urlscan.io logo urlscan.io
SecurityTrails logo

www.thestar.com Open in urlscan Pro
13.32.27.75  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://anpost-packageserviceacc.com/?entity=1159706
Effective URL: https://www.thestar.com/life/fashion_style/2022/08/04/we-put-walking-sandals-to-the-testthese-are-the-comfiest.html
Submission: On August 16 via manual from IE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 93 IPs in 11 countries across 66 domains to perform 335 HTTP transactions. The main IP is 13.32.27.75, located in United States and belongs to AMAZON-02, US. The main domain is www.thestar.com. The Cisco Umbrella rank of the primary domain is 91448.
TLS certificate: Issued by Trustwave Organization Validation SHA... on September 20th 2021. Valid for: a year.
This is the only time www.thestar.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 5.199.174.193 16125 (CHERRYSER...)
1 32 13.32.27.75 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
3 13.32.121.118 16509 (AMAZON-02)
11 65.9.66.18 16509 (AMAZON-02)
9 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
18 2600:9000:223... 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
8 23.47.209.169 16625 (AKAMAI-AS)
9 65.9.66.23 16509 (AMAZON-02)
1 1 2606:2800:234... 15133 (EDGECAST)
2 199.232.16.157 54113 (FASTLY)
2 54.146.242.28 14618 (AMAZON-AES)
5 142.250.186.98 15169 (GOOGLE)
1 158.101.192.250 31898 (ORACLE-BM...)
8 99.86.4.12 16509 (AMAZON-02)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
9 2a00:1450:400... 15169 (GOOGLE)
6 34.96.102.137 15169 (GOOGLE)
1 108.138.2.210 16509 (AMAZON-02)
7 51.104.28.77 8075 (MICROSOFT...)
1 104.244.42.197 13414 (TWITTER)
1 104.244.42.195 13414 (TWITTER)
2 2a03:2880:f02... 32934 (FACEBOOK)
2 99.86.4.2 16509 (AMAZON-02)
1 65.9.58.76 16509 (AMAZON-02)
1 65.9.58.156 16509 (AMAZON-02)
1 151.139.128.11 20446 (STACKPATH...)
4 65.9.71.118 16509 (AMAZON-02)
1 35.241.9.51 15169 (GOOGLE)
3 4 37.252.172.250 29990 (ASN-APPNEX)
7 34.107.254.252 15169 (GOOGLE)
7 2600:1f18:44f... 14618 (AMAZON-AES)
2 54.76.210.146 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
2 3 2606:4700::68... 13335 (CLOUDFLAR...)
1 52.56.103.253 16509 (AMAZON-02)
1 65.9.61.60 16509 (AMAZON-02)
4 35.190.14.224 15169 (GOOGLE)
1 52.215.111.225 16509 (AMAZON-02)
2 15.236.176.210 16509 (AMAZON-02)
1 1 52.31.107.150 16509 (AMAZON-02)
2 2001:4860:480... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
4 2a03:b0c0:3:d... 14061 (DIGITALOC...)
6 2a03:b0c0:3:f... 14061 (DIGITALOC...)
1 18.208.28.111 14618 (AMAZON-AES)
22 54.229.249.57 16509 (AMAZON-02)
4 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
8 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 54.155.18.159 16509 (AMAZON-02)
2 143.204.215.67 16509 (AMAZON-02)
7 2a00:1450:400... 15169 (GOOGLE)
1 205.185.216.10 20446 (STACKPATH...)
3 52.72.67.212 14618 (AMAZON-AES)
5 2a00:1450:400... 15169 (GOOGLE)
9 2a00:1450:400... 15169 (GOOGLE)
1 2a02:2638:1::2 44788 (ASN-CRITE...)
1 2a02:2638::b 44788 (ASN-CRITE...)
1 4 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
7 2a02:2638:1::3 44788 (ASN-CRITE...)
1 178.250.0.160 44788 (ASN-CRITE...)
1 178.250.0.139 44788 (ASN-CRITE...)
2 178.250.2.150 44788 (ASN-CRITE...)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a04:4e42:62::84 54113 (FASTLY)
1 142.250.186.162 15169 (GOOGLE)
1 3 172.217.16.198 15169 (GOOGLE)
3 2600:1f18:143... 14618 (AMAZON-AES)
3 2a03:2880:f12... 32934 (FACEBOOK)
3 104.75.88.209 16625 (AKAMAI-AS)
1 2a04:4e42:200... 54113 (FASTLY)
1 4 2620:1ec:c11:... 8068 (MICROSOFT...)
1 2a02:26f0:350... 20940 (AKAMAI-ASN1)
1 142.250.186.130 15169 (GOOGLE)
3 3 2620:1ec:21::14 8068 (MICROSOFT...)
1 13.107.42.14 8068 (MICROSOFT...)
1 151.101.65.140 54113 (FASTLY)
2 2620:1ec:27::... 8075 (MICROSOFT...)
1 2 20.234.93.27 8075 (MICROSOFT...)
4 4 54.93.141.89 16509 (AMAZON-02)
3 3 104.18.19.126 13335 (CLOUDFLAR...)
1 20.96.88.162 8075 (MICROSOFT...)
3 3 13.248.245.213 16509 (AMAZON-02)
2 69.173.144.139 26667 (RUBICONPR...)
2 35.227.252.103 15169 (GOOGLE)
3 3 35.156.166.87 16509 (AMAZON-02)
2 52.223.40.198 16509 (AMAZON-02)
2 2 185.86.139.102 201081 (SMARTADSE...)
2 37.157.6.246 198622 (ADFORM)
2 23.47.208.212 16625 (AKAMAI-AS)
1 185.64.190.78 62713 (AS-PUBMATIC)
3 3 54.229.65.185 16509 (AMAZON-02)
3 3 54.220.105.73 16509 (AMAZON-02)
2 52.57.48.124 16509 (AMAZON-02)
2 216.52.2.39 30282 (AS-INAPCD...)
335 93
1    5.199.174.193 (Lithuania)

ASN16125 (CHERRYSERVERS1-AS, LT)
anpost-packageserviceacc.com
32    13.32.27.75 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-75.fra56.r.cloudfront.net
www.thestar.com
1    2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    13.32.121.118 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-118.fra60.r.cloudfront.net
prebid.the-ozone-project.com
11    65.9.66.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-18.fra56.r.cloudfront.net
e377.thestar.com
9    2a00:1450:4001:802::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
news.google.com
1    2a00:1450:4001:82b::200d (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
accounts.google.com
18    2600:9000:223c:3200:8:2ae1:d740:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.viafoura.net
3    2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
1    2606:4700::6812:451 (United States)

ASN13335 (CLOUDFLARENET, US)
be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app
8    23.47.209.169 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a23-47-209-169.deploy.static.akamaitechnologies.com
sejs.moatads.com
z.moatads.com
px.moatads.com
9    65.9.66.23 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-23.fra56.r.cloudfront.net
images.thestar.com
1    2606:2800:234:46c:e8b:1e2f:2bd:694 (United States)

ASN15133 (EDGECAST, US)
platform.twitter.com
2    199.232.16.157 (Vienna, Austria)

ASN54113 (FASTLY, US)
static.ads-twitter.com
2    54.146.242.28 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-146-242-28.compute-1.amazonaws.com
torstar.blueconic.net
5    142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net
securepubads.g.doubleclick.net
1    158.101.192.250 (Amsterdam, Netherlands)

ASN31898 (ORACLE-BMC-31898, US)
torstar.gscontxt.net
8    99.86.4.12 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-12.fra6.r.cloudfront.net
resources.thestar.com
1    2606:4700:20::ac43:490d (United States)

ASN13335 (CLOUDFLARENET, US)
static.app.delivery
9    2a00:1450:4001:829::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
6    34.96.102.137 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 137.102.96.34.bc.googleusercontent.com
dev.visualwebsiteoptimizer.com
1    108.138.2.210 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-2-210.fra56.r.cloudfront.net
d5phz18u4wuww.cloudfront.net
7    51.104.28.77 (London, United Kingdom)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
adserver.pressboard.ca
sr.studiostack.com
1    104.244.42.197 (United States)

ASN13414 (TWITTER, US)
t.co
1    104.244.42.195 (United States)

ASN13414 (TWITTER, US)
analytics.twitter.com
2    2a03:2880:f02d:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    99.86.4.2 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-2.fra6.r.cloudfront.net
sb.scorecardresearch.com
1    65.9.58.76 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-58-76.fra56.r.cloudfront.net
d1nxn87txdj54y.cloudfront.net
1    65.9.58.156 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-58-156.fra56.r.cloudfront.net
d1z2jf7jlzjs58.cloudfront.net
1    151.139.128.11 (United States)

ASN20446 (STACKPATH-CDN, US)
cdn.petametrics.com
4    65.9.71.118 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-71-118.fra56.r.cloudfront.net
c.amazon-adsystem.com
1    35.241.9.51 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 51.9.241.35.bc.googleusercontent.com
be54a597-6b6d-4e2d-9d31-642310a8db25.prmutv.co
4    37.252.172.250 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
7    34.107.254.252 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 252.254.107.34.bc.googleusercontent.com
api.permutive.com
7    2600:1f18:44f0:4840:c560:4469:324d:51db (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
api.viafoura.co
2    54.76.210.146 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-210-146.eu-west-1.compute.amazonaws.com
dpm.demdex.net
3    2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
3    2606:4700::6810:7baf (United States)

ASN13335 (CLOUDFLARENET, US)
unpkg.com
1    52.56.103.253 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-56-103-253.eu-west-2.compute.amazonaws.com
mb.moatads.com
1    65.9.61.60 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-61-60.fra56.r.cloudfront.net
cdn.parsely.com
4    35.190.14.224 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 224.14.190.35.bc.googleusercontent.com
query.petametrics.com
1    52.215.111.225 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-215-111-225.eu-west-1.compute.amazonaws.com
torontostarnewspaperslimited.demdex.net
2    15.236.176.210 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-15-236-176-210.eu-west-3.compute.amazonaws.com
s.thestar.com
1    52.31.107.150 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-31-107-150.eu-west-1.compute.amazonaws.com
cm.everesttech.net
2    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
3    2a00:1450:400c:c07::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
4    2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
4    2a03:b0c0:3:d0::be2:3001 (Frankfurt am Main, Germany)

ASN14061 (DIGITALOCEAN-ASN, US)
push.kumulos.com
6    2a03:b0c0:3:f0::1bc:5000 (Frankfurt am Main, Germany)

ASN14061 (DIGITALOCEAN-ASN, US)
events.kumulos.com
1    18.208.28.111 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-208-28-111.compute-1.amazonaws.com
api.parsely.com
22    54.229.249.57 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-229-249-57.eu-west-1.compute.amazonaws.com
elb.the-ozone-project.com
4    2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
8    2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
pagead2.googlesyndication.com
2    2a00:1450:4001:801::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
3e869b80fb739c3fe70c77a4a5201a0d.safeframe.googlesyndication.com
1    2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
3    54.155.18.159 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-155-18-159.eu-west-1.compute.amazonaws.com
p1.parsely.com
2    143.204.215.67 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-67.fra53.r.cloudfront.net
api.thestar.com
7    2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
play.google.com
1    205.185.216.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map2.hwcdn.net
media-cdn-eu-central-1.app.delivery
3    52.72.67.212 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-72-67-212.compute-1.amazonaws.com
livecomments.viafoura.co
i.viafoura.co
5    2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
cdn.ampproject.org
9    2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2a02:2638:1::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
rtb.nl.eu.criteo.com
1    2a02:2638::b (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
ads.eu.criteo.com
4    2a00:1450:4001:829::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
3    2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
7    2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
1    178.250.0.160 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
cat.fr.eu.criteo.com
1    178.250.0.139 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: pix.par.vip.prod.criteo.com
pix.eu.criteo.net
2    178.250.2.150 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
csm.eu.criteo.net
1    2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fundingchoicesmessages.google.com
2    2a04:4e42:62::84 (United States)

ASN54113 (FASTLY, US)
s.pinimg.com
1    142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net
www.googleadservices.com
3    172.217.16.198 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f198.1e100.net
10230056.fls.doubleclick.net
ad.doubleclick.net
3    2600:1f18:1430:9000:ddf8:1c6d:b9e9:24c0 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
pixel.thestar.com
3    2a03:2880:f12d:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
3    104.75.88.209 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-88-209.deploy.static.akamaitechnologies.com
ct.pinterest.com
1    2a04:4e42:200::396 (United States)

ASN54113 (FASTLY, US)
www.redditstatic.com
4    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.bing.com
c.bing.com
1    2a02:26f0:3500:16::215:14a0 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
snap.licdn.com
1    142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net
googleads4.g.doubleclick.net
3    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
www.linkedin.com
1    13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px4.ads.linkedin.com
1    151.101.65.140 (United States)

ASN54113 (FASTLY, US)
alb.reddit.com
2    2620:1ec:27::cafe:1774 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.clarity.ms
2    20.234.93.27 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.clarity.ms
4    54.93.141.89 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-93-141-89.eu-central-1.compute.amazonaws.com
x.bidswitch.net
3    104.18.19.126 (None, )

ASN13335 (CLOUDFLARENET, US)
ssum.casalemedia.com
1    20.96.88.162 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
k.clarity.ms
3    13.248.245.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
2    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
2    35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com
rtb.openx.net
3    35.156.166.87 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-166-87.eu-central-1.compute.amazonaws.com
ad2.360yield.com
2    52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
2    185.86.139.102 (France)

ASN201081 (SMARTADSERVER, FR)
ssbsync-global.smartadserver.com
2    37.157.6.246 (Denmark)

ASN198622 (ADFORM, DK)
cm.adform.net
2    23.47.208.212 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a23-47-208-212.deploy.static.akamaitechnologies.com
ads.pubmatic.com
1    185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
3    54.229.65.185 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-229-65-185.eu-west-1.compute.amazonaws.com
ads.avct.cloud
3    54.220.105.73 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-220-105-73.eu-west-1.compute.amazonaws.com
match.prod.bidr.io
2    52.57.48.124 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-48-124.eu-central-1.compute.amazonaws.com
match.sharethrough.com
2    216.52.2.39 (United States)

ASN30282 (AS-INAPCDN-OCY, US)
ap.lijit.com
Apex Domain
Subdomains		 Transfer
67 thestar.com
www.thestar.com — Cisco Umbrella Rank: 91448
e377.thestar.com — Cisco Umbrella Rank: 348522
images.thestar.com — Cisco Umbrella Rank: 137177
resources.thestar.com — Cisco Umbrella Rank: 197268
s.thestar.com — Cisco Umbrella Rank: 301632
api.thestar.com — Cisco Umbrella Rank: 347725
pixel.thestar.com — Cisco Umbrella Rank: 488195
2 MB
26 google.com
news.google.com — Cisco Umbrella Rank: 4836
accounts.google.com — Cisco Umbrella Rank: 117
region1.analytics.google.com — Cisco Umbrella Rank: 5381
adservice.google.com — Cisco Umbrella Rank: 98
play.google.com — Cisco Umbrella Rank: 50
www.google.com — Cisco Umbrella Rank: 10
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 2085
272 KB
25 the-ozone-project.com
prebid.the-ozone-project.com — Cisco Umbrella Rank: 23694
elb.the-ozone-project.com — Cisco Umbrella Rank: 8315
128 KB
18 viafoura.net
cdn.viafoura.net — Cisco Umbrella Rank: 10078
424 KB
17 googlesyndication.com
3e869b80fb739c3fe70c77a4a5201a0d.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 160
pagead2.googlesyndication.com — Cisco Umbrella Rank: 124
169 KB
15 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 222
stats.g.doubleclick.net — Cisco Umbrella Rank: 118
googleads.g.doubleclick.net — Cisco Umbrella Rank: 55
10230056.fls.doubleclick.net — Cisco Umbrella Rank: 412461
ad.doubleclick.net — Cisco Umbrella Rank: 214
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 313
183 KB
10 criteo.net
static.criteo.net — Cisco Umbrella Rank: 627
pix.eu.criteo.net — Cisco Umbrella Rank: 7159
csm.eu.criteo.net — Cisco Umbrella Rank: 7456
26 KB
10 kumulos.com
push.kumulos.com — Cisco Umbrella Rank: 175055
events.kumulos.com — Cisco Umbrella Rank: 133859
4 KB
10 viafoura.co
api.viafoura.co — Cisco Umbrella Rank: 10301
livecomments.viafoura.co — Cisco Umbrella Rank: 12309
i.viafoura.co — Cisco Umbrella Rank: 10265
7 KB
9 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 94
509 KB
9 moatads.com
sejs.moatads.com — Cisco Umbrella Rank: 5842
z.moatads.com — Cisco Umbrella Rank: 442
mb.moatads.com — Cisco Umbrella Rank: 670
px.moatads.com — Cisco Umbrella Rank: 468
144 KB
7 permutive.com
api.permutive.com — Cisco Umbrella Rank: 1737
858 B
6 studiostack.com
sr.studiostack.com — Cisco Umbrella Rank: 42538
26 KB
6 visualwebsiteoptimizer.com
dev.visualwebsiteoptimizer.com — Cisco Umbrella Rank: 5182
111 KB
5 clarity.ms
www.clarity.ms — Cisco Umbrella Rank: 547
c.clarity.ms — Cisco Umbrella Rank: 996
k.clarity.ms — Cisco Umbrella Rank: 5522
26 KB
5 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 374
109 KB
5 gstatic.com
www.gstatic.com
fonts.gstatic.com
128 KB
5 google.de
www.google.de — Cisco Umbrella Rank: 5596
adservice.google.de — Cisco Umbrella Rank: 8117
1 KB
5 parsely.com
cdn.parsely.com — Cisco Umbrella Rank: 2610
api.parsely.com — Cisco Umbrella Rank: 9651
p1.parsely.com — Cisco Umbrella Rank: 1973
28 KB
5 petametrics.com
cdn.petametrics.com — Cisco Umbrella Rank: 11087
query.petametrics.com — Cisco Umbrella Rank: 12280
46 KB
4 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 292
3 KB
4 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 361
www.linkedin.com — Cisco Umbrella Rank: 491
px4.ads.linkedin.com — Cisco Umbrella Rank: 5619
3 KB
4 bing.com
bat.bing.com — Cisco Umbrella Rank: 351
c.bing.com — Cisco Umbrella Rank: 195
13 KB
4 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 238
3 KB
4 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 323
45 KB
3 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 494
1 KB
3 avct.cloud
ads.avct.cloud — Cisco Umbrella Rank: 2831
1 KB
3 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 496
image6.pubmatic.com — Cisco Umbrella Rank: 636
12 KB
3 360yield.com
ad2.360yield.com — Cisco Umbrella Rank: 17329
913 B
3 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 411
1 KB
3 casalemedia.com
ssum.casalemedia.com — Cisco Umbrella Rank: 1365
3 KB
3 pinterest.com
ct.pinterest.com — Cisco Umbrella Rank: 763
2 KB
3 facebook.com
www.facebook.com — Cisco Umbrella Rank: 100
416 B
3 criteo.com
rtb.nl.eu.criteo.com — Cisco Umbrella Rank: 11084
ads.eu.criteo.com — Cisco Umbrella Rank: 7034
cat.fr.eu.criteo.com — Cisco Umbrella Rank: 9265
38 KB
3 unpkg.com
unpkg.com — Cisco Umbrella Rank: 878
2 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 52
20 KB
3 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 188
torontostarnewspaperslimited.demdex.net — Cisco Umbrella Rank: 237615
5 KB
3 cloudfront.net
d5phz18u4wuww.cloudfront.net
d1nxn87txdj54y.cloudfront.net
d1z2jf7jlzjs58.cloudfront.net
58 KB
3 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 187
100 KB
2 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 679
554 B
2 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 521
69 B
2 adform.net
cm.adform.net — Cisco Umbrella Rank: 1657
211 B
2 smartadserver.com
ssbsync-global.smartadserver.com — Cisco Umbrella Rank: 2001
710 B
2 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 381
529 B
2 openx.net
rtb.openx.net — Cisco Umbrella Rank: 1516
486 B
2 rubiconproject.com
pixel.rubiconproject.com — Cisco Umbrella Rank: 326
478 B
2 pinimg.com
s.pinimg.com — Cisco Umbrella Rank: 756
19 KB
2 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 145
2 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 155
167 KB
2 app.delivery
static.app.delivery — Cisco Umbrella Rank: 731998
media-cdn-eu-central-1.app.delivery
49 KB
2 blueconic.net
torstar.blueconic.net — Cisco Umbrella Rank: 288491
2 KB
2 ads-twitter.com
static.ads-twitter.com — Cisco Umbrella Rank: 609
30 KB
2 twitter.com
platform.twitter.com — Cisco Umbrella Rank: 674
analytics.twitter.com — Cisco Umbrella Rank: 506
749 B
1 reddit.com
alb.reddit.com — Cisco Umbrella Rank: 1411
157 B
1 licdn.com
snap.licdn.com — Cisco Umbrella Rank: 734
3 KB
1 redditstatic.com
www.redditstatic.com — Cisco Umbrella Rank: 1300
8 KB
1 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 125
15 KB
1 everesttech.net
cm.everesttech.net — Cisco Umbrella Rank: 816
517 B
1 prmutv.co
be54a597-6b6d-4e2d-9d31-642310a8db25.prmutv.co — Cisco Umbrella Rank: 297978
394 B
1 t.co
t.co — Cisco Umbrella Rank: 445
337 B
1 pressboard.ca
adserver.pressboard.ca — Cisco Umbrella Rank: 57378
789 B
1 gscontxt.net
torstar.gscontxt.net — Cisco Umbrella Rank: 251289
314 B
1 permutive.app
be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app — Cisco Umbrella Rank: 257647
129 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 67
1 KB
1 anpost-packageserviceacc.com
anpost-packageserviceacc.com
333 B
0 districtm.io Failed
dmx.districtm.io Failed
335 66
Domain Requested by
32 www.thestar.com 1 redirects www.thestar.com
22 elb.the-ozone-project.com prebid.the-ozone-project.com
elb.the-ozone-project.com
18 cdn.viafoura.net www.thestar.com
cdn.viafoura.net
11 e377.thestar.com www.thestar.com
e377.thestar.com
9 tpc.googlesyndication.com www.thestar.com
3e869b80fb739c3fe70c77a4a5201a0d.safeframe.googlesyndication.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
9 www.googletagmanager.com www.thestar.com
www.googletagmanager.com
9 images.thestar.com www.thestar.com
9 news.google.com www.thestar.com
news.google.com
www.gstatic.com
8 resources.thestar.com www.thestar.com
resources.thestar.com
7 static.criteo.net ads.eu.criteo.com
7 play.google.com www.gstatic.com
7 api.viafoura.co cdn.viafoura.net
7 api.permutive.com be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app
6 pagead2.googlesyndication.com www.googletagservices.com
securepubads.g.doubleclick.net
ad.doubleclick.net
tpc.googlesyndication.com
6 events.kumulos.com static.app.delivery
6 sr.studiostack.com adserver.pressboard.ca
sr.studiostack.com
6 dev.visualwebsiteoptimizer.com www.thestar.com
dev.visualwebsiteoptimizer.com
d5phz18u4wuww.cloudfront.net
5 px.moatads.com www.thestar.com
5 cdn.ampproject.org securepubads.g.doubleclick.net
5 securepubads.g.doubleclick.net www.googletagservices.com
securepubads.g.doubleclick.net
www.thestar.com
4 x.bidswitch.net 4 redirects
4 www.google.com 1 redirects www.thestar.com
tpc.googlesyndication.com
4 www.gstatic.com news.google.com
www.gstatic.com
4 push.kumulos.com static.app.delivery
4 www.google.de www.thestar.com
4 query.petametrics.com www.thestar.com
4 ib.adnxs.com 3 redirects be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app
4 c.amazon-adsystem.com www.thestar.com
c.amazon-adsystem.com
3 match.prod.bidr.io 3 redirects
3 ads.avct.cloud 3 redirects
3 ad2.360yield.com 3 redirects
3 eb2.3lift.com 3 redirects
3 ssum.casalemedia.com 3 redirects
3 bat.bing.com www.googletagmanager.com
bat.bing.com
3 ct.pinterest.com s.pinimg.com
www.thestar.com
3 www.facebook.com www.thestar.com
3 pixel.thestar.com connect.facebook.net
3 googleads.g.doubleclick.net www.thestar.com
www.googleadservices.com
3 p1.parsely.com cdn.parsely.com
www.thestar.com
3 stats.g.doubleclick.net www.googletagmanager.com
www.google-analytics.com
3 unpkg.com 2 redirects www.thestar.com
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
3 www.googletagservices.com www.thestar.com
3e869b80fb739c3fe70c77a4a5201a0d.safeframe.googlesyndication.com
3 prebid.the-ozone-project.com www.thestar.com
prebid.the-ozone-project.com
2 ap.lijit.com
2 match.sharethrough.com
2 ads.pubmatic.com elb.the-ozone-project.com
2 cm.adform.net elb.the-ozone-project.com
2 ssbsync-global.smartadserver.com 2 redirects
2 match.adsrvr.org elb.the-ozone-project.com
2 rtb.openx.net elb.the-ozone-project.com
2 pixel.rubiconproject.com
2 c.clarity.ms 1 redirects
2 www.clarity.ms bat.bing.com
www.clarity.ms
2 px.ads.linkedin.com 2 redirects
2 10230056.fls.doubleclick.net 1 redirects www.googletagmanager.com
2 s.pinimg.com www.thestar.com
s.pinimg.com
2 csm.eu.criteo.net ads.eu.criteo.com
2 livecomments.viafoura.co cdn.viafoura.net
2 api.thestar.com www.thestar.com
2 3e869b80fb739c3fe70c77a4a5201a0d.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 adservice.google.com securepubads.g.doubleclick.net
10230056.fls.doubleclick.net
2 region1.analytics.google.com www.googletagmanager.com
2 s.thestar.com resources.thestar.com
2 dpm.demdex.net resources.thestar.com
www.thestar.com
2 sb.scorecardresearch.com www.thestar.com
2 connect.facebook.net www.thestar.com
connect.facebook.net
2 z.moatads.com www.thestar.com
sejs.moatads.com
2 torstar.blueconic.net e377.thestar.com
2 static.ads-twitter.com www.thestar.com
1 image6.pubmatic.com ads.pubmatic.com
1 k.clarity.ms www.clarity.ms
1 c.bing.com 1 redirects
1 alb.reddit.com
1 px4.ads.linkedin.com
1 www.linkedin.com 1 redirects
1 googleads4.g.doubleclick.net ad.doubleclick.net
1 ad.doubleclick.net www.thestar.com
1 snap.licdn.com www.googletagmanager.com
1 www.redditstatic.com www.googletagmanager.com
1 www.googleadservices.com www.googletagmanager.com
1 fundingchoicesmessages.google.com www.thestar.com
1 pix.eu.criteo.net ads.eu.criteo.com
1 cat.fr.eu.criteo.com ads.eu.criteo.com
1 ads.eu.criteo.com 3e869b80fb739c3fe70c77a4a5201a0d.safeframe.googlesyndication.com
1 rtb.nl.eu.criteo.com www.thestar.com
1 i.viafoura.co cdn.viafoura.net
1 media-cdn-eu-central-1.app.delivery www.thestar.com
1 fonts.gstatic.com news.google.com
1 adservice.google.de securepubads.g.doubleclick.net
1 api.parsely.com www.thestar.com
1 cm.everesttech.net 1 redirects
1 torontostarnewspaperslimited.demdex.net resources.thestar.com
1 cdn.parsely.com d1z2jf7jlzjs58.cloudfront.net
1 mb.moatads.com sejs.moatads.com
1 be54a597-6b6d-4e2d-9d31-642310a8db25.prmutv.co be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app
1 cdn.petametrics.com www.thestar.com
1 d1z2jf7jlzjs58.cloudfront.net www.thestar.com
1 d1nxn87txdj54y.cloudfront.net www.thestar.com
1 analytics.twitter.com www.thestar.com
1 t.co www.thestar.com
1 adserver.pressboard.ca www.thestar.com
1 d5phz18u4wuww.cloudfront.net www.thestar.com
1 static.app.delivery www.thestar.com
1 torstar.gscontxt.net www.thestar.com
1 platform.twitter.com 1 redirects
1 sejs.moatads.com www.thestar.com
1 be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app www.thestar.com
1 accounts.google.com www.thestar.com
1 fonts.googleapis.com www.thestar.com
1 anpost-packageserviceacc.com 1 redirects
0 dmx.districtm.io Failed
335 112
Subject Issuer Validity Valid
*.thestar.com
Trustwave Organization Validation SHA256 CA, Level 1		 2021-09-20 -
2022-10-19		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-07-18 -
2022-10-10		 3 months crt.sh
*.the-ozone-project.com
Amazon		 2021-12-23 -
2023-01-20		 a year crt.sh
bc.niagarafallsreview.ca
Amazon		 2022-02-28 -
2023-03-29		 a year crt.sh
*.news.google.com
GTS CA 1C3		 2022-07-18 -
2022-10-10		 3 months crt.sh
accounts.google.com
GTS CA 1C3		 2022-07-18 -
2022-10-10		 3 months crt.sh
viafoura.com
Amazon		 2021-10-07 -
2022-11-05		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-07-18 -
2022-10-10		 3 months crt.sh
permutive.app
Cloudflare Inc ECC CA-3		 2022-07-15 -
2022-10-13		 3 months crt.sh
moatads.com
DigiCert SHA2 Secure Server CA		 2021-11-27 -
2022-11-29		 a year crt.sh
*.blueconic.net
Amazon		 2022-07-08 -
2023-08-06		 a year crt.sh
*.gscontxt.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-12-08 -
2022-12-08		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-06 -
2023-06-05		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-07-18 -
2022-10-10		 3 months crt.sh
*.visualwebsiteoptimizer.com
Starfield Secure Certificate Authority - G2		 2022-07-04 -
2023-08-05		 a year crt.sh
*.cloudfront.net
Amazon		 2022-02-01 -
2023-01-31		 a year crt.sh
*.pressboard.ca
Go Daddy Secure Certificate Authority - G2		 2022-03-17 -
2023-03-17		 a year crt.sh
t.co
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-03-07 -
2023-03-06		 a year crt.sh
*.twitter.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-03-07 -
2023-03-06		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-05-26 -
2022-08-24		 3 months crt.sh
*.scorecardresearch.com
Amazon		 2022-01-29 -
2023-02-27		 a year crt.sh
cdn.liftigniter.com
R3		 2022-07-01 -
2022-09-29		 3 months crt.sh
c.amazon-adsystem.com
Amazon		 2022-05-09 -
2023-04-18		 a year crt.sh
*.prmutv.co
R3		 2022-07-04 -
2022-10-02		 3 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
api.permutive.com
R3		 2022-06-19 -
2022-09-17		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-07-18 -
2022-10-10		 3 months crt.sh
*.demdex.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-10-19 -
2022-11-19		 a year crt.sh
*.moatads.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-06-13 -
2023-07-05		 a year crt.sh
*.parsely.com
Amazon		 2022-06-05 -
2023-07-04		 a year crt.sh
*.liftigniter.com
R3		 2022-08-10 -
2022-11-08		 3 months crt.sh
s.thestar.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-07-22 -
2023-08-22		 a year crt.sh
www.google.de
GTS CA 1C3		 2022-07-18 -
2022-10-10		 3 months crt.sh
*.studiostack.com
Go Daddy Secure Certificate Authority - G2		 2021-11-16 -
2022-12-18		 a year crt.sh
*.kumulos.com
Sectigo RSA Domain Validation Secure Server CA		 2022-05-03 -
2023-06-02		 a year crt.sh
*.ozpr.net
Amazon		 2022-05-08 -
2023-06-06		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2022-07-18 -
2022-10-10		 3 months crt.sh
*.google.de
GTS CA 1C3		 2022-07-18 -
2022-10-10		 3 months crt.sh
*.app.delivery
Sectigo RSA Domain Validation Secure Server CA		 2022-03-18 -
2023-03-25		 a year crt.sh
misc-sni.google.com
GTS CA 1C3		 2022-07-18 -
2022-10-10		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-08-01 -
2022-10-24		 3 months crt.sh
*.nl.eu.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-08-02 -
2022-11-01		 3 months crt.sh
*.eu.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-08-03 -
2022-11-05		 3 months crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-06-21 -
2022-09-23		 3 months crt.sh
*.fr.eu.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-07-22 -
2022-10-19		 3 months crt.sh
*.eu.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-06-12 -
2022-09-12		 3 months crt.sh
ads-twitter.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-07-22 -
2023-08-22		 a year crt.sh
*.pinterest.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-07-28 -
2023-08-08		 a year crt.sh
www.googleadservices.com
GTS CA 1C3		 2022-07-18 -
2022-10-10		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-07-18 -
2022-10-10		 3 months crt.sh
pixel.thestar.com
Amazon		 2022-06-08 -
2023-07-07		 a year crt.sh
www.redditstatic.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-07-03 -
2022-12-30		 6 months crt.sh
www.bing.com
Microsoft RSA TLS CA 01		 2022-06-10 -
2022-12-10		 6 months crt.sh
snap.licdn.com
DigiCert SHA2 Secure Server CA		 2022-03-01 -
2023-03-01		 a year crt.sh
*.reddit.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-07-03 -
2022-12-30		 6 months crt.sh
www.clarity.ms
DigiCert TLS RSA SHA256 2020 CA1		 2022-02-27 -
2023-02-27		 a year crt.sh
a.clarity.ms
Microsoft Azure TLS Issuing CA 02		 2022-06-07 -
2023-06-02		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-08 -
2023-04-04		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2022-07-21 -
2023-08-21		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
*.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-05-18 -
2023-06-16		 a year crt.sh
*.pubmatic.com
DigiCert SHA2 Secure Server CA		 2022-02-04 -
2023-02-03		 a year crt.sh
*.sharethrough.com
Amazon		 2022-07-14 -
2023-08-12		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2022-06-27 -
2023-06-05		 a year crt.sh

This page contains 17 frames:

Primary Page: https://www.thestar.com/life/fashion_style/2022/08/04/we-put-walking-sandals-to-the-testthese-are-the-comfiest.html
Frame ID: 765029931A601F33E40C75291EA6FE1A
Requests: 230 HTTP requests in this frame

Frame: https://z.moatads.com/hd09824092/iframe.html
Frame ID: 3A2E07A262D6512E97104FDCAE9573BD
Requests: 1 HTTP requests in this frame

Frame: https://torontostarnewspaperslimited.demdex.net/dest5.html?d_nsid=0
Frame ID: 4D28411B7B3855FE0AA6F133C0815C1C
Requests: 1 HTTP requests in this frame

Frame: https://news.google.com/swg/_/ui/v1/serviceiframe?_=461297&publicationId=thestar.com
Frame ID: D5EABDF0B3F9B2AAC4BAD5CCD5C3FFF7
Requests: 13 HTTP requests in this frame

Frame: https://3e869b80fb739c3fe70c77a4a5201a0d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 6B1B668F96E01CC4464279528302F552
Requests: 1 HTTP requests in this frame

Frame: https://3e869b80fb739c3fe70c77a4a5201a0d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 479A49FC19748D9C88CA3ACDF6C69C57
Requests: 9 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012208081650000/amp4ads-v0.mjs
Frame ID: A8D53C7AB389463F0B9FF04376D153D9
Requests: 11 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=YvvNMgAAHI8H_ZJvAAmMvVTmOBSXT03MigqvsQ&u=%7C3HeV1rQd8EC6VQLnJzcYrVX9wOJS8jKl1jX6a7%2Fg46w%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNy44cDHK1QYNdJ71gdyCWvw29y1GxtacI6iVoVnLQ5srUOwC-sDBJIjvRCy3Ss-Bi6F_OC2w-79Z30sQv00aZb-fPrhYlE2XtOou9BpcLwjD7-93109M19SrCTDA_rPfQ3PAD4mROtqPRh2YZkQ2yYxj3fCxZndjop8Xu36sasRzQgayIxX228vWIo6pnebAF7NQ6UL6KqjjrkhKSpk9_5vjcOIQdT1o-9sW33mZ-awoV8aK3-DXsl7ksd4--hYZN9xydHjZBdAx_aLhItzn3yse6NoPtH3jCU0d_xZ-cIzTg16j3MsJhHi9QyrEBLueZT7j9l7Zqn_UrDZcuRujrXijMqhD1kTaFKSMUzkeVv4UlzCU-qqEt15bPB0vHTMWDGFhhW3Qpa1GDm5VZT4R9ZvaLBgrhRd0XpSS_lY2180HRna9xaTPDPZB5wje_97eY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCU6L4Ms37Yo8576T27w-9mabgBsme0rFc1Z2R93DAjbcBEAEgAGCVgoCAuAeCARdjYS1wdWItODE4ODQzMTQyNTUwOTk5N6AB1bbS6gPIAQmpApVihx8d_bA-4AIAqAMBqgTPAk_Q-JxocMsHXD4laZaw1PMgWHPh8ZRk5m204ApuksGRs3e2mgE-QVuKHyoP_Eal_rHLdngiBd-2Kg2oIwdQ1OSyweLzqp61P83lWbHmfWEemPh_ncQ8oLVLKcPTIGxAjQF2qfJ3aMuJNCsQT_aYns55xALgYLZ1GxVxX-O_PjloYGccfANCtfDGyS5v7Kmy7QLoUoyjsfI569WL0XwHOAh9H6vScchogr3XOZr9ETE2MzLQyzGMlaDGOK63nysYgeL2FzcokMlqKh7XtQdM-AHpKPH-7uB4R4cxBErv4IRiZ5E-WOcPSiqj2Gr9oDLymTe8-MGlf6JYisZjqzPej529yR-WHbWVdKOmRe7zxVvJHlKNRw576CY_UrZ0BdG1wYDq5QCyTzaaziYZ9qD3HToanvPffFrNrdsUK70ZZVdYcUlXfQXrM8EcAl6P1jpf4AQBgAam_oaGmJGMu4wBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YBwEAEyAusCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0pUljc0RovCd6biq1i4vBrkkh10w%26client%3Dca-pub-8188431425509997%26adurl%3D
Frame ID: B47D384B04831B6D67DF5A58C6E49B17
Requests: 12 HTTP requests in this frame

Frame: https://10230056.fls.doubleclick.net/activityi;dc_pre=CJrKi__qy_kCFQaDsgodNVsBmA;src=10230056;type=ret01;cat=land01;ord=4249113266396;gtm=2od8f0;auiddc=1902954935.1660669236;~oref=https%3A%2F%2Fwww.thestar.com%2Flife%2Ffashion_style%2F2022%2F08%2F04%2Fwe-put-walking-sandals-to-the-testthese-are-the-comfiest.html
Frame ID: B177B6880589BC2CDC2F04D652AAC4DC
Requests: 2 HTTP requests in this frame

Frame: https://ct.pinterest.com/ct.html
Frame ID: 2B835D0B2815555B1C8FCB422EF7AB16
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 490A76E52E2D16945D6EF9764C2C5C12
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: E1AEC4910BCE599AFA5CA955FBFA0C99
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 2745AA7F2F103E202E302CF9F622D1E9
Requests: 2 HTTP requests in this frame

Frame: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&pubcid=4b28e856-d3ee-4c5c-9100-0b58357fb496&publisherId=TKN100000001&siteId=4204204311&cb=1660669234119&bidder=ozone
Frame ID: E8415C3E198AEAFCD42C651CA0F2C1B9
Requests: 17 HTTP requests in this frame

Frame: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&pubcid=4b28e856-d3ee-4c5c-9100-0b58357fb496&publisherId=TKN100000001&siteId=4204204311&cb=1660669234044&bidder=ozone
Frame ID: 551E89B8B3AC26EFB92BDEF0D6E7A240
Requests: 17 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&predirect=&us_privacy=pbs-ozonehttps%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D
Frame ID: 63FA162D0299B2D2954E99D66407506A
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&predirect=&us_privacy=pbs-ozonehttps%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D
Frame ID: FBF2CC271D9EA62071EADB62A3990030
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

We put walking sandals to the test—these are the comfiest | The Star

Page URL History Show full URLs

  1. http://anpost-packageserviceacc.com/?entity=1159706 HTTP 302
    https://www.thestar.com/life/fashion_style/2022/08/04/we-put-walking-sandals-to-the-testthese-are-th... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • accounts\.google\.com/gsi/client
Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <[^>]+data-react
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • snap\.licdn\.com/li\.lms-analytics/insight\.min\.js
Overall confidence: 100%
Detected patterns
  • moatads\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • dev\.visualwebsiteoptimizer\.com/?([\d.]+)
Overall confidence: 100%
Detected patterns
  • <iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
  • \.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

Page Statistics

335
Requests

92 %
HTTPS

39 %
IPv6

66
Domains

112
Subdomains

93
IPs

11
Countries

5123 kB
Transfer

15442 kB
Size

103
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://anpost-packageserviceacc.com/?entity=1159706 HTTP 302
    https://www.thestar.com/life/fashion_style/2022/08/04/we-put-walking-sandals-to-the-testthese-are-the-comfiest.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 39
  • https://platform.twitter.com/oct.js HTTP 301
  • https://static.ads-twitter.com/oct.js
Request Chain 85
  • https://unpkg.com/web-vitals HTTP 302
  • https://unpkg.com/web-vitals@2.1.4 HTTP 302
  • https://unpkg.com/web-vitals@2.1.4/dist/web-vitals.umd.js
Request Chain 96
  • https://cm.everesttech.net/cm/dd?d_uuid=38307470517095815212402362963637825534 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=YvvNMQAAAIle0wOV
Request Chain 121
  • https://www.thestar.com/assets/img/indicator-icon.svg HTTP 302
  • https://www.thestar.com/assets/img/indicator-icon.svg?rf
Request Chain 219
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 248
  • https://10230056.fls.doubleclick.net/activityi;src=10230056;type=ret01;cat=land01;ord=4249113266396;gtm=2od8f0;auiddc=1902954935.1660669236;~oref=https%3A%2F%2Fwww.thestar.com%2Flife%2Ffashion_style%2F2022%2F08%2F04%2Fwe-put-walking-sandals-to-the-testthese-are-the-comfiest.html HTTP 302
  • https://10230056.fls.doubleclick.net/activityi;dc_pre=CJrKi__qy_kCFQaDsgodNVsBmA;src=10230056;type=ret01;cat=land01;ord=4249113266396;gtm=2od8f0;auiddc=1902954935.1660669236;~oref=https%3A%2F%2Fwww.thestar.com%2Flife%2Ffashion_style%2F2022%2F08%2F04%2Fwe-put-walking-sandals-to-the-testthese-are-the-comfiest.html
Request Chain 280
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1671964&time=1660669236267&url=https%3A%2F%2Fwww.thestar.com%2Flife%2Ffashion_style%2F2022%2F08%2F04%2Fwe-put-walking-sandals-to-the-testthese-are-the-comfiest.html HTTP 302
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1671964%26time%3D1660669236267%26url%3Dhttps%253A%252F%252Fwww.thestar.com%252Flife%252Ffashion_style%252F2022%252F08%252F04%252Fwe-put-walking-sandals-to-the-testthese-are-the-comfiest.html%26liSync%3Dtrue HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1671964&time=1660669236267&url=https%3A%2F%2Fwww.thestar.com%2Flife%2Ffashion_style%2F2022%2F08%2F04%2Fwe-put-walking-sandals-to-the-testthese-are-the-comfiest.html&liSync=true HTTP 302
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1671964&time=1660669236267&url=https%3A%2F%2Fwww.thestar.com%2Flife%2Ffashion_style%2F2022%2F08%2F04%2Fwe-put-walking-sandals-to-the-testthese-are-the-comfiest.html&liSync=true&e_ipv6=AQKDjOtb1srqcwAAAYKnmZZdNW_y0X-OGF26ziBLZhpSigj5I-tGJ39HXVa53PQh3H9avog
Request Chain 293
  • https://c.clarity.ms/c.gif HTTP 302
  • https://c.bing.com/c.gif?CtsSyncId=973219FCA36E46E9B90A172782667F6E&RedC=c.clarity.ms&MXFR=3B31184E7B1062FB27860A4C7F106C48 HTTP 302
  • https://c.clarity.ms/c.gif?CtsSyncId=973219FCA36E46E9B90A172782667F6E&MUID=23EF1D17A9E562273B8B0F15A86E635D
Request Chain 299
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dgrid%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24%7BBSW_UUID%7D?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone HTTP 302
  • https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dgrid%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24%7BBSW_UUID%7D?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone HTTP 302
  • https://elb.the-ozone-project.com/setuid?bidder=grid&gdpr=0&gdpr_consent=&uid=12691a29-4fe2-4350-b6a4-4f8ca997b087
Request Chain 300
  • https://ssum.casalemedia.com/usermatchredir?us_privacy=pbs-ozone&gdpr=0&gdpr_consent=&s=189937&cb=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dix%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%26us_privacy%3Dpbs-ozone HTTP 302
  • https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dix%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%26us_privacy%3Dpbs-ozone&gdpr=0&gdpr_consent=&s=189937&us_privacy=pbs-ozone&C=1 HTTP 302
  • https://elb.the-ozone-project.com/setuid?bidder=ix&gdpr=0&gdpr_consent=&uid=&us_privacy=pbs-ozoneYvvNNewqMGMwGFBzmTJ-rQAA%261205
Request Chain 302
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dgrid%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24%7BBSW_UUID%7D?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone HTTP 302
  • https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dgrid%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24%7BBSW_UUID%7D?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone HTTP 302
  • https://elb.the-ozone-project.com/setuid?bidder=grid&gdpr=0&gdpr_consent=&uid=5657c987-b0f6-4078-9e40-4d8c856d0e07
Request Chain 304
  • https://eb2.3lift.com/getuid?gdpr=0&cmp_cs=&us_privacy=pbs-ozone&redir=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID HTTP 302
  • https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=pbs-ozone&redir=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID HTTP 302
  • https://elb.the-ozone-project.com/setuid?bidder=triplelift&gdpr=0&gdpr_consent=&uid=3251217969106455611512
Request Chain 308
  • https://ssum.casalemedia.com/usermatchredir?us_privacy=pbs-ozone&gdpr=0&gdpr_consent=&s=189937&cb=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dix%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%26us_privacy%3Dpbs-ozone HTTP 302
  • https://elb.the-ozone-project.com/setuid?bidder=ix&gdpr=0&gdpr_consent=&uid=&us_privacy=pbs-ozoneYvvNNewqMGMwGFBzmTJ-rQAA%261205
Request Chain 309
  • https://ad2.360yield.com/server_match?r=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dimprovedigital%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%7BPUB_USER_ID%7D HTTP 302
  • https://ad2.360yield.com/ul_cb/server_match?r=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dimprovedigital%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%7BPUB_USER_ID%7D HTTP 302
  • https://elb.the-ozone-project.com/setuid?bidder=improvedigital&gdpr=0&gdpr_consent=&uid=1ce2c8aa-3670-4756-adeb-bb3d67dfdc39
Request Chain 311
  • https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&redirectUri=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dsmart%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D%5Bssb_sync_pid%5D HTTP 302
  • https://elb.the-ozone-project.com/setuid?bidder=smart&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=7628554842303151126
Request Chain 312
  • https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&redirectUri=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dsmart%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D%5Bssb_sync_pid%5D HTTP 302
  • https://elb.the-ozone-project.com/setuid?bidder=smart&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=56219709213818000
Request Chain 320
  • https://ads.avct.cloud/getuid?&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&url=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Davocet%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%7B%7BUUID%7D%7D HTTP 307
  • https://ads.avct.cloud/getuid?bounce=true&&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&url=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Davocet%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%7B%7BUUID%7D%7D HTTP 302
  • https://elb.the-ozone-project.com/setuid?bidder=avocet&gdpr=0&gdpr_consent=&uid=185e978a-4192-4790-98c5-8593a9a0fa63
Request Chain 321
  • https://match.prod.bidr.io/cookie-sync/ozo?url=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dbeeswax%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID HTTP 303
  • https://match.prod.bidr.io/cookie-sync/ozo?url=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dbeeswax%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID&_bee_ppp=1 HTTP 303
  • https://elb.the-ozone-project.com/setuid?bidder=beeswax&uid=AAFLZk7F95oAAA_x-bCWIw
Request Chain 325
  • https://ad2.360yield.com/server_match?r=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dimprovedigital%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%7BPUB_USER_ID%7D HTTP 302
  • https://elb.the-ozone-project.com/setuid?bidder=improvedigital&gdpr=0&gdpr_consent=&uid=1ce2c8aa-3670-4756-adeb-bb3d67dfdc39
Request Chain 327
  • https://ib.adnxs.com/getuid?https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dadnxs%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Felb.the-ozone-project.com%252Fsetuid%253Fbidder%253Dadnxs%2526gdpr%253D0%2526gdpr_consent%253D%2526uid%253D%2524UID HTTP 302
  • https://elb.the-ozone-project.com/setuid?bidder=adnxs&gdpr=0&gdpr_consent=&uid=467047975042094708
Request Chain 330
  • https://ads.avct.cloud/getuid?&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&url=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Davocet%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%7B%7BUUID%7D%7D HTTP 302
  • https://elb.the-ozone-project.com/setuid?bidder=avocet&gdpr=0&gdpr_consent=&uid=185e978a-4192-4790-98c5-8593a9a0fa63
Request Chain 332
  • https://match.prod.bidr.io/cookie-sync/ozo?url=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dbeeswax%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID HTTP 303
  • https://elb.the-ozone-project.com/setuid?bidder=beeswax&uid=AAFLZk7F95oAAA_x-bCWIw
Request Chain 333
  • https://eb2.3lift.com/getuid?gdpr=0&cmp_cs=&us_privacy=pbs-ozone&redir=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID HTTP 302
  • https://elb.the-ozone-project.com/setuid?bidder=triplelift&gdpr=0&gdpr_consent=&uid=3251217969106455611512
Request Chain 334
  • https://ib.adnxs.com/getuid?https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dadnxs%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID HTTP 302
  • https://elb.the-ozone-project.com/setuid?bidder=adnxs&gdpr=0&gdpr_consent=&uid=467047975042094708

335 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request we-put-walking-sandals-to-the-testthese-are-the-comfiest.html
www.thestar.com/life/fashion_style/2022/08/04/
Redirect Chain
  • http://anpost-packageserviceacc.com/?entity=1159706
  • https://www.thestar.com/life/fashion_style/2022/08/04/we-put-walking-sandals-to-the-testthese-are-the-comfiest.html
213 KB
45 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.thestar.com/life/fashion_style/2022/08/04/we-put-walking-sandals-to-the-testthese-are-the-comfiest.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-75.fra56.r.cloudfront.net
Software
Apache/2.4.54 (Unix) OpenSSL/1.1.1n / Express
Resource Hash
bd74abe65ed981fd89a2fed077bda1d7ac301bdbcff349e28765ea5d2f694673
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
https://amp.thestar.com
cache-control
max-age=180
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Tue, 16 Aug 2022 17:00:30 GMT
etag
W/"3523f-jrcozbD4cFRHEagEgdUwUO6VeZ0"
server
Apache/2.4.54 (Unix) OpenSSL/1.1.1n
vary
Accept-Encoding
via
1.1 747e99d9d8c5e29fdc713cf866bc3f82.cloudfront.net (CloudFront)
x-amz-cf-id
gr-7IEt_LIrlOX3yCLldSYZQQdPRog2pWuy5jw7hWi29TZRDre4lXg==
x-amz-cf-pop
FRA56-C2
x-cache
Miss from cloudfront
x-frame-options
SAMEORIGIN
x-powered-by
Express

Redirect headers

Connection
Keep-Alive
Content-Length
0
Content-Type
text/html; charset=UTF-8
Date
Tue, 16 Aug 2022 17:00:29 GMT
Keep-Alive
timeout=5, max=100
Location
https://www.thestar.com/life/fashion_style/2022/08/04/we-put-walking-sandals-to-the-testthese-are-the-comfiest.html
Server
Apache/2.4.41 (Ubuntu)
css2
fonts.googleapis.com/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@500&display=swap
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/life/fashion_style/2022/08/04/we-put-walking-sandals-to-the-testthese-are-the-comfiest.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3b542bc706a41d36ca02e27cc3a6165104c2b7fdc57aa9a23ca63e164495c2c8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 16 Aug 2022 15:08:51 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 16 Aug 2022 17:00:30 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 16 Aug 2022 17:00:30 GMT
TorstarTextO3-Roman.ttf
www.thestar.com/assets/fonts/ 		24 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.thestar.com/assets/fonts/TorstarTextO3-Roman.ttf
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/life/fashion_style/2022/08/04/we-put-walking-sandals-to-the-testthese-are-the-comfiest.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-75.fra56.r.cloudfront.net
Software
Apache/2.4.54 (Unix) OpenSSL/1.1.1n / Express
Resource Hash
502a19bd8010b390245ee5ce7cab84a4250da24d548828b555a53a68cfbd8db9
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.thestar.com/life/fashion_style/2022/08/04/we-put-walking-sandals-to-the-testthese-are-the-comfiest.html
Origin
https://www.thestar.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 14:46:19 GMT
content-encoding
gzip
age
8051
x-powered-by
Express
x-cache
Hit from cloudfront
access-control-allow-origin
https://amp.thestar.com
last-modified
Fri, 12 Aug 2022 16:04:16 GMT
server
Apache/2.4.54 (Unix) OpenSSL/1.1.1n
x-frame-options
SAMEORIGIN
etag
W/"6028-18292cc9000"
vary
Accept-Encoding
content-type
font/ttf
via
1.1 747e99d9d8c5e29fdc713cf866bc3f82.cloudfront.net (CloudFront)
cache-control
max-age=14400
x-amz-cf-pop
FRA56-C2
x-amz-cf-id
L4QT2pW2uaGUoqdxqor9um8sBgoFXdWXeOZybM32lFZTuEbpsEr-BQ==
TorstarTextO3-Italic.woff2
www.thestar.com/assets/fonts/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.thestar.com/assets/fonts/TorstarTextO3-Italic.woff2
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/life/fashion_style/2022/08/04/we-put-walking-sandals-to-the-testthese-are-the-comfiest.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-75.fra56.r.cloudfront.net
Software
Apache/2.4.54 (Unix) OpenSSL/1.1.1n / Express
Resource Hash
448edd4a71b4ca28931010c1c2166872801702a420ff549a7c757edf863d7530
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.thestar.com/life/fashion_style/2022/08/04/we-put-walking-sandals-to-the-testthese-are-the-comfiest.html
Origin
https://www.thestar.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 14:47:01 GMT
via
1.1 747e99d9d8c5e29fdc713cf866bc3f82.cloudfront.net (CloudFront)
age
8009
x-powered-by
Express
x-cache
Hit from cloudfront
content-length
18316
last-modified
Fri, 12 Aug 2022 16:04:16 GMT
server
Apache/2.4.54 (Unix) OpenSSL/1.1.1n
etag
W/"478c-18292cc9000"
x-frame-options
SAMEORIGIN
content-type
font/woff2
access-control-allow-origin
https://amp.thestar.com
cache-control
max-age=14400
x-amz-cf-pop
FRA56-C2
accept-ranges
bytes
x-amz-cf-id
WCehteFKkVOCQHJEZ4POlaEPqgh7cE1leeR7F0EB_ml1QoUMSaiaUg==
TorstarTextO3-Bold.woff2
www.thestar.com/assets/fonts/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.thestar.com/assets/fonts/TorstarTextO3-Bold.woff2
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/life/fashion_style/2022/08/04/we-put-walking-sandals-to-the-testthese-are-the-comfiest.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-75.fra56.r.cloudfront.net
Software
Apache/2.4.54 (Unix) OpenSSL/1.1.1n / Express
Resource Hash
38254c821b6bec9ee36bb8116cf81a16b0a9c2a51f97cacdb483b4fdeb6e3821
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.thestar.com/life/fashion_style/2022/08/04/we-put-walking-sandals-to-the-testthese-are-the-comfiest.html
Origin
https://www.thestar.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 14:46:19 GMT
via
1.1 747e99d9d8c5e29fdc713cf866bc3f82.cloudfront.net (CloudFront)
age
8051
x-powered-by
Express
x-cache
Hit from cloudfront
content-length
18276
last-modified
Fri, 12 Aug 2022 16:04:16 GMT
server
Apache/2.4.54 (Unix) OpenSSL/1.1.1n
etag
W/"4764-18292cc9000"
x-frame-options
SAMEORIGIN
content-type
font/woff2
access-control-allow-origin
https://amp.thestar.com
cache-control
max-age=14400
x-amz-cf-pop
FRA56-C2
accept-ranges
bytes
x-amz-cf-id
AFabRF1-Jf8hLASSClaY6vFyNHdX3JZXOKkrHoskdX7hRG3yKVyEww==
TorstarDeckCondensed-Roman.woff2
www.thestar.com/assets/fonts/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.thestar.com/assets/fonts/TorstarDeckCondensed-Roman.woff2
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/life/fashion_style/2022/08/04/we-put-walking-sandals-to-the-testthese-are-the-comfiest.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-75.fra56.r.cloudfront.net
Software
Apache/2.4.54 (Unix) OpenSSL/1.1.1n / Express
Resource Hash
5f8f2739eab8542e8316b8d27f96040f31ae37bba3f5247dc55a7a32d1eac773
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.thestar.com/life/fashion_style/2022/08/04/we-put-walking-sandals-to-the-testthese-are-the-comfiest.html
Origin
https://www.thestar.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 14:46:19 GMT
via
1.1 747e99d9d8c5e29fdc713cf866bc3f82.cloudfront.net (CloudFront)
age
8050
x-powered-by
Express
x-cache
Hit from cloudfront
content-length
19052
last-modified
Fri, 12 Aug 2022 16:04:16 GMT
server
Apache/2.4.54 (Unix) OpenSSL/1.1.1n
etag
W/"4a6c-18292cc9000"
x-frame-options
SAMEORIGIN
content-type
font/woff2
access-control-allow-origin
https://amp.thestar.com
cache-control
max-age=14400
x-amz-cf-pop
FRA56-C2
accept-ranges
bytes
x-amz-cf-id
LySAwPXGnYK9P3qs7Qd1yx5Ci5f8P_mJwdmyaU9aMqgEt6pDH7QvuQ==
TorstarDeckCondensed-Semibold.woff2
www.thestar.com/assets/fonts/ 		18 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.thestar.com/assets/fonts/TorstarDeckCondensed-Semibold.woff2
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/life/fashion_style/2022/08/04/we-put-walking-sandals-to-the-testthese-are-the-comfiest.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-75.fra56.r.cloudfront.net
Software
Apache/2.4.54 (Unix) OpenSSL/1.1.1n / Express
Resource Hash
bc2dee2d7bba673bee2abc6490f270aedec3e93055882daa0cd0a474388265b9
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.thestar.com/life/fashion_style/2022/08/04/we-put-walking-sandals-to-the-testthese-are-the-comfiest.html
Origin
https://www.thestar.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 14:46:20 GMT
via
1.1 747e99d9d8c5e29fdc713cf866bc3f82.cloudfront.net (CloudFront)
age
8050
x-powered-by
Express
x-cache
Hit from cloudfront
content-length
18736
last-modified
Fri, 12 Aug 2022 16:04:16 GMT
server
Apache/2.4.54 (Unix) OpenSSL/1.1.1n
etag
W/"4930-18292cc9000"
x-frame-options
SAMEORIGIN
content-type
font/woff2
access-control-allow-origin
https://amp.thestar.com
cache-control
max-age=14400
x-amz-cf-pop
FRA56-C2
accept-ranges
bytes
x-amz-cf-id
t-PpyCrliCx0Q8-SXj4WjFioak8Dzx3c5FnbRTdL6xxz7Zsv5TVk9A==
MerriweatherSans-Regular.woff2
www.thestar.com/assets/fonts/merriweather/ 		54 KB
54 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.thestar.com/assets/fonts/merriweather/MerriweatherSans-Regular.woff2
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/life/fashion_style/2022/08/04/we-put-walking-sandals-to-the-testthese-are-the-comfiest.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-75.fra56.r.cloudfront.net
Software
Apache/2.4.54 (Unix) OpenSSL/1.1.1n / Express
Resource Hash
4b123f8e3a4b0db9c32f6add4b53ac3b66afecd0ac6c0b17a90e1451642f7418
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.thestar.com/life/fashion_style/2022/08/04/we-put-walking-sandals-to-the-testthese-are-the-comfiest.html
Origin
https://www.thestar.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 14:46:19 GMT
via
1.1 747e99d9d8c5e29fdc713cf866bc3f82.cloudfront.net (CloudFront)
age
8051
x-powered-by
Express
x-cache
Hit from cloudfront
content-length
55032
last-modified
Fri, 12 Aug 2022 16:04:16 GMT
server
Apache/2.4.54 (Unix) OpenSSL/1.1.1n
etag
W/"d6f8-18292cc9000"
x-frame-options
SAMEORIGIN
content-type
font/woff2
access-control-allow-origin
https://amp.thestar.com
cache-control
max-age=14400
x-amz-cf-pop
FRA56-C2
accept-ranges
bytes
x-amz-cf-id
7G8OdN-eO3GJ1H5XUW19yNpLnvXn_7b86dyWiS1AHOyOToxvwu2nYg==
MerriweatherSans-Italic.woff2
www.thestar.com/assets/fonts/merriweather/ 		52 KB
53 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.thestar.com/assets/fonts/merriweather/MerriweatherSans-Italic.woff2
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/life/fashion_style/2022/08/04/we-put-walking-sandals-to-the-testthese-are-the-comfiest.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-75.fra56.r.cloudfront.net
Software
Apache/2.4.54 (Unix) OpenSSL/1.1.1n / Express
Resource Hash
6a5d134ce0702f55663b83e6d4a9d300e38f9328f96f1651419111712f9f02cb
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.thestar.com/life/fashion_style/2022/08/04/we-put-walking-sandals-to-the-testthese-are-the-comfiest.html
Origin
https://www.thestar.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 14:46:20 GMT
via
1.1 747e99d9d8c5e29fdc713cf866bc3f82.cloudfront.net (CloudFront)
age
8050
x-powered-by
Express
x-cache
Hit from cloudfront
content-length
53664
last-modified
Fri, 12 Aug 2022 16:04:16 GMT
server
Apache/2.4.54 (Unix) OpenSSL/1.1.1n
etag
W/"d1a0-18292cc9000"
x-frame-options
SAMEORIGIN
content-type
font/woff2
access-control-allow-origin
https://amp.thestar.com
cache-control
max-age=14400
x-amz-cf-pop
FRA56-C2
accept-ranges
bytes
x-amz-cf-id
rngW0SDuPvnzcO7iMC7O3dAjJXZHiqxcZvH5q5Aj5ttapxaHYeo3KQ==
MerriweatherSans-Bold.woff2
www.thestar.com/assets/fonts/merriweather/ 		55 KB
56 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.thestar.com/assets/fonts/merriweather/MerriweatherSans-Bold.woff2
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/life/fashion_style/2022/08/04/we-put-walking-sandals-to-the-testthese-are-the-comfiest.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-75.fra56.r.cloudfront.net
Software
Apache/2.4.54 (Unix) OpenSSL/1.1.1n / Express
Resource Hash
6c6bd4f1d599be4d43843b7dbf5ec5e134cd7aec0c900ac1c030ead10bbe4ea1
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.thestar.com/life/fashion_style/2022/08/04/we-put-walking-sandals-to-the-testthese-are-the-comfiest.html
Origin
https://www.thestar.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 14:47:00 GMT
via
1.1 747e99d9d8c5e29fdc713cf866bc3f82.cloudfront.net (CloudFront)
age
8010
x-powered-by
Express
x-cache
Hit from cloudfront
content-length
56380
last-modified
Fri, 12 Aug 2022 16:04:16 GMT
server
Apache/2.4.54 (Unix) OpenSSL/1.1.1n
etag
W/"dc3c-18292cc9000"
x-frame-options
SAMEORIGIN
content-type
font/woff2
access-control-allow-origin
https://amp.thestar.com
cache-control
max-age=14400
x-amz-cf-pop
FRA56-C2
accept-ranges
bytes
x-amz-cf-id
EcGt1kidPNnVppWWIvwBUfWf2gCtt_MU0DgaNKSQVaGiouv1iqd6DQ==
MerriweatherSans-BoldItalic.woff2
www.thestar.com/assets/fonts/merriweather/ 		54 KB
54 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.thestar.com/assets/fonts/merriweather/MerriweatherSans-BoldItalic.woff2
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/life/fashion_style/2022/08/04/we-put-walking-sandals-to-the-testthese-are-the-comfiest.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-75.fra56.r.cloudfront.net
Software
Apache/2.4.54 (Unix) OpenSSL/1.1.1n / Express
Resource Hash
b8dd12b4cc0283b0d20c31c231b8ae14fa61c1b64d594cd8f8c0ed1948acb3b5
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.thestar.com/life/fashion_style/2022/08/04/we-put-walking-sandals-to-the-testthese-are-the-comfiest.html
Origin
https://www.thestar.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 14:47:00 GMT
via
1.1 747e99d9d8c5e29fdc713cf866bc3f82.cloudfront.net (CloudFront)
age
8010
x-powered-by
Express
x-cache
Hit from cloudfront
content-length
54800
last-modified
Fri, 12 Aug 2022 16:04:16 GMT
server
Apache/2.4.54 (Unix) OpenSSL/1.1.1n
etag
W/"d610-18292cc9000"
x-frame-options
SAMEORIGIN
content-type
font/woff2
access-control-allow-origin
https://amp.thestar.com
cache-control
max-age=14400
x-amz-cf-pop
FRA56-C2
accept-ranges
bytes
x-amz-cf-id
TMbf9O6w0-8RKVr9f90sPnEhYCO_Rh0265VWe495V2_citxPGHIXDQ==
MerriweatherSans-Black.woff2
www.thestar.com/assets/fonts/merriweather/ 		53 KB
54 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.thestar.com/assets/fonts/merriweather/MerriweatherSans-Black.woff2
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/life/fashion_style/2022/08/04/we-put-walking-sandals-to-the-testthese-are-the-comfiest.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-75.fra56.r.cloudfront.net
Software
Apache/2.4.54 (Unix) OpenSSL/1.1.1n / Express
Resource Hash
098ac1fe26b8dcbf76d32aa5db27e6112d093743f9a3e4df1dc529c131df4363
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.thestar.com/life/fashion_style/2022/08/04/we-put-walking-sandals-to-the-testthese-are-the-comfiest.html
Origin
https://www.thestar.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 14:47:00 GMT
via
1.1 747e99d9d8c5e29fdc713cf866bc3f82.cloudfront.net (CloudFront)
age
8010
x-powered-by
Express
x-cache
Hit from cloudfront
content-length
54304
last-modified
Fri, 12 Aug 2022 16:04:16 GMT
server
Apache/2.4.54 (Unix) OpenSSL/1.1.1n
etag
W/"d420-18292cc9000"
x-frame-options
SAMEORIGIN
content-type
font/woff2
access-control-allow-origin
https://amp.thestar.com
cache-control
max-age=14400
x-amz-cf-pop
FRA56-C2
accept-ranges
bytes
x-amz-cf-id
CBN0XX7rgo7XAdaL8z0FcqAWFDSc-0xEJ-L71FE8GTKYMKSoxpj83g==
toronto-star-adunits.js
prebid.the-ozone-project.com/hw/torstar/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://prebid.the-ozone-project.com/hw/torstar/toronto-star-adunits.js
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/life/fashion_style/2022/08/04/we-put-walking-sandals-to-the-testthese-are-the-comfiest.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-118.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ac217fa597b7754bca874304308db97d8db94d4733d9027cccae8d7eff7eeceb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 01:22:15 GMT
content-encoding
gzip
last-modified
Fri, 18 Feb 2022 02:13:55 GMT
server
AmazonS3
age
56479
etag
W/"47ec15276ab051ddd124dd65b61efb8f"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 142ded88048f806cc40a5a225130cc8a.cloudfront.net (CloudFront)
cache-control
max-age=86400
x-amz-cf-pop
FRA60-P1
x-amz-cf-id
KzATxb5pCi3suUdWgSx4CV4wBPf8FgaOkw5q2k4Y1CiqE2ktLOx4tg==
script.js
e377.thestar.com/ 		142 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://e377.thestar.com/script.js
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/life/fashion_style/2022/08/04/we-put-walking-sandals-to-the-testthese-are-the-comfiest.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-18.fra56.r.cloudfront.net
Software
- /
Resource Hash
a04a6f2293e1b07773411b771184b26801eab1bbbe750276ead0095ea9f187c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 17:00:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
FRA56-C1
x-cache
Hit from cloudfront
p3p
policyref="", CP="DSP"
content-length
42125
x-xss-protection
1; mode=block
last-modified
Tue, 02 Aug 2022 04:09:40 GMT
server
-
etag
65e72b029edc40aa970eb5e0503283f5
content-type
text/javascript; charset=utf-8
via
1.1 c359abeab0060e721cfaac65ce34b1cc.cloudfront.net (CloudFront)
cache-control
public, no-cache="Set-Cookie", max-age=600
x-robots-tag
noindex, nofollow
x-amz-cf-id
sQKl5OFVwXuMc2Du0pO-0W-e7Xee62prZ8Y-oE53ipn0If_nAKkrqw==
expires
Tue, 16 Aug 2022 17:10:31 GMT
swg.js
news.google.com/swg/js/v1/ 		146 KB
147 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://news.google.com/swg/js/v1/swg.js
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/life/fashion_style/2022/08/04/we-put-walking-sandals-to-the-testthese-are-the-comfiest.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d4c8a513b6e7f92ae0825c77658a1bb2122d4a230ee3e7a24f61eaaa5540c01d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 16:25:51 GMT
x-content-type-options
nosniff
age
2080
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
149580
x-xss-protection
0
last-modified
Wed, 10 Aug 2022 19:09:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="news-frontend"
vary
Accept-Encoding
report-to
{"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type
text/javascript
cache-control
public, max-age=3000
accept-ranges
bytes
expires
Tue, 16 Aug 2022 17:15:51 GMT
swg-gaa.js
news.google.com/swg/js/v1/ 		71 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://news.google.com/swg/js/v1/swg-gaa.js
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/life/fashion_style/2022/08/04/we-put-walking-sandals-to-the-testthese-are-the-comfiest.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ab319beb88936c36a6ba40ecfbb0326e99948cb1ef199030270d438c1a20001a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 16:25:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2081
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18172
x-xss-protection
0
last-modified
Wed, 10 Aug 2022 19:09:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="news-frontend"
vary
Accept-Encoding
report-to
{"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type
text/javascript
cache-control
public, max-age=3000
accept-ranges
bytes
expires
Tue, 16 Aug 2022 17:15:50 GMT
client
accounts.google.com/gsi/ 		186 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/gsi/client
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/life/fashion_style/2022/08/04/we-put-walking-sandals-to-the-testthese-are-the-comfiest.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4af7a99a610596d489502702196adaf59ee6fc8066ae7bee9fbee250ee2947d2
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-2hEJu2r3RrI-y2mDVejM1g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 17:00:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
report-to
{"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type
application/javascript; charset=utf-8
cache-control
private, max-age=1800
cross-origin-resource-policy
cross-origin
content-security-policy
require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-2hEJu2r3RrI-y2mDVejM1g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires
Tue, 16 Aug 2022 17:00:31 GMT
vf-v2.js
cdn.viafoura.net/ 		736 KB
167 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/vf-v2.js
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/life/fashion_style/2022/08/04/we-put-walking-sandals-to-the-testthese-are-the-comfiest.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:3200:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
db9e15b76b3fc0d6ea39f94a72114a7e70263e7f7483bb35bed545deef5766b0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-amz-version-id
3lCnNl2Rwa0RGWnlGSeEjoz8hxZ.OG3Z
content-encoding
br
etag
W/"4322c040b1602cfc4b6505d05e3d89ff"
age
113
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 16 Aug 2022 14:32:57 GMT
server
AmazonS3
date
Tue, 16 Aug 2022 16:58:38 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
via
1.1 5d5481cfa85227a3fdd5ff0b03093c62.cloudfront.net (CloudFront)
cache-control
max-age=300
x-amz-cf-pop
FRA56-P2
x-amz-cf-id
vMjFXRD0pflpa9Fz7HY4RHj5M35Rk0kkOHZl-KYjh4vhsEC_j0NqdA==
gpt.js
www.googletagservices.com/tag/js/ 		83 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/life/fashion_style/2022/08/04/we-put-walking-sandals-to-the-testthese-are-the-comfiest.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
07dc2e48ef051b38cc4841495a54a57efd4b1b8c12f4dd47af04ebf5dc60b5ad
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 17:00:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28647
x-xss-protection
0
server
sffe
etag
"1305 / 904 of 1000 / last-modified: 1660648063"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 16 Aug 2022 17:00:30 GMT
72.css
www.thestar.com/static/ 		6 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.thestar.com/static/72.css?v=5b614be87a075d9e9044
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/life/fashion_style/2022/08/04/we-put-walking-sandals-to-the-testthese-are-the-comfiest.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-75.fra56.r.cloudfront.net
Software
Apache/2.4.54 (Unix) OpenSSL/1.1.1n / Express
Resource Hash
80c3e7d481504b8ec6e389a07d26b0afadd32c8ee09472f979b977c2e330b712
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/life/fashion_style/2022/08/04/we-put-walking-sandals-to-the-testthese-are-the-comfiest.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 14:47:26 GMT
content-encoding
gzip
age
7984
x-powered-by
Express
x-cache
Hit from cloudfront
access-control-allow-origin
https://amp.thestar.com
last-modified
Fri, 12 Aug 2022 16:10:44 GMT
server
Apache/2.4.54 (Unix) OpenSSL/1.1.1n
x-frame-options
SAMEORIGIN
etag
W/"17a8-18292d27ba0"
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
via
1.1 747e99d9d8c5e29fdc713cf866bc3f82.cloudfront.net (CloudFront)
cache-control
max-age=300
x-amz-cf-pop
FRA56-C2
x-amz-cf-id
z9vTOgfGT8sjLiAUBdlRG6o1cxhk2yukNRA59hfboebI6FAaN9uX1g==
bundle.css
www.thestar.com/static/ 		382 KB
61 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.thestar.com/static/bundle.css?v=e88d99b0f02131f32425
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/life/fashion_style/2022/08/04/we-put-walking-sandals-to-the-testthese-are-the-comfiest.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-75.fra56.r.cloudfront.net
Software
Apache/2.4.54 (Unix) OpenSSL/1.1.1n / Express
Resource Hash
cef8dad1c1f60d9f2645c8af2824f3cc563690fd55b21c16b4e28d79ccc72335
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/life/fashion_style/2022/08/04/we-put-walking-sandals-to-the-testthese-are-the-comfiest.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 14:47:44 GMT
content-encoding
gzip
age
7966
x-powered-by
Express
x-cache
Hit from cloudfront
access-control-allow-origin
https://amp.thestar.com
last-modified
Fri, 12 Aug 2022 16:10:44 GMT
server
Apache/2.4.54 (Unix) OpenSSL/1.1.1n
x-frame-options
SAMEORIGIN
etag
W/"5f619-18292d27ba0"
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
via
1.1 747e99d9d8c5e29fdc713cf866bc3f82.cloudfront.net (CloudFront)
cache-control
max-age=300
x-amz-cf-pop
FRA56-C2
x-amz-cf-id
UXX4REtV8DpjN8SHHuWma21AmjzWVhlmEerz3cMyskjOTsE_uZ-Qbw==
be54a597-6b6d-4e2d-9d31-642310a8db25-web.js
be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app/ 		515 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app/be54a597-6b6d-4e2d-9d31-642310a8db25-web.js
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/life/fashion_style/2022/08/04/we-put-walking-sandals-to-the-testthese-are-the-comfiest.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:451 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5b6a18f0de76888d35572a456bf421c0ae31b5bbb4949a4747b704f3e8792c37

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 17:00:32 GMT
content-encoding
br
cf-cache-status
HIT
x-goog-meta-oid
be54a597-6b6d-4e2d-9d31-642310a8db25
age
2937
x-guploader-uploadid
ADPycdvW_iKgyp2j4uv_VXZnqUMgPsKrCUE8J-mRc7H1DXi9Z1kTJwrbilx9wGsJuOulDIRgj-cm80TNVHeu2DOCW5mydQ
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-type
application/javascript
last-modified
Fri, 12 Aug 2022 19:01:37 GMT
server
cloudflare
etag
W/"684d869d521a44c8db9d7eee616c97b3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=/ElLUA==, md5=aE2GnVIaRMjbnX7uYWyXsw==
x-goog-generation
1660330897969360
cache-control
public, max-age=900
x-goog-stored-content-length
134587
cf-ray
73bbba0d88b0bbd3-FRA
expires
Tue, 16 Aug 2022 17:15:32 GMT
ozpb.js
prebid.the-ozone-project.com/hw/torstar/ 		203 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://prebid.the-ozone-project.com/hw/torstar/ozpb.js
Requested by
Host: prebid.the-ozone-project.com
URL: https://prebid.the-ozone-project.com/hw/torstar/toronto-star-adunits.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-118.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
25e5c10cb58300c92e6d6065fa0ea49a206499c58a2f1152af1deea8f34a5066

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 06:30:23 GMT
content-encoding
gzip
last-modified
Mon, 21 Mar 2022 18:26:56 GMT
server
AmazonS3
age
37831
etag
W/"e08e5a6e68f37184e1c046d32d471d44"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 142ded88048f806cc40a5a225130cc8a.cloudfront.net (CloudFront)
cache-control
max-age=86400
x-amz-cf-pop
FRA60-P1
x-amz-cf-id
UNv7Nxz7_s9a2SPfEA_VYnDBPPtplhBd8b0RSRaQCj9TEAS_qib_4Q==
ozp_global_int.min.js
prebid.the-ozone-project.com/hw/torstar/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://prebid.the-ozone-project.com/hw/torstar/ozp_global_int.min.js
Requested by
Host: prebid.the-ozone-project.com
URL: https://prebid.the-ozone-project.com/hw/torstar/toronto-star-adunits.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-118.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9255f9f186056d9c722c47bb75bf71f79690a0a85fdccf83481c6eca62552623

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 06:30:23 GMT
content-encoding
gzip
last-modified
Thu, 28 Apr 2022 14:10:53 GMT
server
AmazonS3
age
37827
etag
W/"c6e67d08c7c4a89b3155020045b68eb1"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 142ded88048f806cc40a5a225130cc8a.cloudfront.net (CloudFront)
cache-control
max-age=86400
x-amz-cf-pop
FRA60-P1
x-amz-cf-id
VyN6b8j1M1OUPjlb-d0UvXEd0C5hAGqoEblqJ0e7PhNiSqU-ziCdlQ==
yi.js
sejs.moatads.com/torontoprebidheader623296055317/ 		249 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sejs.moatads.com/torontoprebidheader623296055317/yi.js
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/life/fashion_style/2022/08/04/we-put-walking-sandals-to-the-testthese-are-the-comfiest.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.47.209.169 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-47-209-169.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
c99fff145d30d549bcc9c70f4a7a1561e512ff29068b5f9e1792d3e12632d6bb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Tue, 16 Aug 2022 17:00:32 GMT
Content-Encoding
gzip
Server
AmazonS3
x-amz-request-id
XQVTT0SZJ75NKFM0
ETag
"146c2a63cb2ec8fa8d2188ee7f164671"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=5761
Transfer-Encoding
chunked
Connection
keep-alive, Transfer-Encoding
x-amz-id-2
APqGBPsGDvG7L1zbM+CbQ0he9jnHtEH7r67nYJY+O1M1DPqbJH/SA+qdKyCDKvw1MXI908HXVwc=
ads.js
www.thestar.com/assets/js/ 		22 B
476 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.thestar.com/assets/js/ads.js
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/life/fashion_style/2022/08/04/we-put-walking-sandals-to-the-testthese-are-the-comfiest.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-75.fra56.r.cloudfront.net
Software
Apache/2.4.54 (Unix) OpenSSL/1.1.1n / Express
Resource Hash
be2277c99594557635d0993ac606fdc4994494e43408bc1be5c6ac9bfabc5dac
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/life/fashion_style/2022/08/04/we-put-walking-sandals-to-the-testthese-are-the-comfiest.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 14:47:26 GMT
via
1.1 747e99d9d8c5e29fdc713cf866bc3f82.cloudfront.net (CloudFront)
age
7985
x-powered-by
Express
x-cache
Hit from cloudfront
content-length
22
last-modified
Fri, 12 Aug 2022 16:04:16 GMT
server
Apache/2.4.54 (Unix) OpenSSL/1.1.1n
etag
W/"16-18292cc9000"
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
https://amp.thestar.com
cache-control
max-age=14400
x-amz-cf-pop
FRA56-C2
accept-ranges
bytes
x-amz-cf-id
fSFxrNxb6B8x2OKk9eIFq9iLrt38KJFJm37ySXUn2ItTl_ET6Y6qhg==
logo-toronto.svg
www.thestar.com/assets/svg/ 		7 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.thestar.com/assets/svg/logo-toronto.svg
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/life/fashion_style/2022/08/04/we-put-walking-sandals-to-the-testthese-are-the-comfiest.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-75.fra56.r.cloudfront.net
Software
Apache/2.4.54 (Unix) OpenSSL/1.1.1n / Express
Resource Hash
4466f366b2897f4839ba95e1b5d96fa3c3e11cadb7fe0096afb3a5a97b872ffb
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/life/fashion_style/2022/08/04/we-put-walking-sandals-to-the-testthese-are-the-comfiest.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 14:46:20 GMT
content-encoding
gzip
age
8052
x-powered-by
Express
x-cache
Hit from cloudfront
access-control-allow-origin
https://amp.thestar.com
last-modified
Fri, 12 Aug 2022 16:04:17 GMT
server
Apache/2.4.54 (Unix) OpenSSL/1.1.1n
x-frame-options
SAMEORIGIN
etag
W/"1df3-18292cc93e8"
vary
Accept-Encoding
content-type
image/svg+xml
via
1.1 747e99d9d8c5e29fdc713cf866bc3f82.cloudfront.net (CloudFront)
cache-control
max-age=14400
x-amz-cf-pop
FRA56-C2
x-amz-cf-id
K5wOSXELgyTKBlpM3ISJ5gIpzjNv0ZiPiaxCiPuwLmyBNI3GTmPQog==
logo-round-thestar.svg
www.thestar.com/assets/svg/ 		589 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.thestar.com/assets/svg/logo-round-thestar.svg
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/life/fashion_style/2022/08/04/we-put-walking-sandals-to-the-testthese-are-the-comfiest.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-75.fra56.r.cloudfront.net
Software
Apache/2.4.54 (Unix) OpenSSL/1.1.1n / Express
Resource Hash
95f4db14172013eb07b61d3933cdcee02d39e70569f86e2d445e637db2d62547
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/life/fashion_style/2022/08/04/we-put-walking-sandals-to-the-testthese-are-the-comfiest.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 14:46:20 GMT
via
1.1 747e99d9d8c5e29fdc713cf866bc3f82.cloudfront.net (CloudFront)
age
8052
x-powered-by
Express
x-cache
Hit from cloudfront
content-length
589
last-modified
Fri, 12 Aug 2022 16:04:17 GMT
server
Apache/2.4.54 (Unix) OpenSSL/1.1.1n
etag
W/"24d-18292cc93e8"
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
access-control-allow-origin
https://amp.thestar.com
cache-control
max-age=14400
x-amz-cf-pop
FRA56-C2
accept-ranges
bytes
x-amz-cf-id
KtIc8ho_Ts_GY94bbIetF0RjZXKDGfWEF-QYib-c1oam08qJtLRYAg==
feature.jpg
images.thestar.com/Sk17xLnhI7ZwZwFns3hBA226PxE=/1086x704/smart/filters:cb(1659638066435):format(webp)/https://www.thestar.com/content/dam/thestar/life/fashion_style/2022/08/04/we-put-walking-sandal... 		51 KB
52 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.thestar.com/Sk17xLnhI7ZwZwFns3hBA226PxE=/1086x704/smart/filters:cb(1659638066435):format(webp)/https://www.thestar.com/content/dam/thestar/life/fashion_style/2022/08/04/we-put-walking-sandals-to-the-testthese-are-the-comfiest/feature.jpg
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/life/fashion_style/2022/08/04/we-put-walking-sandals-to-the-testthese-are-the-comfiest.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-23.fra56.r.cloudfront.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
c144f2286d403cfcff56aa8314263bb3bc341bae3b3791cfe9617c60bce6dcc2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 08:29:38 GMT
via
1.1 36d9e1bd4f00d39c57a56679dc44e264.cloudfront.net (CloudFront)
server
nginx/1.14.0 (Ubuntu)
age
30654
etag
"4b108a8849c3af7ce3508a8bceff04db23b9ba60"
x-cache
Hit from cloudfront
content-type
image/webp
cache-control
max-age=315360000
x-amz-cf-pop
FRA56-C1
content-length
52410
x-amz-cf-id
xVBzfgDY40WxGFCgBulIAVjusHOn3Psuw2rS9-PR7MPFINeaeDH8cw==
expires
Thu, 31 Dec 2037 23:55:55 GMT
Tse_Renee_logo2019.JPG
images.thestar.com/pnOC5osj13NXZgqbXfvha_B_RZs=/100x100/smart/filters:format(webp)/https://www.thestar.com/content/dam/thestar/columnist_logos/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.thestar.com/pnOC5osj13NXZgqbXfvha_B_RZs=/100x100/smart/filters:format(webp)/https://www.thestar.com/content/dam/thestar/columnist_logos/Tse_Renee_logo2019.JPG
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/life/fashion_style/2022/08/04/we-put-walking-sandals-to-the-testthese-are-the-comfiest.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-23.fra56.r.cloudfront.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
de89de12a0f9127748708a4a51dc5dffc0a4065c0a1e43c2c5c4628c9b41f6fe

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 07:01:33 GMT
via
1.1 36d9e1bd4f00d39c57a56679dc44e264.cloudfront.net (CloudFront)
server
nginx/1.14.0 (Ubuntu)
age
35939
etag
"f7e6a6fae7a43383f7a468bf402d147db30f3ef8"
x-cache
Hit from cloudfront
content-type
image/webp
cache-control
max-age=315360000
x-amz-cf-pop
FRA56-C1
content-length
4904
x-amz-cf-id
pBMeg-UIoFVCbQ4MP1lPpmDMqwN0E9SXvd1W_QtPFtlGiO050jTz8w==
expires
Thu, 31 Dec 2037 23:55:55 GMT
birkenstocks.jpg
images.thestar.com/QxeDD7G_ZsBZ-wE5JbixtruPl68=/850x567/smart/filters:cb(1659636922438):format(webp)/https://www.thestar.com/content/dam/thestar/life/fashion_style/2022/08/04/we-put-walking-sandals... 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.thestar.com/QxeDD7G_ZsBZ-wE5JbixtruPl68=/850x567/smart/filters:cb(1659636922438):format(webp)/https://www.thestar.com/content/dam/thestar/life/fashion_style/2022/08/04/we-put-walking-sandals-to-the-testthese-are-the-comfiest/birkenstocks.jpg
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/life/fashion_style/2022/08/04/we-put-walking-sandals-to-the-testthese-are-the-comfiest.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-23.fra56.r.cloudfront.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
27b8eac9d88ed4fba026d518b8a06bb0a61c1d5b6ecbdaa4d65f0ae1894514fe

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 07:01:34 GMT
via
1.1 36d9e1bd4f00d39c57a56679dc44e264.cloudfront.net (CloudFront)
server
nginx/1.14.0 (Ubuntu)
age
35938
etag
"15414aa8ccacdc2d9191e6691bb8e2d5f4127190"
x-cache
Hit from cloudfront
content-type
image/webp
cache-control
max-age=315360000
x-amz-cf-pop
FRA56-C1
content-length
9754
x-amz-cf-id
GFcpUORbqVLa2NOR2fywGtRocmn2wXLWNXhWKcrqQHJUeNXBz3_6cw==
expires
Thu, 31 Dec 2037 23:55:55 GMT
ecco.jpg
images.thestar.com/RTDsI9-c4B0beG_yVicYU8MUwOs=/850x567/smart/filters:cb(1659636922588):format(webp)/https://www.thestar.com/content/dam/thestar/life/fashion_style/2022/08/04/we-put-walking-sandals... 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.thestar.com/RTDsI9-c4B0beG_yVicYU8MUwOs=/850x567/smart/filters:cb(1659636922588):format(webp)/https://www.thestar.com/content/dam/thestar/life/fashion_style/2022/08/04/we-put-walking-sandals-to-the-testthese-are-the-comfiest/ecco.jpg
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/life/fashion_style/2022/08/04/we-put-walking-sandals-to-the-testthese-are-the-comfiest.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-23.fra56.r.cloudfront.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
c66f8d8b017721e620232c7d0f9497c87af62e894f543521fd9dd012d9afa01d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 07:01:34 GMT
via
1.1 36d9e1bd4f00d39c57a56679dc44e264.cloudfront.net (CloudFront)
server
nginx/1.14.0 (Ubuntu)
age
35938
etag
"be263d112b4f22147c92658719abf6f3a5ca340f"
x-cache
Hit from cloudfront
content-type
image/webp
cache-control
max-age=315360000
x-amz-cf-pop
FRA56-C1
content-length
16830
x-amz-cf-id
EgvmPYZIFl2TUcjsFApMN64TN5xJCoR0rWJkmkTU-rFOuIQc7c_GmA==
expires
Thu, 31 Dec 2037 23:55:55 GMT
teva.jpg
images.thestar.com/4-JB4kGByZoCcM8vmAVreTIukFU=/850x567/smart/filters:cb(1659636922964):format(webp)/https://www.thestar.com/content/dam/thestar/life/fashion_style/2022/08/04/we-put-walking-sandals... 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.thestar.com/4-JB4kGByZoCcM8vmAVreTIukFU=/850x567/smart/filters:cb(1659636922964):format(webp)/https://www.thestar.com/content/dam/thestar/life/fashion_style/2022/08/04/we-put-walking-sandals-to-the-testthese-are-the-comfiest/teva.jpg
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/life/fashion_style/2022/08/04/we-put-walking-sandals-to-the-testthese-are-the-comfiest.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-23.fra56.r.cloudfront.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
8c215ae94f599c2270571685b36a8a1bcf20802446c7dce25828979833d0622f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 07:01:33 GMT
via
1.1 36d9e1bd4f00d39c57a56679dc44e264.cloudfront.net (CloudFront)
server
nginx/1.14.0 (Ubuntu)
age
35939
etag
"63823ebd263e3483ba570929a5879a95e03b7741"
x-cache
Hit from cloudfront
content-type
image/webp
cache-control
max-age=315360000
x-amz-cf-pop
FRA56-C1
content-length
15110
x-amz-cf-id
Q85ycShjlN272mzL6aHFUwEFbEKRqiM0M3-wl02Pu3kQ2Kyb2LMnUw==
expires
Thu, 31 Dec 2037 23:55:55 GMT
hunter.jpg
images.thestar.com/DMHG4yQwOjovRZ1Zwz5Uge6kzvg=/850x567/smart/filters:cb(1659636922833):format(webp)/https://www.thestar.com/content/dam/thestar/life/fashion_style/2022/08/04/we-put-walking-sandals... 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.thestar.com/DMHG4yQwOjovRZ1Zwz5Uge6kzvg=/850x567/smart/filters:cb(1659636922833):format(webp)/https://www.thestar.com/content/dam/thestar/life/fashion_style/2022/08/04/we-put-walking-sandals-to-the-testthese-are-the-comfiest/hunter.jpg
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/life/fashion_style/2022/08/04/we-put-walking-sandals-to-the-testthese-are-the-comfiest.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-23.fra56.r.cloudfront.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
6a5cc655a2925cfb83dea9703382d3884c347619a6a1cb249e5ec56ff0de9c17

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 07:01:33 GMT
via
1.1 36d9e1bd4f00d39c57a56679dc44e264.cloudfront.net (CloudFront)
server
nginx/1.14.0 (Ubuntu)
age
35939
etag
"5348b344b51ba62e82b76f135761eaa95a6631bd"
x-cache
Hit from cloudfront
content-type
image/webp
cache-control
max-age=315360000
x-amz-cf-pop
FRA56-C1
content-length
17926
x-amz-cf-id
pHUAE7XqvcAw_52scDtHgJnJvcsXnuuR1h1oZSfeJCs_mv0DmBiPLQ==
expires
Thu, 31 Dec 2037 23:55:55 GMT
sorel.jpg
images.thestar.com/BPn_m50pIv2NX565_9ePHaw_h7I=/850x567/smart/filters:cb(1659636922910):format(webp)/https://www.thestar.com/content/dam/thestar/life/fashion_style/2022/08/04/we-put-walking-sandals... 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.thestar.com/BPn_m50pIv2NX565_9ePHaw_h7I=/850x567/smart/filters:cb(1659636922910):format(webp)/https://www.thestar.com/content/dam/thestar/life/fashion_style/2022/08/04/we-put-walking-sandals-to-the-testthese-are-the-comfiest/sorel.jpg
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/life/fashion_style/2022/08/04/we-put-walking-sandals-to-the-testthese-are-the-comfiest.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-23.fra56.r.cloudfront.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
7f93cca0bda8a1faaaff35503ee9a9af5ccea6cb55b1a0a912a0567dd2c81152

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 07:01:33 GMT
via
1.1 36d9e1bd4f00d39c57a56679dc44e264.cloudfront.net (CloudFront)
server
nginx/1.14.0 (Ubuntu)
age
35939
etag
"ef88163f9cce2a23abb6674fe695a32d1fecbaaa"
x-cache
Hit from cloudfront
content-type
image/webp
cache-control
max-age=315360000
x-amz-cf-pop
FRA56-C1
content-length
21148
x-amz-cf-id
6uVlg1_bz5GuBEeoAuOKTL7amAC7KA1km0faB01Kku9Vkko25H73ug==
expires
Thu, 31 Dec 2037 23:55:55 GMT
the_north_face.jpg
images.thestar.com/LGyjMs-GZqZiBNh2Tz2tkN8PWB8=/850x567/smart/filters:cb(1659636923054):format(webp)/https://www.thestar.com/content/dam/thestar/life/fashion_style/2022/08/04/we-put-walking-sandals... 		26 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.thestar.com/LGyjMs-GZqZiBNh2Tz2tkN8PWB8=/850x567/smart/filters:cb(1659636923054):format(webp)/https://www.thestar.com/content/dam/thestar/life/fashion_style/2022/08/04/we-put-walking-sandals-to-the-testthese-are-the-comfiest/the_north_face.jpg
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/life/fashion_style/2022/08/04/we-put-walking-sandals-to-the-testthese-are-the-comfiest.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-23.fra56.r.cloudfront.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
92c6d5dce21ab2a9cf7eb12418dc255a86ed332e8424e3440f81a6807bebf6be

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 07:01:33 GMT
via
1.1 36d9e1bd4f00d39c57a56679dc44e264.cloudfront.net (CloudFront)
server
nginx/1.14.0 (Ubuntu)
age
35939
etag
"ce746c7ef906846ba39ef4a4c47da08eaf973369"
x-cache
Hit from cloudfront
content-type
image/webp
cache-control
max-age=315360000
x-amz-cf-pop
FRA56-C1
content-length
26790
x-amz-cf-id
KtAsTU_2WKmUs_VB6JcxVP_2Nv4sRoglflbN4ONqROixkXeqbMCCiA==
expires
Thu, 31 Dec 2037 23:55:55 GMT
everlane.jpg
images.thestar.com/yFNb9O_7MmQ5UMQJSnxenpo4XSo=/850x567/smart/filters:cb(1659636922681):format(webp)/https://www.thestar.com/content/dam/thestar/life/fashion_style/2022/08/04/we-put-walking-sandals... 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.thestar.com/yFNb9O_7MmQ5UMQJSnxenpo4XSo=/850x567/smart/filters:cb(1659636922681):format(webp)/https://www.thestar.com/content/dam/thestar/life/fashion_style/2022/08/04/we-put-walking-sandals-to-the-testthese-are-the-comfiest/everlane.jpg
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/life/fashion_style/2022/08/04/we-put-walking-sandals-to-the-testthese-are-the-comfiest.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-23.fra56.r.cloudfront.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
9090ffa75cce115e12508aea91504ef4c9ecbb717a2c346508f3cbc8af3e1fd2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 07:01:33 GMT
via
1.1 36d9e1bd4f00d39c57a56679dc44e264.cloudfront.net (CloudFront)
server
nginx/1.14.0 (Ubuntu)
age
35939
etag
"c62c29c61f081b5f83c2a5019a14b33da2413be2"
x-cache
Hit from cloudfront
content-type
image/webp
cache-control
max-age=315360000
x-amz-cf-pop
FRA56-C1
content-length
27404
x-amz-cf-id
R8ZU4lMsJQqsqfBksch3e-J7JaENCj3ckPySLmzX66Xb_pi-Wn8F2A==
expires
Thu, 31 Dec 2037 23:55:55 GMT
brandmark-thestar.svg
www.thestar.com/assets/svg/ 		263 B
703 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.thestar.com/assets/svg/brandmark-thestar.svg
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/life/fashion_style/2022/08/04/we-put-walking-sandals-to-the-testthese-are-the-comfiest.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-75.fra56.r.cloudfront.net
Software
Apache/2.4.54 (Unix) OpenSSL/1.1.1n / Express
Resource Hash
9b4fd2bac023c59fa666614872a2a06a413659ca1b03eb71c3ad32298b2366dd
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/life/fashion_style/2022/08/04/we-put-walking-sandals-to-the-testthese-are-the-comfiest.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 14:46:25 GMT
via
1.1 747e99d9d8c5e29fdc713cf866bc3f82.cloudfront.net (CloudFront)
age
8047
x-powered-by
Express
x-cache
Hit from cloudfront
content-length
263
last-modified
Fri, 12 Aug 2022 16:04:17 GMT
server
Apache/2.4.54 (Unix) OpenSSL/1.1.1n
etag
W/"107-18292cc93e8"
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
access-control-allow-origin
https://amp.thestar.com
cache-control
max-age=14400
x-amz-cf-pop
FRA56-C2
accept-ranges
bytes
x-amz-cf-id
zLaBKOlVKDmu9JoAmrPaVMpPvK4QdeOf7HrwS8iSK8Zy036ZGdBdeg==
app-store.svg
www.thestar.com/assets/svg/ 		8 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.thestar.com/assets/svg/app-store.svg
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/life/fashion_style/2022/08/04/we-put-walking-sandals-to-the-testthese-are-the-comfiest.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-75.fra56.r.cloudfront.net
Software
Apache/2.4.54 (Unix) OpenSSL/1.1.1n / Express
Resource Hash
133d99ecc7e1f65d2e0bdc9d04fae746f2e9b820213b2a2df7fed60ba073475e
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/life/fashion_style/2022/08/04/we-put-walking-sandals-to-the-testthese-are-the-comfiest.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 14:46:20 GMT
content-encoding
gzip
age
8052
x-powered-by
Express
x-cache
Hit from cloudfront
access-control-allow-origin
https://amp.thestar.com
last-modified
Fri, 12 Aug 2022 16:04:17 GMT
server
Apache/2.4.54 (Unix) OpenSSL/1.1.1n
x-frame-options
SAMEORIGIN
etag
W/"1e63-18292cc93e8"
vary
Accept-Encoding
content-type
image/svg+xml
via
1.1 747e99d9d8c5e29fdc713cf866bc3f82.cloudfront.net (CloudFront)
cache-control
max-age=14400
x-amz-cf-pop
FRA56-C2
x-amz-cf-id
8_9HmDyB3gEhDEcPWitSd_wX4vhcG6xus2H5eMiEm7ZPr5bEO11Emw==
google-play.svg
www.thestar.com/assets/svg/ 		10 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.thestar.com/assets/svg/google-play.svg
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/life/fashion_style/2022/08/04/we-put-walking-sandals-to-the-testthese-are-the-comfiest.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-75.fra56.r.cloudfront.net
Software
Apache/2.4.54 (Unix) OpenSSL/1.1.1n / Express
Resource Hash
b0ab2f21243b940db6c6b986e1cedb149ffcc296b62b326e9214366585d1040d
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/life/fashion_style/2022/08/04/we-put-walking-sandals-to-the-testthese-are-the-comfiest.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 14:46:20 GMT
content-encoding
gzip
age
8052
x-powered-by
Express
x-cache
Hit from cloudfront
access-control-allow-origin
https://amp.thestar.com
last-modified
Fri, 12 Aug 2022 16:04:17 GMT
server
Apache/2.4.54 (Unix) OpenSSL/1.1.1n
x-frame-options
SAMEORIGIN
etag
W/"2859-18292cc93e8"
vary
Accept-Encoding
content-type
image/svg+xml
via
1.1 747e99d9d8c5e29fdc713cf866bc3f82.cloudfront.net (CloudFront)
cache-control
max-age=14400
x-amz-cf-pop
FRA56-C2
x-amz-cf-id
MaGEX8b49JTGgWWryNlhLZh5vV0TNhbekqi-IAXWDRk4PhVJcevenw==
oct.js
static.ads-twitter.com/
Redirect Chain
  • https://platform.twitter.com/oct.js
  • https://static.ads-twitter.com/oct.js
56 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ads-twitter.com/oct.js
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/life/fashion_style/2022/08/04/we-put-walking-sandals-to-the-testthese-are-the-comfiest.html
Protocol
H2
Server
199.232.16.157 Vienna, Austria, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
ae57d5e97bf1a0db8777b7531cd32cb09ee6f07bed183bb880469cc20f355086

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 17:00:31 GMT
content-encoding
gzip
last-modified
Thu, 28 Jul 2022 21:38:45 GMT
etag
"ca88912498e17137955859948f14e272+gzip+gzip"
vary
Accept-Encoding,Host
x-tw-cdn
FT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache
x-cache
HIT, HIT
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
content-length
15196
x-served-by
cache-iad-kjyo7100122-IAD, cache-vie6360-VIE

Redirect headers

x-tw-cdn
VZ
Date
Tue, 16 Aug 2022 17:00:31 GMT
Server
ECS (frb/6794)
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Location
https://static.ads-twitter.com/oct.js
Server-Timing
x-cache;desc= ,x-tw-cdn;desc=VZ,edge;dur=1
Content-Length
0
vendors~bundle.chunk.js
www.thestar.com/static/ 		2 MB
562 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.thestar.com/static/vendors~bundle.chunk.js?v=ae21b620
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/life/fashion_style/2022/08/04/we-put-walking-sandals-to-the-testthese-are-the-comfiest.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-75.fra56.r.cloudfront.net
Software
Apache/2.4.54 (Unix) OpenSSL/1.1.1n / Express
Resource Hash
e2d5fd416dfaeef9837158cd7f053429a7a16bdd82b01e08322e13f65ae4c889
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/life/fashion_style/2022/08/04/we-put-walking-sandals-to-the-testthese-are-the-comfiest.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 17:00:32 GMT
content-encoding
gzip
vary
Accept-Encoding
last-modified
Fri, 12 Aug 2022 16:10:44 GMT
server
Apache/2.4.54 (Unix) OpenSSL/1.1.1n
x-amz-cf-pop
FRA56-C2
x-powered-by
Express
etag
W/"202aaa-18292d27ba0"
x-frame-options
SAMEORIGIN
x-cache
Miss from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
https://amp.thestar.com
cache-control
max-age=300
x-amz-cf-id
XUlvc23-WxfWNi23H8rrYM-Q2X9I7cYusJuIFXqeCYqH3P7p0-aO7Q==
via
1.1 747e99d9d8c5e29fdc713cf866bc3f82.cloudfront.net (CloudFront)
bundle.js
www.thestar.com/static/ 		1 MB
241 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.thestar.com/static/bundle.js?v=50015516
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/life/fashion_style/2022/08/04/we-put-walking-sandals-to-the-testthese-are-the-comfiest.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-75.fra56.r.cloudfront.net
Software
Apache/2.4.54 (Unix) OpenSSL/1.1.1n / Express
Resource Hash
e2184c73f49a595aaff34a32b768012fab06ae253408124ff220ab14d19a496a
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/life/fashion_style/2022/08/04/we-put-walking-sandals-to-the-testthese-are-the-comfiest.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 17:00:32 GMT
content-encoding
gzip
vary
Accept-Encoding
last-modified
Fri, 12 Aug 2022 16:10:44 GMT
server
Apache/2.4.54 (Unix) OpenSSL/1.1.1n
x-amz-cf-pop
FRA56-C2
x-powered-by
Express
etag
W/"1366b1-18292d27ba0"
x-frame-options
SAMEORIGIN
x-cache
Miss from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
https://amp.thestar.com
cache-control
max-age=300
x-amz-cf-id
p09Yca3MFan4f9EmjKb_Qfz8Ud2PTqwxqYKlePag5eQUGaP_6e7nFQ==
via
1.1 747e99d9d8c5e29fdc713cf866bc3f82.cloudfront.net (CloudFront)
cs
torstar.blueconic.net/DG/DEFAULT/ 		16 B
698 B 		Script
General
Check archive.org
Download Go to
Full URL
https://torstar.blueconic.net/DG/DEFAULT/cs?&callback=bc_json425
Requested by
Host: e377.thestar.com
URL: https://e377.thestar.com/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.146.242.28 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-146-242-28.compute-1.amazonaws.com
Software
- /
Resource Hash
c91f8f77c8f9bab42473e7b924b31d0fd7aa464843560763fb271e4607a6f282
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 16 Aug 2022 17:00:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
-
x-robots-tag
noindex, nofollow
p3p
policyref="", CP="DSP"
x-permitted-cross-domain-policies
master-only
cache-control
no-cache, no-store, no-transform, must-revalidate, private
content-type
text/javascript; charset=utf-8
content-length
36
x-xss-protection
1; mode=block
expires
Thu, 01 Jan 1970 00:00:00 GMT
pubads_impl_2022081101.js
securepubads.g.doubleclick.net/gpt/ 		388 KB
133 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081101.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
sffe /
Resource Hash
48bd457befd1682d1e21bd4327a12799559ecc1308da5413b21ee60d2e6c0dde
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.thestar.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Tue, 16 Aug 2022 16:18:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2506
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
135472
x-xss-protection
0
last-modified
Thu, 11 Aug 2022 08:35:49 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 16 Aug 2023 16:18:45 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		203 B
770 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.thestar.com
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
023fe23d65d9b7d599635de857da2d08330acf9bae441a8ca8e03c9a9bee20df
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 16 Aug 2022 17:00:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
133
x-xss-protection
0
expires
Tue, 16 Aug 2022 17:00:31 GMT
channels.cgi
torstar.gscontxt.net/main/ 		236 B
314 B 		Script
General
Check archive.org
Download Go to
Full URL
https://torstar.gscontxt.net/main/channels.cgi?url=https%3A%2F%2Fwww.thestar.com%2Flife%2Ffashion_style%2F2022%2F08%2F04%2Fwe-put-walking-sandals-to-the-testthese-are-the-comfiest.html
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/life/fashion_style/2022/08/04/we-put-walking-sandals-to-the-testthese-are-the-comfiest.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
158.101.192.250 Amsterdam, Netherlands, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
/
Resource Hash
aefcfdbea89e002f278a76779a529ea5fa98c27fb18dc8d8ce171131d3ff6b43

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Length
236
Content-Type
application/javascript
launch-EN5e55511c260e4c0cb05872ba3729b255.min.js
resources.thestar.com/ 		350 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.thestar.com/launch-EN5e55511c260e4c0cb05872ba3729b255.min.js
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/life/fashion_style/2022/08/04/we-put-walking-sandals-to-the-testthese-are-the-comfiest.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-12.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0a8934430adb48d36989ad9b104d13da7a2c6f34a858c511fb9d4e0a860f6192

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 16:32:53 GMT
content-encoding
gzip
last-modified
Tue, 16 Aug 2022 16:32:28 GMT
server
AmazonS3
age
1659
etag
W/"2c1845096d4825951f4a22259e99fafa"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
TeHZ.gTa_3Ly6ADYX7gdMMey20xbSWmO
via
1.1 d5fb859c39a16d7f218b4c7fb1528ad6.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
content-type
text/javascript
x-amz-cf-id
wK1FEIVLHQfXIIbB7BVsZRm4bclEGyeFQB2PAHe7Y2Pet3dF2hbUOQ==
main.js
static.app.delivery/sdks/web/ 		128 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.app.delivery/sdks/web/main.js
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/life/fashion_style/2022/08/04/we-put-walking-sandals-to-the-testthese-are-the-comfiest.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:490d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fec7384a7fbf4ba287754d74a2ea4e37e32dc6c79afa1f477da4c5622bd48c40
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 17:00:32 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
968
vary
Accept-Encoding
last-modified
Fri, 26 Nov 2021 12:00:54 GMT
server
cloudflare
etag
W/"61a0cc76-200b0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Eem1Aa%2FwsjQ4iQq4hdLn5dK3wnlxpX9tGDQEbiLmrP%2BuECXDD6L14HpFHTyn9lDDL4W%2BIzjVjphBg%2FF0e5BCbSDNe%2F159G5SSG4LFOiFkr2835s0gBHdrojmaU1VBdLYlBencPtCG%2BrVxUjF7UBFltk%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=3600
cf-ray
73bbba0f3b369963-FRA
expires
Tue, 16 Aug 2022 17:44:24 GMT
gtm.js
www.googletagmanager.com/ 		238 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-P86MZHL&gtm_auth=6lA8dG63UaQ5ed3gQljsjQ&gtm_preview=env-2&gtm_cookies_win=x
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/life/fashion_style/2022/08/04/we-put-walking-sandals-to-the-testthese-are-the-comfiest.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
1cca4d5ab98eee886956b86e9f818cd3e098452af938e03f4dfe3935c97d8be3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 17:00:32 GMT
content-encoding
br
vary
*
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
84624
x-xss-protection
0
pragma
no-cache
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 01 Jan 1990 00:00:00 GMT
js_visitor_settings.php
dev.visualwebsiteoptimizer.com/deploy/ 		12 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/deploy/js_visitor_settings.php?v=1&a=354908&url=https%3A%2F%2Fwww.thestar.com%2Flife%2Ffashion_style%2F2022%2F08%2F04%2Fwe-put-walking-sandals-to-the-testthese-are-the-comfiest.html&random=0.9744634476299168
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/life/fashion_style/2022/08/04/we-put-walking-sandals-to-the-testthese-are-the-comfiest.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gfra1 /
Resource Hash
a25a65652a3c7a24f7d8b796c4ed6a4ffc2baf6735c6daa5002f2f8323ea56e8

Request headers

Referer
https://www.thestar.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Tue, 16 Aug 2022 17:00:31 GMT
via
1.1 google
server
gfra1
content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-type
application/javascript; charset=UTF-8
track-3a8c03cc83fd9c554b5af6e1cc1ffa80.js
dev.visualwebsiteoptimizer.com/7.0/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/7.0/track-3a8c03cc83fd9c554b5af6e1cc1ffa80.js
Requested by
Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/deploy/js_visitor_settings.php?v=1&a=354908&url=https%3A%2F%2Fwww.thestar.com%2Flife%2Ffashion_style%2F2022%2F08%2F04%2Fwe-put-walking-sandals-to-the-testthese-are-the-comfiest.html&random=0.9744634476299168
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gfra1 /
Resource Hash
cd3cae6c99e7c1bcf9d6ce556cd750fbeaf91703d1f93f979a748e55b4666c09

Request headers

Referer
https://www.thestar.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Tue, 16 Aug 2022 17:00:31 GMT
content-encoding
br
last-modified
Tue, 16 Aug 2022 12:05:49 GMT
server
gfra1
etag
"62fb881d-e88"
vary
Accept-Encoding, User-Agent
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3720
via
1.1 google
opa-3d1a80cbbc4fdc4472eae80c14d918ad.js
dev.visualwebsiteoptimizer.com/analysis/4.0/ 		109 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/analysis/4.0/opa-3d1a80cbbc4fdc4472eae80c14d918ad.js
Requested by
Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/deploy/js_visitor_settings.php?v=1&a=354908&url=https%3A%2F%2Fwww.thestar.com%2Flife%2Ffashion_style%2F2022%2F08%2F04%2Fwe-put-walking-sandals-to-the-testthese-are-the-comfiest.html&random=0.9744634476299168
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gfra1 /
Resource Hash
0b5385fd093a639a38b5f1bd66e80fda4fd77686164cfa98bce104e1bc55735a

Request headers

Referer
https://www.thestar.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Tue, 16 Aug 2022 17:00:31 GMT
content-encoding
br
last-modified
Tue, 16 Aug 2022 12:05:44 GMT
server
gfra1
etag
"62fb8818-6f12"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28434
via
1.1 google
v.gif
dev.visualwebsiteoptimizer.com/ 		35 B
52 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dev.visualwebsiteoptimizer.com/v.gif?cd=0&a=354908&d=thestar.com&u=D754B6FA2D32922DBDB2A2AF579647EDA&h=b8def3a6feb6730d1b121398e9edc8f5&r=0.8350386927136013
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/life/fashion_style/2022/08/04/we-put-walking-sandals-to-the-testthese-are-the-comfiest.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gnv3c /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 16 Aug 2022 17:00:32 GMT
via
1.1 google
x-content-type-options
nosniff
server
gnv3c
content-type
image/gif
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 10 Jan 2005 00:00:01 GMT
vis_opt.js
d5phz18u4wuww.cloudfront.net/ 		168 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d5phz18u4wuww.cloudfront.net/vis_opt.js
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/life/fashion_style/2022/08/04/we-put-walking-sandals-to-the-testthese-are-the-comfiest.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.138.2.210 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-2-210.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e96ee4202dd697f4757a0c1502f5b3ae79c0d59d0823d80a80ac3ed97132d861

Request headers

Referer
https://www.thestar.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date
Tue, 16 Aug 2022 16:35:28 GMT
Content-Encoding
gzip
Connection
keep-alive
Last-Modified
Thu, 02 May 2019 08:14:16 GMT
Server
AmazonS3
Age
1504
ETag
"85932b0cd7c8dce121fa1923529a3189"
X-Cache
Hit from cloudfront
Content-Type
text/javascript
Via
1.1 e96aebc8d7c9ec82b88c3160a18fed96.cloudfront.net (CloudFront)
Cache-Control
max-age=3600
X-Amz-Cf-Pop
FRA56-P6
Accept-Ranges
bytes
Content-Length
57240
X-Amz-Cf-Id
25wmgk1F9UjOqP7fodvr9DOXA50meb8ilUPSVsToWyjkxRLRZyfwGA==
vis_opt-3a8c03cc83fd9c554b5af6e1cc1ffa80.js
dev.visualwebsiteoptimizer.com/7.0/ 		224 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/7.0/vis_opt-3a8c03cc83fd9c554b5af6e1cc1ffa80.js
Requested by
Host: d5phz18u4wuww.cloudfront.net
URL: https://d5phz18u4wuww.cloudfront.net/vis_opt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gfra1 /
Resource Hash
0ab1fd110ce89de16dd7435dd96ab8370bc9f8da90fa8acab312f5d3f46f25e3

Request headers

Referer
https://www.thestar.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Tue, 16 Aug 2022 17:00:32 GMT
content-encoding
br
last-modified
Tue, 16 Aug 2022 12:05:49 GMT
server
gfra1
etag
"62fb881d-fd2b"
vary
Accept-Encoding, User-Agent
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
64811
via
1.1 google
embedder
adserver.pressboard.ca/v3/ 		351 B
789 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adserver.pressboard.ca/v3/embedder?media=130507
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/life/fashion_style/2022/08/04/we-put-walking-sandals-to-the-testthese-are-the-comfiest.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.104.28.77 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
4da8f4d2d20833c254b092ab30d0ebaee5e3d93716e320773ff55c27c353796b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 16 Aug 2022 17:00:32 GMT
Access-Control-Allow-Methods
GET, POST, OPTIONS, HEAD, PUT
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Expires
0
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept
Content-Length
351
request-context
appId=cid-v1:872aa76c-939e-4ab5-93a1-49e977059583
moatcontent.js
z.moatads.com/torontocontentstarcontent37863992/ 		165 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/torontocontentstarcontent37863992/moatcontent.js
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/life/fashion_style/2022/08/04/we-put-walking-sandals-to-the-testthese-are-the-comfiest.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.47.209.169 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-47-209-169.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
d85850c885fe92574f866d77f638250a2747c691aa7f537b4922e28b368cd51a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

unused62
8096267
date
Tue, 16 Aug 2022 17:00:32 GMT
content-encoding
gzip
last-modified
Mon, 24 Aug 2020 17:22:35 GMT
server
AmazonS3
x-amz-request-id
35563FE675335CC8
etag
"491121b0fb1268b17bdb2c53880291f2"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=30503
accept-ranges
bytes
content-length
54912
x-amz-id-2
FgO3NgyOy0w14Ykrkj+/ewaNdtBiOuX33KGu04lFc07q3MyHfvDQM2th2TuWJwo6Shv4QVxHHGc=
material-icons-base-400-normal.woff2
www.thestar.com/static/assets/ 		101 KB
102 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.thestar.com/static/assets/material-icons-base-400-normal.woff2?v=fe7e45c2
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/static/72.css?v=5b614be87a075d9e9044
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-75.fra56.r.cloudfront.net
Software
Apache/2.4.54 (Unix) OpenSSL/1.1.1n / Express
Resource Hash
53e47f0803e3983ae0b26db5f39e87c0bfd327981749c02c9e2f955341e34d7b
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.thestar.com/static/72.css?v=5b614be87a075d9e9044
Origin
https://www.thestar.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 17:00:32 GMT
via
1.1 747e99d9d8c5e29fdc713cf866bc3f82.cloudfront.net (CloudFront)
age
181
x-powered-by
Express
x-cache
Hit from cloudfront
content-length
103852
last-modified
Fri, 12 Aug 2022 16:10:44 GMT
server
Apache/2.4.54 (Unix) OpenSSL/1.1.1n
x-frame-options
SAMEORIGIN
etag
W/"195ac-18292d27ba0"
vary
Accept-Encoding
content-type
font/woff2
access-control-allow-origin
https://amp.thestar.com
cache-control
max-age=300
x-amz-cf-pop
FRA56-C2
accept-ranges
bytes
x-amz-cf-id
0Vh9f6-1EWmrmhqA0xI-oCKJ_39_WC4AxA6R-PXHJv4rmpsNVcnacw==
truncated
/ 		10 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b85661af5329e5b3f2eab835d8d062c276959aa69de115304e339e2f5371c1ad

Request headers

Referer
Origin
https://www.thestar.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type
application/x-font-woff;charset=utf-8
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ad5fc1a1f2e9f61750da7c5f657b4555458014b20726b06d78d3d2c1e60ee392

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type
image/svg+xml
worker-70faafffa0475802f5ee03ca5ff74179.js
dev.visualwebsiteoptimizer.com/analysis/ 		47 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/analysis/worker-70faafffa0475802f5ee03ca5ff74179.js
Requested by
Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/analysis/4.0/opa-3d1a80cbbc4fdc4472eae80c14d918ad.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gfra1 /
Resource Hash
e916478d94814b1a0c2680424c323db0514f4a022d16835cd7bcc754722308f4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 17:00:32 GMT
content-encoding
br
last-modified
Tue, 16 Aug 2022 12:05:44 GMT
server
gfra1
etag
"62fb8818-351f"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13599
via
1.1 google
material-icons-outlined-all-400-normal.woff2
www.thestar.com/static/assets/ 		126 KB
126 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.thestar.com/static/assets/material-icons-outlined-all-400-normal.woff2?v=e4106b07
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/static/72.css?v=5b614be87a075d9e9044
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-75.fra56.r.cloudfront.net
Software
Apache/2.4.54 (Unix) OpenSSL/1.1.1n / Express
Resource Hash
afa2d43bc5235e019048bf8eeb242859a5beff1fa165621f8deaa6385b799951
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.thestar.com/static/72.css?v=5b614be87a075d9e9044
Origin
https://www.thestar.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 16:55:35 GMT
via
1.1 747e99d9d8c5e29fdc713cf866bc3f82.cloudfront.net (CloudFront)
age
297
x-powered-by
Express
x-cache
Hit from cloudfront
content-length
128844
last-modified
Fri, 12 Aug 2022 16:10:44 GMT
server
Apache/2.4.54 (Unix) OpenSSL/1.1.1n
x-frame-options
SAMEORIGIN
etag
W/"1f74c-18292d27ba0"
vary
Accept-Encoding
content-type
font/woff2
access-control-allow-origin
https://amp.thestar.com
cache-control
max-age=300
x-amz-cf-pop
FRA56-C2
accept-ranges
bytes
x-amz-cf-id
As-SNlh_LmreF6xB8qPVvRsT8c_969iQkkQLImCY7KgcTsdNoNJrwg==
adsct
t.co/i/ 		43 B
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.co/i/adsct?bci=1&eci=1&event_id=263fbdae-9f36-4aa8-99c4-f53e7b6e4832&p_id=Twitter&p_user_id=0&pl_id=88095cbd-16b7-455c-a524-c69b1f3b4de9&tw_document_href=https%3A%2F%2Fwww.thestar.com%2Flife%2Ffashion_style%2F2022%2F08%2F04%2Fwe-put-walking-sandals-to-the-testthese-are-the-comfiest.html&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nuz9l&type=javascript&version=2.4.15
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/life/fashion_style/2022/08/04/we-put-walking-sandals-to-the-testthese-are-the-comfiest.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.197 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-response-time
102
date
Tue, 16 Aug 2022 17:00:32 GMT
server
tsa_o
strict-transport-security
max-age=0
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, max-age=0
x-connection-hash
52cd9114c75ecd0f46d7dfb1a9a09e7f2a7af89fbcfe9accfeecb767a51cc14c
content-length
43
adsct
analytics.twitter.com/i/ 		43 B
355 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analytics.twitter.com/i/adsct?bci=1&eci=1&event_id=263fbdae-9f36-4aa8-99c4-f53e7b6e4832&p_id=Twitter&p_user_id=0&pl_id=88095cbd-16b7-455c-a524-c69b1f3b4de9&tw_document_href=https%3A%2F%2Fwww.thestar.com%2Flife%2Ffashion_style%2F2022%2F08%2F04%2Fwe-put-walking-sandals-to-the-testthese-are-the-comfiest.html&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nuz9l&type=javascript&version=2.4.15
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/life/fashion_style/2022/08/04/we-put-walking-sandals-to-the-testthese-are-the-comfiest.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.195 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-response-time
102
date
Tue, 16 Aug 2022 17:00:32 GMT
server
tsa_o
strict-transport-security
max-age=631138519
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, max-age=0
x-connection-hash
93a24df7dfc53dca42ede4b49d847ee439fdb5600f37c561c28c1eb7319ef56c
content-length
43
fbevents.js
connect.facebook.net/en_US/ 		100 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/life/fashion_style/2022/08/04/we-put-walking-sandals-to-the-testthese-are-the-comfiest.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
4ff1b9b91db584b19d20b4d02af9ff7673add161ce3f9ceae9391b3a84fddab1
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
26515
x-xss-protection
0
pragma
public
x-fb-debug
RUQb411fP+/2duKQbSkTt9JT65cBr+IZ5f/JtBkJsHxmANq12vj0N9dg8YwLxdtb6gHc9Nj+/71HrTlEu5ZI1w==
x-fb-trip-id
917726464
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Tue, 16 Aug 2022 17:00:32 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
beacon.js
sb.scorecardresearch.com/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/life/fashion_style/2022/08/04/we-put-walking-sandals-to-the-testthese-are-the-comfiest.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-2.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 04:55:41 GMT
content-encoding
gzip
etag
W/"eaf85c1c6758e84acfe134efd70e9373"
last-modified
Tue, 28 Jun 2022 13:19:23 GMT
server
AmazonS3
age
43492
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 78059242182c195ff7f26013772da09a.cloudfront.net (CloudFront)
cache-control
max-age=86400
x-amz-cf-pop
FRA6-C1
x-amz-cf-id
KLGBsAdlcBOoelOwwDTvtc6EtCrHOZCeN-exxVjCkRSnw6HZAC4yaQ==
/
d1nxn87txdj54y.cloudfront.net/ 		43 B
524 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1nxn87txdj54y.cloudfront.net/?a=40727dc8cfba4185b5b471b11fed6eb9
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/life/fashion_style/2022/08/04/we-put-walking-sandals-to-the-testthese-are-the-comfiest.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
65.9.58.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-58-76.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Tue, 16 Aug 2022 17:00:34 GMT
Via
1.1 c4a2e8b9ec0bdec016055cf127d5dad8.cloudfront.net (CloudFront)
Last-Modified
Mon, 22 Apr 2013 19:31:32 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA56-C1
ETag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
X-Cache
RefreshHit from cloudfront
Content-Type
image/gif
Cache-Control
no-cache
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
43
X-Amz-Cf-Id
XHS8ZiilPu5mdmuZNHtL5ZC0otn2xdR2nN9DD45-vsWPvGVyLLtFTg==
p.js
d1z2jf7jlzjs58.cloudfront.net/ 		930 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d1z2jf7jlzjs58.cloudfront.net/p.js
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/life/fashion_style/2022/08/04/we-put-walking-sandals-to-the-testthese-are-the-comfiest.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
65.9.58.156 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-58-156.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
62f586be8571b23584eb4a60a45a3157ff7c8388b1b1e3b4e8890e243b3e47de

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Mon, 15 Aug 2022 21:47:54 GMT
Via
1.1 a383f82b5d4e98bbd66535c2c4b20c9e.cloudfront.net (CloudFront)
Age
69158
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
930
Pragma
public
Last-Modified
Wed, 06 May 2020 20:19:48 GMT
Server
nginx
ETag
"5eb31be4-3a2"
Content-Type
application/javascript
Cache-Control
max-age=86400, public
X-Amz-Cf-Pop
FRA56-C1
Accept-Ranges
bytes
X-Amz-Cf-Id
7vSKbI2Wif5qlLVFXeQhNHRmvmF6Con2tKGqUYtmB4FQ0pCOyBHDSw==
Expires
Tue, 16 Aug 2022 21:47:54 GMT
q9fqmmutk5a97trs-nbc.js
cdn.petametrics.com/ 		157 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.petametrics.com/q9fqmmutk5a97trs-nbc.js?ts=461297
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/life/fashion_style/2022/08/04/we-put-walking-sandals-to-the-testthese-are-the-comfiest.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5901bfd4d9db19b235e9c1145ef4d7ac5f2376eb60dc42bca7e2792a33ec56d4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 17:00:32 GMT
content-encoding
gzip
last-modified
Tue, 10 May 2022 14:32:37 GMT
server
AmazonS3
x-amz-request-id
V1748VKPVH2TC0PM
etag
"ffe8480332cd418a4e4f93e81734e6ca"
x-hw
1660669232.cds250.fr8.hn,1660669232.cds230.fr8.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=86400, s-maxage=31536000
content-length
46608
accept-ranges
bytes
x-amz-version-id
W0EXYzBRcmWc7cKN7s.uho3fIkkcqADy
x-amz-id-2
/wtqu89zJ7p0FEj+OcfGWt1gpdf/Bnxn2amLMpOh1DPdTb5al1JRCutygMR6ar3Ptq54sov8TIg=
apstag.js
c.amazon-adsystem.com/aax2/ 		159 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/life/fashion_style/2022/08/04/we-put-walking-sandals-to-the-testthese-are-the-comfiest.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.71.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-71-118.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
925ed48219a2d3c339c5d288fdae3f965efbca0e5ee4e369b7dcbb04b6ade06f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 16:56:12 GMT
content-encoding
gzip
etag
W/"52a6bc60961c702869c58b9d159c8e37"
last-modified
Mon, 15 Aug 2022 16:12:00 GMT
server
AmazonS3
age
261
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 b3fce8903671f8346e7a6a138d2d4610.cloudfront.net (CloudFront), 1.1 4874e0c922f34c928345f4c183ea11b4.cloudfront.net (CloudFront)
cache-control
public, max-age=3600
x-amz-cf-pop
FRA60-P1, FRA56-C1
x-amz-cf-id
cvkXMtkwM3cJpO_ukpIzjHEGqMFR2IlfJaiHuGazAkk20-wqvAlmBg==
pxid
be54a597-6b6d-4e2d-9d31-642310a8db25.prmutv.co/v2.0/ 		46 B
394 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://be54a597-6b6d-4e2d-9d31-642310a8db25.prmutv.co/v2.0/pxid?k=025ad678-bf0a-4fe2-b383-8487592159bc
Requested by
Host: be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app
URL: https://be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app/be54a597-6b6d-4e2d-9d31-642310a8db25-web.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.9.51 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
51.9.241.35.bc.googleusercontent.com
Software
Permutive /
Resource Hash
f19603e55c8b61b4053984ca4d0306650f88ee06e7df03aefb813502cfef22fe

Request headers

Referer
https://www.thestar.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
content-type
text/plain

Response headers

date
Tue, 16 Aug 2022 17:00:32 GMT
content-encoding
gzip
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.thestar.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66
via
1.1 google
getuidj
ib.adnxs.com/ 		11 B
699 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/getuidj
Requested by
Host: be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app
URL: https://be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app/be54a597-6b6d-4e2d-9d31-642310a8db25-web.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.250 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.thestar.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
content-type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 16 Aug 2022 17:00:32 GMT
X-Proxy-Origin
80.255.7.102; 80.255.7.102; 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
039739c9-6339-44c6-9136-29335e3a6bb7
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.thestar.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
11
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
geoip
api.permutive.com/v2.0/ 		215 B
355 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/geoip?include=geo&include=isp&include=ip_hash&k=025ad678-bf0a-4fe2-b383-8487592159bc
Requested by
Host: be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app
URL: https://be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app/be54a597-6b6d-4e2d-9d31-642310a8db25-web.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
2a94fe4bab6bb71b075176d47c0fbd81e3d26424e909a0e137c666b48f03d34b

Request headers

Referer
https://www.thestar.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
content-type
text/plain

Response headers

date
Tue, 16 Aug 2022 17:00:32 GMT
content-encoding
gzip
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.thestar.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
161
via
1.1 google
swg-button.css
news.google.com/swg/js/v1/ 		21 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://news.google.com/swg/js/v1/swg-button.css
Requested by
Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bde06a0400c168573473e2de967d842eec383f2f755aef4ec017b2f333e7ff85
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 16:17:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2559
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6457
x-xss-protection
0
last-modified
Wed, 12 Jan 2022 22:09:41 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="news-frontend"
vary
Accept-Encoding
report-to
{"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type
text/css
cache-control
public, max-age=3000
accept-ranges
bytes
expires
Tue, 16 Aug 2022 17:07:53 GMT
v2
api.viafoura.co/v2/www.thestar.com/bootstrap/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.viafoura.co/v2/www.thestar.com/bootstrap/v2
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:44f0:4840:c560:4469:324d:51db Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
873e2e6f4bf833b76e3d74e823187e9647bc9f445538102d5a4281f7193f5782

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.thestar.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 16 Aug 2022 17:00:33 GMT
content-encoding
gzip
server
nginx/1.18.0 (Ubuntu)
x-instance-id
i-0ea654bf66bf24c69
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE, PATCH, HEAD
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.thestar.com
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
expires
Tue, 16 Aug 2022 17:00:33 GMT
6cdcc999-3576-4b74-9b8e-c89fde108365
https://www.thestar.com/ 		296 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.thestar.com/6cdcc999-3576-4b74-9b8e-c89fde108365
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/life/fashion_style/2022/08/04/we-put-walking-sandals-to-the-testthese-are-the-comfiest.html
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
eb8fd1a6d0d496913054002db2daa057789fe5b480706d6b3a59901fad564c86

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Length
303052
6715713d-bb44-43e1-b5aa-9d2ba9e41ea7
https://www.thestar.com/ 		20 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.thestar.com/6715713d-bb44-43e1-b5aa-9d2ba9e41ea7
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/life/fashion_style/2022/08/04/we-put-walking-sandals-to-the-testthese-are-the-comfiest.html
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1c9f5eb566c14c69605fdfd438faafa20d99a5933db3af1856c4e655b8897600

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Length
20393
v2
api.viafoura.co/v2/www.thestar.com/bootstrap/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.viafoura.co/v2/www.thestar.com/bootstrap/v2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:44f0:4840:c560:4469:324d:51db Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.thestar.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE, PATCH, HEAD
access-control-allow-origin
https://www.thestar.com
access-control-max-age
1728000
cache-control
max-age=0
date
Tue, 16 Aug 2022 17:00:32 GMT
expires
Tue, 16 Aug 2022 17:00:32 GMT
server
nginx/1.18.0 (Ubuntu)
id
dpm.demdex.net/ 		387 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dpm.demdex.net/id?d_visid_ver=5.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=19A568F454F72DAF0A4C98A6%40AdobeOrg&d_nsid=0&ts=1660669232763
Requested by
Host: resources.thestar.com
URL: https://resources.thestar.com/launch-EN5e55511c260e4c0cb05872ba3729b255.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.76.210.146 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-210-146.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
cc31e500912462e5373f92ea233b13735afc347a6c37dcf6292fbea62035e61f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.thestar.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

DCS
dcs-prod-irl1-1-v038-09331a469.edge-irl1.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-TID
KC8IH/RlR/g=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://www.thestar.com
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json;charset=utf-8
Content-Length
326
Expires
Thu, 01 Jan 1970 00:00:00 UTC
AppMeasurement.min.js
resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/d0dd5ba17898/hostedLibFiles/EP171e731c9ba34f1c950c36d26e3efd61/ 		33 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/d0dd5ba17898/hostedLibFiles/EP171e731c9ba34f1c950c36d26e3efd61/AppMeasurement.min.js
Requested by
Host: resources.thestar.com
URL: https://resources.thestar.com/launch-EN5e55511c260e4c0cb05872ba3729b255.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-12.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9219086b4f2c3bf77854b2e06ccd97ad32b9b7a140e65ff8b974a3bae6c7854c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 16:32:58 GMT
content-encoding
gzip
last-modified
Tue, 16 Aug 2022 16:32:11 GMT
server
AmazonS3
age
1655
etag
W/"d860c16ac938f7d839f0ec158d02d0f0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
iHraly11JFJL9qaVmPTY8w9fGSw3ENen
via
1.1 d5fb859c39a16d7f218b4c7fb1528ad6.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
content-type
text/javascript
x-amz-cf-id
6iyYV5ZGicudYEGd3KtAPytrqwmSDBXSZslP_3gHr6nnaMw-cNNSSg==
AppMeasurement_Module_ActivityMap.min.js
resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/d0dd5ba17898/hostedLibFiles/EP171e731c9ba34f1c950c36d26e3efd61/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/d0dd5ba17898/hostedLibFiles/EP171e731c9ba34f1c950c36d26e3efd61/AppMeasurement_Module_ActivityMap.min.js
Requested by
Host: resources.thestar.com
URL: https://resources.thestar.com/launch-EN5e55511c260e4c0cb05872ba3729b255.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-12.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
462a66acbf50e933685e7587e9f1441df8225b2bb4d6b7bc5e757eccf4ff6575

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 16:32:54 GMT
content-encoding
gzip
last-modified
Tue, 16 Aug 2022 16:32:11 GMT
server
AmazonS3
age
1659
etag
W/"2d1382c349d480b6b41574ac0c1af066"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
2B0NN5uzZ4Mil3RP6kDl.6bkIJvNvTte
via
1.1 d5fb859c39a16d7f218b4c7fb1528ad6.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
content-type
text/javascript
x-amz-cf-id
sRPI1kHr6L_8ZCndHRo4IGkZWDURVqXbsim5_dJXBDUNLavaxxCErA==
identify
api.permutive.com/v2.0/ 		50 B
86 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/identify?k=025ad678-bf0a-4fe2-b383-8487592159bc
Requested by
Host: be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app
URL: https://be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app/be54a597-6b6d-4e2d-9d31-642310a8db25-web.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
94dfc39d176e2fce5f5cf59fb75b9a38aa915915f8866021d556af1c9c5ad627

Request headers

Referer
https://www.thestar.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
content-type
text/plain

Response headers

date
Tue, 16 Aug 2022 17:00:32 GMT
content-encoding
gzip
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.thestar.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
via
1.1 google
js
www.googletagmanager.com/gtag/ 		200 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-B4CQN4KW3R&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P86MZHL&gtm_auth=6lA8dG63UaQ5ed3gQljsjQ&gtm_preview=env-2&gtm_cookies_win=x
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
6f47bb4aa437a4b1a10173e61e2951abd8371594881cbe338cc386411c02c6d9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 17:00:32 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
72616
x-xss-protection
0
expires
Tue, 16 Aug 2022 17:00:32 GMT
js
www.googletagmanager.com/gtag/ 		201 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-6FZFMVVWVN&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P86MZHL&gtm_auth=6lA8dG63UaQ5ed3gQljsjQ&gtm_preview=env-2&gtm_cookies_win=x
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d349fb24031be877e9c7e76dc02ea56cda62ee39ac2c660966d8c5387d78f4f9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 17:00:32 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
73217
x-xss-protection
0
expires
Tue, 16 Aug 2022 17:00:32 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P86MZHL&gtm_auth=6lA8dG63UaQ5ed3gQljsjQ&gtm_preview=env-2&gtm_cookies_win=x
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
7112
date
Tue, 16 Aug 2022 15:02:00 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Tue, 16 Aug 2022 17:02:00 GMT
web-vitals.umd.js
unpkg.com/web-vitals@2.1.4/dist/
Redirect Chain
  • https://unpkg.com/web-vitals
  • https://unpkg.com/web-vitals@2.1.4
  • https://unpkg.com/web-vitals@2.1.4/dist/web-vitals.umd.js
5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/web-vitals@2.1.4/dist/web-vitals.umd.js
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/life/fashion_style/2022/08/04/we-put-walking-sandals-to-the-testthese-are-the-comfiest.html
Protocol
H2
Server
2606:4700::6810:7baf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
52cac1193a3683e35353723a38e01a9bcc0c5f9bf2be42d29c96905527c7923d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 17:00:33 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
age
14614959
fly-request-id
01FX07QK97S1EG718AGVRWT1F2-fra
content-encoding
br
vary
Accept-Encoding
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
server
cloudflare
etag
W/"120b-0F8cYs4ysxGP6ebngBlASGivDqM"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
73bbba12af099150-FRA

Redirect headers

date
Tue, 16 Aug 2022 17:00:33 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
fly-request-id
01FT83NCR2B56DTMGTVPMWMSJ3
server
cloudflare
age
17571960
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept, Accept-Encoding
content-type
text/plain; charset=utf-8
location
/web-vitals@2.1.4/dist/web-vitals.umd.js
cache-control
public, max-age=31536000
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
73bbba124e909150-FRA
access-control-allow-origin
*
v2
mb.moatads.com/yi/ 		720 B
894 B 		Script
General
Check archive.org
Download Go to
Full URL
https://mb.moatads.com/yi/v2?ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(Kc%2CC%24%3D!!tmxgk~GDgxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-vldfgUevl2QD4YpW6R34RpvnDsHp3lN2bOJbBer2APsOGgL%2F6PC5WmU2F3MRrrFWS1qZ&rs=1-dCAW7OXurwpsfw%3D%3D&sc=1&os=1-8A%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&url=https%3A%2F%2Fwww.thestar.com%2Flife%2Ffashion_style%2F2022%2F08%2F04%2Fwe-put-walking-sandals-to-the-testthese-are-the-comfiest.html&pcode=torontoprebidheader623296055317&rx=240682595571&callback=MoatNadoAllJsonpRequest_82219317
Requested by
Host: sejs.moatads.com
URL: https://sejs.moatads.com/torontoprebidheader623296055317/yi.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.56.103.253 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-56-103-253.eu-west-2.compute.amazonaws.com
Software
Microsoft-IIS/6.0 /
Resource Hash
e30899a92fafffd64c6787088c6819e5721f1d2a55948fd515c5e30fcddbf149

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 17:00:33 GMT
cache-control
max-age=900
server
Microsoft-IIS/6.0
timing-allow-origin
*
etag
"0735a0be2dc1ae495c99fcdb47eba7c302de657b"
content-length
720
content-type
text/html; charset=UTF-8
iframe.html
z.moatads.com/hd09824092/ Frame 3A2E 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/hd09824092/iframe.html
Requested by
Host: sejs.moatads.com
URL: https://sejs.moatads.com/torontoprebidheader623296055317/yi.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.47.209.169 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-47-209-169.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
49d65831c7e98a7d885d223699a41198204329efff9d1904c8af71323f613d68

Request headers

Referer
https://www.thestar.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=3236
content-length
1374
content-type
text/html
date
Tue, 16 Aug 2022 17:00:32 GMT
etag
"4a9cbc2e5bc164313dace42a58bef141"
last-modified
Tue, 26 Jan 2021 22:41:39 GMT
server
AmazonS3
unused62
8096267
x-amz-id-2
gXq1jnFFl4IgE5Pg5fR5Wfc+1TB9/Cmj+UrSQ9R4E/iyyULSAwUvNs2QnDu7Isiuz0ACko/5hfU=
x-amz-request-id
7653428B85424DDC
b
sb.scorecardresearch.com/ 		0
190 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b?c1=2&c2=3005674&cs_it=b3&cv=3.8.0.210223&ns__t=1660669232895&ns_c=UTF-8&c7=https%3A%2F%2Fwww.thestar.com%2Flife%2Ffashion_style%2F2022%2F08%2F04%2Fwe-put-walking-sandals-to-the-testthese-are-the-comfiest.html&c8=We%20put%20walking%20sandals%20to%20the%20test%E2%80%94these%20are%20the%20comfiest%20%7C%20The%20Star&c9=
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/life/fashion_style/2022/08/04/we-put-walking-sandals-to-the-testthese-are-the-comfiest.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-2.fra6.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 17:00:32 GMT
via
1.1 78059242182c195ff7f26013772da09a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
x-amz-cf-id
eDjElT2ljiY7CHkSCRPxaRffvK9Zz7YTXqzsjTEt0D_Q0XQ2o1xgLg==
x-cache
Miss from cloudfront
p.js
cdn.parsely.com/keys/thestar.com/ 		73 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.parsely.com/keys/thestar.com/p.js
Requested by
Host: d1z2jf7jlzjs58.cloudfront.net
URL: https://d1z2jf7jlzjs58.cloudfront.net/p.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.61.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-61-60.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
4e055c26ecd439ee73765fc8f167b4f23eb9b92608c70b2068b0bc7c3baeb9dd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
public
date
Tue, 16 Aug 2022 09:13:47 GMT
content-encoding
gzip
last-modified
Fri, 24 Jun 2022 01:41:35 GMT
server
nginx
age
28158
etag
W/"62b5164f-12236"
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 f358cf5f46d10c349187abd5e20e06ce.cloudfront.net (CloudFront)
cache-control
max-age=86400, public
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
eq7oaMYKhJP2rF2IrJ_36fT-yuOo2sdEwaYRH04fRHGKBjDJ1jbOyw==
expires
Wed, 17 Aug 2022 09:11:15 GMT
424
e377.thestar.com/DG/DEFAULT/rest/rpc/ 		78 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://e377.thestar.com/DG/DEFAULT/rest/rpc/424?referer=https%3A%2F%2Fwww.thestar.com%2Flife%2Ffashion_style%2F2022%2F08%2F04%2Fwe-put-walking-sandals-to-the-testthese-are-the-comfiest.html&bcsessionid=&bctempid=&overruleReferrer=&time=2022-08-16T17%3A00%3A32%2B00%3A00&ts=1660669232938
Requested by
Host: e377.thestar.com
URL: https://e377.thestar.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-18.fra56.r.cloudfront.net
Software
- /
Resource Hash
343dcc327be1946186cdfef0b8506ade20878f3df85c2673262486b3108bd171
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.thestar.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 16 Aug 2022 17:00:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
FRA56-C1
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
12644
x-xss-protection
1; mode=block
pragma
no-cache
access-control-allow-origin
https://www.thestar.com
server
-
content-type
application/json; charset=utf-8
via
1.1 c359abeab0060e721cfaac65ce34b1cc.cloudfront.net (CloudFront)
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
jBEpzWqS9ragRtwLbpzYNaV0p9D7UEUF5vkUdJQH43zJkatgDm-7Wg==
expires
Thu, 01 Jan 1970 00:00:00 GMT
__activity.gif
query.petametrics.com/v3/q9fqmmutk5a97trs/271cfd89-2cbd-464e-cdcd-cd3ccf44e8a8/ 		35 B
175 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://query.petametrics.com/v3/q9fqmmutk5a97trs/271cfd89-2cbd-464e-cdcd-cd3ccf44e8a8/__activity.gif?e=pageview&ct=We+put+walking+sandals+to+the+test%E2%80%94these+are+the+comfiest&ccu=https%3A%2F%2Fwww.thestar.com%2Flife%2Ffashion_style%2F2022%2F08%2F04%2Fwe-put-walking-sandals-to-the-testthese-are-the-comfiest.html&tspl=4557&blst=3991&ist=4550&iet=4555&bdst=3991&bdet=4453&bcttt=10&jsfv=nbc&ts=1660669232970&jsk=q9fqmmutk5a97trs&jsv=20220510&cu=https%3A%2F%2Fwww.thestar.com%2Flife%2Ffashion_style%2F2022%2F08%2F04%2Fwe-put-walking-sandals-to-the-testthese-are-the-comfiest.html&uid=271cfd89-2cbd-464e-cdcd-cd3ccf44e8a8&sid=ee98f564-0e01-4c12-a18d-04583b664b92&pvid=13379552-9f16-43ff-df6f-e27d02121483&ua=Mozilla%2F5.0+(Windows+NT+10.0%3B+Win64%3B+x64)+AppleWebKit%2F537.36+(KHTML%2C+like+Gecko)+Chrome%2F104.0.5112.79+Safari%2F537.36&l=en-US&os=Win32&cet=4g&crtt=-1&cdl=9.1&saveData=false&ctyp=unknown&tzo=0&sdk=bc-pixel
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/life/fashion_style/2022/08/04/we-put-walking-sandals-to-the-testthese-are-the-comfiest.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
224.14.190.35.bc.googleusercontent.com
Software
openresty/1.13.6.2 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 16 Aug 2022 17:00:33 GMT
via
1.1 google
server
openresty/1.13.6.2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
content-type
image/gif
config
c.amazon-adsystem.com/cdn/prod/ 		0
311 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=5028&u=https%3A%2F%2Fwww.thestar.com
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.71.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-71-118.fra56.r.cloudfront.net
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 15:14:33 GMT
via
1.1 4874e0c922f34c928345f4c183ea11b4.cloudfront.net (CloudFront)
server
Server
age
6360
x-cache
Hit from cloudfront
access-control-allow-origin
https://www.thestar.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
R0jxvLuxGZOfaTMd6YEOxZlxUr7HyAHCERpEdJ4heaZeUyZVOtqsjA==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.71.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-71-118.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-amz-version-id
JXufo2ctue2uysHllG2MRpKE8F0E4.a0
content-encoding
gzip
etag
W/"a4d296427fc806b21335359e398c025c"
age
46669
x-cache
Hit from cloudfront
access-control-max-age
3000
access-control-allow-origin
*
last-modified
Wed, 03 Aug 2022 22:19:11 GMT
server
AmazonS3
date
Tue, 16 Aug 2022 04:12:14 GMT
vary
Accept-Encoding,Origin
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 58b39782bf40f627ace295c1c6f59840.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
nfht26WKmr1zrqLa3mOaejgtQtr3hBoIl3RMMFgxL19TWggGqyNyqw==
dest5.html
torontostarnewspaperslimited.demdex.net/ Frame 4D28 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://torontostarnewspaperslimited.demdex.net/dest5.html?d_nsid=0
Requested by
Host: resources.thestar.com
URL: https://resources.thestar.com/launch-EN5e55511c260e4c0cb05872ba3729b255.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.215.111.225 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-215-111-225.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.thestar.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
2791
Content-Type
text/html;charset=UTF-8
DCS
dcs-prod-irl1-2-v038-052e54df5.edge-irl1.demdex.com 0 ms
Expires
Thu, 01 Jan 1970 00:00:00 UTC
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
rZ46YCLSQjY=
content-encoding
gzip
date
Tue, 16 Aug 2022 17:00:33 GMT
last-modified
Wed, 3 Aug 2022 12:17:12 GMT
vary
accept-encoding
id
s.thestar.com/ 		48 B
509 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.thestar.com/id?d_visid_ver=5.4.0&d_fieldgroup=A&mcorgid=19A568F454F72DAF0A4C98A6%40AdobeOrg&mid=38293365494397713552403775458545939956&ts=1660669233009
Requested by
Host: resources.thestar.com
URL: https://resources.thestar.com/launch-EN5e55511c260e4c0cb05872ba3729b255.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
15.236.176.210 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-15-236-176-210.eu-west-3.compute.amazonaws.com
Software
jag /
Resource Hash
c745156795e25e4a1000a9def4a4c8432207d4a704b42ada6b8231d4111f898d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.thestar.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Tue, 16 Aug 2022 17:00:33 GMT
x-content-type-options
nosniff
server
jag
xserver
anedge-69c8d8cc76-z8rmh
vary
Origin
x-c
main-1661.I2f39db.M0-585
p3p
CP="This is not a P3P policy"
access-control-allow-origin
https://www.thestar.com
cache-control
no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/x-javascript;charset=utf-8
content-length
48
x-xss-protection
1; mode=block
ibs:dpid=411&dpuuid=YvvNMQAAAIle0wOV
dpm.demdex.net/
Redirect Chain
  • https://cm.everesttech.net/cm/dd?d_uuid=38307470517095815212402362963637825534
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=YvvNMQAAAIle0wOV
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YvvNMQAAAIle0wOV
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/life/fashion_style/2022/08/04/we-put-walking-sandals-to-the-testthese-are-the-comfiest.html
Protocol
HTTP/1.1
Server
54.76.210.146 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-210-146.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

DCS
dcs-prod-irl1-1-v038-03e3bd466.edge-irl1.demdex.com 5 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
7Ieawf/CS7c=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YvvNMQAAAIle0wOV
Date
Tue, 16 Aug 2022 17:00:33 GMT
Cache-Control
no-cache
Server
AMO-cookiemap/1.1
Connection
keep-alive
Content-Length
0
P3P
CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=883868760&t=pageview&_s=1&dl=https%3A%2F%2Fwww.thestar.com%2Flife%2Ffashion_style%2F2022%2F08%2F04%2Fwe-put-walking-sandals-to-the-testthese-are-the-comfiest.html&ul=en-us&de=UTF-8&dt=We%20put%20walking%20sandals%20to%20the%20test%E2%80%94these%20are%20the%20comfiest%20%7C%20The%20Star&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAAABAAAAAC~&jid=763573674&gjid=1947810010&cid=1582746846.1660669233&tid=UA-70431129-1&_gid=1186855633.1660669233&_r=1&gtm=2wg8f0P86MZHL&cd9=web&cd14=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F104.0.5112.79%20Safari%2F537.36&z=82225017
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.thestar.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 16 Aug 2022 17:00:33 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.thestar.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=883868760&t=pageview&_s=1&dl=https%3A%2F%2Fwww.thestar.com%2Flife%2Ffashion_style%2F2022%2F08%2F04%2Fwe-put-walking-sandals-to-the-testthese-are-the-comfiest.html&ul=en-us&de=UTF-8&dt=We%20put%20walking%20sandals%20to%20the%20test%E2%80%94these%20are%20the%20comfiest%20%7C%20The%20Star&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEDAAAABAAAAAC~&jid=1685819979&gjid=240936274&cid=1582746846.1660669233&tid=UA-73335503-3&_gid=1186855633.1660669233&_r=1&gtm=2wg8f0P86MZHL&z=1004887233
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.thestar.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 16 Aug 2022 17:00:33 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.thestar.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.analytics.google.com/g/ 		0
347 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-6FZFMVVWVN&gtm=2oe8f0&_p=883868760&_gaz=1&cid=1582746846.1660669233&ul=en-us&sr=1600x1200&_z=ccd.v9B&_s=1&sid=1660669233&sct=1&seg=0&dl=https%3A%2F%2Fwww.thestar.com%2Flife%2Ffashion_style%2F2022%2F08%2F04%2Fwe-put-walking-sandals-to-the-testthese-are-the-comfiest.html&dt=We%20put%20walking%20sandals%20to%20the%20test%E2%80%94these%20are%20the%20comfiest%20%7C%20The%20Star&en=page_view&_fv=1&_ss=1&ep.Page_Type=asset&ep.Site_Type=core%20site&ep.Breakpoint=desktop&ep.Orientation=landscape&ep.Asset_Alias=we-put-walking-sandals-to-the-testthese-are-the-comfiest&ep.Source=web&ep.User_Agent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F104.0.5112.79%20Safari%2F537.36&up.Torstar_User_ID=
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-6FZFMVVWVN&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 16 Aug 2022 17:00:33 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.thestar.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
56 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-6FZFMVVWVN&cid=1582746846.1660669233&gtm=2oe8f0&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-6FZFMVVWVN&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c07::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 16 Aug 2022 17:00:33 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.thestar.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-6FZFMVVWVN&cid=1582746846.1660669233&gtm=2oe8f0&aip=1&z=1989936889
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/life/fashion_style/2022/08/04/we-put-walking-sandals-to-the-testthese-are-the-comfiest.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 16 Aug 2022 17:00:33 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.analytics.google.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-B4CQN4KW3R&gtm=2oe8f0&_p=883868760&_gaz=1&cid=1582746846.1660669233&ul=en-us&sr=1600x1200&_z=ccd.v9B&_s=1&sid=1660669233&sct=1&seg=0&dl=https%3A%2F%2Fwww.thestar.com%2Flife%2Ffashion_style%2F2022%2F08%2F04%2Fwe-put-walking-sandals-to-the-testthese-are-the-comfiest.html&dt=We%20put%20walking%20sandals%20to%20the%20test%E2%80%94these%20are%20the%20comfiest%20%7C%20The%20Star&en=page_view&_fv=1&_ss=1&ep.Asset_Alias=we-put-walking-sandals-to-the-testthese-are-the-comfiest&ep.Breakpoint=desktop&ep.Orientation=landscape&ep.Page_Type=asset&ep.Site_Type=core%20site&ep.Source=web&ep.User_Agent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F104.0.5112.79%20Safari%2F537.36&up.Torstar_User_ID=
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-B4CQN4KW3R&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 16 Aug 2022 17:00:33 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.thestar.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
45 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-B4CQN4KW3R&cid=1582746846.1660669233&gtm=2oe8f0&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-B4CQN4KW3R&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c07::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 16 Aug 2022 17:00:33 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.thestar.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-B4CQN4KW3R&cid=1582746846.1660669233&gtm=2oe8f0&aip=1&z=801076011
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/life/fashion_style/2022/08/04/we-put-walking-sandals-to-the-testthese-are-the-comfiest.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 16 Aug 2022 17:00:33 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
services
sr.studiostack.com/v3/ 		24 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sr.studiostack.com/v3/services
Requested by
Host: adserver.pressboard.ca
URL: https://adserver.pressboard.ca/v3/embedder?media=130507
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.104.28.77 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
b7342232ec07d94f6956c1a14fdec91f6fbe5438422bff43281f384be72b5a04

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 16 Aug 2022 17:00:33 GMT
Access-Control-Allow-Methods
GET, POST, OPTIONS, HEAD, PUT
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Expires
0
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept
Content-Length
24454
request-context
appId=cid-v1:872aa76c-939e-4ab5-93a1-49e977059583
config
push.kumulos.com/v1/web/ 		2 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://push.kumulos.com/v1/web/config
Requested by
Host: static.app.delivery
URL: https://static.app.delivery/sdks/web/main.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:b0c0:3:d0::be2:3001 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
1885092395a50d1321421909b401618d05c62f43c4a25a17424c6e92dc9c281f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubdomains;
X-Content-Type-Options nosniff

Request headers

Accept
application/json
Referer
https://www.thestar.com/
Authorization
Basic ZWU3M2FkYjUtMWRmOS00ZGY4LTkyYTQtNzhlYWYxODJmNmU5OmUyVG1NTWNHMXlGOUR4OGxrZ0tBOVVXRkk4bHVOWVozZkhlUw==
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 16 Aug 2022 17:00:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET,POST,PUT,DELETE,OPTIONS,PATCH
content-type
application/json
access-control-allow-origin
*
access-control-max-age
36000
cache-control
no-cache, private
strict-transport-security
max-age=15552000; includeSubdomains;
access-control-allow-headers
Content-Type, Origin, Accept, Authorization,Cache-Control,X-Requested-With
config
push.kumulos.com/v1/web/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://push.kumulos.com/v1/web/config
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:b0c0:3:d0::be2:3001 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubdomains;
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type
Access-Control-Request-Method
GET
Origin
https://www.thestar.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-headers
Content-Type, Origin, Accept, Authorization,Cache-Control,X-Requested-With
access-control-allow-methods
GET,POST,PUT,DELETE,OPTIONS,PATCH
access-control-allow-origin
*
access-control-max-age
36000
allow
GET,HEAD
cache-control
no-cache, private
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 16 Aug 2022 17:00:33 GMT
server
nginx
strict-transport-security
max-age=15552000; includeSubdomains;
vary
Accept-Encoding
x-content-type-options
nosniff
events
events.kumulos.com/v1/app-installs/babff03d-6de4-454a-ad02-45b2fa76c5bf/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://events.kumulos.com/v1/app-installs/babff03d-6de4-454a-ad02-45b2fa76c5bf/events
Requested by
Host: static.app.delivery
URL: https://static.app.delivery/sdks/web/main.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:b0c0:3:f0::1bc:5000 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubdomains;
X-Content-Type-Options nosniff

Request headers

Accept
application/json
Referer
https://www.thestar.com/
Authorization
Basic ZWU3M2FkYjUtMWRmOS00ZGY4LTkyYTQtNzhlYWYxODJmNmU5OmUyVG1NTWNHMXlGOUR4OGxrZ0tBOVVXRkk4bHVOWVozZkhlUw==
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 16 Aug 2022 17:00:33 GMT
x-content-type-options
nosniff
server
nginx
access-control-max-age
36000
access-control-allow-methods
GET,POST,PUT,DELETE,OPTIONS,PATCH
access-control-allow-origin
*
cache-control
no-cache, private
strict-transport-security
max-age=15552000; includeSubdomains;
access-control-allow-headers
Content-Type, Origin, Accept, Authorization,Cache-Control,X-Requested-With
events
events.kumulos.com/v1/app-installs/babff03d-6de4-454a-ad02-45b2fa76c5bf/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://events.kumulos.com/v1/app-installs/babff03d-6de4-454a-ad02-45b2fa76c5bf/events
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:b0c0:3:f0::1bc:5000 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubdomains;
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type
Access-Control-Request-Method
POST
Origin
https://www.thestar.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-headers
Content-Type, Origin, Accept, Authorization,Cache-Control,X-Requested-With
access-control-allow-methods
GET,POST,PUT,DELETE,OPTIONS,PATCH
access-control-allow-origin
*
access-control-max-age
36000
allow
POST
cache-control
no-cache, private
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 16 Aug 2022 17:00:33 GMT
server
nginx
strict-transport-security
max-age=15552000; includeSubdomains;
vary
Accept-Encoding
x-content-type-options
nosniff
events
events.kumulos.com/v1/app-installs/babff03d-6de4-454a-ad02-45b2fa76c5bf/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://events.kumulos.com/v1/app-installs/babff03d-6de4-454a-ad02-45b2fa76c5bf/events
Requested by
Host: static.app.delivery
URL: https://static.app.delivery/sdks/web/main.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:b0c0:3:f0::1bc:5000 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubdomains;
X-Content-Type-Options nosniff

Request headers

Accept
application/json
Referer
https://www.thestar.com/
Authorization
Basic ZWU3M2FkYjUtMWRmOS00ZGY4LTkyYTQtNzhlYWYxODJmNmU5OmUyVG1NTWNHMXlGOUR4OGxrZ0tBOVVXRkk4bHVOWVozZkhlUw==
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 16 Aug 2022 17:00:33 GMT
x-content-type-options
nosniff
server
nginx
access-control-max-age
36000
access-control-allow-methods
GET,POST,PUT,DELETE,OPTIONS,PATCH
access-control-allow-origin
*
cache-control
no-cache, private
strict-transport-security
max-age=15552000; includeSubdomains;
access-control-allow-headers
Content-Type, Origin, Accept, Authorization,Cache-Control,X-Requested-With
events
events.kumulos.com/v1/app-installs/babff03d-6de4-454a-ad02-45b2fa76c5bf/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://events.kumulos.com/v1/app-installs/babff03d-6de4-454a-ad02-45b2fa76c5bf/events
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:b0c0:3:f0::1bc:5000 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubdomains;
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type
Access-Control-Request-Method
POST
Origin
https://www.thestar.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-headers
Content-Type, Origin, Accept, Authorization,Cache-Control,X-Requested-With
access-control-allow-methods
GET,POST,PUT,DELETE,OPTIONS,PATCH
access-control-allow-origin
*
access-control-max-age
36000
allow
POST
cache-control
no-cache, private
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 16 Aug 2022 17:00:33 GMT
server
nginx
strict-transport-security
max-age=15552000; includeSubdomains;
vary
Accept-Encoding
x-content-type-options
nosniff
collect
stats.g.doubleclick.net/j/ 		1 B
439 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-70431129-1&cid=1582746846.1660669233&jid=763573674&gjid=1947810010&_gid=1186855633.1660669233&_u=YEBAAAAAAAAAAC~&z=721759717
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c07::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.thestar.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Tue, 16 Aug 2022 17:00:33 GMT
content-type
text/plain
access-control-allow-origin
https://www.thestar.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
gpt.js
www.googletagservices.com/tag/js/ 		83 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/static/bundle.js?v=50015516
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d6611e931e0f3c8d598e88f3b9b28cf1692311b09147a670745a5c460a606093
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 17:00:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28649
x-xss-protection
0
server
sffe
etag
"1305 / 307 of 1000 / last-modified: 1660648126"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 16 Aug 2022 17:00:33 GMT
breakingnews
www.thestar.com/api/alerts/ 		19 B
424 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.thestar.com/api/alerts/breakingnews
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=ae21b620
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-75.fra56.r.cloudfront.net
Software
Apache/2.4.54 (Unix) OpenSSL/1.1.1n / Express
Resource Hash
b3abab8c0524b6f876d36f99aedd1fb14317c2e3758d2bdf093362d458f6f199
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.thestar.com/life/fashion_style/2022/08/04/we-put-walking-sandals-to-the-testthese-are-the-comfiest.html
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 17:00:33 GMT
via
1.1 747e99d9d8c5e29fdc713cf866bc3f82.cloudfront.net (CloudFront)
server
Apache/2.4.54 (Unix) OpenSSL/1.1.1n
x-amz-cf-pop
FRA56-C2
x-powered-by
Express
etag
W/"13-Ke/+pN/k0l2LXDxWablmwTVvPYs"
x-frame-options
SAMEORIGIN
x-cache
Miss from cloudfront
content-type
application/json; charset=utf-8
access-control-allow-origin
https://amp.thestar.com
cache-control
max-age=180
content-length
19
x-amz-cf-id
VFTAtmEFLlf5NE5kC4JHnNcmyFaiQ4Yc_-CgbwYRjdTQPcnnHXezLg==
updates
www.thestar.com/api/alerts/ 		19 B
425 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.thestar.com/api/alerts/updates
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=ae21b620
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-75.fra56.r.cloudfront.net
Software
Apache/2.4.54 (Unix) OpenSSL/1.1.1n / Express
Resource Hash
b3abab8c0524b6f876d36f99aedd1fb14317c2e3758d2bdf093362d458f6f199
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.thestar.com/life/fashion_style/2022/08/04/we-put-walking-sandals-to-the-testthese-are-the-comfiest.html
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 17:00:33 GMT
via
1.1 747e99d9d8c5e29fdc713cf866bc3f82.cloudfront.net (CloudFront)
server
Apache/2.4.54 (Unix) OpenSSL/1.1.1n
x-amz-cf-pop
FRA56-C2
x-powered-by
Express
etag
W/"13-Ke/+pN/k0l2LXDxWablmwTVvPYs"
x-frame-options
SAMEORIGIN
x-cache
Miss from cloudfront
content-type
application/json; charset=utf-8
access-control-allow-origin
https://amp.thestar.com
cache-control
max-age=180
content-length
19
x-amz-cf-id
ioHyregY_U3VmACLwgIwWBINNs-XuD2aNRVbFiUHRDkwXQdNGlG2Ow==
identify
api.permutive.com/v2.0/ 		50 B
86 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/identify?k=025ad678-bf0a-4fe2-b383-8487592159bc
Requested by
Host: be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app
URL: https://be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app/be54a597-6b6d-4e2d-9d31-642310a8db25-web.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
94dfc39d176e2fce5f5cf59fb75b9a38aa915915f8866021d556af1c9c5ad627

Request headers

Referer
https://www.thestar.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
content-type
text/plain

Response headers

date
Tue, 16 Aug 2022 17:00:33 GMT
content-encoding
gzip
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.thestar.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
via
1.1 google
related
api.parsely.com/v2/ 		5 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.parsely.com/v2/related?apikey=thestar.com&tag=tlc_life&url=https:%2F%2Fwww.thestar.com%2Flife%2Ffashion_style%2F2022%2F08%2F04%2Fwe-put-walking-sandals-to-the-testthese-are-the-comfiest.html&limit=20&boost=views&pub_date_start=48h
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=ae21b620
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.208.28.111 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-208-28-111.compute-1.amazonaws.com
Software
nginx /
Resource Hash
29027f0bcddd9d554afd28d2dd41af03ece052c04c4373c14945298eaa235ad5

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.thestar.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 17:00:34 GMT
content-encoding
gzip
server
nginx
x-cache-status
MISS
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=120
expires
Tue, 16 Aug 2022 17:02:34 GMT
articles
www.thestar.com/api/ 		0
0
16.css
www.thestar.com/static/ 		257 B
702 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.thestar.com/static/16.css?v=77f92dd85f139b4be241
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/static/bundle.js?v=50015516
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-75.fra56.r.cloudfront.net
Software
Apache/2.4.54 (Unix) OpenSSL/1.1.1n / Express
Resource Hash
6118aab3972757bc62c6e4c730c32154718c63b74cffc6c66733af493c730139
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/life/fashion_style/2022/08/04/we-put-walking-sandals-to-the-testthese-are-the-comfiest.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 14:48:01 GMT
via
1.1 747e99d9d8c5e29fdc713cf866bc3f82.cloudfront.net (CloudFront)
age
7952
x-powered-by
Express
x-cache
Hit from cloudfront
content-length
257
last-modified
Fri, 12 Aug 2022 16:10:44 GMT
server
Apache/2.4.54 (Unix) OpenSSL/1.1.1n
etag
W/"101-18292d27ba0"
x-frame-options
SAMEORIGIN
content-type
text/css; charset=UTF-8
access-control-allow-origin
https://amp.thestar.com
cache-control
max-age=300
x-amz-cf-pop
FRA56-C2
accept-ranges
bytes
x-amz-cf-id
RRXDwBh5xkBUP4ZgOw1yAMQVv-4N1-5oat5HUUNwo_NeY-6HfXwyDg==
RightRailAds-RightRailAds.chunk.js
www.thestar.com/static/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.thestar.com/static/RightRailAds-RightRailAds.chunk.js?v=55a02767
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/static/bundle.js?v=50015516
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-75.fra56.r.cloudfront.net
Software
Apache/2.4.54 (Unix) OpenSSL/1.1.1n / Express
Resource Hash
4cde2b81e34277c1197d34ccc09bb5536f437408e83400bc81180033b4bf476e
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/life/fashion_style/2022/08/04/we-put-walking-sandals-to-the-testthese-are-the-comfiest.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 16:56:43 GMT
content-encoding
gzip
age
230
x-powered-by
Express
x-cache
Hit from cloudfront
access-control-allow-origin
https://amp.thestar.com
last-modified
Fri, 12 Aug 2022 16:10:44 GMT
server
Apache/2.4.54 (Unix) OpenSSL/1.1.1n
x-frame-options
SAMEORIGIN
etag
W/"13eb-18292d27ba0"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
via
1.1 747e99d9d8c5e29fdc713cf866bc3f82.cloudfront.net (CloudFront)
cache-control
max-age=300
x-amz-cf-pop
FRA56-C2
x-amz-cf-id
cHCsDyWK4YWMr-3IF4Zjnq9ZzMdJe3mq6PkjKjulLGKRTtEblgqCRQ==
indicator-icon.svg
www.thestar.com/assets/img/
Redirect Chain
  • https://www.thestar.com/assets/img/indicator-icon.svg
  • https://www.thestar.com/assets/img/indicator-icon.svg?rf
2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.thestar.com/assets/img/indicator-icon.svg?rf
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/static/bundle.css?v=e88d99b0f02131f32425
Protocol
H2
Server
13.32.27.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-75.fra56.r.cloudfront.net
Software
Apache/2.4.54 (Unix) OpenSSL/1.1.1n / Express
Resource Hash
a88716b2e48961b771017aef83ad9bdacb13a354dc0b09c62b880e7a2f72d9c6
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/static/bundle.css?v=e88d99b0f02131f32425
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 14:46:35 GMT
content-encoding
gzip
age
8038
x-powered-by
Express
x-cache
Hit from cloudfront
access-control-allow-origin
https://amp.thestar.com
last-modified
Fri, 12 Aug 2022 16:04:16 GMT
server
Apache/2.4.54 (Unix) OpenSSL/1.1.1n
x-frame-options
SAMEORIGIN
etag
W/"664-18292cc9000"
vary
Accept-Encoding
content-type
image/svg+xml
via
1.1 747e99d9d8c5e29fdc713cf866bc3f82.cloudfront.net (CloudFront)
cache-control
max-age=14400
x-amz-cf-pop
FRA56-C2
x-amz-cf-id
pFRJUdD6rhZM7DwLz1tSHjofmtMf6ualGXgYufO_6KhZo0NBKQKdpg==

Redirect headers

date
Tue, 16 Aug 2022 17:00:33 GMT
via
1.1 747e99d9d8c5e29fdc713cf866bc3f82.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA56-C2
x-cache
LambdaGeneratedResponse from cloudfront
location
https://www.thestar.com/assets/img/indicator-icon.svg?rf
content-length
0
x-amz-cf-id
5vuhTRC7tqcEQ27ptpCN0NgcLvjzByEH36HV7fpJBCw9bJPoAJMC4g==
loader.svg
news.google.com/swg/js/v1/ 		0
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://news.google.com/swg/js/v1/loader.svg
Requested by
Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 16:21:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2348
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1049
x-xss-protection
0
last-modified
Mon, 16 Mar 2020 18:14:05 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="news-frontend"
vary
Accept-Encoding
report-to
{"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type
image/svg+xml
cache-control
public, max-age=3000
accept-ranges
bytes
expires
Tue, 16 Aug 2022 17:11:25 GMT
serviceiframe
news.google.com/swg/_/ui/v1/ Frame D5EA 		26 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://news.google.com/swg/_/ui/v1/serviceiframe?_=461297&publicationId=thestar.com
Requested by
Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
bfa7767544df250ddabc34f6e1aa648e9ce3885e76b41c513cd8bebdf0f9a903
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-yvgShyrbY04lVKWnxWCSxQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/SubscribewithgoogleClientUi/cspreport;worker-src 'self' script-src 'nonce-yvgShyrbY04lVKWnxWCSxQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://www.googleapis.com/appsmarket/v2/installedApps/;report-uri /_/SubscribewithgoogleClientUi/cspreport require-trusted-types-for 'script';report-uri /_/SubscribewithgoogleClientUi/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.thestar.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-yvgShyrbY04lVKWnxWCSxQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/SubscribewithgoogleClientUi/cspreport;worker-src 'self' script-src 'nonce-yvgShyrbY04lVKWnxWCSxQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://www.googleapis.com/appsmarket/v2/installedApps/;report-uri /_/SubscribewithgoogleClientUi/cspreport require-trusted-types-for 'script';report-uri /_/SubscribewithgoogleClientUi/cspreport
content-type
text/html; charset=utf-8
cross-origin-opener-policy-report-only
unsafe-none; report-to="SubscribewithgoogleClientUi"
cross-origin-resource-policy
same-site
date
Tue, 16 Aug 2022 17:00:33 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"SubscribewithgoogleClientUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/SubscribewithgoogleClientUi/external"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options
nosniff
x-ua-compatible
IE=edge
x-xss-protection
0
thirdpartycookie
api.viafoura.co/v2/www.thestar.com/ 		45 B
648 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.viafoura.co/v2/www.thestar.com/thirdpartycookie?section=
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:44f0:4840:c560:4469:324d:51db Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
61a2b2588acde0ccae626edbff25bbe32c1ff43cc0d89859c4ef48af507cd356

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.thestar.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 16 Aug 2022 17:00:33 GMT
content-encoding
gzip
server
nginx/1.18.0 (Ubuntu)
x-instance-id
i-0c8df2e7e3fc2fb12
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE, PATCH, HEAD
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.thestar.com
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
expires
Tue, 16 Aug 2022 17:00:33 GMT
462150278c5b0e745f26a8d2384285f1
e377.thestar.com/plugin/plugin/ 		192 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://e377.thestar.com/plugin/plugin/462150278c5b0e745f26a8d2384285f1
Requested by
Host: e377.thestar.com
URL: https://e377.thestar.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-18.fra56.r.cloudfront.net
Software
- /
Resource Hash
f0de01b099790ee03d5a7cf7d6ebc579af6e89a345f1fbe07c8d4781c793f4c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 01:19:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
age
574891
x-cache
Hit from cloudfront
p3p
policyref="", CP="DSP"
content-length
42242
x-xss-protection
1; mode=block
last-modified
Tue, 09 Aug 2022 01:19:01 GMT
server
-
etag
462150278c5b0e745f26a8d2384285f1
content-type
text/javascript; charset=utf-8
via
1.1 c359abeab0060e721cfaac65ce34b1cc.cloudfront.net (CloudFront)
cache-control
public, no-cache="Set-Cookie", max-age=31536000
x-amz-cf-pop
FRA56-C1
x-robots-tag
noindex, nofollow
x-amz-cf-id
fPaCA-3gYQ-ykUsS8HFfegKSNdO1LYUD-63peZhRKK3fwzXbf-LxGg==
expires
Thu, 10 Aug 2023 01:19:01 GMT
entitlements
news.google.com/swg/_/api/v1/publication/thestar.com/ 		2 B
61 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://news.google.com/swg/_/api/v1/publication/thestar.com/entitlements
Requested by
Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/SubscribewithgoogleClientHttp/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
text/plain, application/json
Referer
https://www.thestar.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 17:00:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
access-control-allow-origin
https://www.thestar.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
content-disposition
attachment; filename="json.txt"; filename*=UTF-8''json.txt
access-control-allow-methods
GET, POST
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin; report-to="SubscribewithgoogleClientHttp"
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
report-to
{"group":"SubscribewithgoogleClientHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/SubscribewithgoogleClientHttp/external"}]}
content-type
application/json; charset=utf-8
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy
require-trusted-types-for 'script';report-uri /_/SubscribewithgoogleClientHttp/cspreport
expires
Mon, 01 Jan 1990 00:00:00 GMT
auction
elb.the-ozone-project.com/openrtb2/ 		5 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://elb.the-ozone-project.com/openrtb2/auction
Requested by
Host: prebid.the-ozone-project.com
URL: https://prebid.the-ozone-project.com/hw/torstar/ozpb.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.229.249.57 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-229-249-57.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6b895b357a451b6b426bcc33f1546a55de91e72211a8ff21a72e899c0b5ee5e0

Request headers

Referer
https://www.thestar.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 16 Aug 2022 17:00:33 GMT
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.thestar.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
expires
0
bid
c.amazon-adsystem.com/e/dtb/ 		23 B
493 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=5028&u=https%3A%2F%2Fwww.thestar.com%2Flife%2Ffashion_style%2F2022%2F08%2F04%2Fwe-put-walking-sandals-to-the-testthese-are-the-comfiest.html&pid=F5nDwaNj0mNik&cb=0&ws=1600x1200&v=22.8.42053&t=2000&slots=%5B%7B%22sd%22%3A%22div-gpt-ad-large-life-fashion_style-1%22%2C%22s%22%3A%5B%221x1%22%5D%2C%22sn%22%3A%2258580620%2Fthestar.com%2Flife%2Ffashion_style%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-large-life-fashion_style-2%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%2258580620%2Fthestar.com%2Flife%2Ffashion_style%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-large-life-fashion_style-3%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x250%22%5D%2C%22sn%22%3A%2258580620%2Fthestar.com%2Flife%2Ffashion_style%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-large-life-fashion_style-4%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x250%22%5D%2C%22sn%22%3A%2258580620%2Fthestar.com%2Flife%2Ffashion_style%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-large-life-fashion_style-5%22%2C%22s%22%3A%5B%22134x170%22%5D%2C%22sn%22%3A%2258580620%2Fthestar.com%2Flife%2Ffashion_style%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-large-life-fashion_style-6%22%2C%22s%22%3A%5B%22134x170%22%5D%2C%22sn%22%3A%2258580620%2Fthestar.com%2Flife%2Ffashion_style%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-large-life-fashion_style-7%22%2C%22s%22%3A%5B%22134x170%22%5D%2C%22sn%22%3A%2258580620%2Fthestar.com%2Flife%2Ffashion_style%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-large-life-fashion_style-8%22%2C%22s%22%3A%5B%22134x170%22%5D%2C%22sn%22%3A%2258580620%2Fthestar.com%2Flife%2Ffashion_style%22%7D%5D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.71.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-71-118.fra56.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 17:00:33 GMT
via
1.1 4874e0c922f34c928345f4c183ea11b4.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-C1
x-amz-rid
GAD56BPBMRKX2BTGKS59
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.thestar.com
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
23
x-amz-cf-id
CedPdmBjR9UGAiKnrVOUkVkJzpSqFumGrTKsknGLr8lZZ2LGuLsu3Q==
tpd
api.permutive.com/v2.0/ 		2 B
39 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/tpd?k=025ad678-bf0a-4fe2-b383-8487592159bc
Requested by
Host: be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app
URL: https://be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app/be54a597-6b6d-4e2d-9d31-642310a8db25-web.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://www.thestar.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
content-type
text/plain

Response headers

date
Tue, 16 Aug 2022 17:00:33 GMT
content-encoding
gzip
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.thestar.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
22
via
1.1 google
attention-event
sr.studiostack.com/track/ 		0
396 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sr.studiostack.com/track/attention-event
Requested by
Host: sr.studiostack.com
URL: https://sr.studiostack.com/v3/services
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.104.28.77 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.thestar.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

Pragma
no-cache
Date
Tue, 16 Aug 2022 17:00:33 GMT
Access-Control-Allow-Methods
GET, POST, OPTIONS, HEAD, PUT
Access-Control-Allow-Origin
*
Expires
0
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept
Content-Length
0
request-context
appId=cid-v1:872aa76c-939e-4ab5-93a1-49e977059583
attention-event
sr.studiostack.com/track/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://sr.studiostack.com/track/attention-event
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.104.28.77 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.thestar.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept
Access-Control-Allow-Methods
GET, POST, OPTIONS, HEAD, PUT
Access-Control-Allow-Origin
*
Allow
POST
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
4
Content-Type
text/html; charset=utf-8
Date
Tue, 16 Aug 2022 17:00:33 GMT
ETag
W/"4-Yf+Bwwqjx254r+pisuO9HfpJ6FQ"
Expires
0
Pragma
no-cache
request-context
appId=cid-v1:872aa76c-939e-4ab5-93a1-49e977059583
attention-data
sr.studiostack.com/track/ 		152 B
639 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sr.studiostack.com/track/attention-data?media=130507&ref=https%3A%2F%2Fwww.thestar.com%2Flife%2Ffashion_style%2F2022%2F08%2F04%2Fwe-put-walking-sandals-to-the-testthese-are-the-comfiest.html
Requested by
Host: sr.studiostack.com
URL: https://sr.studiostack.com/v3/services
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.104.28.77 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e283091ca32aa2fec92b5342a7cba85dd2c2ef54021d31fe846e910ef479a964

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 16 Aug 2022 17:00:34 GMT
ETag
W/"98-IOrx+fMCFaS1ZuI0+qsFUuY5rSY"
Access-Control-Allow-Methods
GET, POST, OPTIONS, HEAD, PUT
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Expires
0
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept
Content-Length
152
request-context
appId=cid-v1:872aa76c-939e-4ab5-93a1-49e977059583
cspreport
news.google.com/_/SubscribewithgoogleClientUi/ Frame D5EA 		0
27 B 		Other
General
Check archive.org
Download Go to
Full URL
https://news.google.com/_/SubscribewithgoogleClientUi/cspreport
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/life/fashion_style/2022/08/04/we-put-walking-sandals-to-the-testthese-are-the-comfiest.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/SubscribewithgoogleClientUi/cspreport, script-src 'report-sample' 'nonce-8wOT6kr0LrVz_DGEO5uXBQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/SubscribewithgoogleClientUi/cspreport;worker-src 'self', script-src 'nonce-8wOT6kr0LrVz_DGEO5uXBQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://www.googleapis.com/appsmarket/v2/installedApps/;report-uri /_/SubscribewithgoogleClientUi/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://news.google.com/swg/_/ui/v1/serviceiframe?_=461297&publicationId=thestar.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
application/csp-report

Response headers

strict-transport-security
max-age=31536000
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
ESF
date
Tue, 16 Aug 2022 17:00:33 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"SubscribewithgoogleClientUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/SubscribewithgoogleClientUi/external"}]}
content-type
text/html; charset=utf-8
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy
require-trusted-types-for 'script';report-uri /_/SubscribewithgoogleClientUi/cspreport, script-src 'report-sample' 'nonce-8wOT6kr0LrVz_DGEO5uXBQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/SubscribewithgoogleClientUi/cspreport;worker-src 'self', script-src 'nonce-8wOT6kr0LrVz_DGEO5uXBQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://www.googleapis.com/appsmarket/v2/installedApps/;report-uri /_/SubscribewithgoogleClientUi/cspreport
cross-origin-opener-policy-report-only
same-origin-allow-popups; report-to="SubscribewithgoogleClientUi"
expires
Mon, 01 Jan 1990 00:00:00 GMT
auction
elb.the-ozone-project.com/openrtb2/ 		12 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://elb.the-ozone-project.com/openrtb2/auction
Requested by
Host: prebid.the-ozone-project.com
URL: https://prebid.the-ozone-project.com/hw/torstar/ozpb.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.229.249.57 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-229-249-57.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
4dcf6ecc451ae639c224b0b158c3018ee2757dadc9ec085cb3b690b5b8b23d13

Request headers

Referer
https://www.thestar.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 16 Aug 2022 17:00:34 GMT
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.thestar.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
expires
0
swg-button.css
news.google.com/swg/js/v1/ Frame D5EA 		21 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://news.google.com/swg/js/v1/swg-button.css
Requested by
Host: news.google.com
URL: https://news.google.com/swg/_/ui/v1/serviceiframe?_=461297&publicationId=thestar.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bde06a0400c168573473e2de967d842eec383f2f755aef4ec017b2f333e7ff85
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 16:17:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2560
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6457
x-xss-protection
0
last-modified
Wed, 12 Jan 2022 22:09:41 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="news-frontend"
vary
Accept-Encoding
report-to
{"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type
text/css
cache-control
public, max-age=3000
accept-ranges
bytes
expires
Tue, 16 Aug 2022 17:07:53 GMT
m=_b,_tp,_r
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.hMomzafXNr0.es5.O/am=ZgAg/d=1/excm=_b,_r,_tp,serviceiframeview/ed=1/dg=0/wt=2/rs=ABXTjI6k... Frame D5EA 		170 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.hMomzafXNr0.es5.O/am=ZgAg/d=1/excm=_b,_r,_tp,serviceiframeview/ed=1/dg=0/wt=2/rs=ABXTjI6kgsw59qjzgKoAQ0HqE0EEKhkoGw/m=_b,_tp,_r
Requested by
Host: news.google.com
URL: https://news.google.com/swg/_/ui/v1/serviceiframe?_=461297&publicationId=thestar.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0cf34e50018d3ebbdb045da64e4bcbc36d9e22bda2e06bcbe218f35a7019054c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 15 Aug 2022 20:54:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
72358
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
60968
x-xss-protection
0
last-modified
Sat, 13 Aug 2022 01:58:47 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Tue, 15 Aug 2023 20:54:35 GMT
mdc.textfield.min.js
e377.thestar.com/plugins/toolbar_whatcounts/ts_d3dd9500cca2bd121600d736b16f4f6c/frontend/src/scripts/ 		66 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://e377.thestar.com/plugins/toolbar_whatcounts/ts_d3dd9500cca2bd121600d736b16f4f6c/frontend/src/scripts/mdc.textfield.min.js
Requested by
Host: e377.thestar.com
URL: https://e377.thestar.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-18.fra56.r.cloudfront.net
Software
- /
Resource Hash
2d767fe00284ba315844a0f61f8f69721df84ca58781e8b960455fee618c9778
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 20 May 2022 06:39:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
age
7640469
x-cache
Hit from cloudfront
p3p
policyref="", CP="DSP"
content-length
11561
x-xss-protection
1; mode=block
last-modified
Thu, 19 May 2022 06:39:24 GMT
server
-
etag
6255d33f94b82e67e60ed3d71ba26fe3
content-type
text/javascript; charset=utf-8
via
1.1 c359abeab0060e721cfaac65ce34b1cc.cloudfront.net (CloudFront)
cache-control
public, no-cache="Set-Cookie", max-age=31536000
x-amz-cf-pop
FRA56-C1
x-robots-tag
noindex, nofollow
x-amz-cf-id
KzgehcCJYO1Cf9DdPFHCVEgoRBT_CRjj4xW6kA5HE4UIKouj13Vczg==
expires
Sat, 20 May 2023 06:39:24 GMT
137ba0a3e420ae94e99622242e142dc7
e377.thestar.com/plugin/library/ 		267 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://e377.thestar.com/plugin/library/137ba0a3e420ae94e99622242e142dc7
Requested by
Host: e377.thestar.com
URL: https://e377.thestar.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-18.fra56.r.cloudfront.net
Software
- /
Resource Hash
3c96559ea2342f9ba868e360c2b29d1cfabc350de16ba0c4ea4bc389a7b19564
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 01:19:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
age
574891
x-cache
Hit from cloudfront
p3p
policyref="", CP="DSP"
content-length
87965
x-xss-protection
1; mode=block
last-modified
Tue, 09 Aug 2022 01:19:02 GMT
server
-
etag
137ba0a3e420ae94e99622242e142dc7
content-type
text/javascript; charset=utf-8
via
1.1 c359abeab0060e721cfaac65ce34b1cc.cloudfront.net (CloudFront)
cache-control
public, no-cache="Set-Cookie", max-age=31536000
x-amz-cf-pop
FRA56-C1
x-robots-tag
noindex, nofollow
x-amz-cf-id
DZ0p-b3qP_P1Chai_QTixv9ZoFHp4ZKMGnDM7qAKzMVUUpnam6LpBw==
expires
Thu, 10 Aug 2023 01:19:02 GMT
LB-Zone-1
e377.thestar.com/DG/DEFAULT/rest/rpc/424/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://e377.thestar.com/DG/DEFAULT/rest/rpc/424/LB-Zone-1?referer=https%3A%2F%2Fwww.thestar.com%2Flife%2Ffashion_style%2F2022%2F08%2F04%2Fwe-put-walking-sandals-to-the-testthese-are-the-comfiest.html&bcsessionid=&bctempid=7b55be3d-b452-4908-94ac-42e1dcb5f847&overruleReferrer=&time=2022-08-16T17%3A00%3A33%2B00%3A00&ts=1660669233750
Requested by
Host: e377.thestar.com
URL: https://e377.thestar.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-18.fra56.r.cloudfront.net
Software
- /
Resource Hash
7d939318e3761dd5124fbd26a5a4b343d5af592312dc6d927c5b31fe5fa57f30
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.thestar.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 16 Aug 2022 17:00:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
FRA56-C1
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
976
x-xss-protection
1; mode=block
pragma
no-cache
access-control-allow-origin
https://www.thestar.com
server
-
content-type
application/json; charset=utf-8
via
1.1 c359abeab0060e721cfaac65ce34b1cc.cloudfront.net (CloudFront)
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
_1gqDdgKim55vkO-23ieKsrwfOk_aIv3lYtd8yQ_OZbIIDVz13x_wQ==
expires
Thu, 01 Jan 1970 00:00:00 GMT
intl-messageformat.3008fd0176767b7bd4fe.js
cdn.viafoura.net/chunks/vendors~languages/ 		17 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/chunks/vendors~languages/intl-messageformat.3008fd0176767b7bd4fe.js
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:223c:3200:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
463ced94d9222d9f5ffe8aa33b3775bcea88be4e082c3d94f19c5022ba453bd3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 14:33:39 GMT
content-encoding
gzip
age
8815
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 16 Aug 2022 14:32:39 GMT
server
AmazonS3
etag
W/"10b6d53b5f433ad48763734899625ae1"
vary
Accept-Encoding
x-amz-version-id
7lApvwSRtgmSvOEA0qkNeqZelKuZiadA
via
1.1 b9d2ce196c8a711fb15d92175d58476e.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA56-P2
content-type
application/javascript; charset=utf-8
x-amz-cf-id
go4nIfSenurebk_7Q6hEn56qTW_D_oo-HcRUumS9Myt3BARdOG-0hw==
intl-messageformat.72b9b7519ef8bcd5ae2e.js
cdn.viafoura.net/chunks/languages/ 		134 B
518 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/chunks/languages/intl-messageformat.72b9b7519ef8bcd5ae2e.js
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:223c:3200:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7d425eaf04f774bece10d7f67a0dcbe9d4c5d9223855093f23f2e67f52e6e52a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 14:33:39 GMT
via
1.1 b9d2ce196c8a711fb15d92175d58476e.cloudfront.net (CloudFront)
age
8815
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
content-length
134
last-modified
Tue, 16 Aug 2022 14:32:29 GMT
server
AmazonS3
etag
"1201d1fdc20dddfb483ff176da7557a6"
x-amz-version-id
BcdvPDUA7EaVB_zgsgtP2XJucQjnvuia
cache-control
max-age=31536000
x-amz-cf-pop
FRA56-P2
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
x-amz-cf-id
AMMBWgkFVAXr9257fwSqt7uu1FT17iuNUw7TW9DIr9tA3plNnoikJA==
en-us-base-json.ebbdd68ab699783396cb.js
cdn.viafoura.net/chunks/languages/ 		19 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/chunks/languages/en-us-base-json.ebbdd68ab699783396cb.js
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:223c:3200:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9539d53fde0f0976637ee70b3ac04408510f532bf8fb11b5b2e9ee5f429f6822

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 14:33:39 GMT
content-encoding
br
age
8815
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 16 Aug 2022 14:32:29 GMT
server
AmazonS3
etag
W/"2059649c99fa75d56a815ed5bbb87c17"
vary
Accept-Encoding
x-amz-version-id
TDFu4fl3bhqFhKUEo03cwMisHLUxMiBm
via
1.1 b9d2ce196c8a711fb15d92175d58476e.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA56-P2
content-type
application/javascript; charset=utf-8
x-amz-cf-id
3slOd65lIYyM8b0_zfISKwIPeW44HKW5AiiTHRmxq9hQeSn9oQLVrQ==
integrator.js
adservice.google.de/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.thestar.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 16 Aug 2022 17:00:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.thestar.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 16 Aug 2022 17:00:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		265 KB
32 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=741729272613144&correlator=4283390905161063&eid=31068924%2C31068928%2C31062930&output=ldjh&gdfp_req=1&vrg=2022081101&ptt=17&impl=fifs&iu_parts=58580620%2Cthestar.com%2Clife%2Cfashion_style&enc_prev_ius=0%2F1%2F2%2F3%2C0%2F1%2F2%2F3%2C0%2F1%2F2%2F3%2C0%2F1%2F2%2F3%2C0%2F1%2F2%2F3%2C0%2F1%2F2%2F3%2C0%2F1%2F2%2F3%2C0%2F1%2F2%2F3%2C0%2F1%2F2%2F3%2C0%2F1%2F2%2F3%2C0%2F1%2F2%2F3%2C0%2F1%2F2%2F3&prev_iu_szs=1x1%2C728x90%2C728x90%7C970x250%2C728x90%7C970x250%2C134x170%2C134x170%2C134x170%2C134x170%2C2x1%2C300x250%7C300x600%2C300x250%7C300x600%2C300x250%7C300x600&ifi=1&adks=4035654557%2C1156395607%2C4182505931%2C4182505932%2C1720965207%2C1720965206%2C1720965205%2C1720965204%2C1175600395%2C737374873%2C737374870%2C737374871&sfv=1-0-38&fsapi=false&prev_scp=pos%3D1%26m_mv%3DslotNoSlotData%26m_gv%3DslotNoSlotData%26amznbid%3D2%26amznp%3D2%7Cpos%3D1%26m_mv%3DslotNoSlotData%26m_gv%3DslotNoSlotData%26amznbid%3D2%26amznp%3D2%7Cpos%3D2%26m_mv%3DslotNoSlotData%26m_gv%3DslotNoSlotData%26amznbid%3D2%26amznp%3D2%7Cpos%3D3%26m_mv%3DslotNoSlotData%26m_gv%3DslotNoSlotData%26amznbid%3D2%26amznp%3D2%7Cpos%3D1%26polarAdDisplayType%3Dwith_column_image%26m_mv%3DslotNoSlotData%26m_gv%3DslotNoSlotData%26amznbid%3D2%26amznp%3D2%7Cpos%3D1%26polarAdDisplayType%3Dwith_column_image%26m_mv%3DslotNoSlotData%26m_gv%3DslotNoSlotData%26amznbid%3D2%26amznp%3D2%7Cpos%3D1%26polarAdDisplayType%3Dwith_column_image%26m_mv%3DslotNoSlotData%26m_gv%3DslotNoSlotData%26amznbid%3D2%26amznp%3D2%7Cpos%3D1%26polarAdDisplayType%3Dwith_column_image%26m_mv%3DslotNoSlotData%26m_gv%3DslotNoSlotData%26amznbid%3D2%26amznp%3D2%7Cpos%3D1%7Cpos%3D1%7Cpos%3D2%7Cpos%3D3&eri=1&cust_params=permutive%3D%26gs_channels%3Dgs_fashion%252Cgt_positive%252Cts_hlth_orthotics%252Cgs_shopping_misc%252Cts_sprts_ctvty_wlkng_hkng%252Cgs_shopping%252Cgs_fashion_misc%252Cgs_science%252Cgs_event_blackfriday%252Cgt_positive_love%252Cts_grcry_rtlr_typ_grcry_str%252Cgv_safe%26m_data%3D1%26m_safety%3Dsafe%26m_categories%3Dmoat_safe%26m_mv%3DdataAvailable%26m_gv%3DdataAvailable%26tkspo%3D12%26env%3Dbeta%26referrer%3Dunknown%26environment%3Dproduction%26cutpoint%3Dlarge%26subscribed%3Dno%26registered%3Dno%26author%3Drenetse%26assetid%3D23713998-ba77-4fa1-8146-bc1557dd19cd%26kvng%3Dwalking_sandals%252Ccomfortable_footwear%252Cshopsmart%252Cecco%252Cbirkenstock%252Cteva%252Chunter%252Csorel%252Cthe_north_face%252Ceverlane%252Csmg_fashion_style%252Csmg2_life%252CInHouseArticle_thestar%26kvcalais%3Dfootwear%252Cconsumer_goods%252Csandals%252Cshoes%252Cbirkenstock%252Cshoe%252Cdeckers_outdoor_corporation%252Cslipper%252Cleanne_delap%26key%3D%2520%26article_b%3Dtrue&ppid=38293365494397713552403775458545939956&sc=1&cookie_enabled=1&abxe=1&dt=1660669233808&lmt=1660669233&dlt=1660669230821&idt=735&adxs=0%2C436%2C436%2C436%2C217%2C515%2C812%2C1110%2C1036%2C1050%2C1050%2C1050&adys=0%2C0%2C6443%2C7762%2C6611%2C6611%2C6611%2C6611%2C1379%2C1425%2C2503%2C3951&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9%7C10&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9%7Ca%7Cb%7Cc&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.thestar.com%2Flife%2Ffashion_style%2F2022%2F08%2F04%2Fwe-put-walking-sandals-to-the-testthese-are-the-comfiest.html&frm=20&vis=1&psz=1600x0%7C1600x90%7C728x90%7C728x90%7C273x0%7C273x0%7C273x0%7C273x0%7C328x1%7C300x-1%7C300x-1%7C300x-1&msz=1x-1%7C1600x90%7C728x90%7C728x90%7C273x0%7C273x0%7C273x0%7C273x0%7C328x1%7C300x-1%7C300x-1%7C300x-1&fws=0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C512%2C512%2C512&ohw=0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0&ga_vid=1582746846.1660669233&ga_sid=1660669234&ga_hid=883868760&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081101.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
741ecf209fb248d3fc84d4091eadf64d98c741986927c5077fb6aceaedae1c1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 17:00:34 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2,-2,-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33159
x-xss-protection
0
google-lineitem-id
-2,-1,-1,-1,-2,-2,-2,-2,-2,-1,-1,-1
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2,-1,-1,-1,-2,-2,-2,-2,-2,-1,-1,-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.thestar.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
3e869b80fb739c3fe70c77a4a5201a0d.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 6B1B 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://3e869b80fb739c3fe70c77a4a5201a0d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.thestar.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 16 Aug 2022 17:00:34 GMT
expires
Wed, 16 Aug 2023 17:00:34 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame D5EA 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: news.google.com
URL: https://news.google.com/swg/_/ui/v1/serviceiframe?_=461297&publicationId=thestar.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://news.google.com/
Origin
https://news.google.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 11:18:05 GMT
x-content-type-options
nosniff
age
20548
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 16 Aug 2023 11:18:05 GMT
events
events.kumulos.com/v1/app-installs/babff03d-6de4-454a-ad02-45b2fa76c5bf/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://events.kumulos.com/v1/app-installs/babff03d-6de4-454a-ad02-45b2fa76c5bf/events
Requested by
Host: static.app.delivery
URL: https://static.app.delivery/sdks/web/main.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:b0c0:3:f0::1bc:5000 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubdomains;
X-Content-Type-Options nosniff

Request headers

Accept
application/json
Referer
https://www.thestar.com/
Authorization
Basic ZWU3M2FkYjUtMWRmOS00ZGY4LTkyYTQtNzhlYWYxODJmNmU5OmUyVG1NTWNHMXlGOUR4OGxrZ0tBOVVXRkk4bHVOWVozZkhlUw==
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 16 Aug 2022 17:00:33 GMT
x-content-type-options
nosniff
server
nginx
access-control-max-age
36000
access-control-allow-methods
GET,POST,PUT,DELETE,OPTIONS,PATCH
access-control-allow-origin
*
cache-control
no-cache, private
strict-transport-security
max-age=15552000; includeSubdomains;
access-control-allow-headers
Content-Type, Origin, Accept, Authorization,Cache-Control,X-Requested-With
events
events.kumulos.com/v1/app-installs/babff03d-6de4-454a-ad02-45b2fa76c5bf/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://events.kumulos.com/v1/app-installs/babff03d-6de4-454a-ad02-45b2fa76c5bf/events
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:b0c0:3:f0::1bc:5000 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubdomains;
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type
Access-Control-Request-Method
POST
Origin
https://www.thestar.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-headers
Content-Type, Origin, Accept, Authorization,Cache-Control,X-Requested-With
access-control-allow-methods
GET,POST,PUT,DELETE,OPTIONS,PATCH
access-control-allow-origin
*
access-control-max-age
36000
allow
POST
cache-control
no-cache, private
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 16 Aug 2022 17:00:33 GMT
server
nginx
strict-transport-security
max-age=15552000; includeSubdomains;
vary
Accept-Encoding
x-content-type-options
nosniff
0.1a2bd25f84fa6c122df3.css
cdn.viafoura.net/ 		86 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/0.1a2bd25f84fa6c122df3.css
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:223c:3200:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d7c84aa6aaa37c55b53db38095a5ff9123ccb57f2e2bf9ea70e40fc1a9710996

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 14:33:39 GMT
content-encoding
br
age
8815
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 16 Aug 2022 14:32:54 GMT
server
AmazonS3
etag
W/"e86d8444abeba527138ec55f3fa8b30c"
vary
Accept-Encoding
x-amz-version-id
vhG3V8sxNwBxu8n46XW0agOorf6C_yOU
via
1.1 b9d2ce196c8a711fb15d92175d58476e.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA56-P2
content-type
text/css; charset=utf-8
x-amz-cf-id
8E_ra9BXRPxEwfgI1u9lsjMsvTcPTEDAypEObwqzbRVxo_0TKeQoAQ==
da.36440f1274fcec6b82d6.js
cdn.viafoura.net/chunks/ 		141 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/chunks/da.36440f1274fcec6b82d6.js
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:223c:3200:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ca4caf77589c9d82638bd6f9cec57b8da4151715c9d5d03861802949a9dcb6f3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 14:33:39 GMT
content-encoding
br
age
8815
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 16 Aug 2022 14:32:52 GMT
server
AmazonS3
etag
W/"dc9ea55ba06c980de4e8e0f9613aa0b5"
vary
Accept-Encoding
x-amz-version-id
b_kDnSOHBY5PFJI4FGR8oZwly6y3lijn
via
1.1 b9d2ce196c8a711fb15d92175d58476e.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA56-P2
content-type
application/javascript; charset=utf-8
x-amz-cf-id
QS5Bp2eDVqfHo2_TGsUQcjdKls0jebiTIiPvNQoHXp8qWys0mfeO4g==
vendors~commenting~core_templates~media_gallery~ratings~sharebar~vf-legacy~widgets_v2.98c1d94dda07c2ef885c.js
cdn.viafoura.net/chunks/ 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/chunks/vendors~commenting~core_templates~media_gallery~ratings~sharebar~vf-legacy~widgets_v2.98c1d94dda07c2ef885c.js
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:223c:3200:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
19cbeb5cfa6eb1a1589a5140a96bffc3448e5f9c6e046de1bb46dfc32d83106f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 14:33:39 GMT
content-encoding
br
age
8815
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 16 Aug 2022 14:32:42 GMT
server
AmazonS3
etag
W/"9bdd2874851ed2e6fedb144c74e2915a"
vary
Accept-Encoding
x-amz-version-id
SbUYdfF7WOXVs1aeToZN2ZTPU.0z4SDA
via
1.1 b9d2ce196c8a711fb15d92175d58476e.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA56-P2
content-type
application/javascript; charset=utf-8
x-amz-cf-id
Gu34mLtAnqx0ooAKBI4eVnADQz52Jfv93B09Dl1-8e5JMgV4BSBB7g==
vendors~commenting~media_gallery~ratings~sharebar~vf-legacy~widgets_v2.b63b22e521d23e37e1f5.js
cdn.viafoura.net/chunks/ 		27 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/chunks/vendors~commenting~media_gallery~ratings~sharebar~vf-legacy~widgets_v2.b63b22e521d23e37e1f5.js
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:223c:3200:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
927c5fe020b0c078ab5c0d6fc1796250e5f8d341b9c1badb0344efcdc8752e2c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 14:33:39 GMT
content-encoding
br
age
8815
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 16 Aug 2022 14:32:51 GMT
server
AmazonS3
etag
W/"578d41cb29625f8768b5eba087433fd4"
vary
Accept-Encoding
x-amz-version-id
Mgk6kU.f2wTBFnaPJ21lxqHO_n9McGgC
via
1.1 b9d2ce196c8a711fb15d92175d58476e.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA56-P2
content-type
application/javascript; charset=utf-8
x-amz-cf-id
rTsbkXl-BYkV_1QW5r3pweLHcVt7llwR5BQxlRwAM3oOkz_joLF5iA==
default~commenting~media_gallery~ratings~sharebar~vf-legacy~widgets_v2.9c5e067138c84f1d49ca.js
cdn.viafoura.net/chunks/ 		131 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/chunks/default~commenting~media_gallery~ratings~sharebar~vf-legacy~widgets_v2.9c5e067138c84f1d49ca.js
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:223c:3200:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d0e2ea8fa83ae1c914c89ea0cd694c189d13abe43dd213d81d1c303c2217ad8e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 14:33:39 GMT
content-encoding
br
age
8815
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 16 Aug 2022 14:32:41 GMT
server
AmazonS3
etag
W/"4250754250dbf68dfa6034e9ba40c643"
vary
Accept-Encoding
x-amz-version-id
2zSS7q.JKejSH4KtY8Xr0xFy5sq2s344
via
1.1 b9d2ce196c8a711fb15d92175d58476e.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA56-P2
content-type
application/javascript; charset=utf-8
x-amz-cf-id
SkbUUjFWkBaHe4oa9i72hxJx0qRdHCwpfnzOhnNC7zx_Nxe-1d0HDQ==
31.814ae5d47c007a554410.css
cdn.viafoura.net/ 		32 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/31.814ae5d47c007a554410.css
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:223c:3200:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
df60469c04f4bc5e3d043c51a8f094e973380f42ee4c812e2062045f0e41ae0a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 14:33:39 GMT
content-encoding
br
age
8815
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 16 Aug 2022 14:32:55 GMT
server
AmazonS3
etag
W/"0e91859a5e26e79883562c5960cc9a46"
vary
Accept-Encoding
x-amz-version-id
aWkYFspynb9MtxqH2tuLZSnJc6vQehrz
via
1.1 b9d2ce196c8a711fb15d92175d58476e.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA56-P2
content-type
text/css; charset=utf-8
x-amz-cf-id
A4lfkxl0xo8iOBJtsMOV7TBQ6plL0HP0hs1sIn0pX39YgNe_6EPeTg==
commenting.6e330706945ecdf59994.js
cdn.viafoura.net/chunks/ 		193 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/chunks/commenting.6e330706945ecdf59994.js
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:223c:3200:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
40668c3ddd6d6c33cc486b27f0050c5817a235e2c7e871a4f7da8861c4282565

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 14:33:39 GMT
content-encoding
br
age
8815
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 16 Aug 2022 14:32:45 GMT
server
AmazonS3
etag
W/"b761a20d1add6f39c83911eb4eec9167"
vary
Accept-Encoding
x-amz-version-id
DzNdwY3GXBHIs4E_M_4EkqQjSuTQom17
via
1.1 b9d2ce196c8a711fb15d92175d58476e.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA56-P2
content-type
application/javascript; charset=utf-8
x-amz-cf-id
UyGZz_7u9pXQG5-fVy2uE268_4ztPerFLdN5xrUIgG69A9Xn3GxHbw==
core_templates.6f729f85dfc1c6fede4d.js
cdn.viafoura.net/chunks/ 		118 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/chunks/core_templates.6f729f85dfc1c6fede4d.js
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:223c:3200:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3f0b12260733d31748c38229450df97234120beee2eeef8e788025f268732b20

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 14:33:39 GMT
content-encoding
br
age
8815
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 16 Aug 2022 14:32:46 GMT
server
AmazonS3
etag
W/"aaa742f8675c39812063760bb7bee5da"
vary
Accept-Encoding
x-amz-version-id
UuSBxok.F8vq.af16Eio0E6Rp.SKymPY
via
1.1 b9d2ce196c8a711fb15d92175d58476e.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA56-P2
content-type
application/javascript; charset=utf-8
x-amz-cf-id
fmZeYtFWVI5KN4FS63tVAAvu8eW5BER9HDNrqVXBvCLMXTWXkf54kQ==
vf-css.b1258334a6c6d0902f77.js
cdn.viafoura.net/chunks/ 		123 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/chunks/vf-css.b1258334a6c6d0902f77.js
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:223c:3200:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
076d1e477d09a5de72cee6f5ddc6d41fd172c368ce1f883356da757770e06c09

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 14:33:39 GMT
content-encoding
br
age
8815
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 16 Aug 2022 14:32:49 GMT
server
AmazonS3
etag
W/"d9af3d9c568aefbcc19183fbbc52ad7a"
vary
Accept-Encoding
x-amz-version-id
q4qvPqMVn0br3.9deA6zn0fFr8lIgCN.
via
1.1 b9d2ce196c8a711fb15d92175d58476e.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA56-P2
content-type
application/javascript; charset=utf-8
x-amz-cf-id
3di9OG5vP0-hmR5MaJ8LwRDbgItle-ncxCoM25OVowa_paSPooTTNA==
pages
api.viafoura.co/v2/www.thestar.com/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.viafoura.co/v2/www.thestar.com/pages
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:44f0:4840:c560:4469:324d:51db Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
ee082b40c89e08fb31aa0f5b95e3f1af59043d1353c1b6e1f057f49032f02516

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.thestar.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 16 Aug 2022 17:00:34 GMT
content-encoding
gzip
server
nginx/1.18.0 (Ubuntu)
x-instance-id
i-0e745cabdcf7486df
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE, PATCH, HEAD
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.thestar.com
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
expires
Tue, 16 Aug 2022 17:00:34 GMT
pages
api.viafoura.co/v2/www.thestar.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.viafoura.co/v2/www.thestar.com/pages
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:44f0:4840:c560:4469:324d:51db Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.thestar.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE, PATCH, HEAD
access-control-allow-origin
https://www.thestar.com
access-control-max-age
1728000
cache-control
max-age=0
date
Tue, 16 Aug 2022 17:00:33 GMT
expires
Tue, 16 Aug 2022 17:00:33 GMT
server
nginx/1.18.0 (Ubuntu)
channels
push.kumulos.com/v1/app-installs/babff03d-6de4-454a-ad02-45b2fa76c5bf/ 		22 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://push.kumulos.com/v1/app-installs/babff03d-6de4-454a-ad02-45b2fa76c5bf/channels
Requested by
Host: static.app.delivery
URL: https://static.app.delivery/sdks/web/main.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:b0c0:3:d0::be2:3001 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
922fc709d074fe3e91af4be23229aea33cac50e12d83560d206593be45c47a55
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubdomains;
X-Content-Type-Options nosniff

Request headers

Accept
application/json
Referer
https://www.thestar.com/
Authorization
Basic ZWU3M2FkYjUtMWRmOS00ZGY4LTkyYTQtNzhlYWYxODJmNmU5OmUyVG1NTWNHMXlGOUR4OGxrZ0tBOVVXRkk4bHVOWVozZkhlUw==
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 16 Aug 2022 17:00:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET,POST,PUT,DELETE,OPTIONS,PATCH
content-type
application/json
access-control-allow-origin
*
access-control-max-age
36000
cache-control
no-cache, private
strict-transport-security
max-age=15552000; includeSubdomains;
access-control-allow-headers
Content-Type, Origin, Accept, Authorization,Cache-Control,X-Requested-With
channels
push.kumulos.com/v1/app-installs/babff03d-6de4-454a-ad02-45b2fa76c5bf/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://push.kumulos.com/v1/app-installs/babff03d-6de4-454a-ad02-45b2fa76c5bf/channels
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:b0c0:3:d0::be2:3001 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubdomains;
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type
Access-Control-Request-Method
GET
Origin
https://www.thestar.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-headers
Content-Type, Origin, Accept, Authorization,Cache-Control,X-Requested-With
access-control-allow-methods
GET,POST,PUT,DELETE,OPTIONS,PATCH
access-control-allow-origin
*
access-control-max-age
36000
allow
GET,HEAD
cache-control
no-cache, private
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 16 Aug 2022 17:00:33 GMT
server
nginx
strict-transport-security
max-age=15552000; includeSubdomains;
vary
Accept-Encoding
x-content-type-options
nosniff
m=byfTOb,lsjVmc,xUdipf,OTA3Ae,COQbmf,ws9Tlc,fKUV3e,aurFic,U0aPgd,LEikZe,NwH0H,OmgaI,gychg,EEDORb,Mlhmy,ZfAoz,kWgXee,ovKuLd,yDVVkb,KG2eXe,DsXBRb,zG9H6c,DfBslb
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.hMomzafXNr0.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.AlONCiruwd0.L.B1... Frame D5EA 		133 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.hMomzafXNr0.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.AlONCiruwd0.L.B1.O/am=ZgAg/d=1/exm=_b,_r,_tp/excm=_b,_r,_tp,serviceiframeview/ed=1/wt=2/rs=ABXTjI5pMRZ8nABCVLTgH1Kenf9iNSdWkQ/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yxTchf:KUM7Z;qddgKe:xQtZb;iFQyKf:vfuNJf;dIoSBb:SpsfSb;zxnPse:GkRiKb;NSEoX:lazG7b;nAFL3:NTMZac;oGtAuc:sOXFj;eBAeSb:zbML3c;Pjplud:EEDORb;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:VDovNc;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;NPKaK:SdcwHb;pXdRYb:MdUzUe;SNUn3:ZwDk9d;LBgRLc:SdcwHb;wR5FRb:O1Gjze/m=byfTOb,lsjVmc,xUdipf,OTA3Ae,COQbmf,ws9Tlc,fKUV3e,aurFic,U0aPgd,LEikZe,NwH0H,OmgaI,gychg,EEDORb,Mlhmy,ZfAoz,kWgXee,ovKuLd,yDVVkb,KG2eXe,DsXBRb,zG9H6c,DfBslb
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.hMomzafXNr0.es5.O/am=ZgAg/d=1/excm=_b,_r,_tp,serviceiframeview/ed=1/dg=0/wt=2/rs=ABXTjI6kgsw59qjzgKoAQ0HqE0EEKhkoGw/m=_b,_tp,_r
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2877c4453f9302252096624354dce539acd6d3b482b11f2af50c73289ac06e5a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 15 Aug 2022 21:27:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
70399
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
45762
x-xss-protection
0
last-modified
Sat, 13 Aug 2022 01:58:47 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Tue, 15 Aug 2023 21:27:15 GMT
/
p1.parsely.com/plogger/ 		43 B
258 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://p1.parsely.com/plogger/?rand=1660669233977&plid=61450517&idsite=thestar.com&url=https%3A%2F%2Fwww.thestar.com%2Flife%2Ffashion_style%2F2022%2F08%2F04%2Fwe-put-walking-sandals-to-the-testthese-are-the-comfiest.html&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%7D&sid=1&surl=https%3A%2F%2Fwww.thestar.com%2Flife%2Ffashion_style%2F2022%2F08%2F04%2Fwe-put-walking-sandals-to-the-testthese-are-the-comfiest.html&sref=&sts=1660669233119&slts=0&date=Tue+Aug+16+2022+17%3A00%3A33+GMT%2B0000+(GMT)&action=heartbeat&inc=1&tt=801&u=pid%3Dd8710dfaf13b7f0666842b08d24ccc29
Requested by
Host: cdn.parsely.com
URL: https://cdn.parsely.com/keys/thestar.com/p.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.155.18.159 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-155-18-159.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Tue, 16 Aug 2022 17:00:34 GMT
Cache-Control
no-cache
Last-Modified
Tuesday, 16-Aug-2022 17:00:34 GMT
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
ruleenginedata
www.thestar.com/api/ 		11 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.thestar.com/api/ruleenginedata
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=ae21b620
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-75.fra56.r.cloudfront.net
Software
Apache/2.4.54 (Unix) OpenSSL/1.1.1n / Express
Resource Hash
f1dc555b74071c11fb7bbcd86fa650618db83723a8828d04850e90ec73dc5898
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.thestar.com/life/fashion_style/2022/08/04/we-put-walking-sandals-to-the-testthese-are-the-comfiest.html
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 16:56:24 GMT
content-encoding
gzip
vary
Accept-Encoding
server
Apache/2.4.54 (Unix) OpenSSL/1.1.1n
age
250
x-powered-by
Express
etag
W/"2c58-On6xrYp0/du6eGARnnYHeUEyBMw"
x-frame-options
SAMEORIGIN
x-cache
Hit from cloudfront
content-type
application/json; charset=utf-8
access-control-allow-origin
https://amp.thestar.com
cache-control
max-age=180
x-amz-cf-pop
FRA56-C2
x-amz-cf-id
ss9z3ZUTUu5hQDv71XAl8gD2u60lO30zsR_RsGwolF1ibE0c8x9gFg==
via
1.1 747e99d9d8c5e29fdc713cf866bc3f82.cloudfront.net (CloudFront)
/
p1.parsely.com/plogger/ 		43 B
258 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p1.parsely.com/plogger/?rand=1660669233982&plid=61450517&idsite=thestar.com&url=https%3A%2F%2Fwww.thestar.com%2Flife%2Ffashion_style%2F2022%2F08%2F04%2Fwe-put-walking-sandals-to-the-testthese-are-the-comfiest.html&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%22_scrollIncrement%22%3A1%2C%22_scrollMethod%22%3A%22heartbeat%22%2C%22_y%22%3A0%2C%22_bodyHeight%22%3A8693%2C%22_trustBar%22%3A6097%7D&sid=1&surl=https%3A%2F%2Fwww.thestar.com%2Flife%2Ffashion_style%2F2022%2F08%2F04%2Fwe-put-walking-sandals-to-the-testthese-are-the-comfiest.html&sref=&sts=1660669233119&slts=0&title=We+put+walking+sandals+to+the+test%E2%80%94these+are+the+comfiest+%7C+The+Star&date=Tue+Aug+16+2022+17%3A00%3A33+GMT%2B0000+(GMT)&action=_scroll&u=pid%3Dd8710dfaf13b7f0666842b08d24ccc29
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/life/fashion_style/2022/08/04/we-put-walking-sandals-to-the-testthese-are-the-comfiest.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.155.18.159 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-155-18-159.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Tue, 16 Aug 2022 17:00:34 GMT
Cache-Control
no-cache
Last-Modified
Tuesday, 16-Aug-2022 17:00:34 GMT
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
/
p1.parsely.com/plogger/ 		43 B
258 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p1.parsely.com/plogger/?rand=1660669233984&plid=61450517&idsite=thestar.com&url=https%3A%2F%2Fwww.thestar.com%2Flife%2Ffashion_style%2F2022%2F08%2F04%2Fwe-put-walking-sandals-to-the-testthese-are-the-comfiest.html&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%22_scrollIncrement%22%3A0%2C%22_scrollMethod%22%3A%22pageview%22%2C%22_y%22%3A0%2C%22_bodyHeight%22%3A8693%2C%22_trustBar%22%3A6097%7D&sid=1&surl=https%3A%2F%2Fwww.thestar.com%2Flife%2Ffashion_style%2F2022%2F08%2F04%2Fwe-put-walking-sandals-to-the-testthese-are-the-comfiest.html&sref=&sts=1660669233119&slts=0&title=We+put+walking+sandals+to+the+test%E2%80%94these+are+the+comfiest+%7C+The+Star&date=Tue+Aug+16+2022+17%3A00%3A33+GMT%2B0000+(GMT)&action=pageview&js=1&pvid=36395926&u=pid%3Dd8710dfaf13b7f0666842b08d24ccc29
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/life/fashion_style/2022/08/04/we-put-walking-sandals-to-the-testthese-are-the-comfiest.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.155.18.159 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-155-18-159.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Tue, 16 Aug 2022 17:00:34 GMT
Cache-Control
no-cache
Last-Modified
Tuesday, 16-Aug-2022 17:00:34 GMT
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
en-us-conversations-json.e69fe07610de4ef87d49.js
cdn.viafoura.net/chunks/languages/ 		14 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/chunks/languages/en-us-conversations-json.e69fe07610de4ef87d49.js
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:223c:3200:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9de157a7190bb59b1dbcf3176aaf405ef6e699e7a2c9ff7271c6162baef7be50

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 14:33:39 GMT
content-encoding
br
age
8816
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 16 Aug 2022 14:32:27 GMT
server
AmazonS3
etag
W/"05baf7b2cbf4edd5dbd7fe37fea38878"
vary
Accept-Encoding
x-amz-version-id
qbTDT1a2k8Ke_vrPsKlnBSzAFT.vrxKk
via
1.1 b9d2ce196c8a711fb15d92175d58476e.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA56-P2
content-type
application/javascript; charset=utf-8
x-amz-cf-id
S2gYkKmbIeQD8RajZQ0keAfMPDr4fM8WB3MSXtqd4r5yJp1SkS8sHQ==
roboto-regular.woff2
cdn.viafoura.net/front/assets/fonts/roboto/ 		49 KB
49 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/front/assets/fonts/roboto/roboto-regular.woff2
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/life/fashion_style/2022/08/04/we-put-walking-sandals-to-the-testthese-are-the-comfiest.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:223c:3200:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
659a8dee04b272c247129ff6513d23c16f4f9c183b5d64e7347815af8861a2a4

Request headers

Referer
https://www.thestar.com/
Origin
https://www.thestar.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 14:33:39 GMT
via
1.1 0baa339c02d06988c65d8623d1b3c6ec.cloudfront.net (CloudFront)
age
8816
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
content-length
50240
last-modified
Fri, 27 May 2022 18:21:54 GMT
server
AmazonS3
etag
"184a2a669cf798f8d80bcfba041c3ecf"
access-control-max-age
3000
access-control-allow-methods
GET
x-amz-version-id
2py.l0APYIGxB_oJXxyO0sEiyyLtw44Y
access-control-allow-origin
*
cache-control
public,max-age=31536000
x-amz-cf-pop
FRA56-P2
accept-ranges
bytes
content-type
font/woff2
x-amz-cf-id
iC_B9Xq0b7QJmn-JE1Ov907lxWO3EjKT5zcETLsmaioELPTtXKW9sw==
m=bm51tf
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.hMomzafXNr0.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.AlONCiruwd0.L.B1... Frame D5EA 		1 KB
713 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.hMomzafXNr0.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.AlONCiruwd0.L.B1.O/am=ZgAg/d=1/exm=COQbmf,DfBslb,DsXBRb,EEDORb,KG2eXe,LEikZe,Mlhmy,NwH0H,OTA3Ae,OmgaI,U0aPgd,ZfAoz,_b,_r,_tp,aurFic,byfTOb,fKUV3e,gychg,kWgXee,lsjVmc,ovKuLd,ws9Tlc,xUdipf,yDVVkb,zG9H6c/excm=_b,_r,_tp,serviceiframeview/ed=1/wt=2/rs=ABXTjI5pMRZ8nABCVLTgH1Kenf9iNSdWkQ/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yxTchf:KUM7Z;qddgKe:xQtZb;iFQyKf:vfuNJf;dIoSBb:SpsfSb;zxnPse:GkRiKb;NSEoX:lazG7b;nAFL3:NTMZac;oGtAuc:sOXFj;eBAeSb:zbML3c;Pjplud:EEDORb;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:VDovNc;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;NPKaK:SdcwHb;pXdRYb:MdUzUe;SNUn3:ZwDk9d;LBgRLc:SdcwHb;wR5FRb:O1Gjze/m=bm51tf
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.hMomzafXNr0.es5.O/am=ZgAg/d=1/excm=_b,_r,_tp,serviceiframeview/ed=1/dg=0/wt=2/rs=ABXTjI6kgsw59qjzgKoAQ0HqE0EEKhkoGw/m=_b,_tp,_r
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
700b7be33a627ba6e4d3bff4d3c7634ef42d79f2d199e267f7c8b916be2835dc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 15 Aug 2022 21:27:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
70399
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
687
x-xss-protection
0
last-modified
Sat, 13 Aug 2022 01:58:47 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Tue, 15 Aug 2023 21:27:15 GMT
vf-legacy.25671e4284e0ae0da65d.js
cdn.viafoura.net/chunks/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/chunks/vf-legacy.25671e4284e0ae0da65d.js
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:223c:3200:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d9fd49db0f2c0aff8fb8be5b59816580699583b4b77a1c78edeef7fb9b8e049f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 14:33:39 GMT
content-encoding
br
age
8816
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 16 Aug 2022 14:32:49 GMT
server
AmazonS3
etag
W/"c965358781ea370dd4b23987b4db835a"
vary
Accept-Encoding
x-amz-version-id
47zFwpTgNIC9dZiGhUbZo9p6LhLRqrAl
via
1.1 b9d2ce196c8a711fb15d92175d58476e.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA56-P2
content-type
application/javascript; charset=utf-8
x-amz-cf-id
6mSXtSpIgWwAqRmXqq4XUJOhvxgmW9ayzuSfIZSzIBWVPqRhocrdyg==
pages
api.viafoura.co/v2/www.thestar.com/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.viafoura.co/v2/www.thestar.com/pages
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:44f0:4840:c560:4469:324d:51db Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
ee082b40c89e08fb31aa0f5b95e3f1af59043d1353c1b6e1f057f49032f02516

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.thestar.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 16 Aug 2022 17:00:34 GMT
content-encoding
gzip
server
nginx/1.18.0 (Ubuntu)
x-instance-id
i-087f6ef5e96b6898c
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE, PATCH, HEAD
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.thestar.com
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
expires
Tue, 16 Aug 2022 17:00:34 GMT
batchexecute
news.google.com/_/SubscribewithgoogleClientUi/data/ Frame D5EA 		571 B
417 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://news.google.com/_/SubscribewithgoogleClientUi/data/batchexecute?rpcids=SlvRf&source-path=%2Fswg%2F_%2Fui%2Fv1%2Fserviceiframe&f.sid=-5903301267080814251&bl=boq_subscribewithgoogleclientserver_20220814.16_p0&hl=de&soc-app=673&soc-platform=1&soc-device=1&_reqid=61235&rt=c
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.hMomzafXNr0.es5.O/am=ZgAg/d=1/excm=_b,_r,_tp,serviceiframeview/ed=1/dg=0/wt=2/rs=ABXTjI6kgsw59qjzgKoAQ0HqE0EEKhkoGw/m=_b,_tp,_r
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
64a66a029f10407b1501cf078360d67b5ebc5d12a56cf1b5e8eda50cce7e2b05
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/SubscribewithgoogleClientUi/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-Same-Domain
1
Referer
https://news.google.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Tue, 16 Aug 2022 17:00:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
same-site
content-disposition
attachment; filename="response.bin"; filename*=UTF-8''response.bin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
pragma
no-cache
server
ESF
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
report-to
{"group":"SubscribewithgoogleClientUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/SubscribewithgoogleClientUi/external"}]}
content-type
application/json; charset=utf-8
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy
require-trusted-types-for 'script';report-uri /_/SubscribewithgoogleClientUi/cspreport
cross-origin-opener-policy-report-only
same-origin-allow-popups; report-to="SubscribewithgoogleClientUi"
expires
Mon, 01 Jan 1990 00:00:00 GMT
424
e377.thestar.com/DG/DEFAULT/rest/rpc/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://e377.thestar.com/DG/DEFAULT/rest/rpc/424?referer=https%3A%2F%2Fwww.thestar.com%2Flife%2Ffashion_style%2F2022%2F08%2F04%2Fwe-put-walking-sandals-to-the-testthese-are-the-comfiest.html&bcsessionid=7b55be3d-b452-4908-94ac-42e1dcb5f847&bctempid=&overruleReferrer=&time=2022-08-16T17%3A00%3A34%2B00%3A00&ts=1660669234239
Requested by
Host: e377.thestar.com
URL: https://e377.thestar.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-18.fra56.r.cloudfront.net
Software
- /
Resource Hash
66f09061b0d7ccb4e944c7b147c326e397b3e0f2ee82733af021934a1f5d9116
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.thestar.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 16 Aug 2022 17:00:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
FRA56-C1
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
2425
x-xss-protection
1; mode=block
pragma
no-cache
access-control-allow-origin
https://www.thestar.com
server
-
content-type
application/json; charset=utf-8
via
1.1 c359abeab0060e721cfaac65ce34b1cc.cloudfront.net (CloudFront)
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
z7Cxc_vLDQeKZB4jKsuQUoTYvWkwtt6pn0QMKy_HdouBNzl_jaWUTA==
expires
Thu, 01 Jan 1970 00:00:00 GMT
424
e377.thestar.com/DG/DEFAULT/rest/rpc/ 		562 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://e377.thestar.com/DG/DEFAULT/rest/rpc/424?referer=https%3A%2F%2Fwww.thestar.com%2Flife%2Ffashion_style%2F2022%2F08%2F04%2Fwe-put-walking-sandals-to-the-testthese-are-the-comfiest.html&bcsessionid=7b55be3d-b452-4908-94ac-42e1dcb5f847&bctempid=&overruleReferrer=&time=2022-08-16T17%3A00%3A34%2B00%3A00&ts=1660669234246
Requested by
Host: e377.thestar.com
URL: https://e377.thestar.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-18.fra56.r.cloudfront.net
Software
- /
Resource Hash
95572899b65b162fdac5d1da7b35b7438b5908be21f8d7db83b7ec902260190e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.thestar.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 16 Aug 2022 17:00:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
FRA56-C1
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
163
x-xss-protection
1; mode=block
pragma
no-cache
access-control-allow-origin
https://www.thestar.com
server
-
content-type
application/json; charset=utf-8
via
1.1 c359abeab0060e721cfaac65ce34b1cc.cloudfront.net (CloudFront)
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
FoXNaGcoCuwqV005fgDaYubK3DRuVzkUNgFg-Z1l2OI5M49F8IZUQA==
expires
Thu, 01 Jan 1970 00:00:00 GMT
424
e377.thestar.com/DG/DEFAULT/rest/rpc/ 		369 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://e377.thestar.com/DG/DEFAULT/rest/rpc/424?referer=https%3A%2F%2Fwww.thestar.com%2Flife%2Ffashion_style%2F2022%2F08%2F04%2Fwe-put-walking-sandals-to-the-testthese-are-the-comfiest.html&bcsessionid=7b55be3d-b452-4908-94ac-42e1dcb5f847&bctempid=&overruleReferrer=&time=2022-08-16T17%3A00%3A34%2B00%3A00&ts=1660669234258
Requested by
Host: e377.thestar.com
URL: https://e377.thestar.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-18.fra56.r.cloudfront.net
Software
- /
Resource Hash
59c44fb86ac825b26101bf7d372ac8d638df485c76a9f9ae01b287682d24267e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.thestar.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 16 Aug 2022 17:00:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
FRA56-C1
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
175
x-xss-protection
1; mode=block
pragma
no-cache
access-control-allow-origin
https://www.thestar.com
server
-
content-type
application/json; charset=utf-8
via
1.1 c359abeab0060e721cfaac65ce34b1cc.cloudfront.net (CloudFront)
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
Ex7qIL5LrdG5vWjxdXA30ehxJrrOpSedgt-GL7wMHPYTR9t0xJO7mg==
expires
Thu, 01 Jan 1970 00:00:00 GMT
__activity.gif
query.petametrics.com/v3/q9fqmmutk5a97trs/271cfd89-2cbd-464e-cdcd-cd3ccf44e8a8/ 		35 B
49 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://query.petametrics.com/v3/q9fqmmutk5a97trs/271cfd89-2cbd-464e-cdcd-cd3ccf44e8a8/__activity.gif?e=conversion_shown&ct=We+put+walking+sandals+to+the+test%E2%80%94these+are+the+comfiest&ccu=https%3A%2F%2Fwww.thestar.com%2Flife%2Ffashion_style%2F2022%2F08%2F04%2Fwe-put-walking-sandals-to-the-testthese-are-the-comfiest.html&tspl=5830&blst=3991&ist=4550&iet=4555&bdst=3991&bdet=4453&bcttt=13&jsfv=nbc&ts=1660669234243&jsk=q9fqmmutk5a97trs&jsv=20220510&cu=https%3A%2F%2Fwww.thestar.com%2Flife%2Ffashion_style%2F2022%2F08%2F04%2Fwe-put-walking-sandals-to-the-testthese-are-the-comfiest.html&uid=271cfd89-2cbd-464e-cdcd-cd3ccf44e8a8&sid=ee98f564-0e01-4c12-a18d-04583b664b92&pvid=13379552-9f16-43ff-df6f-e27d02121483&ua=Mozilla%2F5.0+(Windows+NT+10.0%3B+Win64%3B+x64)+AppleWebKit%2F537.36+(KHTML%2C+like+Gecko)+Chrome%2F104.0.5112.79+Safari%2F537.36&l=en-US&os=Win32&cet=4g&crtt=-1&cdl=9.1&saveData=false&ctyp=unknown&tzo=0&conversion_t=%5BSTAR%5D%20HeaderCTAButtonMobile_NonSubs_Subscribe_Q122_Control&sdk=bc-pixel
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/life/fashion_style/2022/08/04/we-put-walking-sandals-to-the-testthese-are-the-comfiest.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
224.14.190.35.bc.googleusercontent.com
Software
openresty/1.13.6.2 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 16 Aug 2022 17:00:34 GMT
via
1.1 google
server
openresty/1.13.6.2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
content-type
image/gif
__activity.gif
query.petametrics.com/v3/q9fqmmutk5a97trs/271cfd89-2cbd-464e-cdcd-cd3ccf44e8a8/ 		35 B
49 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://query.petametrics.com/v3/q9fqmmutk5a97trs/271cfd89-2cbd-464e-cdcd-cd3ccf44e8a8/__activity.gif?e=conversion_shown&ct=We+put+walking+sandals+to+the+test%E2%80%94these+are+the+comfiest&ccu=https%3A%2F%2Fwww.thestar.com%2Flife%2Ffashion_style%2F2022%2F08%2F04%2Fwe-put-walking-sandals-to-the-testthese-are-the-comfiest.html&tspl=5831&blst=3991&ist=4550&iet=4555&bdst=3991&bdet=4453&bcttt=14&jsfv=nbc&ts=1660669234244&jsk=q9fqmmutk5a97trs&jsv=20220510&cu=https%3A%2F%2Fwww.thestar.com%2Flife%2Ffashion_style%2F2022%2F08%2F04%2Fwe-put-walking-sandals-to-the-testthese-are-the-comfiest.html&uid=271cfd89-2cbd-464e-cdcd-cd3ccf44e8a8&sid=ee98f564-0e01-4c12-a18d-04583b664b92&pvid=13379552-9f16-43ff-df6f-e27d02121483&ua=Mozilla%2F5.0+(Windows+NT+10.0%3B+Win64%3B+x64)+AppleWebKit%2F537.36+(KHTML%2C+like+Gecko)+Chrome%2F104.0.5112.79+Safari%2F537.36&l=en-US&os=Win32&cet=4g&crtt=-1&cdl=9.1&saveData=false&ctyp=unknown&tzo=0&conversion_t=%5BSTAR%5D%20HeaderCTAButtonStickyMenu_NonSubs_Subscribe_Q122_Control&sdk=bc-pixel
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/life/fashion_style/2022/08/04/we-put-walking-sandals-to-the-testthese-are-the-comfiest.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
224.14.190.35.bc.googleusercontent.com
Software
openresty/1.13.6.2 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 16 Aug 2022 17:00:34 GMT
via
1.1 google
server
openresty/1.13.6.2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
content-type
image/gif
424
e377.thestar.com/DG/DEFAULT/rest/rpc/ 		185 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://e377.thestar.com/DG/DEFAULT/rest/rpc/424?referer=https%3A%2F%2Fwww.thestar.com%2Flife%2Ffashion_style%2F2022%2F08%2F04%2Fwe-put-walking-sandals-to-the-testthese-are-the-comfiest.html&bcsessionid=7b55be3d-b452-4908-94ac-42e1dcb5f847&bctempid=&overruleReferrer=&time=2022-08-16T17%3A00%3A34%2B00%3A00&ts=1660669234260
Requested by
Host: e377.thestar.com
URL: https://e377.thestar.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-18.fra56.r.cloudfront.net
Software
- /
Resource Hash
011d57a15bf5c0ef81e2953e597fe8fb9081964ae78f9823499f5845fc6f889f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.thestar.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 16 Aug 2022 17:00:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
FRA56-C1
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
166
x-xss-protection
1; mode=block
pragma
no-cache
access-control-allow-origin
https://www.thestar.com
server
-
content-type
application/json; charset=utf-8
via
1.1 c359abeab0060e721cfaac65ce34b1cc.cloudfront.net (CloudFront)
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
XMIU1sKRA6ah8Ju8pzR_u9Xomrm0EsE-qp8WwlCL198GA2s7keYx6Q==
expires
Thu, 01 Jan 1970 00:00:00 GMT
cs
torstar.blueconic.net/DG/DEFAULT/ 		66 B
863 B 		Script
General
Check archive.org
Download Go to
Full URL
https://torstar.blueconic.net/DG/DEFAULT/cs?bcsessionid=7b55be3d-b452-4908-94ac-42e1dcb5f847&&callback=bc_json426
Requested by
Host: e377.thestar.com
URL: https://e377.thestar.com/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.146.242.28 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-146-242-28.compute-1.amazonaws.com
Software
- /
Resource Hash
2bffbf1f803a486d27a622a7f560c46b3decf4e3640645c9d8a07d0eca227087
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 16 Aug 2022 17:00:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
-
x-robots-tag
noindex, nofollow
p3p
policyref="", CP="DSP"
x-permitted-cross-domain-policies
master-only
cache-control
no-cache, no-store, no-transform, must-revalidate, private
content-type
text/javascript; charset=utf-8
content-length
86
x-xss-protection
1; mode=block
expires
Thu, 01 Jan 1970 00:00:00 GMT
events
api.permutive.com/v2.0/batch/ 		101 B
128 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/batch/events?enrich=false&sdkp=true&k=025ad678-bf0a-4fe2-b383-8487592159bc
Requested by
Host: be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app
URL: https://be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app/be54a597-6b6d-4e2d-9d31-642310a8db25-web.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
43b7c56bab720041ca2120d5bc1d46a33a31e00cde9a648d73619d71efdf209a

Request headers

Referer
https://www.thestar.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
content-type
text/plain

Response headers

date
Tue, 16 Aug 2022 17:00:34 GMT
content-encoding
gzip
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.thestar.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
110
via
1.1 google
pages
api.viafoura.co/v2/www.thestar.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.viafoura.co/v2/www.thestar.com/pages
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:44f0:4840:c560:4469:324d:51db Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.thestar.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE, PATCH, HEAD
access-control-allow-origin
https://www.thestar.com
access-control-max-age
1728000
cache-control
max-age=0
date
Tue, 16 Aug 2022 17:00:34 GMT
expires
Tue, 16 Aug 2022 17:00:34 GMT
server
nginx/1.18.0 (Ubuntu)
38293365494397713552403775458545939956
api.thestar.com/users/data/anonymous/sitename/thestar/id/ 		51 B
419 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.thestar.com/users/data/anonymous/sitename/thestar/id/38293365494397713552403775458545939956
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=ae21b620
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-67.fra53.r.cloudfront.net
Software
/
Resource Hash
a0ec8793ecc2c9d97dcceac6cce1de315e1a0cf7b6c5180060916c2d047c9a1c

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.thestar.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
x-api-key
b07LQ46EyU42X8fc14kd08w8gAyfSf337nbF5L8b

Response headers

date
Tue, 16 Aug 2022 17:00:34 GMT
via
1.1 25ffb5a941b5a46b102cd385a9cdbb50.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
x-amzn-requestid
9b422f25-8837-4d7a-b79e-d84672737f45
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
x-amzn-trace-id
Root=1-62fbcd32-19d84ef10301f1e313ec4af2;Sampled=0
x-amz-apigw-id
W9z_-GWXIAMF6VA=
content-length
51
x-amz-cf-id
qSoUTCSHbhyNi8TLWlHp6JJEeAn0ihPT_rVg05YaOS9NMBkmaqJDtg==
38293365494397713552403775458545939956
api.thestar.com/users/data/anonymous/sitename/thestar/id/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.thestar.com/users/data/anonymous/sitename/thestar/id/38293365494397713552403775458545939956
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-67.fra53.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
x-api-key
Access-Control-Request-Method
GET
Origin
https://www.thestar.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-headers
Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token
access-control-allow-methods
GET,OPTIONS
access-control-allow-origin
*
content-length
0
content-type
application/json
date
Tue, 16 Aug 2022 17:00:34 GMT
via
1.1 25ffb5a941b5a46b102cd385a9cdbb50.cloudfront.net (CloudFront)
x-amz-apigw-id
W9z_7F8zoAMFruQ=
x-amz-cf-id
w4QB5GIjcC0O14qyLSYE2USwIRlGsZlrZ5jEuvudGGfNk0j__Hft2Q==
x-amz-cf-pop
FRA53-C1
x-amzn-requestid
da22de3e-b87f-40fa-99ba-deeff7474f4e
x-cache
Miss from cloudfront
log
play.google.com/ Frame D5EA 		131 B
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.hMomzafXNr0.es5.O/am=ZgAg/d=1/excm=_b,_r,_tp,serviceiframeview/ed=1/dg=0/wt=2/rs=ABXTjI6kgsw59qjzgKoAQ0HqE0EEKhkoGw/m=_b,_tp,_r
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.google.com/
X-Goog-AuthUser
0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Tue, 16 Aug 2022 17:00:34 GMT
content-encoding
gzip
server
Playlog
access-control-allow-headers
X-Playlog-Web
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin
https://news.google.com
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
content-type
text/plain; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131
x-xss-protection
0
expires
Tue, 16 Aug 2022 17:00:34 GMT
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://news.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://news.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/plain; charset=UTF-8
date
Tue, 16 Aug 2022 17:00:34 GMT
expires
Tue, 16 Aug 2022 17:00:34 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame D5EA 		131 B
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.hMomzafXNr0.es5.O/am=ZgAg/d=1/excm=_b,_r,_tp,serviceiframeview/ed=1/dg=0/wt=2/rs=ABXTjI6kgsw59qjzgKoAQ0HqE0EEKhkoGw/m=_b,_tp,_r
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.google.com/
X-Goog-AuthUser
0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Tue, 16 Aug 2022 17:00:34 GMT
content-encoding
gzip
server
Playlog
access-control-allow-headers
X-Playlog-Web
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin
https://news.google.com
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
content-type
text/plain; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131
x-xss-protection
0
expires
Tue, 16 Aug 2022 17:00:34 GMT
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://news.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://news.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/plain; charset=UTF-8
date
Tue, 16 Aug 2022 17:00:34 GMT
expires
Tue, 16 Aug 2022 17:00:34 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame D5EA 		131 B
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.hMomzafXNr0.es5.O/am=ZgAg/d=1/excm=_b,_r,_tp,serviceiframeview/ed=1/dg=0/wt=2/rs=ABXTjI6kgsw59qjzgKoAQ0HqE0EEKhkoGw/m=_b,_tp,_r
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.google.com/
X-Goog-AuthUser
0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Tue, 16 Aug 2022 17:00:34 GMT
content-encoding
gzip
server
Playlog
access-control-allow-headers
X-Playlog-Web
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin
https://news.google.com
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
content-type
text/plain; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131
x-xss-protection
0
expires
Tue, 16 Aug 2022 17:00:34 GMT
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://news.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://news.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/plain; charset=UTF-8
date
Tue, 16 Aug 2022 17:00:34 GMT
expires
Tue, 16 Aug 2022 17:00:34 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
en_us_legacy.188bdd3f86f132d20509.js
cdn.viafoura.net/chunks/languages/ 		20 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/chunks/languages/en_us_legacy.188bdd3f86f132d20509.js
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:223c:3200:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
91ce0b81d66ef52934feb0bce41547d55a23e05d0d04901b926093bb152ca6c7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 14:33:43 GMT
content-encoding
br
age
8812
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 16 Aug 2022 14:32:32 GMT
server
AmazonS3
etag
W/"75dcd6e4ffa673211645b546eea08ab6"
vary
Accept-Encoding
x-amz-version-id
jkGOuHdvU7anLk6vD1jdEeCEk8ZLR0gz
via
1.1 b9d2ce196c8a711fb15d92175d58476e.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA56-P2
content-type
application/javascript; charset=utf-8
x-amz-cf-id
x4vlM1fh5HwOt7WnuH2aHk0PBlNToC7bQH-KQ8mPxf3U-gDliVmuWQ==
m=Wt6vjf,hhhU8,FCpbqb,WhJNk
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.hMomzafXNr0.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.AlONCiruwd0.L.B1... Frame D5EA 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.hMomzafXNr0.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.AlONCiruwd0.L.B1.O/am=ZgAg/d=1/exm=COQbmf,DfBslb,DsXBRb,EEDORb,KG2eXe,LEikZe,Mlhmy,NwH0H,OTA3Ae,OmgaI,U0aPgd,ZfAoz,_b,_r,_tp,aurFic,bm51tf,byfTOb,fKUV3e,gychg,kWgXee,lsjVmc,ovKuLd,ws9Tlc,xUdipf,yDVVkb,zG9H6c/excm=_b,_r,_tp,serviceiframeview/ed=1/wt=2/rs=ABXTjI5pMRZ8nABCVLTgH1Kenf9iNSdWkQ/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yxTchf:KUM7Z;qddgKe:xQtZb;iFQyKf:vfuNJf;dIoSBb:SpsfSb;zxnPse:GkRiKb;NSEoX:lazG7b;nAFL3:NTMZac;oGtAuc:sOXFj;eBAeSb:zbML3c;Pjplud:EEDORb;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:VDovNc;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;NPKaK:SdcwHb;pXdRYb:MdUzUe;SNUn3:ZwDk9d;LBgRLc:SdcwHb;wR5FRb:O1Gjze/m=Wt6vjf,hhhU8,FCpbqb,WhJNk
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.hMomzafXNr0.es5.O/am=ZgAg/d=1/excm=_b,_r,_tp,serviceiframeview/ed=1/dg=0/wt=2/rs=ABXTjI6kgsw59qjzgKoAQ0HqE0EEKhkoGw/m=_b,_tp,_r
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ecb000c78aa994dd816d701d7f745a005d1702bf3df764acb674abde64e731e9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 15 Aug 2022 21:27:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
70399
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7274
x-xss-protection
0
last-modified
Sat, 13 Aug 2022 01:58:47 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Tue, 15 Aug 2023 21:27:15 GMT
8qw1O07j6b6k8JuM0EW1cp3eJ25k2UoMyEnMkLNN.png
media-cdn-eu-central-1.app.delivery/80B6An01/ 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media-cdn-eu-central-1.app.delivery/80B6An01/8qw1O07j6b6k8JuM0EW1cp3eJ25k2UoMyEnMkLNN.png
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/life/fashion_style/2022/08/04/we-put-walking-sandals-to-the-testthese-are-the-comfiest.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
4a16b2963bc88cc2246193aa113872387b39b796b9cf4a9a1e0b4d02f87814fc
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Tue, 16 Aug 2022 17:00:34 GMT
Connection
Keep-Alive
Last-Modified
Thu, 30 Jun 2022 17:43:37 GMT
x-amz-request-id
tx0000000000000178deb6c-0062fbcc30-5c924841-fra1b
etag
"59ba2e95193f7c9d577e520e6962080f"
Vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin
X-HW
1660669234.dop120.fr8.t,1660669234.cds135.fr8.shn,1660669234.dop120.fr8.t,1660669234.cds212.fr8.c
Content-Type
image/png
Cache-Control
max-age=3342
x-rgw-object-type
Normal
strict-transport-security
max-age=15552000; includeSubDomains; preload
Accept-Ranges
bytes
Content-Length
17369
log
play.google.com/ Frame D5EA 		131 B
673 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.hMomzafXNr0.es5.O/am=ZgAg/d=1/excm=_b,_r,_tp,serviceiframeview/ed=1/dg=0/wt=2/rs=ABXTjI6kgsw59qjzgKoAQ0HqE0EEKhkoGw/m=_b,_tp,_r
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://news.google.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Tue, 16 Aug 2022 17:00:34 GMT
content-encoding
gzip
server
Playlog
access-control-allow-headers
X-Playlog-Web
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin
https://news.google.com
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
content-type
text/plain; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131
x-xss-protection
0
expires
Tue, 16 Aug 2022 17:00:34 GMT
id
livecomments.viafoura.co/v4/livecomments/00000000-0000-4000-8000-032a225cd465/contentcontainer/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://livecomments.viafoura.co/v4/livecomments/00000000-0000-4000-8000-032a225cd465/contentcontainer/id?container_id=23713998-ba77-4fa1-8146-bc1557dd19cd
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.72.67.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-72-67-212.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.thestar.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
authorization,X-REQUEST-SIGNATURE,content-type,X-UNIQUE-ID
access-control-allow-methods
POST,GET,PUT,DELETE,PATCH
access-control-allow-origin
https://www.thestar.com
access-control-max-age
43200
content-length
0
date
Tue, 16 Aug 2022 17:00:34 GMT
content_container-module-js.52c83c20abe0e1f1e94e.js
cdn.viafoura.net/chunks/vuex_store/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/chunks/vuex_store/content_container-module-js.52c83c20abe0e1f1e94e.js
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:223c:3200:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
31424aa58c4bde614c2441c1f39191e6487e90709239bd86c64942b90521abeb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 14:33:39 GMT
content-encoding
br
age
8816
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 16 Aug 2022 14:32:38 GMT
server
AmazonS3
etag
W/"ba4db75bd4f3d711ad1f765c09c38eeb"
vary
Accept-Encoding
x-amz-version-id
01pgcXepyEUScFMpLCH0PwqmlPNso266
via
1.1 b9d2ce196c8a711fb15d92175d58476e.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA56-P2
content-type
application/javascript; charset=utf-8
x-amz-cf-id
CscmEHBhtwp4Vgvn_wFwREiZ00w7wMLme8EK2O0GxG1cV4JmQnVxQw==
id
livecomments.viafoura.co/v4/livecomments/00000000-0000-4000-8000-032a225cd465/contentcontainer/ 		791 B
482 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://livecomments.viafoura.co/v4/livecomments/00000000-0000-4000-8000-032a225cd465/contentcontainer/id?container_id=23713998-ba77-4fa1-8146-bc1557dd19cd
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.72.67.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-72-67-212.compute-1.amazonaws.com
Software
/
Resource Hash
255e98adf5f64bd5f0389ccaefcf90ea97b89740b3e55a5c10026ff226c3980f

Request headers

Accept
application/json
Referer
https://www.thestar.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
application/json;charset=utf-8

Response headers

access-control-allow-origin
https://www.thestar.com
date
Tue, 16 Aug 2022 17:00:34 GMT
content-encoding
gzip
access-control-allow-credentials
true
content-length
328
content-type
application/json
ingest
i.viafoura.co/v3/www.thestar.com/ 		67 B
392 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://i.viafoura.co/v3/www.thestar.com/ingest
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.72.67.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-72-67-212.compute-1.amazonaws.com
Software
/
Resource Hash
ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a

Request headers

Referer
https://www.thestar.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.thestar.com
date
Tue, 16 Aug 2022 17:00:34 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
image/png
content-length
67
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
3e869b80fb739c3fe70c77a4a5201a0d.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 479A 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://3e869b80fb739c3fe70c77a4a5201a0d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081101.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.thestar.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 16 Aug 2022 17:00:34 GMT
expires
Wed, 16 Aug 2023 17:00:34 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012208081650000/ Frame A8D5 		220 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012208081650000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d2e5722cf0b8d8df31200550801d755733c56d9ca2758b7041fbed009e0c9d08
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
78441
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
61502
x-xss-protection
0
server
sffe
date
Mon, 15 Aug 2022 19:13:13 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"df13b0b17adb5918"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 15 Aug 2023 19:13:13 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012208081650000/v0/ Frame A8D5 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012208081650000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1e14ddde632bad66a3f79d6dc2c6a212d3b1b5cd8100cb6b73984b8797c5ed86
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
78441
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5197
x-xss-protection
0
server
sffe
date
Mon, 15 Aug 2022 19:13:13 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"aca8368210f82021"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 15 Aug 2023 19:13:13 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012208081650000/v0/ Frame A8D5 		94 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012208081650000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
70fa25d0cd4744b6b91054ad55e3e931dad31cc85915b13e33e4e674426c7cc1
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
78441
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28794
x-xss-protection
0
server
sffe
date
Mon, 15 Aug 2022 19:13:13 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"cc093c4134ec5f1e"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 15 Aug 2023 19:13:13 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012208081650000/v0/ Frame A8D5 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012208081650000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ec61d9fd1b3609a3a53f377ed07059c3dc7d2cb1502022e0623b4ebc1ea0f35e
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
78441
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1913
x-xss-protection
0
server
sffe
date
Mon, 15 Aug 2022 19:13:13 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"ef17e6cba96d5668"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 15 Aug 2023 19:13:13 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012208081650000/v0/ Frame A8D5 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012208081650000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8d200dc372fb333c0ca488fba2a569a686cbf5f1ba0cc0544a4a8c96a4f91de3
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
78441
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12948
x-xss-protection
0
server
sffe
date
Mon, 15 Aug 2022 19:13:13 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"08e07a681963ea9f"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 15 Aug 2023 19:13:13 GMT
truncated
/ Frame A8D5 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
75bcdb6a072e718346b720bd18526c326c489b0f0c616f56bfeb0af0ee68c6bf

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type
image/png
12571498218801215781
tpc.googlesyndication.com/daca_images/simgad/ Frame A8D5 		103 KB
104 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/daca_images/simgad/12571498218801215781
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/life/fashion_style/2022/08/04/we-put-walking-sandals-to-the-testthese-are-the-comfiest.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0e15f31904447e394632d4a5c79e27dcfcd285e46f1a1bd833fed223573aab70
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 17:47:22 GMT
x-content-type-options
nosniff
age
256392
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
105827
x-xss-protection
0
last-modified
Sat, 13 Aug 2022 08:35:59 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 13 Aug 2023 17:47:22 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame A8D5 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/life/fashion_style/2022/08/04/we-put-walking-sandals-to-the-testthese-are-the-comfiest.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 15 Aug 2022 19:03:14 GMT
x-content-type-options
nosniff
server
cafe
age
79040
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
14819457070020093239
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Tue, 16 Aug 2022 19:03:14 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame A8D5 		295 B
757 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/life/fashion_style/2022/08/04/we-put-walking-sandals-to-the-testthese-are-the-comfiest.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 05:50:56 GMT
x-content-type-options
nosniff
server
cafe
age
40178
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
426692510519060060
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Wed, 17 Aug 2022 05:50:56 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame A8D5 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CorTTMs37YpI576T27w-9mabgBqb1gehr7dqKgp4Q2tkeEAEgx-v2HmCVgoCAuAegAbKGrvQCyAEC4AIAqAMByAMIqgTLAk_QQ9QkBn0jYIAk8orrSuPmqLJeFKEaqWeNTYt3dIzfhk08r_iPPiPmXv4KojuQbNOsD7Y96_y9AQWnYP6hD9nYf43WFI6mtJd5SK1945Hn1FwAOTj2eKErgVcEbkQ9-jmN72-5jke09jVxqUD1W8pgi-icKejmB1yyUJ6kLvHg1Il1k4t6kB_bGhJXyXCcTIf_wwIqnD-wPV04cCX_m1QBtUqm4WxNajQs62mTid2HjlVqtfsmVXjARmJEIgRloZSRY4cv1DkJaZ02gCx5mLrJEVOviVzLHrO8ojv4UTtA0M2_f-sDizP_lk3zn9lZpQHVJEJIqHvQv5cqOkQa4VLk1OnTzajfzBdpYlfvyeZvCJQwVZx0U5kqRh7E33jd3f2tlnSTcKGXUfeGjfWg6bXoT_ZY7OvJHCSzWUX1WpGePiW6Ofg0gRmR52jABLv40euKBOAEAZIFBAgEGAGSBQQIBRgEoAYCgAffyeuPAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEL-2CdIIEQiA4YBwEAEYXTIC6wI6AoBAgAoDyAsB2BMN0BUBgBcBshceChwIABIUcHViLTgxODg0MzE0MjU1MDk5OTcYlJkU&sigh=3lXbRrn1aj4&uach_m=[UACH]
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/life/fashion_style/2022/08/04/we-put-walking-sandals-to-the-testthese-are-the-comfiest.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers
adview
securepubads.g.doubleclick.net/pagead/ Frame 479A 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C0e57Ms37Yo8576T27w-9mabgBsme0rFc1Z2R93DAjbcBEAEgAGCVgoCAuAeCARdjYS1wdWItODE4ODQzMTQyNTUwOTk5N6AB1bbS6gPIAQmpApVihx8d_bA-4AIAqAMBqgTMAk_Q-JxocMsHXD4laZaw1PMgWHPh8ZRk5m204ApuksGRs3e2mgE-QVuKHyoP_Eal_rHLdngiBd-2Kg2oIwdQ1OSyweLzqp61P83lWbHmfWEemPh_ncQ8oLVLKcPTIGxAjQF2qfJ3aMuJNCsQT_aYns55xALgYLZ1GxVxX-O_PjloYGccfANCtfDGyS5v7Kmy7QLoUoyjsfI569WL0XwHOAh9H6vScchogr3XOZr9ETE2MzLQyzGMlaDGOK63nysYgeL2FzcokMlqKh7XtQdM-AHpKPH-7uB4R4cxBErv4IRiZ5E-WOcPSiqj2Gr9oDLymTe8-MGlf6JYisZjqzPej529yR-WHbWVdKOmRe7zxVvJHlKNRw576CY_UrZ0BdG1wYDq5QCyT3SY77SeeTzkoqYOPSPi2qLEudGiIZMB5-OQTO-lwhvHK0S2hk0w4AQBgAam_oaGmJGMu4wBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YBwEAEyAusCOgKAQIAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi04MTg4NDMxNDI1NTA5OTk3GJSZFA&sigh=bfMiK_CykyA&uach_m=[UACH]&cid=CAQSPwCsnQUxYMv87HsNsBbyapttU5ScMSt3TNCaQHptQzsNOHTaxVB1jwZDkb4TQbhCj6NNI8BPYLEsZpdkVXmcgRgB
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/life/fashion_style/2022/08/04/we-put-walking-sandals-to-the-testthese-are-the-comfiest.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3e869b80fb739c3fe70c77a4a5201a0d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers
notify
rtb.nl.eu.criteo.com/google/auction/ Frame 479A 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=k6mKE8g12AVanYNiAgIAAAAiSmSFf9LPksYEYTMgm2jlEDHN-2IS2z3_a8D-WpJEIgASAAA&wp=YvvNMgAAHI8H_ZJvAAmMvVTmOBSXT03MigqvsQ
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/life/fashion_style/2022/08/04/we-put-walking-sandals-to-the-testthese-are-the-comfiest.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3e869b80fb739c3fe70c77a4a5201a0d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 17:00:34 GMT
server
Kestrel
server-processing-duration-in-ticks
217960
content-length
0
strict-transport-security
max-age=31536000; preload;
afr.php
ads.eu.criteo.com/delivery/r/ Frame B47D 		99 KB
37 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=YvvNMgAAHI8H_ZJvAAmMvVTmOBSXT03MigqvsQ&u=%7C3HeV1rQd8EC6VQLnJzcYrVX9wOJS8jKl1jX6a7%2Fg46w%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNy44cDHK1QYNdJ71gdyCWvw29y1GxtacI6iVoVnLQ5srUOwC-sDBJIjvRCy3Ss-Bi6F_OC2w-79Z30sQv00aZb-fPrhYlE2XtOou9BpcLwjD7-93109M19SrCTDA_rPfQ3PAD4mROtqPRh2YZkQ2yYxj3fCxZndjop8Xu36sasRzQgayIxX228vWIo6pnebAF7NQ6UL6KqjjrkhKSpk9_5vjcOIQdT1o-9sW33mZ-awoV8aK3-DXsl7ksd4--hYZN9xydHjZBdAx_aLhItzn3yse6NoPtH3jCU0d_xZ-cIzTg16j3MsJhHi9QyrEBLueZT7j9l7Zqn_UrDZcuRujrXijMqhD1kTaFKSMUzkeVv4UlzCU-qqEt15bPB0vHTMWDGFhhW3Qpa1GDm5VZT4R9ZvaLBgrhRd0XpSS_lY2180HRna9xaTPDPZB5wje_97eY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCU6L4Ms37Yo8576T27w-9mabgBsme0rFc1Z2R93DAjbcBEAEgAGCVgoCAuAeCARdjYS1wdWItODE4ODQzMTQyNTUwOTk5N6AB1bbS6gPIAQmpApVihx8d_bA-4AIAqAMBqgTPAk_Q-JxocMsHXD4laZaw1PMgWHPh8ZRk5m204ApuksGRs3e2mgE-QVuKHyoP_Eal_rHLdngiBd-2Kg2oIwdQ1OSyweLzqp61P83lWbHmfWEemPh_ncQ8oLVLKcPTIGxAjQF2qfJ3aMuJNCsQT_aYns55xALgYLZ1GxVxX-O_PjloYGccfANCtfDGyS5v7Kmy7QLoUoyjsfI569WL0XwHOAh9H6vScchogr3XOZr9ETE2MzLQyzGMlaDGOK63nysYgeL2FzcokMlqKh7XtQdM-AHpKPH-7uB4R4cxBErv4IRiZ5E-WOcPSiqj2Gr9oDLymTe8-MGlf6JYisZjqzPej529yR-WHbWVdKOmRe7zxVvJHlKNRw576CY_UrZ0BdG1wYDq5QCyTzaaziYZ9qD3HToanvPffFrNrdsUK70ZZVdYcUlXfQXrM8EcAl6P1jpf4AQBgAam_oaGmJGMu4wBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YBwEAEyAusCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0pUljc0RovCd6biq1i4vBrkkh10w%26client%3Dca-pub-8188431425509997%26adurl%3D
Requested by
Host: 3e869b80fb739c3fe70c77a4a5201a0d.safeframe.googlesyndication.com
URL: https://3e869b80fb739c3fe70c77a4a5201a0d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::b , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
833dbd82b358fed729c87c18d156519bbe4ed177a49fde13a16fdd06056cb0e5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://3e869b80fb739c3fe70c77a4a5201a0d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Tue, 16 Aug 2022 17:00:34 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=GUKGQbgDkT6eVk9AS2ugXInh11SS1uJ7OsL2k_UJYkh98JaSSAfSjUkzVpx1fIbabKLfwR4ybODEQ4MYyL9M-m-PXcOarovuArBvBYgxiHqwxpOk-PSxyYI2Q5dabl_qwdxw4hL-w2yp4VAh9_yXgvdK_6s7uk6B_i2buSIXCZY6rnvmm39CZNRKWpPUNR6NDbcDOPmzQRof3k8mKa2HwXaIXkPG4z5D-d0mhQFr1UbX2qJMot650W037pNuX5ChaEuuFw"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
21187924
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220815/r20110914/client/ Frame 479A 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220815/r20110914/client/window_focus_fy2021.js
Requested by
Host: 3e869b80fb739c3fe70c77a4a5201a0d.safeframe.googlesyndication.com
URL: https://3e869b80fb739c3fe70c77a4a5201a0d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3e869b80fb739c3fe70c77a4a5201a0d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 16:55:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
295
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 30 Aug 2022 16:55:39 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 479A 		140 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 3e869b80fb739c3fe70c77a4a5201a0d.safeframe.googlesyndication.com
URL: https://3e869b80fb739c3fe70c77a4a5201a0d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b1b0541f82f31cab4d9c95f9e0ed760d579580a0dde81bfa342effb6c8b677d6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3e869b80fb739c3fe70c77a4a5201a0d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 17:00:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44049
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1660562816195624"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 16 Aug 2022 17:00:34 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220815/r20110914/client/ Frame 479A 		17 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220815/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 3e869b80fb739c3fe70c77a4a5201a0d.safeframe.googlesyndication.com
URL: https://3e869b80fb739c3fe70c77a4a5201a0d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3e869b80fb739c3fe70c77a4a5201a0d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 16:53:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
397
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7599
x-xss-protection
0
server
cafe
etag
9215437806027971270
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 30 Aug 2022 16:53:57 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 479A 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: 3e869b80fb739c3fe70c77a4a5201a0d.safeframe.googlesyndication.com
URL: https://3e869b80fb739c3fe70c77a4a5201a0d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3e869b80fb739c3fe70c77a4a5201a0d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 15 Aug 2022 11:21:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
106734
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 15 Aug 2023 11:21:40 GMT
424
e377.thestar.com/DG/DEFAULT/rest/rpc/ 		13 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://e377.thestar.com/DG/DEFAULT/rest/rpc/424?referer=https%3A%2F%2Fwww.thestar.com%2Flife%2Ffashion_style%2F2022%2F08%2F04%2Fwe-put-walking-sandals-to-the-testthese-are-the-comfiest.html&bcsessionid=7b55be3d-b452-4908-94ac-42e1dcb5f847&bctempid=&overruleReferrer=&time=2022-08-16T17%3A00%3A34%2B00%3A00&ts=1660669234651
Requested by
Host: e377.thestar.com
URL: https://e377.thestar.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-18.fra56.r.cloudfront.net
Software
- /
Resource Hash
683e0c154dd69f2a9266c746a9fcd949b36713d8271be73b4c6322eacaa66f75
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.thestar.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 16 Aug 2022 17:00:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
FRA56-C1
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
2616
x-xss-protection
1; mode=block
pragma
no-cache
access-control-allow-origin
https://www.thestar.com
server
-
content-type
application/json; charset=utf-8
via
1.1 c359abeab0060e721cfaac65ce34b1cc.cloudfront.net (CloudFront)
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
iUZ8mnLSJsZbADKxsid4CALSXq3Dr7uLD6m1h9OSUDrDb0vxaM7apA==
expires
Thu, 01 Jan 1970 00:00:00 GMT
state
api.permutive.com/v1.0/ 		0
34 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v1.0/state?fetch_unseen=true&k=025ad678-bf0a-4fe2-b383-8487592159bc
Requested by
Host: be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app
URL: https://be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app/be54a597-6b6d-4e2d-9d31-642310a8db25-web.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.thestar.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
*
date
Tue, 16 Aug 2022 17:00:34 GMT
content-encoding
gzip
server
Permutive
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20
via
1.1 google
si
googleads.g.doubleclick.net/pagead/drt/ Frame A8D5
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/life/fashion_style/2022/08/04/we-put-walking-sandals-to-the-testthese-are-the-comfiest.html
Protocol
H2
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Redirect headers

date
Tue, 16 Aug 2022 17:00:34 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
truncated
/ Frame 479A 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d51d02d4ea268becae59b5e89a168988e1b69756a5761bafab83dce0d66dee73

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type
image/png
privacy_small.svg
static.criteo.net/flash/icon/ Frame B47D 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YvvNMgAAHI8H_ZJvAAmMvVTmOBSXT03MigqvsQ&u=%7C3HeV1rQd8EC6VQLnJzcYrVX9wOJS8jKl1jX6a7%2Fg46w%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNy44cDHK1QYNdJ71gdyCWvw29y1GxtacI6iVoVnLQ5srUOwC-sDBJIjvRCy3Ss-Bi6F_OC2w-79Z30sQv00aZb-fPrhYlE2XtOou9BpcLwjD7-93109M19SrCTDA_rPfQ3PAD4mROtqPRh2YZkQ2yYxj3fCxZndjop8Xu36sasRzQgayIxX228vWIo6pnebAF7NQ6UL6KqjjrkhKSpk9_5vjcOIQdT1o-9sW33mZ-awoV8aK3-DXsl7ksd4--hYZN9xydHjZBdAx_aLhItzn3yse6NoPtH3jCU0d_xZ-cIzTg16j3MsJhHi9QyrEBLueZT7j9l7Zqn_UrDZcuRujrXijMqhD1kTaFKSMUzkeVv4UlzCU-qqEt15bPB0vHTMWDGFhhW3Qpa1GDm5VZT4R9ZvaLBgrhRd0XpSS_lY2180HRna9xaTPDPZB5wje_97eY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCU6L4Ms37Yo8576T27w-9mabgBsme0rFc1Z2R93DAjbcBEAEgAGCVgoCAuAeCARdjYS1wdWItODE4ODQzMTQyNTUwOTk5N6AB1bbS6gPIAQmpApVihx8d_bA-4AIAqAMBqgTPAk_Q-JxocMsHXD4laZaw1PMgWHPh8ZRk5m204ApuksGRs3e2mgE-QVuKHyoP_Eal_rHLdngiBd-2Kg2oIwdQ1OSyweLzqp61P83lWbHmfWEemPh_ncQ8oLVLKcPTIGxAjQF2qfJ3aMuJNCsQT_aYns55xALgYLZ1GxVxX-O_PjloYGccfANCtfDGyS5v7Kmy7QLoUoyjsfI569WL0XwHOAh9H6vScchogr3XOZr9ETE2MzLQyzGMlaDGOK63nysYgeL2FzcokMlqKh7XtQdM-AHpKPH-7uB4R4cxBErv4IRiZ5E-WOcPSiqj2Gr9oDLymTe8-MGlf6JYisZjqzPej529yR-WHbWVdKOmRe7zxVvJHlKNRw576CY_UrZ0BdG1wYDq5QCyTzaaziYZ9qD3HToanvPffFrNrdsUK70ZZVdYcUlXfQXrM8EcAl6P1jpf4AQBgAam_oaGmJGMu4wBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YBwEAEyAusCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0pUljc0RovCd6biq1i4vBrkkh10w%26client%3Dca-pub-8188431425509997%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 17:00:34 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 11 Aug 2023 17:00:34 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame B47D 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YvvNMgAAHI8H_ZJvAAmMvVTmOBSXT03MigqvsQ&u=%7C3HeV1rQd8EC6VQLnJzcYrVX9wOJS8jKl1jX6a7%2Fg46w%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNy44cDHK1QYNdJ71gdyCWvw29y1GxtacI6iVoVnLQ5srUOwC-sDBJIjvRCy3Ss-Bi6F_OC2w-79Z30sQv00aZb-fPrhYlE2XtOou9BpcLwjD7-93109M19SrCTDA_rPfQ3PAD4mROtqPRh2YZkQ2yYxj3fCxZndjop8Xu36sasRzQgayIxX228vWIo6pnebAF7NQ6UL6KqjjrkhKSpk9_5vjcOIQdT1o-9sW33mZ-awoV8aK3-DXsl7ksd4--hYZN9xydHjZBdAx_aLhItzn3yse6NoPtH3jCU0d_xZ-cIzTg16j3MsJhHi9QyrEBLueZT7j9l7Zqn_UrDZcuRujrXijMqhD1kTaFKSMUzkeVv4UlzCU-qqEt15bPB0vHTMWDGFhhW3Qpa1GDm5VZT4R9ZvaLBgrhRd0XpSS_lY2180HRna9xaTPDPZB5wje_97eY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCU6L4Ms37Yo8576T27w-9mabgBsme0rFc1Z2R93DAjbcBEAEgAGCVgoCAuAeCARdjYS1wdWItODE4ODQzMTQyNTUwOTk5N6AB1bbS6gPIAQmpApVihx8d_bA-4AIAqAMBqgTPAk_Q-JxocMsHXD4laZaw1PMgWHPh8ZRk5m204ApuksGRs3e2mgE-QVuKHyoP_Eal_rHLdngiBd-2Kg2oIwdQ1OSyweLzqp61P83lWbHmfWEemPh_ncQ8oLVLKcPTIGxAjQF2qfJ3aMuJNCsQT_aYns55xALgYLZ1GxVxX-O_PjloYGccfANCtfDGyS5v7Kmy7QLoUoyjsfI569WL0XwHOAh9H6vScchogr3XOZr9ETE2MzLQyzGMlaDGOK63nysYgeL2FzcokMlqKh7XtQdM-AHpKPH-7uB4R4cxBErv4IRiZ5E-WOcPSiqj2Gr9oDLymTe8-MGlf6JYisZjqzPej529yR-WHbWVdKOmRe7zxVvJHlKNRw576CY_UrZ0BdG1wYDq5QCyTzaaziYZ9qD3HToanvPffFrNrdsUK70ZZVdYcUlXfQXrM8EcAl6P1jpf4AQBgAam_oaGmJGMu4wBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YBwEAEyAusCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0pUljc0RovCd6biq1i4vBrkkh10w%26client%3Dca-pub-8188431425509997%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 17:00:34 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 11 Aug 2023 17:00:34 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame B47D 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YvvNMgAAHI8H_ZJvAAmMvVTmOBSXT03MigqvsQ&u=%7C3HeV1rQd8EC6VQLnJzcYrVX9wOJS8jKl1jX6a7%2Fg46w%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNy44cDHK1QYNdJ71gdyCWvw29y1GxtacI6iVoVnLQ5srUOwC-sDBJIjvRCy3Ss-Bi6F_OC2w-79Z30sQv00aZb-fPrhYlE2XtOou9BpcLwjD7-93109M19SrCTDA_rPfQ3PAD4mROtqPRh2YZkQ2yYxj3fCxZndjop8Xu36sasRzQgayIxX228vWIo6pnebAF7NQ6UL6KqjjrkhKSpk9_5vjcOIQdT1o-9sW33mZ-awoV8aK3-DXsl7ksd4--hYZN9xydHjZBdAx_aLhItzn3yse6NoPtH3jCU0d_xZ-cIzTg16j3MsJhHi9QyrEBLueZT7j9l7Zqn_UrDZcuRujrXijMqhD1kTaFKSMUzkeVv4UlzCU-qqEt15bPB0vHTMWDGFhhW3Qpa1GDm5VZT4R9ZvaLBgrhRd0XpSS_lY2180HRna9xaTPDPZB5wje_97eY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCU6L4Ms37Yo8576T27w-9mabgBsme0rFc1Z2R93DAjbcBEAEgAGCVgoCAuAeCARdjYS1wdWItODE4ODQzMTQyNTUwOTk5N6AB1bbS6gPIAQmpApVihx8d_bA-4AIAqAMBqgTPAk_Q-JxocMsHXD4laZaw1PMgWHPh8ZRk5m204ApuksGRs3e2mgE-QVuKHyoP_Eal_rHLdngiBd-2Kg2oIwdQ1OSyweLzqp61P83lWbHmfWEemPh_ncQ8oLVLKcPTIGxAjQF2qfJ3aMuJNCsQT_aYns55xALgYLZ1GxVxX-O_PjloYGccfANCtfDGyS5v7Kmy7QLoUoyjsfI569WL0XwHOAh9H6vScchogr3XOZr9ETE2MzLQyzGMlaDGOK63nysYgeL2FzcokMlqKh7XtQdM-AHpKPH-7uB4R4cxBErv4IRiZ5E-WOcPSiqj2Gr9oDLymTe8-MGlf6JYisZjqzPej529yR-WHbWVdKOmRe7zxVvJHlKNRw576CY_UrZ0BdG1wYDq5QCyTzaaziYZ9qD3HToanvPffFrNrdsUK70ZZVdYcUlXfQXrM8EcAl6P1jpf4AQBgAam_oaGmJGMu4wBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YBwEAEyAusCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0pUljc0RovCd6biq1i4vBrkkh10w%26client%3Dca-pub-8188431425509997%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 17:00:34 GMT
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Fri, 11 Aug 2023 17:00:34 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame B47D 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YvvNMgAAHI8H_ZJvAAmMvVTmOBSXT03MigqvsQ&u=%7C3HeV1rQd8EC6VQLnJzcYrVX9wOJS8jKl1jX6a7%2Fg46w%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNy44cDHK1QYNdJ71gdyCWvw29y1GxtacI6iVoVnLQ5srUOwC-sDBJIjvRCy3Ss-Bi6F_OC2w-79Z30sQv00aZb-fPrhYlE2XtOou9BpcLwjD7-93109M19SrCTDA_rPfQ3PAD4mROtqPRh2YZkQ2yYxj3fCxZndjop8Xu36sasRzQgayIxX228vWIo6pnebAF7NQ6UL6KqjjrkhKSpk9_5vjcOIQdT1o-9sW33mZ-awoV8aK3-DXsl7ksd4--hYZN9xydHjZBdAx_aLhItzn3yse6NoPtH3jCU0d_xZ-cIzTg16j3MsJhHi9QyrEBLueZT7j9l7Zqn_UrDZcuRujrXijMqhD1kTaFKSMUzkeVv4UlzCU-qqEt15bPB0vHTMWDGFhhW3Qpa1GDm5VZT4R9ZvaLBgrhRd0XpSS_lY2180HRna9xaTPDPZB5wje_97eY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCU6L4Ms37Yo8576T27w-9mabgBsme0rFc1Z2R93DAjbcBEAEgAGCVgoCAuAeCARdjYS1wdWItODE4ODQzMTQyNTUwOTk5N6AB1bbS6gPIAQmpApVihx8d_bA-4AIAqAMBqgTPAk_Q-JxocMsHXD4laZaw1PMgWHPh8ZRk5m204ApuksGRs3e2mgE-QVuKHyoP_Eal_rHLdngiBd-2Kg2oIwdQ1OSyweLzqp61P83lWbHmfWEemPh_ncQ8oLVLKcPTIGxAjQF2qfJ3aMuJNCsQT_aYns55xALgYLZ1GxVxX-O_PjloYGccfANCtfDGyS5v7Kmy7QLoUoyjsfI569WL0XwHOAh9H6vScchogr3XOZr9ETE2MzLQyzGMlaDGOK63nysYgeL2FzcokMlqKh7XtQdM-AHpKPH-7uB4R4cxBErv4IRiZ5E-WOcPSiqj2Gr9oDLymTe8-MGlf6JYisZjqzPej529yR-WHbWVdKOmRe7zxVvJHlKNRw576CY_UrZ0BdG1wYDq5QCyTzaaziYZ9qD3HToanvPffFrNrdsUK70ZZVdYcUlXfQXrM8EcAl6P1jpf4AQBgAam_oaGmJGMu4wBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YBwEAEyAusCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0pUljc0RovCd6biq1i4vBrkkh10w%26client%3Dca-pub-8188431425509997%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 17:00:34 GMT
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Fri, 11 Aug 2023 17:00:34 GMT
lg.php
cat.fr.eu.criteo.com/delivery/ Frame B47D 		43 B
348 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.fr.eu.criteo.com/delivery/lg.php?cppv=3&cpp=bV6rFBXLIKN4AmybC7ljQ9poHOw9ymIcMzfIBIsNVg8Dm78nahsp8zbdYrunvzfK0FJQvfIg6alwyulJiOBumjXMTRap8DuTW682bZT0EGLWljKno4YSljmVN84w3890SdGR2DarVBe0N8wQ9zSmzK0RnmkZ0efYFOqvuheI9wphJToJNt7NP8CQk4YHksgY47914p2EqU9PBEUIlzVsOvxpaBeIV-ZYLTm95zrHbjZk3pdx0uF0UIy8oZbKyfcSv7ZntXIw6Y0LE_fDgzTVrINgBwlv48X6r7eB1VRYGmExFismslA6E_mNBAw6HUq-madAq68AwC2tmOuo7gnns_vniW2y0WJm4xJhWsyNFXYPJRjibdvjOMj6MZ5xWI3ZA2ojQ8xw9PU-Rsnh4-OCRcwAmBJBR8L4-pl7P8LRT4C9TqS4
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YvvNMgAAHI8H_ZJvAAmMvVTmOBSXT03MigqvsQ&u=%7C3HeV1rQd8EC6VQLnJzcYrVX9wOJS8jKl1jX6a7%2Fg46w%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNy44cDHK1QYNdJ71gdyCWvw29y1GxtacI6iVoVnLQ5srUOwC-sDBJIjvRCy3Ss-Bi6F_OC2w-79Z30sQv00aZb-fPrhYlE2XtOou9BpcLwjD7-93109M19SrCTDA_rPfQ3PAD4mROtqPRh2YZkQ2yYxj3fCxZndjop8Xu36sasRzQgayIxX228vWIo6pnebAF7NQ6UL6KqjjrkhKSpk9_5vjcOIQdT1o-9sW33mZ-awoV8aK3-DXsl7ksd4--hYZN9xydHjZBdAx_aLhItzn3yse6NoPtH3jCU0d_xZ-cIzTg16j3MsJhHi9QyrEBLueZT7j9l7Zqn_UrDZcuRujrXijMqhD1kTaFKSMUzkeVv4UlzCU-qqEt15bPB0vHTMWDGFhhW3Qpa1GDm5VZT4R9ZvaLBgrhRd0XpSS_lY2180HRna9xaTPDPZB5wje_97eY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCU6L4Ms37Yo8576T27w-9mabgBsme0rFc1Z2R93DAjbcBEAEgAGCVgoCAuAeCARdjYS1wdWItODE4ODQzMTQyNTUwOTk5N6AB1bbS6gPIAQmpApVihx8d_bA-4AIAqAMBqgTPAk_Q-JxocMsHXD4laZaw1PMgWHPh8ZRk5m204ApuksGRs3e2mgE-QVuKHyoP_Eal_rHLdngiBd-2Kg2oIwdQ1OSyweLzqp61P83lWbHmfWEemPh_ncQ8oLVLKcPTIGxAjQF2qfJ3aMuJNCsQT_aYns55xALgYLZ1GxVxX-O_PjloYGccfANCtfDGyS5v7Kmy7QLoUoyjsfI569WL0XwHOAh9H6vScchogr3XOZr9ETE2MzLQyzGMlaDGOK63nysYgeL2FzcokMlqKh7XtQdM-AHpKPH-7uB4R4cxBErv4IRiZ5E-WOcPSiqj2Gr9oDLymTe8-MGlf6JYisZjqzPej529yR-WHbWVdKOmRe7zxVvJHlKNRw576CY_UrZ0BdG1wYDq5QCyTzaaziYZ9qD3HToanvPffFrNrdsUK70ZZVdYcUlXfQXrM8EcAl6P1jpf4AQBgAam_oaGmJGMu4wBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YBwEAEyAusCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0pUljc0RovCd6biq1i4vBrkkh10w%26client%3Dca-pub-8188431425509997%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.160 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 16 Aug 2022 17:00:34 GMT
server
Kestrel
strict-transport-security
max-age=31536000; preload;
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
2859601
content-type
image/gif
expires
Mon, 26 Jul 1997 05:00:00 GMT
animejs.js
static.criteo.net/animejs/ Frame B47D 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YvvNMgAAHI8H_ZJvAAmMvVTmOBSXT03MigqvsQ&u=%7C3HeV1rQd8EC6VQLnJzcYrVX9wOJS8jKl1jX6a7%2Fg46w%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNy44cDHK1QYNdJ71gdyCWvw29y1GxtacI6iVoVnLQ5srUOwC-sDBJIjvRCy3Ss-Bi6F_OC2w-79Z30sQv00aZb-fPrhYlE2XtOou9BpcLwjD7-93109M19SrCTDA_rPfQ3PAD4mROtqPRh2YZkQ2yYxj3fCxZndjop8Xu36sasRzQgayIxX228vWIo6pnebAF7NQ6UL6KqjjrkhKSpk9_5vjcOIQdT1o-9sW33mZ-awoV8aK3-DXsl7ksd4--hYZN9xydHjZBdAx_aLhItzn3yse6NoPtH3jCU0d_xZ-cIzTg16j3MsJhHi9QyrEBLueZT7j9l7Zqn_UrDZcuRujrXijMqhD1kTaFKSMUzkeVv4UlzCU-qqEt15bPB0vHTMWDGFhhW3Qpa1GDm5VZT4R9ZvaLBgrhRd0XpSS_lY2180HRna9xaTPDPZB5wje_97eY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCU6L4Ms37Yo8576T27w-9mabgBsme0rFc1Z2R93DAjbcBEAEgAGCVgoCAuAeCARdjYS1wdWItODE4ODQzMTQyNTUwOTk5N6AB1bbS6gPIAQmpApVihx8d_bA-4AIAqAMBqgTPAk_Q-JxocMsHXD4laZaw1PMgWHPh8ZRk5m204ApuksGRs3e2mgE-QVuKHyoP_Eal_rHLdngiBd-2Kg2oIwdQ1OSyweLzqp61P83lWbHmfWEemPh_ncQ8oLVLKcPTIGxAjQF2qfJ3aMuJNCsQT_aYns55xALgYLZ1GxVxX-O_PjloYGccfANCtfDGyS5v7Kmy7QLoUoyjsfI569WL0XwHOAh9H6vScchogr3XOZr9ETE2MzLQyzGMlaDGOK63nysYgeL2FzcokMlqKh7XtQdM-AHpKPH-7uB4R4cxBErv4IRiZ5E-WOcPSiqj2Gr9oDLymTe8-MGlf6JYisZjqzPej529yR-WHbWVdKOmRe7zxVvJHlKNRw576CY_UrZ0BdG1wYDq5QCyTzaaziYZ9qD3HToanvPffFrNrdsUK70ZZVdYcUlXfQXrM8EcAl6P1jpf4AQBgAam_oaGmJGMu4wBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YBwEAEyAusCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0pUljc0RovCd6biq1i4vBrkkh10w%26client%3Dca-pub-8188431425509997%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 17:00:34 GMT
content-encoding
gzip
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 11 Aug 2023 17:00:34 GMT
img
pix.eu.criteo.net/img/ Frame B47D 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?h=176&m=0&partner=94347&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F94347%2F220401%2Fff743ebad72d45c0bd788d51f9ad847e_stw_logo_ohne_zusatz_black_750x900.png&v=3&w=290&s=Np_InLNHCRauomwgRR3ESk_p
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YvvNMgAAHI8H_ZJvAAmMvVTmOBSXT03MigqvsQ&u=%7C3HeV1rQd8EC6VQLnJzcYrVX9wOJS8jKl1jX6a7%2Fg46w%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNy44cDHK1QYNdJ71gdyCWvw29y1GxtacI6iVoVnLQ5srUOwC-sDBJIjvRCy3Ss-Bi6F_OC2w-79Z30sQv00aZb-fPrhYlE2XtOou9BpcLwjD7-93109M19SrCTDA_rPfQ3PAD4mROtqPRh2YZkQ2yYxj3fCxZndjop8Xu36sasRzQgayIxX228vWIo6pnebAF7NQ6UL6KqjjrkhKSpk9_5vjcOIQdT1o-9sW33mZ-awoV8aK3-DXsl7ksd4--hYZN9xydHjZBdAx_aLhItzn3yse6NoPtH3jCU0d_xZ-cIzTg16j3MsJhHi9QyrEBLueZT7j9l7Zqn_UrDZcuRujrXijMqhD1kTaFKSMUzkeVv4UlzCU-qqEt15bPB0vHTMWDGFhhW3Qpa1GDm5VZT4R9ZvaLBgrhRd0XpSS_lY2180HRna9xaTPDPZB5wje_97eY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCU6L4Ms37Yo8576T27w-9mabgBsme0rFc1Z2R93DAjbcBEAEgAGCVgoCAuAeCARdjYS1wdWItODE4ODQzMTQyNTUwOTk5N6AB1bbS6gPIAQmpApVihx8d_bA-4AIAqAMBqgTPAk_Q-JxocMsHXD4laZaw1PMgWHPh8ZRk5m204ApuksGRs3e2mgE-QVuKHyoP_Eal_rHLdngiBd-2Kg2oIwdQ1OSyweLzqp61P83lWbHmfWEemPh_ncQ8oLVLKcPTIGxAjQF2qfJ3aMuJNCsQT_aYns55xALgYLZ1GxVxX-O_PjloYGccfANCtfDGyS5v7Kmy7QLoUoyjsfI569WL0XwHOAh9H6vScchogr3XOZr9ETE2MzLQyzGMlaDGOK63nysYgeL2FzcokMlqKh7XtQdM-AHpKPH-7uB4R4cxBErv4IRiZ5E-WOcPSiqj2Gr9oDLymTe8-MGlf6JYisZjqzPej529yR-WHbWVdKOmRe7zxVvJHlKNRw576CY_UrZ0BdG1wYDq5QCyTzaaziYZ9qD3HToanvPffFrNrdsUK70ZZVdYcUlXfQXrM8EcAl6P1jpf4AQBgAam_oaGmJGMu4wBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YBwEAEyAusCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0pUljc0RovCd6biq1i4vBrkkh10w%26client%3Dca-pub-8188431425509997%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
aa110984cf18348eb829d4d4cae4e618a9a44be622e3ffeb038c907f1f0b756f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 17:00:34 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=29926262
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
13180
expires
Sat, 29 Jul 2023 01:51:37 GMT
all
csm.eu.criteo.net/ Frame B47D 		0
128 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=GUKGQbgDkT6eVk9AS2ugXInh11SS1uJ7OsL2k_UJYkh98JaSSAfSjUkzVpx1fIbabKLfwR4ybODEQ4MYyL9M-m-PXcOarovuArBvBYgxiHqwxpOk-PSxyYI2Q5dabl_qwdxw4hL-w2yp4VAh9_yXgvdK_6s7uk6B_i2buSIXCZY6rnvmm39CZNRKWpPUNR6NDbcDOPmzQRof3k8mKa2HwXaIXkPG4z5D-d0mhQFr1UbX2qJMot650W037pNuX5ChaEuuFw&sds=2&rev=82415&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YvvNMgAAHI8H_ZJvAAmMvVTmOBSXT03MigqvsQ&u=%7C3HeV1rQd8EC6VQLnJzcYrVX9wOJS8jKl1jX6a7%2Fg46w%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNy44cDHK1QYNdJ71gdyCWvw29y1GxtacI6iVoVnLQ5srUOwC-sDBJIjvRCy3Ss-Bi6F_OC2w-79Z30sQv00aZb-fPrhYlE2XtOou9BpcLwjD7-93109M19SrCTDA_rPfQ3PAD4mROtqPRh2YZkQ2yYxj3fCxZndjop8Xu36sasRzQgayIxX228vWIo6pnebAF7NQ6UL6KqjjrkhKSpk9_5vjcOIQdT1o-9sW33mZ-awoV8aK3-DXsl7ksd4--hYZN9xydHjZBdAx_aLhItzn3yse6NoPtH3jCU0d_xZ-cIzTg16j3MsJhHi9QyrEBLueZT7j9l7Zqn_UrDZcuRujrXijMqhD1kTaFKSMUzkeVv4UlzCU-qqEt15bPB0vHTMWDGFhhW3Qpa1GDm5VZT4R9ZvaLBgrhRd0XpSS_lY2180HRna9xaTPDPZB5wje_97eY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCU6L4Ms37Yo8576T27w-9mabgBsme0rFc1Z2R93DAjbcBEAEgAGCVgoCAuAeCARdjYS1wdWItODE4ODQzMTQyNTUwOTk5N6AB1bbS6gPIAQmpApVihx8d_bA-4AIAqAMBqgTPAk_Q-JxocMsHXD4laZaw1PMgWHPh8ZRk5m204ApuksGRs3e2mgE-QVuKHyoP_Eal_rHLdngiBd-2Kg2oIwdQ1OSyweLzqp61P83lWbHmfWEemPh_ncQ8oLVLKcPTIGxAjQF2qfJ3aMuJNCsQT_aYns55xALgYLZ1GxVxX-O_PjloYGccfANCtfDGyS5v7Kmy7QLoUoyjsfI569WL0XwHOAh9H6vScchogr3XOZr9ETE2MzLQyzGMlaDGOK63nysYgeL2FzcokMlqKh7XtQdM-AHpKPH-7uB4R4cxBErv4IRiZ5E-WOcPSiqj2Gr9oDLymTe8-MGlf6JYisZjqzPej529yR-WHbWVdKOmRe7zxVvJHlKNRw576CY_UrZ0BdG1wYDq5QCyTzaaziYZ9qD3HToanvPffFrNrdsUK70ZZVdYcUlXfQXrM8EcAl6P1jpf4AQBgAam_oaGmJGMu4wBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YBwEAEyAusCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0pUljc0RovCd6biq1i4vBrkkh10w%26client%3Dca-pub-8188431425509997%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Tue, 16 Aug 2022 17:00:34 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame B47D 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YvvNMgAAHI8H_ZJvAAmMvVTmOBSXT03MigqvsQ&u=%7C3HeV1rQd8EC6VQLnJzcYrVX9wOJS8jKl1jX6a7%2Fg46w%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNy44cDHK1QYNdJ71gdyCWvw29y1GxtacI6iVoVnLQ5srUOwC-sDBJIjvRCy3Ss-Bi6F_OC2w-79Z30sQv00aZb-fPrhYlE2XtOou9BpcLwjD7-93109M19SrCTDA_rPfQ3PAD4mROtqPRh2YZkQ2yYxj3fCxZndjop8Xu36sasRzQgayIxX228vWIo6pnebAF7NQ6UL6KqjjrkhKSpk9_5vjcOIQdT1o-9sW33mZ-awoV8aK3-DXsl7ksd4--hYZN9xydHjZBdAx_aLhItzn3yse6NoPtH3jCU0d_xZ-cIzTg16j3MsJhHi9QyrEBLueZT7j9l7Zqn_UrDZcuRujrXijMqhD1kTaFKSMUzkeVv4UlzCU-qqEt15bPB0vHTMWDGFhhW3Qpa1GDm5VZT4R9ZvaLBgrhRd0XpSS_lY2180HRna9xaTPDPZB5wje_97eY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCU6L4Ms37Yo8576T27w-9mabgBsme0rFc1Z2R93DAjbcBEAEgAGCVgoCAuAeCARdjYS1wdWItODE4ODQzMTQyNTUwOTk5N6AB1bbS6gPIAQmpApVihx8d_bA-4AIAqAMBqgTPAk_Q-JxocMsHXD4laZaw1PMgWHPh8ZRk5m204ApuksGRs3e2mgE-QVuKHyoP_Eal_rHLdngiBd-2Kg2oIwdQ1OSyweLzqp61P83lWbHmfWEemPh_ncQ8oLVLKcPTIGxAjQF2qfJ3aMuJNCsQT_aYns55xALgYLZ1GxVxX-O_PjloYGccfANCtfDGyS5v7Kmy7QLoUoyjsfI569WL0XwHOAh9H6vScchogr3XOZr9ETE2MzLQyzGMlaDGOK63nysYgeL2FzcokMlqKh7XtQdM-AHpKPH-7uB4R4cxBErv4IRiZ5E-WOcPSiqj2Gr9oDLymTe8-MGlf6JYisZjqzPej529yR-WHbWVdKOmRe7zxVvJHlKNRw576CY_UrZ0BdG1wYDq5QCyTzaaziYZ9qD3HToanvPffFrNrdsUK70ZZVdYcUlXfQXrM8EcAl6P1jpf4AQBgAam_oaGmJGMu4wBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YBwEAEyAusCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0pUljc0RovCd6biq1i4vBrkkh10w%26client%3Dca-pub-8188431425509997%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 17:00:34 GMT
content-encoding
gzip
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 11 Aug 2023 17:00:34 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame B47D 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YvvNMgAAHI8H_ZJvAAmMvVTmOBSXT03MigqvsQ&u=%7C3HeV1rQd8EC6VQLnJzcYrVX9wOJS8jKl1jX6a7%2Fg46w%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNy44cDHK1QYNdJ71gdyCWvw29y1GxtacI6iVoVnLQ5srUOwC-sDBJIjvRCy3Ss-Bi6F_OC2w-79Z30sQv00aZb-fPrhYlE2XtOou9BpcLwjD7-93109M19SrCTDA_rPfQ3PAD4mROtqPRh2YZkQ2yYxj3fCxZndjop8Xu36sasRzQgayIxX228vWIo6pnebAF7NQ6UL6KqjjrkhKSpk9_5vjcOIQdT1o-9sW33mZ-awoV8aK3-DXsl7ksd4--hYZN9xydHjZBdAx_aLhItzn3yse6NoPtH3jCU0d_xZ-cIzTg16j3MsJhHi9QyrEBLueZT7j9l7Zqn_UrDZcuRujrXijMqhD1kTaFKSMUzkeVv4UlzCU-qqEt15bPB0vHTMWDGFhhW3Qpa1GDm5VZT4R9ZvaLBgrhRd0XpSS_lY2180HRna9xaTPDPZB5wje_97eY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCU6L4Ms37Yo8576T27w-9mabgBsme0rFc1Z2R93DAjbcBEAEgAGCVgoCAuAeCARdjYS1wdWItODE4ODQzMTQyNTUwOTk5N6AB1bbS6gPIAQmpApVihx8d_bA-4AIAqAMBqgTPAk_Q-JxocMsHXD4laZaw1PMgWHPh8ZRk5m204ApuksGRs3e2mgE-QVuKHyoP_Eal_rHLdngiBd-2Kg2oIwdQ1OSyweLzqp61P83lWbHmfWEemPh_ncQ8oLVLKcPTIGxAjQF2qfJ3aMuJNCsQT_aYns55xALgYLZ1GxVxX-O_PjloYGccfANCtfDGyS5v7Kmy7QLoUoyjsfI569WL0XwHOAh9H6vScchogr3XOZr9ETE2MzLQyzGMlaDGOK63nysYgeL2FzcokMlqKh7XtQdM-AHpKPH-7uB4R4cxBErv4IRiZ5E-WOcPSiqj2Gr9oDLymTe8-MGlf6JYisZjqzPej529yR-WHbWVdKOmRe7zxVvJHlKNRw576CY_UrZ0BdG1wYDq5QCyTzaaziYZ9qD3HToanvPffFrNrdsUK70ZZVdYcUlXfQXrM8EcAl6P1jpf4AQBgAam_oaGmJGMu4wBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YBwEAEyAusCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0pUljc0RovCd6biq1i4vBrkkh10w%26client%3Dca-pub-8188431425509997%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 17:00:34 GMT
content-encoding
gzip
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 11 Aug 2023 17:00:34 GMT
default
www.thestar.com/api/overlaydatarule/ 		72 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.thestar.com/api/overlaydatarule/default
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=ae21b620
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-75.fra56.r.cloudfront.net
Software
Apache/2.4.54 (Unix) OpenSSL/1.1.1n / Express
Resource Hash
475e67fe0656e7f9c0b83e651bc2d7b5bcccef9ab4ca0926dfd1a306a703259f
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.thestar.com/life/fashion_style/2022/08/04/we-put-walking-sandals-to-the-testthese-are-the-comfiest.html
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 16:56:45 GMT
content-encoding
gzip
vary
Accept-Encoding
server
Apache/2.4.54 (Unix) OpenSSL/1.1.1n
age
229
x-powered-by
Express
etag
W/"12143-wIsq6/wt7CwGxOci5mt3t3qotCc"
x-frame-options
SAMEORIGIN
x-cache
Hit from cloudfront
content-type
application/json; charset=utf-8
access-control-allow-origin
https://amp.thestar.com
cache-control
max-age=180
x-amz-cf-pop
FRA56-C2
x-amz-cf-id
lESCD33O0kTDe8ZmDVO_fNojB4J0FrraAN1ynFG3Ufr-K55C62g6xQ==
via
1.1 747e99d9d8c5e29fdc713cf866bc3f82.cloudfront.net (CloudFront)
overlaydata
www.thestar.com/api/ 		71 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.thestar.com/api/overlaydata
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=ae21b620
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-75.fra56.r.cloudfront.net
Software
Apache/2.4.54 (Unix) OpenSSL/1.1.1n / Express
Resource Hash
3923d2ead03e65c6526034f6991f4f4df76d84528301c4390bf7a8de5795621d
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.thestar.com/life/fashion_style/2022/08/04/we-put-walking-sandals-to-the-testthese-are-the-comfiest.html
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 16:56:45 GMT
content-encoding
gzip
vary
Accept-Encoding
server
Apache/2.4.54 (Unix) OpenSSL/1.1.1n
age
230
x-powered-by
Express
etag
W/"11a32-Z8nVlDlNPxezZxNITHVn2hvytQw"
x-frame-options
SAMEORIGIN
x-cache
Hit from cloudfront
content-type
application/json; charset=utf-8
access-control-allow-origin
https://amp.thestar.com
cache-control
max-age=180
x-amz-cf-pop
FRA56-C2
x-amz-cf-id
QcQkyI1ieU8LIK0CpE4aoH1CJeJkZ4_kI0RRat88_m_HDYbhTEXA-w==
via
1.1 747e99d9d8c5e29fdc713cf866bc3f82.cloudfront.net (CloudFront)
RC92631a6dea374f7f8c4e27bdaaf0a413-source.min.js
resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/d0dd5ba17898/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/d0dd5ba17898/RC92631a6dea374f7f8c4e27bdaaf0a413-source.min.js
Requested by
Host: resources.thestar.com
URL: https://resources.thestar.com/launch-EN5e55511c260e4c0cb05872ba3729b255.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-12.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1239b59f5da598c97e5279e914e8b39a2a6169eb8b4ce3c56fbd5fc7bffba25d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 16:32:52 GMT
content-encoding
gzip
last-modified
Tue, 16 Aug 2022 16:32:11 GMT
server
AmazonS3
age
1664
etag
W/"0b5d2574cde84ef8d8ca2404ea99932b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
QL1BhuMuEdLD0uPM6tNxxfdNZFDbvPnw
via
1.1 d5fb859c39a16d7f218b4c7fb1528ad6.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
content-type
text/javascript
x-amz-cf-id
uY07Cgi0-_hvL0amoqxBIX_-sKqI71LaZHRllikdxzsbXVX_zxe_Sw==
AGSKWxXldbvRMx-JGY7DqCANmJgdyk2ojbO841S0olAwqg1Bys8kdOHtqx1cVusBNtvROHvW5kZfygvQbCWaVxRDhdE=
fundingchoicesmessages.google.com/f/ 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxXldbvRMx-JGY7DqCANmJgdyk2ojbO841S0olAwqg1Bys8kdOHtqx1cVusBNtvROHvW5kZfygvQbCWaVxRDhdE=
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/life/fashion_style/2022/08/04/we-put-walking-sandals-to-the-testthese-are-the-comfiest.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1c68d2442152571d43cc1b5e4d3e2f69a225fbe612c3129ea4193ee0e9f93ff0
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-U3mfxr1mmX6944L7gJwc3g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-U3mfxr1mmX6944L7gJwc3g' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-U3mfxr1mmX6944L7gJwc3g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-U3mfxr1mmX6944L7gJwc3g' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
date
Tue, 16 Aug 2022 17:00:35 GMT
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
application/javascript; charset=utf-8
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
RC304342cd3a9f487980371091639a8dc3-source.min.js
resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/d0dd5ba17898/ 		813 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/d0dd5ba17898/RC304342cd3a9f487980371091639a8dc3-source.min.js
Requested by
Host: resources.thestar.com
URL: https://resources.thestar.com/launch-EN5e55511c260e4c0cb05872ba3729b255.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-12.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
62cace890efb784e72ee26ba047467ee736d727c19758a30445efe0a1af80d2a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 16:32:52 GMT
via
1.1 d5fb859c39a16d7f218b4c7fb1528ad6.cloudfront.net (CloudFront)
last-modified
Tue, 16 Aug 2022 16:32:11 GMT
server
AmazonS3
age
1664
etag
"80be54ef296a6afc4fc4ac6b6acd1773"
x-cache
Hit from cloudfront
x-amz-version-id
W455MLDtQOFdvXMHjwCBF9un6tmerYI4
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
content-type
text/javascript
content-length
813
x-amz-cf-id
SabyuFAwpOUFC1UIFwSkZ5O931RiypQdswiQ5GViPus37a4uUDl8SA==
uwt.js
static.ads-twitter.com/ 		56 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ads-twitter.com/uwt.js
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/life/fashion_style/2022/08/04/we-put-walking-sandals-to-the-testthese-are-the-comfiest.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.16.157 Vienna, Austria, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
ae57d5e97bf1a0db8777b7531cd32cb09ee6f07bed183bb880469cc20f355086

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 17:00:35 GMT
content-encoding
gzip
last-modified
Thu, 28 Jul 2022 21:38:45 GMT
etag
"ca88912498e17137955859948f14e272+gzip+gzip"
vary
Accept-Encoding,Host
x-tw-cdn
FT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache
x-cache
HIT, HIT
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
content-length
15196
x-served-by
cache-iad-kiad7000078-IAD, cache-vie6360-VIE
RC2c755b7ef3ef4f3882b1ae8279370b69-source.min.js
resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/d0dd5ba17898/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/d0dd5ba17898/RC2c755b7ef3ef4f3882b1ae8279370b69-source.min.js
Requested by
Host: resources.thestar.com
URL: https://resources.thestar.com/launch-EN5e55511c260e4c0cb05872ba3729b255.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-12.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ce2a81701f654322a3772a5fbff07f8e623aa5d8d738398c0ca3bfda8a8208a0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 16:32:53 GMT
content-encoding
gzip
last-modified
Tue, 16 Aug 2022 16:32:11 GMT
server
AmazonS3
age
1663
etag
W/"5532d9bf818fc10ff4e221edcbcf7dab"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
sMzbnhcqHujN4QHGnnPtI8rkriIJlvS1
via
1.1 d5fb859c39a16d7f218b4c7fb1528ad6.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
content-type
text/javascript
x-amz-cf-id
emJhwUkEONtKIGrL77GvNJHy2wdKk6ta-ULNLCQXs9eGx9JJV4m9tQ==
549886031832745
connect.facebook.net/signals/config/ 		476 KB
140 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/549886031832745?v=2.9.75&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
c2ebcb08280aabe37270e5684138ec45a71f865dddd78f731822da1914e90423
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection
0
pragma
public
x-fb-debug
LTwN3hhepXufhdc0Gr1NzdQT1BWIXuwsFpb1Wij7wLfZZw8h4w4uqh9SGVqV6B9pwXAi6tJ1jpNovdlEthdgaQ==
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Tue, 16 Aug 2022 17:00:35 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
x-content-cdn-origin-ts
1660669235511
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
RC518669eb80134c629229b164ea843f63-source.min.js
resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/d0dd5ba17898/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/d0dd5ba17898/RC518669eb80134c629229b164ea843f63-source.min.js
Requested by
Host: resources.thestar.com
URL: https://resources.thestar.com/launch-EN5e55511c260e4c0cb05872ba3729b255.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-12.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
55e96c41abb320b46560982b26068a12f06ed472d3b803a3e59a0c1e3317753e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 16:32:51 GMT
content-encoding
gzip
last-modified
Tue, 16 Aug 2022 16:32:11 GMT
server
AmazonS3
age
1665
etag
W/"9eda0a08180ec7f7bb26de08764be1db"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
5ypXpK2e4Qs2dWZViiX_e6qHAq4y_9xe
via
1.1 d5fb859c39a16d7f218b4c7fb1528ad6.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
content-type
text/javascript
x-amz-cf-id
q7ojgvHDB9wxt1CSDCK8iI6cpspHtHvnti317HaL9yn-CJ4yS7ATvQ==
js
www.googletagmanager.com/gtag/ 		172 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-698108511
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/life/fashion_style/2022/08/04/we-put-walking-sandals-to-the-testthese-are-the-comfiest.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
397fae7a0251e7fd2d85f254a7b94c815446a3f532e2c9031a4da7d9fb11ac2a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 17:00:35 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
63583
x-xss-protection
0
last-modified
Tue, 16 Aug 2022 16:05:50 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 16 Aug 2022 17:00:35 GMT
js
www.googletagmanager.com/gtag/ 		105 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=DC-10230056
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/life/fashion_style/2022/08/04/we-put-walking-sandals-to-the-testthese-are-the-comfiest.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a4d3c246250c2089918166ffe0061f7d8492a4572a39c10813862c1c0ced0b24
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 17:00:35 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41548
x-xss-protection
0
last-modified
Tue, 16 Aug 2022 16:05:50 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 16 Aug 2022 17:00:35 GMT
js
www.googletagmanager.com/gtag/ 		172 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-698108511&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P86MZHL&gtm_auth=6lA8dG63UaQ5ed3gQljsjQ&gtm_preview=env-2&gtm_cookies_win=x
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
97da36f8e6d75865f3f9fd0fded1d01c3de01199f9e4427053a915f1fc8c6961
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 17:00:35 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
63595
x-xss-protection
0
last-modified
Tue, 16 Aug 2022 16:05:50 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 16 Aug 2022 17:00:35 GMT
js
www.googletagmanager.com/gtag/ 		105 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=DC-10230056&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P86MZHL&gtm_auth=6lA8dG63UaQ5ed3gQljsjQ&gtm_preview=env-2&gtm_cookies_win=x
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e9bb9891cf43544a9ce10a7959f6c807fd54359b119a4cefb40dfb881319b0dc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 17:00:35 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41551
x-xss-protection
0
expires
Tue, 16 Aug 2022 17:00:35 GMT
destination
www.googletagmanager.com/gtag/ 		105 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/destination?id=DC-10230056&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P86MZHL&gtm_auth=6lA8dG63UaQ5ed3gQljsjQ&gtm_preview=env-2&gtm_cookies_win=x
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
aefaaae83272327292e96d1bf92fb01641e9ca7f544a5c094545502a3d9f2003
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 17:00:35 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41551
x-xss-protection
0
last-modified
Tue, 16 Aug 2022 16:05:50 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 16 Aug 2022 17:00:35 GMT
RC2f54281ab7324fd39f76106466b9b969-source.min.js
resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/d0dd5ba17898/ 		1 KB
1023 B 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/d0dd5ba17898/RC2f54281ab7324fd39f76106466b9b969-source.min.js
Requested by
Host: resources.thestar.com
URL: https://resources.thestar.com/launch-EN5e55511c260e4c0cb05872ba3729b255.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-12.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5c0fe3db2439ec52b31c13d10c590b423b2529d653ce9275f460b183d02358f5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 16:32:53 GMT
content-encoding
gzip
last-modified
Tue, 16 Aug 2022 16:32:11 GMT
server
AmazonS3
age
1663
etag
W/"8dd3bdb5bcbcbb2bd8f77e89e7d362c4"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
wDvy4Kjghcp2e2FTuNxcfXoqzc7f6UwE
via
1.1 d5fb859c39a16d7f218b4c7fb1528ad6.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
content-type
text/javascript
x-amz-cf-id
at2YuDlDwNPf-xOmB97oQbORWKRdyA0ZntmAJq3D8t6NkEousT-ZaA==
core.js
s.pinimg.com/ct/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.pinimg.com/ct/core.js
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/life/fashion_style/2022/08/04/we-put-walking-sandals-to-the-testthese-are-the-comfiest.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:62::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
a67117312ce631cdfc251dfbb90058bc01e3849deb0cd7fed130745b5813d1b2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 17:00:35 GMT
fastly-restarts
1
x-cdn
fastly
etag
"2dda33348480d93c64a825f2616f03ce"
vary
Accept-Encoding, Origin
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
access-control-max-age
86400
cache-control
max-age=7200
content-length
1142
access-control-expose-headers
X-CDN
conversion_async.js
www.googleadservices.com/pagead/ 		40 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-698108511&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
52e051d93279e14d8f19a0c8fb12c0ad0e5594e7621cd8db8212bd5ffece86d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 17:00:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15161
x-xss-protection
0
server
cafe
etag
12862140795212465669
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 16 Aug 2022 17:00:35 GMT
activityi;dc_pre=CJrKi__qy_kCFQaDsgodNVsBmA;src=10230056;type=ret01;cat=land01;ord=4249113266396;gtm=2od8f0;auiddc=1902954935.1660669236;~oref=https%3A%2F%2Fwww.thestar.com%2Flife%2Ffashion_style%2...
10230056.fls.doubleclick.net/ Frame B177
Redirect Chain
  • https://10230056.fls.doubleclick.net/activityi;src=10230056;type=ret01;cat=land01;ord=4249113266396;gtm=2od8f0;auiddc=1902954935.1660669236;~oref=https%3A%2F%2Fwww.thestar.com%2Flife%2Ffashion_styl...
  • https://10230056.fls.doubleclick.net/activityi;dc_pre=CJrKi__qy_kCFQaDsgodNVsBmA;src=10230056;type=ret01;cat=land01;ord=4249113266396;gtm=2od8f0;auiddc=1902954935.1660669236;~oref=https%3A%2F%2Fwww...
492 B
409 B 		Document
General
Check archive.org
Download Go to
Full URL
https://10230056.fls.doubleclick.net/activityi;dc_pre=CJrKi__qy_kCFQaDsgodNVsBmA;src=10230056;type=ret01;cat=land01;ord=4249113266396;gtm=2od8f0;auiddc=1902954935.1660669236;~oref=https%3A%2F%2Fwww.thestar.com%2Flife%2Ffashion_style%2F2022%2F08%2F04%2Fwe-put-walking-sandals-to-the-testthese-are-the-comfiest.html?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-10230056
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f198.1e100.net
Software
cafe /
Resource Hash
8c09871b8e6be016575282134778cc6f14b9c70aa65b93a4b8efb219c0d025f5
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
about:blank
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=0
content-encoding
gzip
content-length
386
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 16 Aug 2022 17:00:35 GMT
expires
Tue, 16 Aug 2022 17:00:35 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 16 Aug 2022 17:00:35 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://10230056.fls.doubleclick.net/activityi;dc_pre=CJrKi__qy_kCFQaDsgodNVsBmA;src=10230056;type=ret01;cat=land01;ord=4249113266396;gtm=2od8f0;auiddc=1902954935.1660669236;~oref=https%3A%2F%2Fwww.thestar.com%2Flife%2Ffashion_style%2F2022%2F08%2F04%2Fwe-put-walking-sandals-to-the-testthese-are-the-comfiest.html?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
events
pixel.thestar.com/ 		0
116 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pixel.thestar.com/events
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/signals/config/549886031832745?v=2.9.75&r=stable
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1430:9000:ddf8:1c6d:b9e9:24c0 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.thestar.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.thestar.com
date
Tue, 16 Aug 2022 17:00:36 GMT
access-control-allow-credentials
true
content-length
0
vary
origin
/
www.facebook.com/tr/ 		44 B
297 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=549886031832745&ev=PageView&dl=https%3A%2F%2Fwww.thestar.com%2Flife%2Ffashion_style%2F2022%2F08%2F04%2Fwe-put-walking-sandals-to-the-testthese-are-the-comfiest.html&rl=&if=false&ts=1660669235689&sw=1600&sh=1200&v=2.9.75&r=stable&ec=0&o=30&fbp=fb.1.1660669235685.1048664380&eid=ob3_plugin-set_d7470102e3440ced1e372b2006477e94b95fa601c0a20b58b93aad4b28851e8a&it=1660669235395&coo=false&rqm=GET
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/life/fashion_style/2022/08/04/we-put-walking-sandals-to-the-testthese-are-the-comfiest.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 17:00:35 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44
expires
Tue, 16 Aug 2022 17:00:35 GMT
events
pixel.thestar.com/ 		0
117 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pixel.thestar.com/events
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/signals/config/549886031832745?v=2.9.75&r=stable
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1430:9000:ddf8:1c6d:b9e9:24c0 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.thestar.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.thestar.com
date
Tue, 16 Aug 2022 17:00:36 GMT
access-control-allow-credentials
true
content-length
0
vary
origin
/
www.facebook.com/tr/ 		44 B
101 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=549886031832745&ev=ViewContent&dl=https%3A%2F%2Fwww.thestar.com%2Flife%2Ffashion_style%2F2022%2F08%2F04%2Fwe-put-walking-sandals-to-the-testthese-are-the-comfiest.html&rl=&if=false&ts=1660669235692&sw=1600&sh=1200&v=2.9.75&r=stable&ec=1&o=30&fbp=fb.1.1660669235685.1048664380&eid=ob3_plugin-set_63c99763623ea32d485ee30aa229bd892dc680c3ae3ee9a4207140994e0106dd&it=1660669235395&coo=false&rqm=GET
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/life/fashion_style/2022/08/04/we-put-walking-sandals-to-the-testthese-are-the-comfiest.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 17:00:35 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44
expires
Tue, 16 Aug 2022 17:00:35 GMT
main.c99cd143.js
s.pinimg.com/ct/lib/ 		52 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.pinimg.com/ct/lib/main.c99cd143.js
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/core.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:62::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d6bc239a6993be3a5ed13249ff2d27e4e3bc80a30bbd6df2ff92b4db0ad1d996

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 17:00:35 GMT
content-encoding
gzip
fastly-restarts
1
x-cdn
fastly
etag
"a05548af4f747ef476e354fcd30947ce"
vary
Accept-Encoding, Origin
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
access-control-max-age
86400
cache-control
max-age=1209600
content-length
18448
access-control-expose-headers
X-CDN
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/698108511/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/698108511/?random=1660669235713&cv=9&fst=1660669235713&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa8f0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.thestar.com%2Flife%2Ffashion_style%2F2022%2F08%2F04%2Fwe-put-walking-sandals-to-the-testthese-are-the-comfiest.html&tiba=We%20put%20walking%20sandals%20to%20the%20test%E2%80%94these%20are%20the%20comfiest%20%7C%20The%20Star&auid=1902954935.1660669236&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
675712ad99f862c122745b741517669dbf0198a50cb4049949eaf9b1166389af
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 16 Aug 2022 17:00:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1124
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 479A 		42 B
497 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvuIw9fHkJ0wnyFVe7fvgttofBWjjGc6W1DEnAm9h9xIcWnNo-gBrUGlH9uplY1TJVW2Au5NdCZG5maf1R-EInhEmc&sig=Cg0ArKJSzK867NUhFQoPEAE&id=lidar2&mcvt=1000&p=10,436,100,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220815&bin=7&avms=nio&bs=0,0&mc=1.23&if=1&vu=1&app=0&itpl=20&adk=1156395607&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1660669234474&rpt=246&isd=0&lsd=0&met=ie&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3e869b80fb739c3fe70c77a4a5201a0d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 16 Aug 2022 17:00:35 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
ct.pinterest.com/user/ 		489 B
834 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ct.pinterest.com/user/?tid=2612846434758&cb=1660669235778
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.c99cd143.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.75.88.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-209.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
08d20a2ee48b6892026d9a264b4c45206ccb1018dfb5f1d643d6a10bbd2f974a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 17:00:35 GMT
content-encoding
gzip
vary
Accept-Encoding
x-cdn
akamai
akamai-grn
0.966656b8.1660669235.b04bec4c
x-envoy-upstream-service-time
0
x-pinterest-rid
3775140623140422
pin-unauth
dWlkPVptSXpZV1F6TWpNdE9EWTRNUzAwT1RFMkxXSTFNemN0Wm1Nek9URmlZekEyWlRaaQ
access-control-allow-origin
https://www.thestar.com
referrer-policy
origin
strict-transport-security
max-age=31536000 ; includeSubDomains ; preload
content-type
application/json; charset=utf-8
pragma
no-cache
access-control-expose-headers
Epik,Pin-Unauth
cache-control
no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials
true
content-length
351
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
ct.pinterest.com/v3/ 		35 B
334 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ct.pinterest.com/v3/?tid=2612846434758&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fwww.thestar.com%2Flife%2Ffashion_style%2F2022%2F08%2F04%2Fwe-put-walking-sandals-to-the-testthese-are-the-comfiest.html%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%22c99cd143%22%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1660669235780
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/life/fashion_style/2022/08/04/we-put-walking-sandals-to-the-testthese-are-the-comfiest.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.75.88.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-209.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 16 Aug 2022 17:00:35 GMT
referrer-policy
origin
x-cdn
akamai
akamai-grn
0.966656b8.1660669235.b04bec54
strict-transport-security
max-age=31536000 ; includeSubDomains ; preload
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time
2
content-length
35
x-pinterest-rid
5451344166724702
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/698108511/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/698108511/?random=1660669235713&cv=9&fst=1660669200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa8f0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.thestar.com%2Flife%2Ffashion_style%2F2022%2F08%2F04%2Fwe-put-walking-sandals-to-the-testthese-are-the-comfiest.html&tiba=We%20put%20walking%20sandals%20to%20the%20test%E2%80%94these%20are%20the%20comfiest%20%7C%20The%20Star&async=1&fmt=3&is_vtc=1&random=937632385&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/life/fashion_style/2022/08/04/we-put-walking-sandals-to-the-testthese-are-the-comfiest.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 16 Aug 2022 17:00:36 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/698108511/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/698108511/?random=1660669235713&cv=9&fst=1660669200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa8f0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.thestar.com%2Flife%2Ffashion_style%2F2022%2F08%2F04%2Fwe-put-walking-sandals-to-the-testthese-are-the-comfiest.html&tiba=We%20put%20walking%20sandals%20to%20the%20test%E2%80%94these%20are%20the%20comfiest%20%7C%20The%20Star&async=1&fmt=3&is_vtc=1&random=937632385&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/life/fashion_style/2022/08/04/we-put-walking-sandals-to-the-testthese-are-the-comfiest.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 16 Aug 2022 17:00:35 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
all
csm.eu.criteo.net/ Frame B47D 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=GUKGQbgDkT6eVk9AS2ugXInh11SS1uJ7OsL2k_UJYkh98JaSSAfSjUkzVpx1fIbabKLfwR4ybODEQ4MYyL9M-m-PXcOarovuArBvBYgxiHqwxpOk-PSxyYI2Q5dabl_qwdxw4hL-w2yp4VAh9_yXgvdK_6s7uk6B_i2buSIXCZY6rnvmm39CZNRKWpPUNR6NDbcDOPmzQRof3k8mKa2HwXaIXkPG4z5D-d0mhQFr1UbX2qJMot650W037pNuX5ChaEuuFw&sds=2&rev=82415&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YvvNMgAAHI8H_ZJvAAmMvVTmOBSXT03MigqvsQ&u=%7C3HeV1rQd8EC6VQLnJzcYrVX9wOJS8jKl1jX6a7%2Fg46w%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNy44cDHK1QYNdJ71gdyCWvw29y1GxtacI6iVoVnLQ5srUOwC-sDBJIjvRCy3Ss-Bi6F_OC2w-79Z30sQv00aZb-fPrhYlE2XtOou9BpcLwjD7-93109M19SrCTDA_rPfQ3PAD4mROtqPRh2YZkQ2yYxj3fCxZndjop8Xu36sasRzQgayIxX228vWIo6pnebAF7NQ6UL6KqjjrkhKSpk9_5vjcOIQdT1o-9sW33mZ-awoV8aK3-DXsl7ksd4--hYZN9xydHjZBdAx_aLhItzn3yse6NoPtH3jCU0d_xZ-cIzTg16j3MsJhHi9QyrEBLueZT7j9l7Zqn_UrDZcuRujrXijMqhD1kTaFKSMUzkeVv4UlzCU-qqEt15bPB0vHTMWDGFhhW3Qpa1GDm5VZT4R9ZvaLBgrhRd0XpSS_lY2180HRna9xaTPDPZB5wje_97eY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCU6L4Ms37Yo8576T27w-9mabgBsme0rFc1Z2R93DAjbcBEAEgAGCVgoCAuAeCARdjYS1wdWItODE4ODQzMTQyNTUwOTk5N6AB1bbS6gPIAQmpApVihx8d_bA-4AIAqAMBqgTPAk_Q-JxocMsHXD4laZaw1PMgWHPh8ZRk5m204ApuksGRs3e2mgE-QVuKHyoP_Eal_rHLdngiBd-2Kg2oIwdQ1OSyweLzqp61P83lWbHmfWEemPh_ncQ8oLVLKcPTIGxAjQF2qfJ3aMuJNCsQT_aYns55xALgYLZ1GxVxX-O_PjloYGccfANCtfDGyS5v7Kmy7QLoUoyjsfI569WL0XwHOAh9H6vScchogr3XOZr9ETE2MzLQyzGMlaDGOK63nysYgeL2FzcokMlqKh7XtQdM-AHpKPH-7uB4R4cxBErv4IRiZ5E-WOcPSiqj2Gr9oDLymTe8-MGlf6JYisZjqzPej529yR-WHbWVdKOmRe7zxVvJHlKNRw576CY_UrZ0BdG1wYDq5QCyTzaaziYZ9qD3HToanvPffFrNrdsUK70ZZVdYcUlXfQXrM8EcAl6P1jpf4AQBgAam_oaGmJGMu4wBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YBwEAEyAusCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0pUljc0RovCd6biq1i4vBrkkh10w%26client%3Dca-pub-8188431425509997%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Tue, 16 Aug 2022 17:00:35 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;
dc_pre=CJrKi__qy_kCFQaDsgodNVsBmA;src=10230056;type=ret01;cat=land01;ord=4249113266396;gtm=2od8f0;auiddc=*;~oref=https%3A%2F%2Fwww.thestar.com%2Flife%2Ffashion_style%2F2022%2F08%2F04%2Fwe-put-walki...
adservice.google.com/ddm/fls/z/ Frame B177 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservice.google.com/ddm/fls/z/dc_pre=CJrKi__qy_kCFQaDsgodNVsBmA;src=10230056;type=ret01;cat=land01;ord=4249113266396;gtm=2od8f0;auiddc=*;~oref=https%3A%2F%2Fwww.thestar.com%2Flife%2Ffashion_style%2F2022%2F08%2F04%2Fwe-put-walking-sandals-to-the-testthese-are-the-comfiest.html
Requested by
Host: 10230056.fls.doubleclick.net
URL: https://10230056.fls.doubleclick.net/activityi;dc_pre=CJrKi__qy_kCFQaDsgodNVsBmA;src=10230056;type=ret01;cat=land01;ord=4249113266396;gtm=2od8f0;auiddc=1902954935.1660669236;~oref=https%3A%2F%2Fwww.thestar.com%2Flife%2Ffashion_style%2F2022%2F08%2F04%2Fwe-put-walking-sandals-to-the-testthese-are-the-comfiest.html?
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://10230056.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 16 Aug 2022 17:00:36 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
s56598018289897
s.thestar.com/b/ss/torontodnnlocal/1/JS-2.22.4-LCUM/ 		43 B
351 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.thestar.com/b/ss/torontodnnlocal/1/JS-2.22.4-LCUM/s56598018289897
Requested by
Host: resources.thestar.com
URL: https://resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/d0dd5ba17898/hostedLibFiles/EP171e731c9ba34f1c950c36d26e3efd61/AppMeasurement.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
15.236.176.210 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-15-236-176-210.eu-west-3.compute.amazonaws.com
Software
jag /
Resource Hash
55c9d2f019f9d7ddfd69b2ad0351c5617338a222362aebb02b3b98a4dbc18486
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.thestar.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 16 Aug 2022 17:00:36 GMT
x-content-type-options
nosniff
x-c
main-1661.I2f39db.M0-585
p3p
CP="This is not a P3P policy"
vary
*
content-length
43
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Wed, 17 Aug 2022 17:00:36 GMT
server
jag
xserver
anedge-69c8d8cc76-9hqb7
etag
3566260030877073408-4619715759008708271
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif;charset=utf-8
access-control-allow-origin
https://www.thestar.com
cache-control
no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials
true
expires
Mon, 15 Aug 2022 17:00:36 GMT
pixel.gif
px.moatads.com/ 		43 B
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=17&i=TORONTO_PREBID_HEADER1&hp=1&wf=1&ra=5&pxm=4&sgs=6&vb=12&cm=1&zMoatIS=0&pl=1&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=11&f=0&t=1660669232820&de=156981876867&rx=240682595571&m=0&ar=1da355aa18f-clean&iw=ae3b167&q=1&cb=0&cu=1660669232820&ll=2&lm=0&ln=0&em=0&en=0&d=thestar.com%3AWe%20put%20walking%20sandals%20to%20the%20test%E2%80%94these%20are%20the%20comfiest%3A__page__%3A-&zGSRC=1&gu=https%3A%2F%2Fwww.thestar.com%2Flife%2Ffashion_style%2F2022%2F08%2F04%2Fwe-put-walking-sandals-to-the-testthese-are-the-comfiest.html&id=1&ii=4&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&gw=torontoprebidheader623296055317&fd=1&it=500&pe=1%3A3946%3A4014%3A0%3A4050&fs=199703&na=308409146&cs=0
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/life/fashion_style/2022/08/04/we-put-walking-sandals-to-the-testthese-are-the-comfiest.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.47.209.169 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-47-209-169.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

unused62
8096267
date
Tue, 16 Aug 2022 17:00:36 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
pragma
no-cache
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Tue, 16 Aug 2022 17:00:36 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022081101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081101.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
075cd4794776c9534449d518e00a93d26f14ab6644059a714ae0a1ae681b73ca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 16 Aug 2022 17:00:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11054
x-xss-protection
0
ct.html
ct.pinterest.com/ Frame 2B83 		565 B
650 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ct.pinterest.com/ct.html
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.c99cd143.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.75.88.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-209.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
f83b1a3ea61ad62e47fad82de5495a2547e2f12e591ad8108050538c566ae1e3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload

Request headers

Referer
https://www.thestar.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

akamai-grn
0.966656b8.1660669236.b04bef55
cache-control
no-cache,no-store,must-revalidate,max-age=0
content-encoding
gzip
content-length
323
content-type
text/html; charset=utf-8
date
Tue, 16 Aug 2022 17:00:36 GMT
expires
Sat, 01 Jan 2000 00:00:00 GMT
pragma
no-cache
referrer-policy
origin
strict-transport-security
max-age=31536000 ; includeSubDomains ; preload
vary
Accept-Encoding
x-cdn
akamai
x-envoy-upstream-service-time
0
x-pinterest-rid
1062341963337638
pixel.js
www.redditstatic.com/ads/ 		25 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.redditstatic.com/ads/pixel.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P86MZHL&gtm_auth=6lA8dG63UaQ5ed3gQljsjQ&gtm_preview=env-2&gtm_cookies_win=x
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
snooserv /
Resource Hash
bef476ec3cca40a08e1dff35c707c24d5774e788c57febdb54874e90402a6af2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 17:00:36 GMT
via
1.1 varnish, 1.1 varnish
last-modified
Tue, 19 Jul 2022 22:48:09 GMT
server
snooserv
etag
"95212d33cfff78ad59f5af5b20c48c53"
vary
Accept-Encoding,Origin
report-to
{"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}
content-type
application/javascript
cache-control
public, max-age=60
nel
{"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
accept-ranges
bytes
content-encoding
gzip
content-length
7722
bat.js
bat.bing.com/ 		38 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P86MZHL&gtm_auth=6lA8dG63UaQ5ed3gQljsjQ&gtm_preview=env-2&gtm_cookies_win=x
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
30153b15b4cb898c421e657f6de21dc27435cb990e7888367bdee12e06398da7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
last-modified
Thu, 28 Jul 2022 17:32:37 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 94C88E836D2A4B6892DCD6B136AAB7BF Ref B: FRA31EDGE0615 Ref C: 2022-08-16T17:00:36Z
etag
"80a8697a8a2d81:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
access-control-allow-origin
*
cache-control
private,max-age=1800
date
Tue, 16 Aug 2022 17:00:35 GMT
accept-ranges
bytes
content-length
11367
insight.min.js
snap.licdn.com/li.lms-analytics/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P86MZHL&gtm_auth=6lA8dG63UaQ5ed3gQljsjQ&gtm_preview=env-2&gtm_cookies_win=x
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
b57839788686bf37d29f47bbe45ad8258085e3aebf54650ab389c0b515b977e1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 17:00:36 GMT
content-encoding
gzip
last-modified
Fri, 12 Aug 2022 20:23:36 GMT
x-cdn
AKAM
vary
Accept-Encoding
content-type
application/x-javascript;charset=utf-8
cache-control
max-age=64508
accept-ranges
bytes
content-length
3063
B24540798.279406836;sz=1x2;ord=359243191715
ad.doubleclick.net/ddm/adj/N7050.197812.NSO.CODESRV/ 		33 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/ddm/adj/N7050.197812.NSO.CODESRV/B24540798.279406836;sz=1x2;ord=359243191715?
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/life/fashion_style/2022/08/04/we-put-walking-sandals-to-the-testthese-are-the-comfiest.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f198.1e100.net
Software
cafe /
Resource Hash
bb9454b140e8464e450b369aae40a980445b37863bd6ff21c508941eb6cbe2e3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 16 Aug 2022 17:00:36 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12424
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gtm.js
www.googletagmanager.com/ 		96 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-57Q9DV2
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/life/fashion_style/2022/08/04/we-put-walking-sandals-to-the-testthese-are-the-comfiest.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
202c0c83fdfe4fd572c75af43628d9b01e6c893c423250be3323d847e77048aa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 17:00:36 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37935
x-xss-protection
0
expires
Tue, 16 Aug 2022 17:00:36 GMT
__inventory.gif
query.petametrics.com/v1/ 		35 B
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://query.petametrics.com/v1/__inventory.gif?ts=1660669236152&jsk=q9fqmmutk5a97trs&jsv=20220510&cu=https%3A%2F%2Fwww.thestar.com%2Flife%2Ffashion_style%2F2022%2F08%2F04%2Fwe-put-walking-sandals-to-the-testthese-are-the-comfiest.html&item=%7B%22content_tier%22%3A%5B%22metered%22%5D%2C%22publisher%22%3A%5B%22https%3A%2F%2Fwww.facebook.com%2Ftorontostar%22%5D%2C%22published_time%22%3A%5B%222022-08-04T20%3A30%3A00Z%22%5D%2C%22modified_time%22%3A%5B%222022-08-04T20%3A30%3A02.021Z%22%5D%2C%22section%22%3A%5B%22Life%22%5D%2C%22tag%22%3A%5B%22Beauty%22%2C%22Fashion%22%2C%22Life%22%2C%22Fashion%20%26%20Style%22%5D%2C%22title%22%3A%5B%22We%20put%20walking%20sandals%20to%20the%20test%E2%80%94these%20are%20the%20comfiest%22%5D%2C%22type%22%3A%5B%22article%22%5D%2C%22url%22%3A%5B%22https%3A%2F%2Fwww.thestar.com%2Flife%2Ffashion_style%2F2022%2F08%2F04%2Fwe-put-walking-sandals-to-the-testthese-are-the-comfiest.html%22%5D%2C%22description%22%3A%5B%22You%27ll%20be%20able%20to%20walk%20a%20mile%20and%20still%20look%20chic%22%5D%2C%22site_name%22%3A%5B%22thestar.com%22%5D%2C%22image%22%3A%5B%22https%3A%2F%2Fimages.thestar.com%2F_8tAy9uyPfEybSromspeDirGL2I%3D%2F1280x1024%2Fsmart%2Ffilters%3Acb(1660263069965)%2Fhttps%3A%2F%2Fwww.thestar.com%2Fcontent%2Fdam%2Fthestar%2Flife%2Ffashion_style%2F2022%2F08%2F04%2Fwe-put-walking-sandals-to-the-testthese-are-the-comfiest%2Ffeature.jpg%22%5D%2C%22truncatedDescription%22%3A%5B%22You%27ll%20be%20able%20to%20walk%20a%20mile%20and%20still%20look%20chic%22%5D%2C%22subsection%22%3A%5B%22Fashion%20%26%20Beauty%22%5D%2C%22hasImage%22%3A%5B%22true%22%5D%2C%22asset_id%22%3A%5B%2223713998-ba77-4fa1-8146-bc1557dd19cd%22%5D%2C%22thumbor_image%22%3A%5B%22%7B%5C%22imageid%5C%22%3A%5C%22GCS1J99SU.3%5C%22%2C%5C%22origImageSize%5C%22%3A%5C%221080x700%5C%22%2C%5C%22lastmodified%5C%22%3A1659638066435%2C%5C%22fullWindowMainart%5C%22%3Afalse%2C%5C%22forceoriginal%5C%22%3Afalse%2C%5C%22caption%5C%22%3A%5C%22The%20comfiest%20walking%20sandals%20to%20shop%20now%5C%22%2C%5C%22source%5C%22%3A%5C%22supplied%5C%22%2C%5C%22type%5C%22%3A%5C%22image%5C%22%2C%5C%22credit%5C%22%3A%5C%22%5C%22%2C%5C%22mainartSize%5C%22%3A%5C%22medium%5C%22%2C%5C%22url%5C%22%3A%5C%22%2Fcontent%2Fdam%2Fthestar%2Flife%2Ffashion_style%2F2022%2F08%2F04%2Fwe-put-walking-sandals-to-the-testthese-are-the-comfiest%2Ffeature.jpg%5C%22%7D%22%5D%2C%22last_modified%22%3A%5B%222022-08-04T18%3A34%3A26.346Z%22%5D%2C%22inHouseArticle%22%3A%5B%22true%22%5D%2C%22enableLivechat%22%3A%5B%22false%22%5D%2C%22images%22%3A%5B%22https%3A%2F%2Fwww.thestar.com%2Fassets%2Fimg%2Fthestar-ribbon.png%22%5D%2C%22noShow%22%3A%5B%22false%22%5D%2C%22enableConversations%22%3A%5B%22true%22%5D%2C%22abstract%22%3A%5B%22You%27ll%20be%20able%20to%20walk%20a%20mile%20and%20still%20look%20chic%22%5D%2C%22smg_tag%22%3A%5B%22fashion_style%22%5D%2C%22enableLivechatadmin%22%3A%5B%22false%22%5D%2C%22author_names%22%3A%5B%22Ren%C3%A9e%20Tse%22%5D%2C%22authors%22%3A%5B%22%5B%7B%5C%22author%5C%22%3A%5C%22Ren%C3%A9e%20Tse%5C%22%2C%5C%22photo%5C%22%3A%7B%5C%22origImageSize%5C%22%3A%5C%22482x323%5C%22%2C%5C%22lastmodified%5C%22%3A2700061000%2C%5C%22url%5C%22%3A%5C%22%2Fcontent%2Fdam%2Fthestar%2Fcolumnist_logos%2FTse_Renee_logo2019.JPG%5C%22%7D%7D%5D%22%5D%2C%22smg2_tag%22%3A%5B%22life%22%5D%7D&ttl=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
224.14.190.35.bc.googleusercontent.com
Software
openresty/1.13.6.2 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 17:00:36 GMT
via
1.1 google
server
openresty/1.13.6.2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
content-type
image/gif
events
pixel.thestar.com/ 		0
116 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pixel.thestar.com/events
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/signals/config/549886031832745?v=2.9.75&r=stable
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1430:9000:ddf8:1c6d:b9e9:24c0 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.thestar.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.thestar.com
date
Tue, 16 Aug 2022 17:00:36 GMT
access-control-allow-credentials
true
content-length
0
vary
origin
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/698108511/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/698108511/?random=1660669236204&cv=9&fst=1660669236204&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa8f0&sendb=1&ig=1&data=event%3Dform_submit&frm=0&url=https%3A%2F%2Fwww.thestar.com%2Flife%2Ffashion_style%2F2022%2F08%2F04%2Fwe-put-walking-sandals-to-the-testthese-are-the-comfiest.html&tiba=We%20put%20walking%20sandals%20to%20the%20test%E2%80%94these%20are%20the%20comfiest%20%7C%20The%20Star&auid=1902954935.1660669236&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d9f1aa0a354cfb99f61fd149516962a009d6bd41da01bf3592167fb3199f2c43
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 16 Aug 2022 17:00:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1125
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ Frame 490A 		0
18 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://www.thestar.com
Referer
https://www.thestar.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
https://www.thestar.com
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
content-type
text/plain
cross-origin-resource-policy
cross-origin
date
Tue, 16 Aug 2022 17:00:36 GMT
priority
u=0
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
pixel.gif
px.moatads.com/ 		43 B
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&wf=1&ra=5&pxm=4&sgs=6&vb=12&kq=1&lo=0&uk=null&pk=0&wk=1&rk=1&tk=0&ak=https%3A%2F%2Fwww.thestar.com%2F%2Flife%2Ffashion_style%2F2022%2F08%2F04%2F-&i=TORONTO_PREBID_HEADER1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(Kc%2CC%24%3D!!tmxgk~GDgxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-vldfgUevl2QD4YpW6R34RpvnDsHp3lN2bOJbBer2APsOGgL%2F6PC5WmU2F3MRrrFWS1qZ&rs=1-dCAW7OXurwpsfw%3D%3D&sc=1&os=1-8A%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=11&g=0&h=4&w=4&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&rm=1&zGSRC=1&gu=https%3A%2F%2Fwww.thestar.com%2Flife%2Ffashion_style%2F2022%2F08%2F04%2Fwe-put-walking-sandals-to-the-testthese-are-the-comfiest.html&id=1&ii=4&cm=1&zMoatIS=0&pl=1&f=0&t=1660669232820&de=156981876867&rx=240682595571&cu=1660669232820&m=3311&ar=1da355aa18f-clean&iw=ae3b167&cb=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=8767&le=1&ch=0&vv=0&vw=0%3A0%3A0&vp=undefined&vx=-%3A-%3A-&pe=1%3A3946%3A4014%3A0%3A4050&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=0&cd=0&ah=0&am=0&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=thestar.com%3AWe%20put%20walking%20sandals%20to%20the%20test%E2%80%94these%20are%20the%20comfiest%3A__page__%3A-&gw=torontoprebidheader623296055317&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&ab=3&fd=1&kt=null&it=500&oq=0&ot=0&zMoatJS=3%3A-&tc=0&fs=199703&na=1702161556&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.47.209.169 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-47-209-169.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

unused62
8096267
date
Tue, 16 Aug 2022 17:00:36 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
pragma
no-cache
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Tue, 16 Aug 2022 17:00:36 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220811/r20110914/elements/html/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220811/r20110914/elements/html/omrhp.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N7050.197812.NSO.CODESRV/B24540798.279406836;sz=1x2;ord=359243191715?
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c9499ea51a2956fd2c1600591ae117fe9ad81065d625b1b2c593c7720e5b228f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 16:54:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
379
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3181
x-xss-protection
0
server
cafe
etag
18418590997839133011
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 30 Aug 2022 16:54:17 GMT
view
googleads4.g.doubleclick.net/pcs/ 		0
575 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstGh02LYTSNio5OF-t_wF4Dz_olXCTQ5v9x-DWgLbj-weZA9P1p_7d3OZ0M7jxdOzbZ2mP6_5o_dmR0C6XYANquFsj6lknXT7taszrTHvG8s0V5m7dzXycusfySEGHmo-KbphtCNkK5GihiacCeT4y--yiOuVpv6Q&sig=Cg0ArKJSzF9a6UWyrvZvEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=0&cbvp=1&cisv=r20220811.94948&adurl=
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N7050.197812.NSO.CODESRV/B24540798.279406836;sz=1x2;ord=359243191715?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 16 Aug 2022 17:00:36 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
/
www.google.com/pagead/1p-user-list/698108511/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/698108511/?random=1660669236204&cv=9&fst=1660669200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa8f0&sendb=1&data=event%3Dform_submit&frm=0&url=https%3A%2F%2Fwww.thestar.com%2Flife%2Ffashion_style%2F2022%2F08%2F04%2Fwe-put-walking-sandals-to-the-testthese-are-the-comfiest.html&tiba=We%20put%20walking%20sandals%20to%20the%20test%E2%80%94these%20are%20the%20comfiest%20%7C%20The%20Star&async=1&fmt=3&is_vtc=1&random=2477919934&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 16 Aug 2022 17:00:36 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/698108511/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/698108511/?random=1660669236204&cv=9&fst=1660669200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa8f0&sendb=1&data=event%3Dform_submit&frm=0&url=https%3A%2F%2Fwww.thestar.com%2Flife%2Ffashion_style%2F2022%2F08%2F04%2Fwe-put-walking-sandals-to-the-testthese-are-the-comfiest.html&tiba=We%20put%20walking%20sandals%20to%20the%20test%E2%80%94these%20are%20the%20comfiest%20%7C%20The%20Star&async=1&fmt=3&is_vtc=1&random=2477919934&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 16 Aug 2022 17:00:36 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
px4.ads.linkedin.com/
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1671964&time=1660669236267&url=https%3A%2F%2Fwww.thestar.com%2Flife%2Ffashion_style%2F2022%2F08%2F04%2Fwe-put-walking-sandals-to-the-testthese-are...
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1671964%26time%3D1660669236267%26url%3Dhttps%253A%252F%252Fwww.thestar.com%252Fli...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1671964&time=1660669236267&url=https%3A%2F%2Fwww.thestar.com%2Flife%2Ffashion_style%2F2022%2F08%2F04%2Fwe-put-walking-sandals-to-the-testthese-are...
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1671964&time=1660669236267&url=https%3A%2F%2Fwww.thestar.com%2Flife%2Ffashion_style%2F2022%2F08%2F04%2Fwe-put-walking-sandals-to-the-testthese-ar...
0
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1671964&time=1660669236267&url=https%3A%2F%2Fwww.thestar.com%2Flife%2Ffashion_style%2F2022%2F08%2F04%2Fwe-put-walking-sandals-to-the-testthese-are-the-comfiest.html&liSync=true&e_ipv6=AQKDjOtb1srqcwAAAYKnmZZdNW_y0X-OGF26ziBLZhpSigj5I-tGJ39HXVa53PQh3H9avog
Protocol
H2
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 17:00:37 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: E86482FFC2994AB8BF648199278A7131 Ref B: FRAEDGE1216 Ref C: 2022-08-16T17:00:37Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
content-type
application/javascript
x-li-proto
http/2
content-length
0
x-li-uuid
AAXmXq/3SzIG/ajna7r1sA==
x-li-fabric
prod-ltx1

Redirect headers

date
Tue, 16 Aug 2022 17:00:36 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 0260AA17A5A94794A58645A10A55DDFB Ref B: FRAEDGE1415 Ref C: 2022-08-16T17:00:36Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
location
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1671964&time=1660669236267&url=https%3A%2F%2Fwww.thestar.com%2Flife%2Ffashion_style%2F2022%2F08%2F04%2Fwe-put-walking-sandals-to-the-testthese-are-the-comfiest.html&liSync=true&e_ipv6=AQKDjOtb1srqcwAAAYKnmZZdNW_y0X-OGF26ziBLZhpSigj5I-tGJ39HXVa53PQh3H9avog
x-li-proto
http/2
content-length
0
x-li-uuid
AAXmXq/zKkcg43yprLiFtA==
rp.gif
alb.reddit.com/ 		42 B
157 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://alb.reddit.com/rp.gif?ts=1660669236295&id=t2_kcsr8bo&event=PageVisit&m.itemCount=&m.value=&m.valueDecimal=&m.currency=&m.transactionId=&m.customEventName=&m.products=&uuid=3de456b5-89e2-453c-b17a-bb9255b0536e&aaid=&em=&external_id=&idfa=&integration=reddit&opt_out=0&sh=1600&sw=1200&v=rdt_02c59ad6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.140 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 17:00:36 GMT
via
1.1 varnish
server
Varnish
content-type
image/gif
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
42
retry-after
0
13008914.js
bat.bing.com/p/action/ 		1 KB
844 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/13008914.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
40a4bef03ad952669a9b9157ab2e93617cd0907aa99487a6096805779920f63b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: C1AAD980247845D19686C8971EF90F49 Ref B: FRA31EDGE0615 Ref C: 2022-08-16T17:00:36Z
date
Tue, 16 Aug 2022 17:00:35 GMT
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
private,max-age=60
content-length
667
0
bat.bing.com/action/ 		0
176 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=13008914&tm=gtm002&Ver=2&mid=744b232d-9c1c-4039-babe-db7e11bef17a&sid=f2b26ff01d8411ed93118fe595887bcb&vid=f2b2a4901d8411eda89f2d0760184769&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=We%20put%20walking%20sandals%20to%20the%20test%E2%80%94these%20are%20the%20comfiest%20%7C%20The%20Star&kw=walking%20sandals,comfortable%20footwear,shopsmart,ECCO,Birkenstock,Teva,Hunter,Sorel,The%20North%20Face,Everlane,smg_fashion_style,smg2_life,InHouseArticle_thestar&p=https%3A%2F%2Fwww.thestar.com%2Flife%2Ffashion_style%2F2022%2F08%2F04%2Fwe-put-walking-sandals-to-the-testthese-are-the-comfiest.html&r=&lt=7726&evt=pageLoad&sv=1&rn=635085
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 7255B15AF7EE4C808C43CC167C310940 Ref B: FRA31EDGE0615 Ref C: 2022-08-16T17:00:36Z
date
Tue, 16 Aug 2022 17:00:35 GMT
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081101.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 17:00:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 16 Aug 2022 17:00:36 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame E1AE 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.thestar.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
4508
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 16 Aug 2022 15:45:28 GMT
expires
Wed, 16 Aug 2023 15:45:28 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 2745 		783 B
535 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
fd4c792cb7da2b6ca162addd88ba36073c420345115229bf82cdea8e38557ddc
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-h4w2-79pMZvrseAKPfC6Bw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.thestar.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-h4w2-79pMZvrseAKPfC6Bw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 16 Aug 2022 17:00:36 GMT
expires
Tue, 16 Aug 2022 17:00:36 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
13008914
www.clarity.ms/tag/uet/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/tag/uet/13008914
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/p/action/13008914.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:27::cafe:1774 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
be9100e0f4f33b8c9282e10e7e3fab4eb318d3cc584fb21d683f86f27ca801b5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 17:00:35 GMT
x-powered-by
ASP.NET
x-azure-ref
0NM37YgAAAABFZkwFJ0kmQYwHB4chJvlFTElTMDFFREdFMDUxOQA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-cache
CONFIG_NOCACHE
content-type
application/x-javascript
cache-control
no-cache, no-store
request-context
appId=cid-v1:b1d896b3-bec7-448b-b764-240152e813e8
content-length
1542
expires
-1
dJtiYfEJEI0hyw5wQ_g_8NlKRsHdja2JZeZ5T9NF0jg.js
pagead2.googlesyndication.com/bg/ Frame E1AE 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/dJtiYfEJEI0hyw5wQ_g_8NlKRsHdja2JZeZ5T9NF0jg.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
749b6261f109108d21cb0e7043f83ff0d94a46c1dd8dad8965e6794fd345d238
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 14:27:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
9190
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14301
x-xss-protection
0
last-modified
Mon, 08 Aug 2022 16:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 16 Aug 2023 14:27:26 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 2745 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022081101&jk=741729272613144&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame E1AE 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?qPx5mA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 17:00:36 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
events
api.permutive.com/v2.0/batch/ 		101 B
130 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/batch/events?enrich=false&sdkp=true&k=025ad678-bf0a-4fe2-b383-8487592159bc
Requested by
Host: be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app
URL: https://be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app/be54a597-6b6d-4e2d-9d31-642310a8db25-web.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
1a4a3d2e6b0c9e752777142d24c7b7294eaea3e63e47eff599d979c673de848e

Request headers

Referer
https://www.thestar.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
content-type
text/plain

Response headers

date
Tue, 16 Aug 2022 17:00:36 GMT
content-encoding
gzip
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.thestar.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
112
via
1.1 google
clarity.js
www.clarity.ms/eus2-e/s/0.6.39/ 		53 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/eus2-e/s/0.6.39/clarity.js
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/tag/uet/13008914
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:27::cafe:1774 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
f083096f236cb98c87af2abc70707aef6a74bb105074919b0bdc3aeec6964c1d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 17:00:36 GMT
content-encoding
br
etag
"1d8b099e3740ca1"
last-modified
Wed, 01 Jun 2022 12:22:22 GMT
x-powered-by
ASP.NET
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript;charset=utf-8
cache-control
public,max-age=86400
x-azure-ref
0NM37YgAAAAChYz2h0AyIQrj73U7GAC8dTElTMDFFREdFMDUxOQA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
accept-ranges
bytes
request-context
appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78
c.gif
c.clarity.ms/
Redirect Chain
  • https://c.clarity.ms/c.gif
  • https://c.bing.com/c.gif?CtsSyncId=973219FCA36E46E9B90A172782667F6E&RedC=c.clarity.ms&MXFR=3B31184E7B1062FB27860A4C7F106C48
  • https://c.clarity.ms/c.gif?CtsSyncId=973219FCA36E46E9B90A172782667F6E&MUID=23EF1D17A9E562273B8B0F15A86E635D
42 B
369 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.clarity.ms/c.gif?CtsSyncId=973219FCA36E46E9B90A172782667F6E&MUID=23EF1D17A9E562273B8B0F15A86E635D
Protocol
H2
Server
20.234.93.27 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 16 Aug 2022 17:00:36 GMT
last-modified
Thu, 28 Jul 2022 20:41:52 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"82531c78c2a2d81:0"
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-type
image/gif
content-length
42

Redirect headers

pragma
no-cache
date
Tue, 16 Aug 2022 17:00:36 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 757D575492194E51A2B7D0692696F9BC Ref B: FRA31EDGE0615 Ref C: 2022-08-16T17:00:37Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://c.clarity.ms/c.gif?CtsSyncId=973219FCA36E46E9B90A172782667F6E&MUID=23EF1D17A9E562273B8B0F15A86E635D
cache-control
private, no-cache, proxy-revalidate, no-store
content-length
0
load-cookie.html
elb.the-ozone-project.com/static/ Frame E841 		12 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&pubcid=4b28e856-d3ee-4c5c-9100-0b58357fb496&publisherId=TKN100000001&siteId=4204204311&cb=1660669234119&bidder=ozone
Requested by
Host: prebid.the-ozone-project.com
URL: https://prebid.the-ozone-project.com/hw/torstar/ozpb.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.229.249.57 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-229-249-57.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
040ae90345fee63a0728d0b737dc6e94ac84313a98213b45c4135915a8cd0188

Request headers

Referer
https://www.thestar.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
no-cache, no-store, must-revalidate
content-length
11885
content-type
text/html; charset=utf-8
date
Tue, 16 Aug 2022 17:00:37 GMT
expires
0
last-modified
Tue, 16 Aug 2022 04:24:18 GMT
pragma
no-cache
vary
Origin
load-cookie.html
elb.the-ozone-project.com/static/ Frame 551E 		12 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&pubcid=4b28e856-d3ee-4c5c-9100-0b58357fb496&publisherId=TKN100000001&siteId=4204204311&cb=1660669234044&bidder=ozone
Requested by
Host: prebid.the-ozone-project.com
URL: https://prebid.the-ozone-project.com/hw/torstar/ozpb.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.229.249.57 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-229-249-57.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
040ae90345fee63a0728d0b737dc6e94ac84313a98213b45c4135915a8cd0188

Request headers

Referer
https://www.thestar.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
no-cache, no-store, must-revalidate
content-length
11885
content-type
text/html; charset=utf-8
date
Tue, 16 Aug 2022 17:00:37 GMT
expires
0
last-modified
Tue, 16 Aug 2022 04:24:18 GMT
pragma
no-cache
vary
Origin
cookie_sync
elb.the-ozone-project.com/ Frame E841 		4 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://elb.the-ozone-project.com/cookie_sync
Requested by
Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&pubcid=4b28e856-d3ee-4c5c-9100-0b58357fb496&publisherId=TKN100000001&siteId=4204204311&cb=1660669234119&bidder=ozone
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.229.249.57 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-229-249-57.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
8a06add6208a6884d597226365ea38495896fc7f71a0ef9679888c11d107f19a

Request headers

Referer
https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&pubcid=4b28e856-d3ee-4c5c-9100-0b58357fb496&publisherId=TKN100000001&siteId=4204204311&cb=1660669234119&bidder=ozone
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 16 Aug 2022 17:00:37 GMT
vary
Origin
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://elb.the-ozone-project.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
expires
0
cookie_sync
elb.the-ozone-project.com/ Frame 551E 		4 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://elb.the-ozone-project.com/cookie_sync
Requested by
Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&pubcid=4b28e856-d3ee-4c5c-9100-0b58357fb496&publisherId=TKN100000001&siteId=4204204311&cb=1660669234044&bidder=ozone
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.229.249.57 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-229-249-57.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
0cba414b300e9a1ff107ae0e386bfb2b037b546a55f5580f5bc41dbac7c9870a

Request headers

Referer
https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&pubcid=4b28e856-d3ee-4c5c-9100-0b58357fb496&publisherId=TKN100000001&siteId=4204204311&cb=1660669234044&bidder=ozone
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 16 Aug 2022 17:00:37 GMT
vary
Origin
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://elb.the-ozone-project.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
expires
0
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022081101&jk=741729272613144&bg=!t7SltPDNAAa4hXTbmIU7ACkAdvg8Wv_E85SP3-peRHLpyq2IO5Ni8Gbi0rrTgj0OjvAZ0VSAlcOQmAIAAABUUgAAAAJoAQeZAu17Mx10gY6NLiFXr9_48oUmXY4Q6U0wDcgczjhUwvaaG8L4HsfNnnGS0s4X-LiOdN8xeI9YVnPVTdaR36Ykklqc1buEgl2FNfeFqqVDRqIdPBurzxBToOJicwTwb2b8t62qOTXGdL-azINAw7QFDZq43YKNdsk8ezApxqKK23dsm-X3fvhJXy38ivYYLJ8_kpprgSCzhz-0eWompaW2lfpS056Qb_uGBLYChdfeDpOL-PQGjxtalRgdraDYVeJQ8cA41qYOpuQAVPBJ7zwEzE-MP1qveNnpUuMvyYRb_NMMEnRwAtOT80avWYPK8zbPeyoS8Q97ETexweQoZNko4htl2MacHDrIBJXq8NQy-Q8AImJ8SptvcpSfdIPmSd6WSDF-KxcZGNH8AQGOIz7J4yxFTkMaU-pCAJielSBSWiueG5qzGKb-rVzPWDUqy9Cz0qKkq7cwMcVaqQsbheWG19FwuU_OcmJpzn9xxtGKGca4icRbC9gsrhheoGBN17qGxSXc7g1YI97efieyIp4xCO7LWmyhlzxAkwnqEonsetJsQ5FCFtgFucuQayxkmBNHbiynaEuoUmIiBAVyAmNYN3ufQx9AKmEwSNi40Nv2islKGZ20hfLcjObYbOHx43-94gta11TMGe5f3DHMJxUwltS9r--wB5Etj6ZC1ukKyTimbtyY3Ugbsa_0d01mnnvdcKpof81KY-TEd_hgRz54CWC0K7b55WJljMiRBEPaq-PBWG3c_ADQdVLD3XO4eGbwopcD2dkTPX7Ro2YG0lC62nD77D_3AY9_UZlmbd4fTweY2_JsGSUjZP3l_A3Jb-lezu7pzcoB09b1AQOQnl-WYCSkfcC7C_889HCvcxcEO0BmtgRStrw1-N63c5-COxIGT-isp995o0oetYZhf2MMZQVVJh3bJ27RFf_fjvZRjtJF2FH2XpAfTPzczONA5IbA1mvL9krn1MNLEmeY_hAi6hg1-2kcMdMmc-x0ftwQdQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers
setuid
elb.the-ozone-project.com/ Frame E841
Redirect Chain
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dgrid%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24%7BBSW_UUID%7D?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone
  • https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dgrid%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24%7BBSW_UUID%7D?gdpr=0&gdpr_consent=&us_privacy=pbs-...
  • https://elb.the-ozone-project.com/setuid?bidder=grid&gdpr=0&gdpr_consent=&uid=12691a29-4fe2-4350-b6a4-4f8ca997b087
0
379 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://elb.the-ozone-project.com/setuid?bidder=grid&gdpr=0&gdpr_consent=&uid=12691a29-4fe2-4350-b6a4-4f8ca997b087
Protocol
H2
Server
54.229.249.57 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-229-249-57.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://elb.the-ozone-project.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 16 Aug 2022 17:00:37 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
vary
Origin
expires
0

Redirect headers

Location
https://elb.the-ozone-project.com/setuid?bidder=grid&gdpr=0&gdpr_consent=&uid=12691a29-4fe2-4350-b6a4-4f8ca997b087
Date
Tue, 16 Aug 2022 17:00:37 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
setuid
elb.the-ozone-project.com/ Frame 551E
Redirect Chain
  • https://ssum.casalemedia.com/usermatchredir?us_privacy=pbs-ozone&gdpr=0&gdpr_consent=&s=189937&cb=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dix%26gdpr%3D0%26gdpr_consent%3D%26uid%3...
  • https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dix%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%26us_privacy%3Dpbs-ozone&gdpr=0&gdpr_consent=&s=1...
  • https://elb.the-ozone-project.com/setuid?bidder=ix&gdpr=0&gdpr_consent=&uid=&us_privacy=pbs-ozoneYvvNNewqMGMwGFBzmTJ-rQAA%261205
0
236 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://elb.the-ozone-project.com/setuid?bidder=ix&gdpr=0&gdpr_consent=&uid=&us_privacy=pbs-ozoneYvvNNewqMGMwGFBzmTJ-rQAA%261205
Protocol
H2
Server
54.229.249.57 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-229-249-57.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://elb.the-ozone-project.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 16 Aug 2022 17:00:37 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
vary
Origin
expires
0

Redirect headers

pragma
no-cache
date
Tue, 16 Aug 2022 17:00:37 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e6ABK7L%2FoIs9EPsLa3ka%2B0vDV6huhGqK6Qw92%2B17Txu%2FpT2nEovWaX50XUY5bDKl8%2FFeTQAJ3Rc0gAE1rsDZ6XjaWxpw3IxYBQj7utJtpyobKyZAmJccqcYQB6yiCc4m4Aw7E%2B2I"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://elb.the-ozone-project.com/setuid?bidder=ix&gdpr=0&gdpr_consent=&uid=&us_privacy=pbs-ozoneYvvNNewqMGMwGFBzmTJ-rQAA%261205
cache-control
no-cache
cf-ray
73bbba2e2a4d903d-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
collect
k.clarity.ms/ 		0
176 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://k.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/eus2-e/s/0.6.39/clarity.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.96.88.162 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://www.thestar.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-origin
https://www.thestar.com
date
Tue, 16 Aug 2022 17:00:37 GMT
access-control-allow-credentials
true
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
request-context
appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78
setuid
elb.the-ozone-project.com/ Frame 551E
Redirect Chain
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dgrid%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24%7BBSW_UUID%7D?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone
  • https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dgrid%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24%7BBSW_UUID%7D?gdpr=0&gdpr_consent=&us_privacy=pbs-...
  • https://elb.the-ozone-project.com/setuid?bidder=grid&gdpr=0&gdpr_consent=&uid=5657c987-b0f6-4078-9e40-4d8c856d0e07
0
380 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://elb.the-ozone-project.com/setuid?bidder=grid&gdpr=0&gdpr_consent=&uid=5657c987-b0f6-4078-9e40-4d8c856d0e07
Protocol
H2
Server
54.229.249.57 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-229-249-57.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://elb.the-ozone-project.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 16 Aug 2022 17:00:37 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
vary
Origin
expires
0

Redirect headers

Location
https://elb.the-ozone-project.com/setuid?bidder=grid&gdpr=0&gdpr_consent=&uid=5657c987-b0f6-4078-9e40-4d8c856d0e07
Date
Tue, 16 Aug 2022 17:00:37 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
101995
dmx.districtm.io/s/v1/img/s/ Frame E841 		0
0
setuid
elb.the-ozone-project.com/ Frame E841
Redirect Chain
  • https://eb2.3lift.com/getuid?gdpr=0&cmp_cs=&us_privacy=pbs-ozone&redir=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID
  • https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=pbs-ozone&redir=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID
  • https://elb.the-ozone-project.com/setuid?bidder=triplelift&gdpr=0&gdpr_consent=&uid=3251217969106455611512
0
494 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://elb.the-ozone-project.com/setuid?bidder=triplelift&gdpr=0&gdpr_consent=&uid=3251217969106455611512
Protocol
H2
Server
54.229.249.57 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-229-249-57.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://elb.the-ozone-project.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 16 Aug 2022 17:00:37 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
vary
Origin
expires
0

Redirect headers

location
https://elb.the-ozone-project.com/setuid?bidder=triplelift&gdpr=0&gdpr_consent=&uid=3251217969106455611512
date
Tue, 16 Aug 2022 17:00:37 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
sync.php
pixel.rubiconproject.com/exchange/ Frame 551E 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-ozone&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://elb.the-ozone-project.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
8f052d4f888ae4e0626c5f819879cacd
Content-Type
image/gif
prebid
rtb.openx.net/sync/ Frame 551E 		43 B
351 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D%24%7BUID%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://elb.the-ozone-project.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 16 Aug 2022 17:00:37 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
gjqb93nkt72fi1hi291m36hbe5v2v9av
prebid
rtb.openx.net/sync/ Frame E841 		43 B
135 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D%24%7BUID%7D
Requested by
Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&pubcid=4b28e856-d3ee-4c5c-9100-0b58357fb496&publisherId=TKN100000001&siteId=4204204311&cb=1660669234119&bidder=ozone
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://elb.the-ozone-project.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 16 Aug 2022 17:00:37 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
hcok1npd6p9m0ojrj1rfp3d2hglod9nm
setuid
elb.the-ozone-project.com/ Frame E841
Redirect Chain
  • https://ssum.casalemedia.com/usermatchredir?us_privacy=pbs-ozone&gdpr=0&gdpr_consent=&s=189937&cb=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dix%26gdpr%3D0%26gdpr_consent%3D%26uid%3...
  • https://elb.the-ozone-project.com/setuid?bidder=ix&gdpr=0&gdpr_consent=&uid=&us_privacy=pbs-ozoneYvvNNewqMGMwGFBzmTJ-rQAA%261205
0
494 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://elb.the-ozone-project.com/setuid?bidder=ix&gdpr=0&gdpr_consent=&uid=&us_privacy=pbs-ozoneYvvNNewqMGMwGFBzmTJ-rQAA%261205
Protocol
H2
Server
54.229.249.57 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-229-249-57.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://elb.the-ozone-project.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 16 Aug 2022 17:00:38 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
vary
Origin
expires
0

Redirect headers

pragma
no-cache
date
Tue, 16 Aug 2022 17:00:38 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=snQfCfYzwlv4u2HKNs9ByNjh3Q9cCT3Xoacik2xznRSkQgtmCsxR8boXkqjeLRFhv75kfrkFBWovFag7K3DxQDGYpQiZBal71mL8FBHVQVhg%2FHZYJWaZ9zWGEWoKYqC5EgzTH9JX"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://elb.the-ozone-project.com/setuid?bidder=ix&gdpr=0&gdpr_consent=&uid=&us_privacy=pbs-ozoneYvvNNewqMGMwGFBzmTJ-rQAA%261205
cache-control
no-cache
cf-ray
73bbba32285a903d-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
setuid
elb.the-ozone-project.com/ Frame 551E
Redirect Chain
  • https://ad2.360yield.com/server_match?r=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dimprovedigital%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%7BPUB_USER_ID%7D
  • https://ad2.360yield.com/ul_cb/server_match?r=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dimprovedigital%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%7BPUB_USER_ID%7D
  • https://elb.the-ozone-project.com/setuid?bidder=improvedigital&gdpr=0&gdpr_consent=&uid=1ce2c8aa-3670-4756-adeb-bb3d67dfdc39
0
628 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://elb.the-ozone-project.com/setuid?bidder=improvedigital&gdpr=0&gdpr_consent=&uid=1ce2c8aa-3670-4756-adeb-bb3d67dfdc39
Protocol
H2
Server
54.229.249.57 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-229-249-57.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://elb.the-ozone-project.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 16 Aug 2022 17:00:38 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
vary
Origin
expires
0

Redirect headers

location
https://elb.the-ozone-project.com/setuid?bidder=improvedigital&gdpr=0&gdpr_consent=&uid=1ce2c8aa-3670-4756-adeb-bb3d67dfdc39
date
Tue, 16 Aug 2022 17:00:38 GMT
access-control-allow-origin
*
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
generic
match.adsrvr.org/track/cmf/ Frame E841 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=u40cpuw&ttd_tpi=1&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://elb.the-ozone-project.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 16 Aug 2022 17:00:38 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
setuid
elb.the-ozone-project.com/ Frame E841
Redirect Chain
  • https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&redirectUri=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dsmart%26gdpr%3D0%26gdp...
  • https://elb.the-ozone-project.com/setuid?bidder=smart&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=7628554842303151126
0
737 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://elb.the-ozone-project.com/setuid?bidder=smart&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=7628554842303151126
Protocol
H2
Server
54.229.249.57 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-229-249-57.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://elb.the-ozone-project.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 16 Aug 2022 17:00:38 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
vary
Origin
expires
0

Redirect headers

location
https://elb.the-ozone-project.com/setuid?bidder=smart&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=7628554842303151126
date
Tue, 16 Aug 2022 17:00:37 GMT
content-length
0
setuid
elb.the-ozone-project.com/ Frame 551E
Redirect Chain
  • https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&redirectUri=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dsmart%26gdpr%3D0%26gdp...
  • https://elb.the-ozone-project.com/setuid?bidder=smart&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=56219709213818000
0
734 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://elb.the-ozone-project.com/setuid?bidder=smart&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=56219709213818000
Protocol
H2
Server
54.229.249.57 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-229-249-57.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://elb.the-ozone-project.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 16 Aug 2022 17:00:38 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
vary
Origin
expires
0

Redirect headers

location
https://elb.the-ozone-project.com/setuid?bidder=smart&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=56219709213818000
date
Tue, 16 Aug 2022 17:00:37 GMT
content-length
0
pixel.gif
px.moatads.com/ 		43 B
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=4&q=0&ai=5675&wr=5673&hp=1&wf=1&ra=5&pxm=4&sgs=6&vb=12&kq=1&lo=0&uk=null&pk=0&wk=1&rk=1&tk=0&ak=-&i=TORONTO_PREBID_HEADER1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(Kc%2CC%24%3D!!tmxgk~GDgxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-vldfgUevl2QD4YpW6R34RpvnDsHp3lN2bOJbBer2APsOGgL%2F6PC5WmU2F3MRrrFWS1qZ&rs=1-dCAW7OXurwpsfw%3D%3D&sc=1&os=1-8A%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=11&g=1&fl=1&j=&xc=0&xb=0&xa=0&md=0&mc=0&lb=8767&ld=0&lc=0&la=0&cw=1600&cx=1200&sh=8767&sr=0&sb=0&sq=0&sa=0&sn=0&sj=0&sm=0&si=0&h=4&w=4&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&rm=1&zGSRC=1&gu=https%3A%2F%2Fwww.thestar.com%2Flife%2Ffashion_style%2F2022%2F08%2F04%2Fwe-put-walking-sandals-to-the-testthese-are-the-comfiest.html&id=1&ii=4&cm=1&zMoatIS=0&pl=1&f=0&t=1660669232820&de=156981876867&rx=240682595571&cu=1660669232820&m=5675&ar=1da355aa18f-clean&iw=ae3b167&cb=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&le=1&ch=0&vv=0&vw=0%3A0%3A0&vp=undefined&vx=-%3A-%3A-&pe=1%3A3946%3A4014%3A7725%3A4050&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=2411&cd=0&ah=2411&am=0&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=thestar.com%3AWe%20put%20walking%20sandals%20to%20the%20test%E2%80%94these%20are%20the%20comfiest%3A__page__%3A-&gw=torontoprebidheader623296055317&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&ab=3&fd=1&kt=null&it=500&oq=0&ot=0&zMoatJS=3%3A-&tc=0&fs=199703&na=1852117423&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.47.209.169 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-47-209-169.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

unused62
8096267
date
Tue, 16 Aug 2022 17:00:38 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
pragma
no-cache
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Tue, 16 Aug 2022 17:00:38 GMT
cookie
cm.adform.net/ Frame E841 		43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dadform%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.246 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://elb.the-ozone-project.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 17:00:38 GMT
server
nginx
content-length
43
content-type
image/gif
101995
dmx.districtm.io/s/v1/img/s/ Frame 551E 		0
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 63FA 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&predirect=&us_privacy=pbs-ozonehttps%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D
Requested by
Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&pubcid=4b28e856-d3ee-4c5c-9100-0b58357fb496&publisherId=TKN100000001&siteId=4204204311&cb=1660669234044&bidder=ozone
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.47.208.212 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-47-208-212.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://elb.the-ozone-project.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=46881
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Tue, 16 Aug 2022 17:00:38 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Wed, 17 Aug 2022 06:01:59 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
attention-event
sr.studiostack.com/track/ 		0
396 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sr.studiostack.com/track/attention-event
Requested by
Host: sr.studiostack.com
URL: https://sr.studiostack.com/v3/services
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.104.28.77 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.thestar.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

Pragma
no-cache
Date
Tue, 16 Aug 2022 17:00:38 GMT
Access-Control-Allow-Methods
GET, POST, OPTIONS, HEAD, PUT
Access-Control-Allow-Origin
*
Expires
0
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept
Content-Length
0
request-context
appId=cid-v1:872aa76c-939e-4ab5-93a1-49e977059583
attention-event
sr.studiostack.com/track/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://sr.studiostack.com/track/attention-event
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.104.28.77 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.thestar.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept
Access-Control-Allow-Methods
GET, POST, OPTIONS, HEAD, PUT
Access-Control-Allow-Origin
*
Allow
POST
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
4
Content-Type
text/html; charset=utf-8
Date
Tue, 16 Aug 2022 17:00:38 GMT
ETag
W/"4-Yf+Bwwqjx254r+pisuO9HfpJ6FQ"
Expires
0
Pragma
no-cache
request-context
appId=cid-v1:872aa76c-939e-4ab5-93a1-49e977059583
PugMaster
image6.pubmatic.com/AdServer/ Frame 63FA 		0
42 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=57458735&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=pbs-ozonehttps%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&predirect=&us_privacy=pbs-ozonehttps%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 17:00:38 GMT
content-length
0
setuid
elb.the-ozone-project.com/ Frame E841
Redirect Chain
  • https://ads.avct.cloud/getuid?&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&url=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Davocet%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%7B%7BUUID%7D%7D
  • https://ads.avct.cloud/getuid?bounce=true&&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&url=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Davocet%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%7B%...
  • https://elb.the-ozone-project.com/setuid?bidder=avocet&gdpr=0&gdpr_consent=&uid=185e978a-4192-4790-98c5-8593a9a0fa63
0
862 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://elb.the-ozone-project.com/setuid?bidder=avocet&gdpr=0&gdpr_consent=&uid=185e978a-4192-4790-98c5-8593a9a0fa63
Protocol
H2
Server
54.229.249.57 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-229-249-57.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://elb.the-ozone-project.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 16 Aug 2022 17:00:39 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
vary
Origin
expires
0

Redirect headers

location
https://elb.the-ozone-project.com/setuid?bidder=avocet&gdpr=0&gdpr_consent=&uid=185e978a-4192-4790-98c5-8593a9a0fa63
date
Tue, 16 Aug 2022 17:00:39 GMT
p3p
policyref="http://cdn.avocet.io/w3c/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-length
151
content-type
text/html; charset=utf-8
setuid
elb.the-ozone-project.com/ Frame 551E
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ozo?url=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dbeeswax%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID
  • https://match.prod.bidr.io/cookie-sync/ozo?url=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dbeeswax%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID&_bee_ppp=1
  • https://elb.the-ozone-project.com/setuid?bidder=beeswax&uid=AAFLZk7F95oAAA_x-bCWIw
0
970 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://elb.the-ozone-project.com/setuid?bidder=beeswax&uid=AAFLZk7F95oAAA_x-bCWIw
Protocol
H2
Server
54.229.249.57 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-229-249-57.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://elb.the-ozone-project.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 16 Aug 2022 17:00:39 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
vary
Origin
expires
0

Redirect headers

location
https://elb.the-ozone-project.com/setuid?bidder=beeswax&uid=AAFLZk7F95oAAA_x-bCWIw
Date
Tue, 16 Aug 2022 17:00:39 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
strict-transport-security
max-age=2592000; includeSubDomains
v1
match.sharethrough.com/FGMrCMMc/ Frame E841 		0
35 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dsharethrough%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.57.48.124 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-57-48-124.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://elb.the-ozone-project.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 17:00:39 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame FBF2 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&predirect=&us_privacy=pbs-ozonehttps%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D
Requested by
Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&pubcid=4b28e856-d3ee-4c5c-9100-0b58357fb496&publisherId=TKN100000001&siteId=4204204311&cb=1660669234119&bidder=ozone
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.47.208.212 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-47-208-212.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://elb.the-ozone-project.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=46880
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Tue, 16 Aug 2022 17:00:39 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Wed, 17 Aug 2022 06:01:59 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
generic
match.adsrvr.org/track/cmf/ Frame 551E 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=u40cpuw&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&pubcid=4b28e856-d3ee-4c5c-9100-0b58357fb496&publisherId=TKN100000001&siteId=4204204311&cb=1660669234044&bidder=ozone
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://elb.the-ozone-project.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 16 Aug 2022 17:00:39 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
setuid
elb.the-ozone-project.com/ Frame E841
Redirect Chain
  • https://ad2.360yield.com/server_match?r=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dimprovedigital%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%7BPUB_USER_ID%7D
  • https://elb.the-ozone-project.com/setuid?bidder=improvedigital&gdpr=0&gdpr_consent=&uid=1ce2c8aa-3670-4756-adeb-bb3d67dfdc39
0
970 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://elb.the-ozone-project.com/setuid?bidder=improvedigital&gdpr=0&gdpr_consent=&uid=1ce2c8aa-3670-4756-adeb-bb3d67dfdc39
Protocol
H2
Server
54.229.249.57 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-229-249-57.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://elb.the-ozone-project.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 16 Aug 2022 17:00:39 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
vary
Origin
expires
0

Redirect headers

location
https://elb.the-ozone-project.com/setuid?bidder=improvedigital&gdpr=0&gdpr_consent=&uid=1ce2c8aa-3670-4756-adeb-bb3d67dfdc39
date
Tue, 16 Aug 2022 17:00:39 GMT
access-control-allow-origin
*
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cookie
cm.adform.net/ Frame 551E 		43 B
105 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dadform%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID
Requested by
Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&pubcid=4b28e856-d3ee-4c5c-9100-0b58357fb496&publisherId=TKN100000001&siteId=4204204311&cb=1660669234044&bidder=ozone
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.246 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://elb.the-ozone-project.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 17:00:39 GMT
server
nginx
content-length
43
content-type
image/gif
setuid
elb.the-ozone-project.com/ Frame 551E
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dadnxs%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Felb.the-ozone-project.com%252Fsetuid%253Fbidder%253Dadnxs%2526gdpr%253D0%2526gdpr_consent%253D%2526uid%253D%2524UID
  • https://elb.the-ozone-project.com/setuid?bidder=adnxs&gdpr=0&gdpr_consent=&uid=467047975042094708
0
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://elb.the-ozone-project.com/setuid?bidder=adnxs&gdpr=0&gdpr_consent=&uid=467047975042094708
Protocol
H2
Server
54.229.249.57 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-229-249-57.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://elb.the-ozone-project.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 16 Aug 2022 17:00:39 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
vary
Origin
expires
0

Redirect headers

Pragma
no-cache
Date
Tue, 16 Aug 2022 17:00:39 GMT
X-Proxy-Origin
80.255.7.102; 80.255.7.102; 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
69786157-580a-4c8e-9346-c7c6f34e5cd9
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://elb.the-ozone-project.com/setuid?bidder=adnxs&gdpr=0&gdpr_consent=&uid=467047975042094708
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
pixel
ap.lijit.com/ Frame E841 		0
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/pixel?redir=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dsovrn%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.39 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://elb.the-ozone-project.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 16 Aug 2022 17:00:39 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap7ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
pixel.gif
px.moatads.com/ 		43 B
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=31&hp=1&wf=1&ra=5&pxm=4&sgs=6&vb=12&kq=1&lo=0&uk=null&pk=0&wk=1&rk=1&tk=0&ak=-&i=TORONTO_PREBID_HEADER1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(Kc%2CC%24%3D!!tmxgk~GDgxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-vldfgUevl2QD4YpW6R34RpvnDsHp3lN2bOJbBer2APsOGgL%2F6PC5WmU2F3MRrrFWS1qZ&rs=1-dCAW7OXurwpsfw%3D%3D&sc=1&os=1-8A%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=11&g=2&fl=1&j=&xc=0&xb=0&xa=0&md=14&mc=0&lb=8767&ld=1200&lc=0&la=0&cw=1600&cx=1200&sh=8767&sr=0&sb=0&sq=0&sa=0&sn=0&sj=0&sm=0&si=0&h=4&w=4&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&rm=1&zGSRC=1&gu=https%3A%2F%2Fwww.thestar.com%2Flife%2Ffashion_style%2F2022%2F08%2F04%2Fwe-put-walking-sandals-to-the-testthese-are-the-comfiest.html&id=1&ii=4&cm=1&zMoatIS=0&pl=1&f=0&t=1660669232820&de=156981876867&rx=240682595571&cu=1660669232820&m=6676&ar=1da355aa18f-clean&iw=ae3b167&cb=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&le=1&ch=0&vv=0&vw=0%3A0%3A0&vp=undefined&vx=-%3A-%3A-&pe=1%3A3946%3A4014%3A7725%3A4050&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=3412&cd=2411&ah=3412&am=2411&xd=00&rf=0&re=0&wb=1&ai=5675&wr=5673&cl=0&at=0&d=thestar.com%3AWe%20put%20walking%20sandals%20to%20the%20test%E2%80%94these%20are%20the%20comfiest%3A__page__%3A-&gw=torontoprebidheader623296055317&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&ab=3&fd=1&kt=null&it=500&oq=0&ot=0&zMoatJS=3%3A-&tc=0&fs=199703&na=259233760&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.47.209.169 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-47-209-169.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

unused62
8096267
date
Tue, 16 Aug 2022 17:00:39 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
pragma
no-cache
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Tue, 16 Aug 2022 17:00:39 GMT
setuid
elb.the-ozone-project.com/ Frame 551E
Redirect Chain
  • https://ads.avct.cloud/getuid?&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&url=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Davocet%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%7B%7BUUID%7D%7D
  • https://elb.the-ozone-project.com/setuid?bidder=avocet&gdpr=0&gdpr_consent=&uid=185e978a-4192-4790-98c5-8593a9a0fa63
0
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://elb.the-ozone-project.com/setuid?bidder=avocet&gdpr=0&gdpr_consent=&uid=185e978a-4192-4790-98c5-8593a9a0fa63
Protocol
H2
Server
54.229.249.57 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-229-249-57.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://elb.the-ozone-project.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 16 Aug 2022 17:00:39 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
vary
Origin
expires
0

Redirect headers

location
https://elb.the-ozone-project.com/setuid?bidder=avocet&gdpr=0&gdpr_consent=&uid=185e978a-4192-4790-98c5-8593a9a0fa63
date
Tue, 16 Aug 2022 17:00:39 GMT
p3p
policyref="http://cdn.avocet.io/w3c/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-length
151
content-type
text/html; charset=utf-8
sync.php
pixel.rubiconproject.com/exchange/ Frame E841 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-ozone&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://elb.the-ozone-project.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
8f052d4f888ae4e0626c5f819879cacd
Content-Type
image/gif
setuid
elb.the-ozone-project.com/ Frame E841
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ozo?url=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dbeeswax%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID
  • https://elb.the-ozone-project.com/setuid?bidder=beeswax&uid=AAFLZk7F95oAAA_x-bCWIw
0
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://elb.the-ozone-project.com/setuid?bidder=beeswax&uid=AAFLZk7F95oAAA_x-bCWIw
Protocol
H2
Server
54.229.249.57 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-229-249-57.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://elb.the-ozone-project.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 16 Aug 2022 17:00:39 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
vary
Origin
expires
0

Redirect headers

location
https://elb.the-ozone-project.com/setuid?bidder=beeswax&uid=AAFLZk7F95oAAA_x-bCWIw
Date
Tue, 16 Aug 2022 17:00:39 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
strict-transport-security
max-age=2592000; includeSubDomains
setuid
elb.the-ozone-project.com/ Frame 551E
Redirect Chain
  • https://eb2.3lift.com/getuid?gdpr=0&cmp_cs=&us_privacy=pbs-ozone&redir=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID
  • https://elb.the-ozone-project.com/setuid?bidder=triplelift&gdpr=0&gdpr_consent=&uid=3251217969106455611512
0
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://elb.the-ozone-project.com/setuid?bidder=triplelift&gdpr=0&gdpr_consent=&uid=3251217969106455611512
Protocol
H2
Server
54.229.249.57 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-229-249-57.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://elb.the-ozone-project.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 16 Aug 2022 17:00:39 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
vary
Origin
expires
0

Redirect headers

location
https://elb.the-ozone-project.com/setuid?bidder=triplelift&gdpr=0&gdpr_consent=&uid=3251217969106455611512
date
Tue, 16 Aug 2022 17:00:39 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
setuid
elb.the-ozone-project.com/ Frame E841
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dadnxs%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID
  • https://elb.the-ozone-project.com/setuid?bidder=adnxs&gdpr=0&gdpr_consent=&uid=467047975042094708
0
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://elb.the-ozone-project.com/setuid?bidder=adnxs&gdpr=0&gdpr_consent=&uid=467047975042094708
Protocol
H2
Server
54.229.249.57 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-229-249-57.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://elb.the-ozone-project.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 16 Aug 2022 17:00:39 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
vary
Origin
expires
0

Redirect headers

Pragma
no-cache
Date
Tue, 16 Aug 2022 17:00:39 GMT
X-Proxy-Origin
80.255.7.102; 80.255.7.102; 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
ae668e61-de6a-4c6c-bb25-467338585414
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://elb.the-ozone-project.com/setuid?bidder=adnxs&gdpr=0&gdpr_consent=&uid=467047975042094708
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
v1
match.sharethrough.com/FGMrCMMc/ Frame 551E 		0
34 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dsharethrough%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.57.48.124 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-57-48-124.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://elb.the-ozone-project.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 17:00:39 GMT
pixel
ap.lijit.com/ Frame 551E 		0
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/pixel?redir=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dsovrn%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.39 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://elb.the-ozone-project.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 16 Aug 2022 17:00:39 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap7ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
pixel.gif
px.moatads.com/ 		43 B
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&wf=1&ra=5&pxm=4&sgs=6&vb=12&kq=1&lo=0&uk=null&pk=0&wk=1&rk=1&tk=0&ak=-&i=TORONTO_PREBID_HEADER1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(Kc%2CC%24%3D!!tmxgk~GDgxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-vldfgUevl2QD4YpW6R34RpvnDsHp3lN2bOJbBer2APsOGgL%2F6PC5WmU2F3MRrrFWS1qZ&rs=1-dCAW7OXurwpsfw%3D%3D&sc=1&os=1-8A%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=11&g=3&fl=1&j=&xc=0&xb=0&xa=0&md=14&mc=14&lb=8767&ld=1200&lc=1200&la=1200&cw=1600&cx=1200&sh=8767&sr=0&sb=0&sq=0&sa=0&sn=0&sj=0&sm=0&si=0&h=4&w=4&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&rm=1&zGSRC=1&gu=https%3A%2F%2Fwww.thestar.com%2Flife%2Ffashion_style%2F2022%2F08%2F04%2Fwe-put-walking-sandals-to-the-testthese-are-the-comfiest.html&id=1&ii=4&cm=1&zMoatIS=0&pl=1&f=0&t=1660669232820&de=156981876867&rx=240682595571&cu=1660669232820&m=8410&ar=1da355aa18f-clean&iw=ae3b167&cb=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&le=1&ch=0&vv=0&vw=0%3A0%3A0&vp=undefined&vx=-%3A-%3A-&pe=1%3A3946%3A4014%3A7725%3A4050&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=5014&cd=3412&ah=5014&am=3412&xd=00&rf=0&re=0&wb=1&ai=5675&wr=5673&cl=0&at=0&d=thestar.com%3AWe%20put%20walking%20sandals%20to%20the%20test%E2%80%94these%20are%20the%20comfiest%3A__page__%3A-&gw=torontoprebidheader623296055317&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&ab=3&fd=1&kt=null&it=500&oq=0&ot=0&zMoatJS=3%3A-&tc=0&fs=199703&na=2023540359&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.47.209.169 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-47-209-169.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

unused62
8096267
date
Tue, 16 Aug 2022 17:00:41 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
pragma
no-cache
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Tue, 16 Aug 2022 17:00:41 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.thestar.com
URL
https://www.thestar.com/api/articles?type=top
Domain
dmx.districtm.io
URL
https://dmx.districtm.io/s/v1/img/s/101995
Domain
dmx.districtm.io
URL
https://dmx.districtm.io/s/v1/img/s/101995

Verdicts & Comments Add Verdict or Comment

285 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| ozonePrebidAdunits function| ozoneLog function| ozoneError object| pbjsFile object| integrationFile object| blueConicPreListeners function| BCClass object| blueConicClient object| googletag object| ggeac object| google_tag_data object| google_js_reporting_queue undefined| google_measure_js_timing object| permutive object| __PRELOADED_CONFIG_DATA__ object| __PRELOADED_STATE__ object| __APOLLO_STATE__ object| gs_channels function| Kumulos function| receiveMessage object| dataLayer undefined| url undefined| meta number| _vis_opt_account_id string| _vis_opt_protocol number| _vwo_acc_id object| _vwo_exp_ids object| _vwo_exp boolean| _vis_opt_settings_loaded string| _vwo_cookieDomain string| _vwo_uuid string| _vwo_lib_cb string| _vwo_mt string| _vwo_tm object| vwo_iehack_queue object| VWO object| _vwo_pa string| _vwo_opa_cb string| _vwo_worker_cb string| _vis_opt_file_name function| vwo_$ string| _vwo_server_url object| _vis_opt_queue object| _vis_opt_check_segment object| _vwo_evq function| _vwo_ev object| _vwo_t object| _vwo_api_section_callback object| _vis_opt_comb_name function| _vwo_s object| _vwo_campaignData function| _vis_opt_top_initialize function| _vis_opt_bottom_initialize function| _vis_opt_goal_conversion function| _vis_opt_revenue_conversion function| _vis_opt_pause function| _vis_opt_readCookie function| _vis_opt_createCookie function| _vis_opt_element_loaded function| _vis_opt_GA_track function| _vis_opt_register_conversion function| _vis_opt_get_campaign_xPath function| pbjsChunk object| pbjs boolean| DISABLE_NATIVE_CONSTANTS object| _vwo_editorOperationTracker function| _vwo_handleMutations number| _vis_opt_experiment_id boolean| canRunAds number| ___vwo object| __nls boolean| adBlock string| theStarSAccount object| regeneratorRuntime object| twttr function| fbq function| _fbq object| _comscore boolean| comScoreFirstLoad number| scrollIncrement object| PARSELY function| trackScroll object| referrerHistory string| $igniter_var function| $p object| apstag object| UrlCache object| SUBSCRIPTIONS object| SWG function| GaaGoogleSignInButton function| GaaGoogle3pSignInButton function| GaaSignInWithGoogleButton function| GaaMeteringRegwall function| GaaMetering object| default_gsi object| google object| closure_lm_542728 object| _vfP object| core boolean| vfLoaded function| setImmediate function| clearImmediate object| vfQ object| viafoura object| vf object| adunitCodesProcessed function| auctionRetryer function| getUnrequestedSlots object| _satellite boolean| __satelliteLoaded object| adobe function| Visitor object| s_c_il number| s_c_in object| google_tag_manager function| postscribe object| google_tag_manager_external string| GoogleAnalyticsObject function| ga undefined| ct undefined| et undefined| hourElapsed undefined| msg undefined| pixelDomain undefined| isDomless undefined| documentReferrer undefined| isBeta undefined| viewHash undefined| tagType undefined| pxSrc undefined| moat_px object| Moat#G26 object| MoatSuperV26 object| MoatNadoAllJsonpRequest_82219317 object| Moat#PML#26#1.2 boolean| Moat#EVA function| __moatSlotTagLoadedtorontoprebidheader623296055317 object| moatPrebidApi object| COMSCORE function| udm_ object| ns_p undefined| px object| Moat#G23 object| MoatSuperV23 boolean| _lastFocusState string| a object| Moat#PML#23#1.2 object| MoatContent function| AppMeasurement function| s_gi function| s_pgicq number| s_objectID number| s_giq function| AppMeasurement_Module_ActivityMap object| s string| keyLinkTrackVars object| bc_json425 object| webpackChunkli_browser_client boolean| apstagLOADED object| gaplugins object| gaGlobal object| gaData function| onYouTubeIframeAPIReady function| pbq function| _typeof object| webVitals object| __LOADABLE_LOADED_CHUNKS__ function| Buffer object| AWS number| 2f1acc6c3a606b082e5eef5e54414ffb object| smg number| curY number| curDepthRatio object| adobeTokens object| pbProcessor boolean| msgData object| _bcp object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| mdc function| theStarLinkClick function| Zepto function| $ function| RuleService object| justDetectAdblock object| bcConnectionUtil function| BlueConicDataLayerUtil object| JSONPath function| md5 boolean| bcUrlListenerActive object| bc object| interactions undefined| dialog object| button object| bc_metercount object| bc_datalayer object| Viafoura object| bc_json426 object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager object| campaignData object| TheStar number| auth number| x number| ati number| ki number| tsi function| __d3lUW8vwsKlB__ string| twitterPixelId string| template function| twq function| trackFB string| fbPixelId string| pageType function| __an6na521li18__ object| OWQ5ZWM4NmRjNTBkYzJlM2xvYWRlcl9qcw== string| OWQ5ZWM4NmRjNTBkYzJlM2NhY2hlZF9qcw== object| googlefc object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady string| PinterestPixelId function| pintrk object| JSON3 function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO number| m boolean| pvOccured boolean| pageViewOccured object| s_i_torontodnnlocal function| rdt string| _linkedin_data_partner_id number| randomNumber object| scriptTag object| insertionNode string| conversionTag string| host function| clsn object| dicnf number| google_srt function| btrp function| pdib3 function| vv function| sasrc function| stcc function| lintrk boolean| _already_called_lintrk object| configArgs number| pixelRatio number| width number| height object| screenSize object| labels function| UET function| UET_init function| UET_push object| ueto_c804a1c588 object| uetq object| GoogleGcLKhOms function| omrhp function| clarity object| google_image_requests

103 Cookies

Domain/Path Name / Value
e377.thestar.com/DG/DEFAULT Name: BCSessionID
Value: 7b55be3d-b452-4908-94ac-42e1dcb5f847
torstar.blueconic.net/DG/DEFAULT Name: BCSessionID
Value: 7b55be3d-b452-4908-94ac-42e1dcb5f847
www.thestar.com/ Name: last_visit_bc
Value: 1660669231098
.thestar.com/ Name: bc_tstgrp
Value: 4
.thestar.com/ Name: _vwo_uuid_v2
Value: D754B6FA2D32922DBDB2A2AF579647EDA|b8def3a6feb6730d1b121398e9edc8f5
.thestar.com/ Name: _vis_opt_s
Value: 1%7C
.thestar.com/ Name: _vis_opt_test_cookie
Value: 1
.thestar.com/ Name: _vwo_uuid
Value: D754B6FA2D32922DBDB2A2AF579647EDA
.thestar.com/ Name: _vwo_sn
Value: 0%3A1
.thestar.com/ Name: _vwo_ds
Value: 3%3Aa_0%2Ct_0%3A0%241660669231%3A56.36926856%3A%3A47_0%2C45_0%2C44_0%2C43_0%2C42_0%2C35_0%2C34_0%2C32_0%2C26_0%3A3_0%2C2_0%3A0
.thestar.com/ Name: permutive-id
Value: 1c679d87-4e28-413c-858e-acd413f298c3
.be54a597-6b6d-4e2d-9d31-642310a8db25.prmutv.co/ Name: pxid
Value: 90f459d0-bde4-4d0c-b276-30bfc5e61dc9
www.thestar.com/ Name: userSegmentLogin
Value: false
.t.co/ Name: muc_ads
Value: 0b937d34-ed20-4791-af7a-45639bbd510f
.twitter.com/ Name: personalization_id
Value: "v1_tDH/VmoVBqQRMeaDM6ad1Q=="
.thestar.com/ Name: _igt
Value: ee98f564-0e01-4c12-a18d-04583b664b92
.thestar.com/ Name: _ig
Value: 271cfd89-2cbd-464e-cdcd-cd3ccf44e8a8
.demdex.net/ Name: demdex
Value: 38307470517095815212402362963637825534
.thestar.com/ Name: AMCVS_19A568F454F72DAF0A4C98A6%40AdobeOrg
Value: 1
.thestar.com/ Name: _gid
Value: GA1.2.1186855633.1660669233
.thestar.com/ Name: _gat_UA-70431129-1
Value: 1
.thestar.com/ Name: _gat_UA-73335503-3
Value: 1
.thestar.com/ Name: _ga_6FZFMVVWVN
Value: GS1.1.1660669233.1.0.1660669233.60
.thestar.com/ Name: _ga
Value: GA1.1.1582746846.1660669233
.thestar.com/ Name: local_ga_B4CQN4KW3R
Value: GS1.1.1660669233.1.0.1660669233.60
.thestar.com/ Name: local_ga
Value: GA1.1.1582746846.1660669233
.thestar.com/ Name: _parsely_session
Value: {%22sid%22:1%2C%22surl%22:%22https://www.thestar.com/life/fashion_style/2022/08/04/we-put-walking-sandals-to-the-testthese-are-the-comfiest.html%22%2C%22sref%22:%22%22%2C%22sts%22:1660669233119%2C%22slts%22:0}
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~YvvNMQAAAIle0wOV
.thestar.com/ Name: s_ecid
Value: MCMID%7C38293365494397713552403775458545939956
.dpm.demdex.net/ Name: dpm
Value: 38307470517095815212402362963637825534
.viafoura.co/ Name: VfSess
Value: 8jojabige71n4qfecvlkc5iemf
.viafoura.co/ Name: vfThirdpartyCookiesEnabled
Value: true
www.thestar.com/ Name: AccessToken
Value: idv2l6wfl1bg3qdigf62b0szslsq6825yo
.www.thestar.com/ Name: ts_s_ecid
Value: MCMID%7C38293365494397713552403775458545939956
www.thestar.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.thestar.com/ Name: AMCV_19A568F454F72DAF0A4C98A6%40AdobeOrg
Value: 1176715910%7CMCIDTS%7C19221%7CMCMID%7C38293365494397713552403775458545939956%7CMCAAMLH-1661274033%7C6%7CMCAAMB-1661274033%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1660676433s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19228%7CvVersion%7C5.4.0
.thestar.com/ Name: __psid
Value: 1660669233691
.google.com/ Name: NID
Value: 511=AtL_itQCku4XspyBh39tl05B8ZF9rGXpErxig79lIBT32pwfWaZp-x0CmBDcVbJI3I02vB7mUkYY5wXZ6uggS6U03AYsCYM0sPg49l_Gb7o9HOwFX3yPAprE-PNIhJ_jM8cM7FY5gAXoGfVLNR3gOVDgDI5A3712_bKlIs55qBo
.thestar.com/ Name: _vf_rd_test_1660669233857
Value: _test_1660669233857
www.thestar.com/ Name: _vfz
Value: www%2Ethestar%2Ecom.00000000-0000-4000-8000-032a225cd465.1660669234.1.medium=direct|source=|sharer_uuid=|terms=
.thestar.com/ Name: _vf_rd_test_1660669233859
Value: _test_1660669233859
.www.thestar.com/ Name: _vfa
Value: www%2Ethestar%2Ecom.00000000-0000-4000-8000-032a225cd465.f700ab52-a9f9-4b62-a0c2-4d662cc648d6.1660669234.1660669234.1660669234.1
www.thestar.com/ Name: selectedPersonalizedCategories
Value: []
www.thestar.com/ Name: personalizedListModeEnabled
Value: false
www.thestar.com/ Name: latestContentTier
Value: 0
.thestar.com/ Name: _parsely_visitor
Value: {%22id%22:%22pid=d8710dfaf13b7f0666842b08d24ccc29%22%2C%22session_count%22:1%2C%22last_session_ts%22:1660669233119}
www.thestar.com/ Name: rememberMeML
Value: https://www.thestar.com/life/fashion_style/2022/08/04/we-put-walking-sandals-to-the-testthese-are-the-comfiest.html
www.thestar.com/ Name: BCSessionID
Value: 7b55be3d-b452-4908-94ac-42e1dcb5f847
torstar.blueconic.net/ Name: AWSALBCORS
Value: ogw7vTzfm85uQ0N7NJyKBcoVJEXNu5V/xMB4eZ+7i5oCZXTZr+yOZpXP9nC5Hk2CE9h+aCevhJ3gd56mmFq/EbHQ9c7kzF2GJgsXddPoyOyrQSXVh5kOHXrAHaNB
.thestar.com/ Name: _vf_rd_test_1660669234434
Value: _test_1660669234434
.www.thestar.com/ Name: _vfb
Value: www%2Ethestar%2Ecom.00000000-0000-4000-8000-032a225cd465.2..1660669234....
.thestar.com/ Name: _vf_rd_test_1660669234436
Value: _test_1660669234436
.thestar.com/ Name: __gads
Value: ID=7d13ef1e389e7c87:T=1660669233:S=ALNI_Mb7JWmvdzmyGrlnwMyToyrE9E_qKA
.doubleclick.net/ Name: IDE
Value: AHWqTUnuWvsIZiw-mcGBiniZy0Pj6GQvQZJcW7lL7YBqhhcZQDe4LtTABvwpQ5w4vhA
.viafoura.co/ Name: vfDeviceId
Value: d7d97a45-0e29-40dd-b61b-fc300e8018b8
.doubleclick.net/ Name: DSID
Value: NO_DATA
e377.thestar.com/ Name: AWSALB
Value: TnZdjZK+ixc/eODavBMoYoBtUJYtngWl1etEimdevaVaUeSnvEuP2ABfJTnSwnPMLPr3ysIM9Fl5RvapbmMw4MHVXTiq9ZPhobhxrvAA1LStROUDCxXwNwomeLdo
e377.thestar.com/ Name: AWSALBCORS
Value: TnZdjZK+ixc/eODavBMoYoBtUJYtngWl1etEimdevaVaUeSnvEuP2ABfJTnSwnPMLPr3ysIM9Fl5RvapbmMw4MHVXTiq9ZPhobhxrvAA1LStROUDCxXwNwomeLdo
www.thestar.com/ Name: digitalAccessOverlayStatus
Value: nextPage
www.thestar.com/ Name: digitalAccessOverlaySubscriberStatus
Value: nextPage
.thestar.com/ Name: _gcl_au
Value: 1.1.1902954935.1660669236
.thestar.com/ Name: _fbp
Value: fb.1.1660669235685.1048664380
.thestar.com/ Name: _pin_unauth
Value: dWlkPVptSXpZV1F6TWpNdE9EWTRNUzAwT1RFMkxXSTFNemN0Wm1Nek9URmlZekEyWlRaaQ
.thestar.com/ Name: s_nr
Value: 1660669236092-New
.thestar.com/ Name: s_nr2
Value: 1660669236093-New
.thestar.com/ Name: s_cc
Value: true
.bing.com/ Name: MUID
Value: 23EF1D17A9E562273B8B0F15A86E635D
.thestar.com/ Name: _rdt_uuid
Value: 1660669236294.3de456b5-89e2-453c-b17a-bb9255b0536e
.thestar.com/ Name: _uetsid
Value: f2b26ff01d8411ed93118fe595887bcb
.thestar.com/ Name: _uetvid
Value: f2b2a4901d8411eda89f2d0760184769
.linkedin.com/ Name: UserMatchHistory
Value: AQLLmzvOOZBVEwAAAYKnmZTh-BjxGoRljYnIptKAAMKQmyX8E_CGT-Aa1-HY8x4JW22d4aeAp2QwwQ
.linkedin.com/ Name: AnalyticsSyncHistory
Value: AQLpuCpu-m4d6QAAAYKnmZThYSm58RuzdeB186CRhd4H3vOxuWpTFBomEMGnxgEt6K1oLcMm7lHjuMYX_ZTu2g
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&c47e7f9b-ce1d-483b-8bd5-efadd10bfed2"
.linkedin.com/ Name: lidc
Value: "b=TGST03:s=T:r=T:a=T:p=T:g=2814:u=1:x=1:i=1660669236:t=1660755636:v=2:sig=AQHVmnxO4jfC-gwPCevyYfnajCE8uYEU"
.linkedin.com/ Name: lang
Value: v=2&lang=de-de
.www.linkedin.com/ Name: bscookie
Value: "v=1&20220816170036521a02fe-a914-4cc8-8f84-7a4edd92b573AQEvUW_vOBNqturWW3w7hdN_K3W3ci8g"
.linkedin.com/ Name: li_gc
Value: MTswOzE2NjA2NjkyMzY7MjswMjFIoU7w2wC2ylYR5nuZ8F/NANfGRsbsd8zac5X46SsvLA==
www.clarity.ms/ Name: CLID
Value: 743e2aa628194f06ae5cbda11edef113.20220816.20230816
.thestar.com/ Name: _clck
Value: n00bdr|1|f42|0
.c.bing.com/ Name: SRM_B
Value: 23EF1D17A9E562273B8B0F15A86E635D
.the-ozone-project.com/ Name: ozone_uid
Value: 2DRkMcnIwvYnd2G6WFNxCJI5a4u
.c.clarity.ms/ Name: SM
Value: C
.clarity.ms/ Name: MUID
Value: 23EF1D17A9E562273B8B0F15A86E635D
.c.clarity.ms/ Name: ANONCHK
Value: 0
.casalemedia.com/ Name: CMID
Value: YvvNNewqMGMwGFBzmTJ-rQAA
.casalemedia.com/ Name: CMPS
Value: 1205
.casalemedia.com/ Name: CMPRO
Value: 1205
.bidswitch.net/ Name: c
Value: 1660669237
.bidswitch.net/ Name: tuuid_lu
Value: 1660669237
.bidswitch.net/ Name: tuuid
Value: 5657c987-b0f6-4078-9e40-4d8c856d0e07
.thestar.com/ Name: _clsk
Value: hr8gqy|1660669237689|1|0|k.clarity.ms/collect
.3lift.com/ Name: tluid
Value: 3251217969106455611512
.casalemedia.com/ Name: CMTS
Value: 1186
.360yield.com/ Name: tuuid
Value: 1ce2c8aa-3670-4756-adeb-bb3d67dfdc39
.360yield.com/ Name: tuuid_lu
Value: 1660669238
.smartadserver.com/ Name: pid
Value: 56219709213818000
.ads.pubmatic.com/ Name: KCCH
Value: YES
ads.avct.cloud/ Name: uuid
Value: 185e978a-4192-4790-98c5-8593a9a0fa63
.bidr.io/ Name: bito
Value: AAFLZk7F95oAAA_x-bCWIw
.bidr.io/ Name: bitoIsSecure
Value: ok
.adnxs.com/ Name: uuid2
Value: 467047975042094708
.the-ozone-project.com/ Name: uids
Value: eyJ0ZW1wVUlEcyI6eyJhZG54cyI6eyJ1aWQiOiI0NjcwNDc5NzUwNDIwOTQ3MDgiLCJleHBpcmVzIjoiMjAyMi0wOC0zMFQxNzowMDozOS44ODcyNDk4NDNaIiwic291cmNlIjoiY29va2llIn0sImF2b2NldCI6eyJ1aWQiOiIxODVlOTc4YS00MTkyLTQ3OTAtOThjNS04NTkzYTlhMGZhNjMiLCJleHBpcmVzIjoiMjAyMi0wOC0zMFQxNzowMDozOS43MjE3MTA5MDRaIiwic291cmNlIjoiY29va2llIn0sImJlZXN3YXgiOnsidWlkIjoiQUFGTFprN0Y5NW9BQUFfeC1iQ1dJdyIsImV4cGlyZXMiOiIyMDIyLTA4LTMwVDE3OjAwOjM5LjMyMTY1OTUyNloiLCJzb3VyY2UiOiJjb29raWUifSwiZ3JpZCI6eyJ1aWQiOiI1NjU3Yzk4Ny1iMGY2LTQwNzgtOWU0MC00ZDhjODU2ZDBlMDciLCJleHBpcmVzIjoiMjAyMi0wOC0zMFQxNzowMDozNy43MTc4Mzc4MTdaIiwic291cmNlIjoiY29va2llIn0sImltcHJvdmVkaWdpdGFsIjp7InVpZCI6IjFjZTJjOGFhLTM2NzAtNDc1Ni1hZGViLWJiM2Q2N2RmZGMzOSIsImV4cGlyZXMiOiIyMDIyLTA4LTMwVDE3OjAwOjM5LjQ2MDMxOTI1NloiLCJzb3VyY2UiOiJjb29raWUifSwic21hcnQiOnsidWlkIjoiNTYyMTk3MDkyMTM4MTgwMDAiLCJleHBpcmVzIjoiMjAyMi0wOC0zMFQxNzowMDozOC42MjU2NzAwOFoiLCJzb3VyY2UiOiJjb29raWUifSwidHJpcGxlbGlmdCI6eyJ1aWQiOiIzMjUxMjE3OTY5MTA2NDU1NjExNTEyIiwiZXhwaXJlcyI6IjIwMjItMDgtMzBUMTc6MDA6MzkuODIwNDQyMTQzWiIsInNvdXJjZSI6ImNvb2tpZSJ9fSwiYmRheSI6IjIwMjItMDgtMTZUMTc6MDA6MzcuNTM2ODYyNjUxWiJ9

18 Console Messages

Source Level URL
Text
javascript warning URL: https://www.googletagservices.com/tag/js/gpt.js(Line 9)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081101.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://www.googletagservices.com/tag/js/gpt.js(Line 9)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081101.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://www.thestar.com/life/fashion_style/2022/08/04/we-put-walking-sandals-to-the-testthese-are-the-comfiest.html(Line 164)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://dev.visualwebsiteoptimizer.com/deploy/js_visitor_settings.php?v=1&a=354908&url=https%3A%2F%2Fwww.thestar.com%2Flife%2Ffashion_style%2F2022%2F08%2F04%2Fwe-put-walking-sandals-to-the-testthese-are-the-comfiest.html&random=0.9744634476299168, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://www.thestar.com/life/fashion_style/2022/08/04/we-put-walking-sandals-to-the-testthese-are-the-comfiest.html(Line 164)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://dev.visualwebsiteoptimizer.com/deploy/js_visitor_settings.php?v=1&a=354908&url=https%3A%2F%2Fwww.thestar.com%2Flife%2Ffashion_style%2F2022%2F08%2F04%2Fwe-put-walking-sandals-to-the-testthese-are-the-comfiest.html&random=0.9744634476299168, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://dev.visualwebsiteoptimizer.com/deploy/js_visitor_settings.php?v=1&a=354908&url=https%3A%2F%2Fwww.thestar.com%2Flife%2Ffashion_style%2F2022%2F08%2F04%2Fwe-put-walking-sandals-to-the-testthese-are-the-comfiest.html&random=0.9744634476299168(Line 2)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://dev.visualwebsiteoptimizer.com/7.0/track-3a8c03cc83fd9c554b5af6e1cc1ffa80.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://dev.visualwebsiteoptimizer.com/deploy/js_visitor_settings.php?v=1&a=354908&url=https%3A%2F%2Fwww.thestar.com%2Flife%2Ffashion_style%2F2022%2F08%2F04%2Fwe-put-walking-sandals-to-the-testthese-are-the-comfiest.html&random=0.9744634476299168(Line 2)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://dev.visualwebsiteoptimizer.com/7.0/track-3a8c03cc83fd9c554b5af6e1cc1ffa80.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://dev.visualwebsiteoptimizer.com/deploy/js_visitor_settings.php?v=1&a=354908&url=https%3A%2F%2Fwww.thestar.com%2Flife%2Ffashion_style%2F2022%2F08%2F04%2Fwe-put-walking-sandals-to-the-testthese-are-the-comfiest.html&random=0.9744634476299168(Line 2)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://dev.visualwebsiteoptimizer.com/analysis/4.0/opa-3d1a80cbbc4fdc4472eae80c14d918ad.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://www.thestar.com/life/fashion_style/2022/08/04/we-put-walking-sandals-to-the-testthese-are-the-comfiest.html(Line 182)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://d5phz18u4wuww.cloudfront.net/vis_opt.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://www.thestar.com/life/fashion_style/2022/08/04/we-put-walking-sandals-to-the-testthese-are-the-comfiest.html(Line 182)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://d5phz18u4wuww.cloudfront.net/vis_opt.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://d5phz18u4wuww.cloudfront.net/vis_opt.js(Line 218)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://dev.visualwebsiteoptimizer.com/7.0/vis_opt-3a8c03cc83fd9c554b5af6e1cc1ffa80.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://d5phz18u4wuww.cloudfront.net/vis_opt.js(Line 218)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://dev.visualwebsiteoptimizer.com/7.0/vis_opt-3a8c03cc83fd9c554b5af6e1cc1ffa80.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
security error (Line 6)
Message:
This document requires 'TrustedScript' assignment.
other warning URL: https://3e869b80fb739c3fe70c77a4a5201a0d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html(Line 11)
Message:
Origin trial controlled feature not enabled: 'attribution-reporting'.
other warning URL: https://cdn.ampproject.org/rtv/012208081650000/v0/amp-ad-exit-0.1.mjs(Line 1)
Message:
Unrecognized feature: 'attribution-reporting'.
javascript warning URL: https://ad.doubleclick.net/ddm/adj/N7050.197812.NSO.CODESRV/B24540798.279406836;sz=1x2;ord=359243191715?
Message:
Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
javascript warning URL: https://ad.doubleclick.net/ddm/adj/N7050.197812.NSO.CODESRV/B24540798.279406836;sz=1x2;ord=359243191715?(Line 142)
Message:
Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
network error URL: https://dmx.districtm.io/s/v1/img/s/101995
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://dmx.districtm.io/s/v1/img/s/101995
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

10230056.fls.doubleclick.net
3e869b80fb739c3fe70c77a4a5201a0d.safeframe.googlesyndication.com
accounts.google.com
ad.doubleclick.net
ad2.360yield.com
ads.avct.cloud
ads.eu.criteo.com
ads.pubmatic.com
adserver.pressboard.ca
adservice.google.com
adservice.google.de
alb.reddit.com
analytics.twitter.com
anpost-packageserviceacc.com
ap.lijit.com
api.parsely.com
api.permutive.com
api.thestar.com
api.viafoura.co
bat.bing.com
be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app
be54a597-6b6d-4e2d-9d31-642310a8db25.prmutv.co
c.amazon-adsystem.com
c.bing.com
c.clarity.ms
cat.fr.eu.criteo.com
cdn.ampproject.org
cdn.parsely.com
cdn.petametrics.com
cdn.viafoura.net
cm.adform.net
cm.everesttech.net
connect.facebook.net
csm.eu.criteo.net
ct.pinterest.com
d1nxn87txdj54y.cloudfront.net
d1z2jf7jlzjs58.cloudfront.net
d5phz18u4wuww.cloudfront.net
dev.visualwebsiteoptimizer.com
dmx.districtm.io
dpm.demdex.net
e377.thestar.com
eb2.3lift.com
elb.the-ozone-project.com
events.kumulos.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
i.viafoura.co
ib.adnxs.com
image6.pubmatic.com
images.thestar.com
k.clarity.ms
livecomments.viafoura.co
match.adsrvr.org
match.prod.bidr.io
match.sharethrough.com
mb.moatads.com
media-cdn-eu-central-1.app.delivery
news.google.com
p1.parsely.com
pagead2.googlesyndication.com
pix.eu.criteo.net
pixel.rubiconproject.com
pixel.thestar.com
platform.twitter.com
play.google.com
prebid.the-ozone-project.com
push.kumulos.com
px.ads.linkedin.com
px.moatads.com
px4.ads.linkedin.com
query.petametrics.com
region1.analytics.google.com
resources.thestar.com
rtb.nl.eu.criteo.com
rtb.openx.net
s.pinimg.com
s.thestar.com
sb.scorecardresearch.com
securepubads.g.doubleclick.net
sejs.moatads.com
snap.licdn.com
sr.studiostack.com
ssbsync-global.smartadserver.com
ssum.casalemedia.com
static.ads-twitter.com
static.app.delivery
static.criteo.net
stats.g.doubleclick.net
t.co
torontostarnewspaperslimited.demdex.net
torstar.blueconic.net
torstar.gscontxt.net
tpc.googlesyndication.com
unpkg.com
www.clarity.ms
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.linkedin.com
www.redditstatic.com
www.thestar.com
x.bidswitch.net
z.moatads.com
dmx.districtm.io
www.thestar.com
104.18.19.126
104.244.42.195
104.244.42.197
104.75.88.209
108.138.2.210
13.107.42.14
13.248.245.213
13.32.121.118
13.32.27.75
142.250.186.130
142.250.186.162
142.250.186.98
143.204.215.67
15.236.176.210
151.101.65.140
151.139.128.11
158.101.192.250
172.217.16.198
178.250.0.139
178.250.0.160
178.250.2.150
18.208.28.111
185.64.190.78
185.86.139.102
199.232.16.157
20.234.93.27
20.96.88.162
2001:4860:4802:34::36
205.185.216.10
216.52.2.39
23.47.208.212
23.47.209.169
2600:1f18:1430:9000:ddf8:1c6d:b9e9:24c0
2600:1f18:44f0:4840:c560:4469:324d:51db
2600:9000:223c:3200:8:2ae1:d740:93a1
2606:2800:234:46c:e8b:1e2f:2bd:694
2606:4700:20::ac43:490d
2606:4700::6810:7baf
2606:4700::6812:451
2620:1ec:21::14
2620:1ec:27::cafe:1774
2620:1ec:c11::200
2a00:1450:4001:801::2001
2a00:1450:4001:801::2003
2a00:1450:4001:802::200e
2a00:1450:4001:80b::2003
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::2001
2a00:1450:4001:80f::200e
2a00:1450:4001:810::2002
2a00:1450:4001:813::200e
2a00:1450:4001:829::2004
2a00:1450:4001:829::2008
2a00:1450:4001:82a::2003
2a00:1450:4001:82a::200a
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::200d
2a00:1450:4001:82f::2001
2a00:1450:4001:830::200e
2a00:1450:4001:831::2002
2a00:1450:400c:c07::9a
2a02:2638:1::2
2a02:2638:1::3
2a02:2638::b
2a02:26f0:3500:16::215:14a0
2a03:2880:f02d:100:face:b00c:0:3
2a03:2880:f12d:181:face:b00c:0:25de
2a03:b0c0:3:d0::be2:3001
2a03:b0c0:3:f0::1bc:5000
2a04:4e42:200::396
2a04:4e42:62::84
34.107.254.252
34.96.102.137
35.156.166.87
35.190.14.224
35.227.252.103
35.241.9.51
37.157.6.246
37.252.172.250
5.199.174.193
51.104.28.77
52.215.111.225
52.223.40.198
52.31.107.150
52.56.103.253
52.57.48.124
52.72.67.212
54.146.242.28
54.155.18.159
54.220.105.73
54.229.249.57
54.229.65.185
54.76.210.146
54.93.141.89
65.9.58.156
65.9.58.76
65.9.61.60
65.9.66.18
65.9.66.23
65.9.71.118
69.173.144.139
99.86.4.12
99.86.4.2
011d57a15bf5c0ef81e2953e597fe8fb9081964ae78f9823499f5845fc6f889f
023fe23d65d9b7d599635de857da2d08330acf9bae441a8ca8e03c9a9bee20df
040ae90345fee63a0728d0b737dc6e94ac84313a98213b45c4135915a8cd0188
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
075cd4794776c9534449d518e00a93d26f14ab6644059a714ae0a1ae681b73ca
076d1e477d09a5de72cee6f5ddc6d41fd172c368ce1f883356da757770e06c09
07dc2e48ef051b38cc4841495a54a57efd4b1b8c12f4dd47af04ebf5dc60b5ad
08d20a2ee48b6892026d9a264b4c45206ccb1018dfb5f1d643d6a10bbd2f974a
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
098ac1fe26b8dcbf76d32aa5db27e6112d093743f9a3e4df1dc529c131df4363
0a8934430adb48d36989ad9b104d13da7a2c6f34a858c511fb9d4e0a860f6192
0ab1fd110ce89de16dd7435dd96ab8370bc9f8da90fa8acab312f5d3f46f25e3
0b5385fd093a639a38b5f1bd66e80fda4fd77686164cfa98bce104e1bc55735a
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
0cba414b300e9a1ff107ae0e386bfb2b037b546a55f5580f5bc41dbac7c9870a
0cf34e50018d3ebbdb045da64e4bcbc36d9e22bda2e06bcbe218f35a7019054c
0e15f31904447e394632d4a5c79e27dcfcd285e46f1a1bd833fed223573aab70
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1239b59f5da598c97e5279e914e8b39a2a6169eb8b4ce3c56fbd5fc7bffba25d
133d99ecc7e1f65d2e0bdc9d04fae746f2e9b820213b2a2df7fed60ba073475e
1885092395a50d1321421909b401618d05c62f43c4a25a17424c6e92dc9c281f
19cbeb5cfa6eb1a1589a5140a96bffc3448e5f9c6e046de1bb46dfc32d83106f
1a4a3d2e6b0c9e752777142d24c7b7294eaea3e63e47eff599d979c673de848e
1c68d2442152571d43cc1b5e4d3e2f69a225fbe612c3129ea4193ee0e9f93ff0
1c9f5eb566c14c69605fdfd438faafa20d99a5933db3af1856c4e655b8897600
1cca4d5ab98eee886956b86e9f818cd3e098452af938e03f4dfe3935c97d8be3
1e14ddde632bad66a3f79d6dc2c6a212d3b1b5cd8100cb6b73984b8797c5ed86
202c0c83fdfe4fd572c75af43628d9b01e6c893c423250be3323d847e77048aa
255e98adf5f64bd5f0389ccaefcf90ea97b89740b3e55a5c10026ff226c3980f
25e5c10cb58300c92e6d6065fa0ea49a206499c58a2f1152af1deea8f34a5066
27b8eac9d88ed4fba026d518b8a06bb0a61c1d5b6ecbdaa4d65f0ae1894514fe
2877c4453f9302252096624354dce539acd6d3b482b11f2af50c73289ac06e5a
29027f0bcddd9d554afd28d2dd41af03ece052c04c4373c14945298eaa235ad5
2a94fe4bab6bb71b075176d47c0fbd81e3d26424e909a0e137c666b48f03d34b
2bffbf1f803a486d27a622a7f560c46b3decf4e3640645c9d8a07d0eca227087
2d767fe00284ba315844a0f61f8f69721df84ca58781e8b960455fee618c9778
30153b15b4cb898c421e657f6de21dc27435cb990e7888367bdee12e06398da7
31424aa58c4bde614c2441c1f39191e6487e90709239bd86c64942b90521abeb
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
343dcc327be1946186cdfef0b8506ade20878f3df85c2673262486b3108bd171
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
38254c821b6bec9ee36bb8116cf81a16b0a9c2a51f97cacdb483b4fdeb6e3821
3923d2ead03e65c6526034f6991f4f4df76d84528301c4390bf7a8de5795621d
397fae7a0251e7fd2d85f254a7b94c815446a3f532e2c9031a4da7d9fb11ac2a
3b542bc706a41d36ca02e27cc3a6165104c2b7fdc57aa9a23ca63e164495c2c8
3c96559ea2342f9ba868e360c2b29d1cfabc350de16ba0c4ea4bc389a7b19564
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3f0b12260733d31748c38229450df97234120beee2eeef8e788025f268732b20
40668c3ddd6d6c33cc486b27f0050c5817a235e2c7e871a4f7da8861c4282565
40a4bef03ad952669a9b9157ab2e93617cd0907aa99487a6096805779920f63b
43b7c56bab720041ca2120d5bc1d46a33a31e00cde9a648d73619d71efdf209a
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4466f366b2897f4839ba95e1b5d96fa3c3e11cadb7fe0096afb3a5a97b872ffb
448edd4a71b4ca28931010c1c2166872801702a420ff549a7c757edf863d7530
462a66acbf50e933685e7587e9f1441df8225b2bb4d6b7bc5e757eccf4ff6575
463ced94d9222d9f5ffe8aa33b3775bcea88be4e082c3d94f19c5022ba453bd3
475e67fe0656e7f9c0b83e651bc2d7b5bcccef9ab4ca0926dfd1a306a703259f
48bd457befd1682d1e21bd4327a12799559ecc1308da5413b21ee60d2e6c0dde
49d65831c7e98a7d885d223699a41198204329efff9d1904c8af71323f613d68
4a16b2963bc88cc2246193aa113872387b39b796b9cf4a9a1e0b4d02f87814fc
4af7a99a610596d489502702196adaf59ee6fc8066ae7bee9fbee250ee2947d2
4b123f8e3a4b0db9c32f6add4b53ac3b66afecd0ac6c0b17a90e1451642f7418
4cde2b81e34277c1197d34ccc09bb5536f437408e83400bc81180033b4bf476e
4da8f4d2d20833c254b092ab30d0ebaee5e3d93716e320773ff55c27c353796b
4dcf6ecc451ae639c224b0b158c3018ee2757dadc9ec085cb3b690b5b8b23d13
4e055c26ecd439ee73765fc8f167b4f23eb9b92608c70b2068b0bc7c3baeb9dd
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4ff1b9b91db584b19d20b4d02af9ff7673add161ce3f9ceae9391b3a84fddab1
502a19bd8010b390245ee5ce7cab84a4250da24d548828b555a53a68cfbd8db9
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
52cac1193a3683e35353723a38e01a9bcc0c5f9bf2be42d29c96905527c7923d
52e051d93279e14d8f19a0c8fb12c0ad0e5594e7621cd8db8212bd5ffece86d9
53e47f0803e3983ae0b26db5f39e87c0bfd327981749c02c9e2f955341e34d7b
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55c9d2f019f9d7ddfd69b2ad0351c5617338a222362aebb02b3b98a4dbc18486
55e96c41abb320b46560982b26068a12f06ed472d3b803a3e59a0c1e3317753e
57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621
5901bfd4d9db19b235e9c1145ef4d7ac5f2376eb60dc42bca7e2792a33ec56d4
59c44fb86ac825b26101bf7d372ac8d638df485c76a9f9ae01b287682d24267e
5b6a18f0de76888d35572a456bf421c0ae31b5bbb4949a4747b704f3e8792c37
5c0fe3db2439ec52b31c13d10c590b423b2529d653ce9275f460b183d02358f5
5f8f2739eab8542e8316b8d27f96040f31ae37bba3f5247dc55a7a32d1eac773
6118aab3972757bc62c6e4c730c32154718c63b74cffc6c66733af493c730139
61a2b2588acde0ccae626edbff25bbe32c1ff43cc0d89859c4ef48af507cd356
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62cace890efb784e72ee26ba047467ee736d727c19758a30445efe0a1af80d2a
62f586be8571b23584eb4a60a45a3157ff7c8388b1b1e3b4e8890e243b3e47de
64a66a029f10407b1501cf078360d67b5ebc5d12a56cf1b5e8eda50cce7e2b05
659a8dee04b272c247129ff6513d23c16f4f9c183b5d64e7347815af8861a2a4
66f09061b0d7ccb4e944c7b147c326e397b3e0f2ee82733af021934a1f5d9116
675712ad99f862c122745b741517669dbf0198a50cb4049949eaf9b1166389af
683e0c154dd69f2a9266c746a9fcd949b36713d8271be73b4c6322eacaa66f75
6a5cc655a2925cfb83dea9703382d3884c347619a6a1cb249e5ec56ff0de9c17
6a5d134ce0702f55663b83e6d4a9d300e38f9328f96f1651419111712f9f02cb
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6b895b357a451b6b426bcc33f1546a55de91e72211a8ff21a72e899c0b5ee5e0
6c6bd4f1d599be4d43843b7dbf5ec5e134cd7aec0c900ac1c030ead10bbe4ea1
6f47bb4aa437a4b1a10173e61e2951abd8371594881cbe338cc386411c02c6d9
700b7be33a627ba6e4d3bff4d3c7634ef42d79f2d199e267f7c8b916be2835dc
70fa25d0cd4744b6b91054ad55e3e931dad31cc85915b13e33e4e674426c7cc1
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
741ecf209fb248d3fc84d4091eadf64d98c741986927c5077fb6aceaedae1c1e
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
749b6261f109108d21cb0e7043f83ff0d94a46c1dd8dad8965e6794fd345d238
75bcdb6a072e718346b720bd18526c326c489b0f0c616f56bfeb0af0ee68c6bf
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7d425eaf04f774bece10d7f67a0dcbe9d4c5d9223855093f23f2e67f52e6e52a
7d939318e3761dd5124fbd26a5a4b343d5af592312dc6d927c5b31fe5fa57f30
7f93cca0bda8a1faaaff35503ee9a9af5ccea6cb55b1a0a912a0567dd2c81152
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
80c3e7d481504b8ec6e389a07d26b0afadd32c8ee09472f979b977c2e330b712
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
833dbd82b358fed729c87c18d156519bbe4ed177a49fde13a16fdd06056cb0e5
873e2e6f4bf833b76e3d74e823187e9647bc9f445538102d5a4281f7193f5782
8a06add6208a6884d597226365ea38495896fc7f71a0ef9679888c11d107f19a
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8c09871b8e6be016575282134778cc6f14b9c70aa65b93a4b8efb219c0d025f5
8c215ae94f599c2270571685b36a8a1bcf20802446c7dce25828979833d0622f
8d200dc372fb333c0ca488fba2a569a686cbf5f1ba0cc0544a4a8c96a4f91de3
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
9090ffa75cce115e12508aea91504ef4c9ecbb717a2c346508f3cbc8af3e1fd2
91ce0b81d66ef52934feb0bce41547d55a23e05d0d04901b926093bb152ca6c7
9219086b4f2c3bf77854b2e06ccd97ad32b9b7a140e65ff8b974a3bae6c7854c
922fc709d074fe3e91af4be23229aea33cac50e12d83560d206593be45c47a55
9255f9f186056d9c722c47bb75bf71f79690a0a85fdccf83481c6eca62552623
925ed48219a2d3c339c5d288fdae3f965efbca0e5ee4e369b7dcbb04b6ade06f
927c5fe020b0c078ab5c0d6fc1796250e5f8d341b9c1badb0344efcdc8752e2c
92c6d5dce21ab2a9cf7eb12418dc255a86ed332e8424e3440f81a6807bebf6be
94dfc39d176e2fce5f5cf59fb75b9a38aa915915f8866021d556af1c9c5ad627
9539d53fde0f0976637ee70b3ac04408510f532bf8fb11b5b2e9ee5f429f6822
95572899b65b162fdac5d1da7b35b7438b5908be21f8d7db83b7ec902260190e
95f4db14172013eb07b61d3933cdcee02d39e70569f86e2d445e637db2d62547
97da36f8e6d75865f3f9fd0fded1d01c3de01199f9e4427053a915f1fc8c6961
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9b4fd2bac023c59fa666614872a2a06a413659ca1b03eb71c3ad32298b2366dd
9de157a7190bb59b1dbcf3176aaf405ef6e699e7a2c9ff7271c6162baef7be50
a04a6f2293e1b07773411b771184b26801eab1bbbe750276ead0095ea9f187c8
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a0ec8793ecc2c9d97dcceac6cce1de315e1a0cf7b6c5180060916c2d047c9a1c
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a25a65652a3c7a24f7d8b796c4ed6a4ffc2baf6735c6daa5002f2f8323ea56e8
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4d3c246250c2089918166ffe0061f7d8492a4572a39c10813862c1c0ced0b24
a67117312ce631cdfc251dfbb90058bc01e3849deb0cd7fed130745b5813d1b2
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a88716b2e48961b771017aef83ad9bdacb13a354dc0b09c62b880e7a2f72d9c6
aa110984cf18348eb829d4d4cae4e618a9a44be622e3ffeb038c907f1f0b756f
ab319beb88936c36a6ba40ecfbb0326e99948cb1ef199030270d438c1a20001a
ac217fa597b7754bca874304308db97d8db94d4733d9027cccae8d7eff7eeceb
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ad5fc1a1f2e9f61750da7c5f657b4555458014b20726b06d78d3d2c1e60ee392
ae57d5e97bf1a0db8777b7531cd32cb09ee6f07bed183bb880469cc20f355086
aefaaae83272327292e96d1bf92fb01641e9ca7f544a5c094545502a3d9f2003
aefcfdbea89e002f278a76779a529ea5fa98c27fb18dc8d8ce171131d3ff6b43
afa2d43bc5235e019048bf8eeb242859a5beff1fa165621f8deaa6385b799951
b0ab2f21243b940db6c6b986e1cedb149ffcc296b62b326e9214366585d1040d
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1b0541f82f31cab4d9c95f9e0ed760d579580a0dde81bfa342effb6c8b677d6
b3abab8c0524b6f876d36f99aedd1fb14317c2e3758d2bdf093362d458f6f199
b57839788686bf37d29f47bbe45ad8258085e3aebf54650ab389c0b515b977e1
b7342232ec07d94f6956c1a14fdec91f6fbe5438422bff43281f384be72b5a04
b85661af5329e5b3f2eab835d8d062c276959aa69de115304e339e2f5371c1ad
b8dd12b4cc0283b0d20c31c231b8ae14fa61c1b64d594cd8f8c0ed1948acb3b5
bb9454b140e8464e450b369aae40a980445b37863bd6ff21c508941eb6cbe2e3
bc2dee2d7bba673bee2abc6490f270aedec3e93055882daa0cd0a474388265b9
bd74abe65ed981fd89a2fed077bda1d7ac301bdbcff349e28765ea5d2f694673
bde06a0400c168573473e2de967d842eec383f2f755aef4ec017b2f333e7ff85
be2277c99594557635d0993ac606fdc4994494e43408bc1be5c6ac9bfabc5dac
be9100e0f4f33b8c9282e10e7e3fab4eb318d3cc584fb21d683f86f27ca801b5
bef476ec3cca40a08e1dff35c707c24d5774e788c57febdb54874e90402a6af2
bfa7767544df250ddabc34f6e1aa648e9ce3885e76b41c513cd8bebdf0f9a903
c144f2286d403cfcff56aa8314263bb3bc341bae3b3791cfe9617c60bce6dcc2
c2ebcb08280aabe37270e5684138ec45a71f865dddd78f731822da1914e90423
c66f8d8b017721e620232c7d0f9497c87af62e894f543521fd9dd012d9afa01d
c745156795e25e4a1000a9def4a4c8432207d4a704b42ada6b8231d4111f898d
c91f8f77c8f9bab42473e7b924b31d0fd7aa464843560763fb271e4607a6f282
c9499ea51a2956fd2c1600591ae117fe9ad81065d625b1b2c593c7720e5b228f
c99fff145d30d549bcc9c70f4a7a1561e512ff29068b5f9e1792d3e12632d6bb
ca4caf77589c9d82638bd6f9cec57b8da4151715c9d5d03861802949a9dcb6f3
cc31e500912462e5373f92ea233b13735afc347a6c37dcf6292fbea62035e61f
cd3cae6c99e7c1bcf9d6ce556cd750fbeaf91703d1f93f979a748e55b4666c09
ce2a81701f654322a3772a5fbff07f8e623aa5d8d738398c0ca3bfda8a8208a0
cef8dad1c1f60d9f2645c8af2824f3cc563690fd55b21c16b4e28d79ccc72335
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0e2ea8fa83ae1c914c89ea0cd694c189d13abe43dd213d81d1c303c2217ad8e
d2e5722cf0b8d8df31200550801d755733c56d9ca2758b7041fbed009e0c9d08
d349fb24031be877e9c7e76dc02ea56cda62ee39ac2c660966d8c5387d78f4f9
d4c8a513b6e7f92ae0825c77658a1bb2122d4a230ee3e7a24f61eaaa5540c01d
d51d02d4ea268becae59b5e89a168988e1b69756a5761bafab83dce0d66dee73
d6611e931e0f3c8d598e88f3b9b28cf1692311b09147a670745a5c460a606093
d6bc239a6993be3a5ed13249ff2d27e4e3bc80a30bbd6df2ff92b4db0ad1d996
d7c84aa6aaa37c55b53db38095a5ff9123ccb57f2e2bf9ea70e40fc1a9710996
d85850c885fe92574f866d77f638250a2747c691aa7f537b4922e28b368cd51a
d9f1aa0a354cfb99f61fd149516962a009d6bd41da01bf3592167fb3199f2c43
d9fd49db0f2c0aff8fb8be5b59816580699583b4b77a1c78edeef7fb9b8e049f
db9e15b76b3fc0d6ea39f94a72114a7e70263e7f7483bb35bed545deef5766b0
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de89de12a0f9127748708a4a51dc5dffc0a4065c0a1e43c2c5c4628c9b41f6fe
df60469c04f4bc5e3d043c51a8f094e973380f42ee4c812e2062045f0e41ae0a
e2184c73f49a595aaff34a32b768012fab06ae253408124ff220ab14d19a496a
e283091ca32aa2fec92b5342a7cba85dd2c2ef54021d31fe846e910ef479a964
e2d5fd416dfaeef9837158cd7f053429a7a16bdd82b01e08322e13f65ae4c889
e30899a92fafffd64c6787088c6819e5721f1d2a55948fd515c5e30fcddbf149
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e916478d94814b1a0c2680424c323db0514f4a022d16835cd7bcc754722308f4
e96ee4202dd697f4757a0c1502f5b3ae79c0d59d0823d80a80ac3ed97132d861
e9bb9891cf43544a9ce10a7959f6c807fd54359b119a4cefb40dfb881319b0dc
eb8fd1a6d0d496913054002db2daa057789fe5b480706d6b3a59901fad564c86
ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
ec61d9fd1b3609a3a53f377ed07059c3dc7d2cb1502022e0623b4ebc1ea0f35e
ecb000c78aa994dd816d701d7f745a005d1702bf3df764acb674abde64e731e9
ee082b40c89e08fb31aa0f5b95e3f1af59043d1353c1b6e1f057f49032f02516
ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f083096f236cb98c87af2abc70707aef6a74bb105074919b0bdc3aeec6964c1d
f0de01b099790ee03d5a7cf7d6ebc579af6e89a345f1fbe07c8d4781c793f4c2
f19603e55c8b61b4053984ca4d0306650f88ee06e7df03aefb813502cfef22fe
f1dc555b74071c11fb7bbcd86fa650618db83723a8828d04850e90ec73dc5898
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f83b1a3ea61ad62e47fad82de5495a2547e2f12e591ad8108050538c566ae1e3
fd4c792cb7da2b6ca162addd88ba36073c420345115229bf82cdea8e38557ddc
fec7384a7fbf4ba287754d74a2ea4e37e32dc6c79afa1f477da4c5622bd48c40