e5
b91073161650d3a1903b486d64b05466bdda7ceafaf23f95494527f91fa44cb2
b9992e87acdce0b56ae06a416a40ba5b4771a9cd7701d97e9487044dbf1b65e0
ba1bfdef6fd715d9b9c3d6f09f1d1c46ae3e1abf8344750c22af4e57d1f7ee31
bb5e2ea41114aac7cc85db465754f2f71644dc601ff16689ac1c3afbddc66138
bc611cd3f2e427b4b4c098b3cd5ccbf6e46754bcaa2bf3e2445b0d2f83e78b65
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
bdaf440044f36045a52fe5fb8148688d18cd9c550a59113d775466fb394aae0e
be4c1c3298d4c57fdb2068a8df5822d8166fa09a5b2abd2fcb4f0be705395ed0
bf78c9bad3b9a376810a5a12afa3d5a7a3ec5199228f34ee33d8ae13536a5f1f
bfa61eb1efee11e70c9bc08430eb7e9ece6abb95aa75a163572c5eef1315d0c3
c041fc2ea8f808d0309f0024d6848892189b6b366dc625bb6a69bb27b200f07d
c0669f3efd6fb6d4fc87aefdcdd50a0f60cbe3c6e2f9d0c7e01fdfe43596c9d8
c0f31d7192a9fe2f82063091e40f265cb14ab994a2d60b7520e970e1519ab45d
c17f8a8ed2749178d868d47dccf3d190d7a7e9f1480e759356cf06cae595199f
c1a476b3442043756f97fc98c480c06c65c74207e12ae6ba150eee21d7eed067
c23104a7a6c8ab6192ffebf74a7e671078656837b4f7d99c5a6260fd6f1e515d
c237eafbdb4255f65a8f7059620878932225db625fcc6e5f6e79c5a50f51c557
c2d15c7ca224a1d634d6b02f290a6705bd9f62902a89b377f98325465c4c249e
c2d803ecd001b639fb591d861bf3d39041b95dfc84ea23dc113ad76c80e0bf45
c3a4ce632669ba3473ebc4df56752a726a808cc6fc9486544908f84a00eb36b5
c4f9988fb187ceb87d3fdcb6e273829c9d68dd21884d409a0d36190385f5b89f
c5e16accfe3fe9b1626ffcb06dee85818f32ec1301550d731e5dd8322c62efdc
c6ce2b47cde7cf913a3c34ddce355fa9c75012577dd34c35928add8676cb7fa0
c6d36a345aad21002e4db0c4578eba8e9979a61c22f112f55ac95c166cabdaf9
c92aaf89b1a34c214af4217404c264f9f7e96fb66dc1e00327572344f6f77d43
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cadc72dc81a8e767b3da7e015267c1ed4eb439249277937a2e83f7d29876350e
cae897bdde94867960ad284a56b1631296eaceddf5710a2857127ca0aa2777d3
cb0a1ac121b8aa9b8e2912768985ee6341cdd33d4c7b4db39052731d4b5248e2
cb16845f3c28284255639a36b2d6fed7a0f10aad38ac166cb8a7c90ee07b4372
cb7aa6b06aa5a8eea3670662c4b0c37104041c14575fc170dc48677a0506a33a
cb8b1419780ed6f78469a86d286c2668ab0a9e78582797defafc1d7f2762ffb5
cdb4ee2aea69cc6a83331bbe96dc2caa9a299d21329efb0336fc02a82e1839a8
cde8796cabb7b93bbcf7c8a4bd2d39b926a22d2dfbbe6a37fdafd10c5bd8f965
ce6b908ccefa0c7b809b1c85f9e8e4c70e4fb37aa2c3e5e2ba8d2174840d47e6
cf12ee84c417cbb401083f27253d0541a64dd8605c7442f8ce8a22fe3026bbad
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfac6241dd3aabb5f1552c17501790093015c006a8e13671823c1ff4872beaae
d00a2a2cc42a61afdc3e64f37a61cd7477f603b7a811722edf50429e2efaad54
d0e231b4bc0f1396059c46b683932a8fdf64d7665ff4b4beebfa16d4c1d2614f
d0e6c823d25b756388d14dd2db63841e31b1e1ecdd7ad5e30a67b798e683f79b
d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4
d1a0a1b6d83366106e152f1703e7a4762df4f2a95bcd45dda95c362e27c64fa0
d278491b1de51ad826d16be5ab27b1746999c02d45200f107218427e34eed798
d2be56cea1a4dcdfe58a21865c56188678e70e0cb288a965f649829ad71d467d
d2cdb4f2ed4b585d772068df75c01d0a360d45d27294188fccf5ceb4255fdc83
d3ef00ccf0d1329768a9546012c96ecb5ac031695b0418da9ae3297979ad60bb
d40aaf285f56db2f3b92e687c475d91b45d05a3f0ee10a59ffc428449d2cbe9c
d43f8c46a66a4d7ee79dd714bb6464d91ec7634f547f2aa485e353839a146d19
d44b84e0471d9d1ac53ce061c9becfa720931b7364c7b55a6325d03859781782
d5502471827af86b745c40e045c7ffa3e58fa7ced50fb20ed7e37025a9abfdaf
d5661858a1ac96084163595f8a5da3f9c0208037dbe609d6a8bbe48ada46c3b5
d60bef1316dc12b91225f2862832123dfbd67ae192bda2d2dfd385130b42a07d
d6a5789ddcefcde65aca42763fdf458a4df543f92f13d903aab39e05918971cc
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
d83f32899e2ffd78be6e1bf35ebb10dea45a132fb9e5c22b1adb36c4ce0ead6d
d85e7a9efc0ca2e08b8c657bdf56d98ae41a63bf5d7bc786bfdf773ad1541850
d8921a0fcfd2507826836106dcc06e0612c413bf3797cab39402171724b32df0
d8a34aeacc4054bd4e119e538c7eb4956421014f48a9b603d3f9314a7435b5a6
d8f917b12778d4a22a9547d1725638c0c428398479c5dea57664d0045552b930
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
d997fba7832cb78b0933a9eb2ce191d53234c978e25c6c8fc50c75923ea8405e
da1aa56ad7ee2ec7feb73ce90eece099adfa6774a5f4e417371ac72037ba02c9
da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c
dbb75d9ad91414d024ac64690f0445464cbedd4ee6d71f47fae84d68b14b9d34
dca48f3a946bbfa6545510ed71076aa805c1b8a84bba5ecc79fa39ccfcd088f5
de14c0cd6ecbc935c54ad144fa3f668a09ff12e8c9457743a42d3d07e0970587
deb4323f079912a5283042639953033bb16d509a0c6aeac9d8e5ada00e8d15df
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7
e0617705dea4b9e3e6f00448ff0fa20e8f0a27f76a43272044055672b882bd8e
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e0f9afd978bd46213b0bf16a6ddd54ef257e84dde88e9b428c373b501a2b0b74
e2c28f3e8b6a2e5170859e67cff3e8240e6b888d02005306ef3d2129f5cbd74c
e3ad8c90cec1318c90852dc018d75e7afadcb71c36508344fc1c133021007bb3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3b990372c35ad2b0ab6a30b65a7ca00eff679f994ae676d9d7fde63a0c2a1f2
e4a84cc36669ad4809710a8dea92ea8cec360c624b72c771693b4b23150b98c9
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e5d3f7cad9534723e28aed704f7f5bcbb7f6a2323b2c29f01aa09bc3a46c930d
e603b509658fdf55f0b46c6af2e7c189447f5046357e7d359b1fe6803574f7f2
e72a4d605e3d5af4047f1f34af4008981be221e0809e57805c6011c451f81c14
e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b
e8562087317b34c4b2ac60e28e272b7b33e37523aacd5f2adba7a4f108e415c6
e8742c4a874074b03c10874a3871dc586da7bc08a4abeb11ea5a902db7ea513c
e8c352b24a1606918dd64525c1554d4c852e738a3418a2f4cb204ae78effba68
e9b8906a8b7540b8accfd2a491c0821d6bd6d8ccbd4ab53a56da8906ff028423
ea61548e9d5031954bac5839724821f0aa82d3a6ad15440cd592c551f21fa3b9
eaca5ad13c4a56ff86cfe9e16f2e775433f9357c16513e257f90512b0c80e460
eb36257d0b421fdce28c72a3c869659cd390daf1930f302ff9022f64420c81f4
eb771d9ac0b48dae76feaff13c89abee4a1705da8345ea33afc0706db6f708ea
eb9dbe481dbd9f58d980df39569fb1ba4e941ccdbebf2bc5be7b3568976185e9
ecef554c207ca480661a975a7c2cf101a99c9af0e71cb21ef7004a40dbd6b2d8
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
ee5d8f682805ed45d8c9ff24941a1ad286763bf61e23fde210d41e5016607106
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
eee64e7a420c5e70f9c636da84110997eb85bf5e55e56a003ff4b448d4889897
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efd1c3714507d714b75a760e02ce29028e9e5e9c8e795e15611114c1017ba3fa
effd7ce6ed5f47c331ed9333eb10d6ad78f496277f95dabb0d7dcba847d34a97
f01b7e8f8cc6ca431444fd006083bd8412195c0973ff20552348169a38158f1f
f10134f63012891e9e259c48919da02a150be23f97892cae445acec7c1e8e00f
f1c12ecdc734146fefdea82ef9659cc5b31facfcc2d87dc5abbe3e1b1a8b62be
f484bf1727c442651c5fea5fe160504e678aad0a4540fa9e815667ebab0da802
f51938710e179807bbf1be9a1e9d7e3441fa74e7dfe9f46841914fb12ca7de3c
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f66465da73bd50e9ead702e0fc63ef50f5e0e665214d2b196ea50b8f077718e5
f69b20025bce19118dc32040133cbdfaaa31b4ec09d91ca885e8fc46d9f4b36d
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48
f7008fb6ed25a1eedb24388fa3f2024f7be118b310d492699dcb6b3ccf06cead
f78e3422084b9a403f0d1fe0657cc8464a8b9ed4535a374608974e70539422a3
f7cdf71044448cb736733f5163fff96081d51ba4101567d61d22ee5998a7a399
f824000649b12b68a220a0120c606932d0740bd5332770a244473db773185e4a
f85777ed4da2474424468e884d480586e1f57eecc7004afa539019b0a9d33fa2
fb7e70becd9b9f29c4afe8b2b82eef24739e120c0abafc812e24c8362657f37d
fc111d616b9e02be0db06a4a877dcd882fd92ae678e0f8a5311dd671cbfedf77
fd9da47add4efdbbffcc622dcd0565df51a2a14ab8cacbc6e4ac04821608f14e
fdd1eb743eaba6388d6bf34f56b00aad1eece44973f2966508497f2458c9632c