www.thestar.com.my Open in urlscan Pro
13.224.96.126 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://star2.com/
Effective URL:
https://www.thestar.com.my/lifestyle
Submission Tags: tranco_l324
Submission: On November 17 via api (November 17th 2021, 4:18:32 am UTC) from DE — Scanned from DE

Summary HTTP 609 Redirects Links 60 Behaviour Indicators

Summary

This website contacted 89 IPs in 10 countries across 66 domains to perform 609 HTTP transactions. The main IP is 13.224.96.126, located in United States and belongs to AMAZON-02, US. The main domain is www.thestar.com.my.
TLS certificate: Issued by Amazon on August 16th 2021. Valid for: a year.

This is the only time www.thestar.com.my was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	54.151.228.157 54.151.228.157	16509 (AMAZON-02) (AMAZON-02)
14	13.224.96.126 13.224.96.126	16509 (AMAZON-02) (AMAZON-02)
122	13.224.96.73 13.224.96.73	16509 (AMAZON-02) (AMAZON-02)
5	2a00:1450:400... 2a00:1450:4001:810::200a	15169 (GOOGLE) (GOOGLE)
5	2a02:26f0:170... 2a02:26f0:1700:181::268b	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2a00:1450:400... 2a00:1450:4001:80e::200a	15169 (GOOGLE) (GOOGLE)
4	2606:4700::68... 2606:4700::6810:125e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700::68... 2606:4700::6810:5614	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2a03:2880:f02... 2a03:2880:f02d:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
5	104.75.88.126 104.75.88.126	16625 (AKAMAI-AS) (AKAMAI-AS)
21	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
1	52.219.132.38 52.219.132.38	16509 (AMAZON-02) (AMAZON-02)
46	13.224.96.50 13.224.96.50	16509 (AMAZON-02) (AMAZON-02)
1	2.18.235.40 2.18.235.40	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2.18.234.190 2.18.234.190	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2600:9000:219... 2600:9000:2190:4800:1c:47d:4bc0:93a1	16509 (AMAZON-02) (AMAZON-02)
6	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
1 8	2a03:2880:f12... 2a03:2880:f12d:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
3	70.42.32.95 70.42.32.95	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
2	147.75.85.120 147.75.85.120	54825 (PACKET) (PACKET)
2 7	185.33.221.52 185.33.221.52	29990 (ASN-APPNEX) (ASN-APPNEX)
4	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
1	3.129.250.65 3.129.250.65	16509 (AMAZON-02) (AMAZON-02)
1	13.224.96.13 13.224.96.13	16509 (AMAZON-02) (AMAZON-02)
4	13.228.188.75 13.228.188.75	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:82a::2008	15169 (GOOGLE) (GOOGLE)
1 5	13.224.96.7 13.224.96.7	16509 (AMAZON-02) (AMAZON-02)
5	2a02:26f0:170... 2a02:26f0:1700:16::b856:fbc4	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	2606:4700::68... 2606:4700::6813:9308	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
34	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
24	2a00:1450:400... 2a00:1450:4001:829::2001	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:831::2004	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:831::200e	15169 (GOOGLE) (GOOGLE)
1	151.101.129.131 151.101.129.131	54113 (FASTLY) (FASTLY)
1	35.186.249.84 35.186.249.84	15169 (GOOGLE) (GOOGLE)
2 4	185.94.180.125 185.94.180.125	35220 (SPOTX-AMS) (SPOTX-AMS)
3	116.202.80.167 116.202.80.167	24940 (HETZNER-AS) (HETZNER-AS)
53	2a00:1450:400... 2a00:1450:4001:812::2006	15169 (GOOGLE) (GOOGLE)
8 34	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
2 4	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
1	52.50.243.239 52.50.243.239	16509 (AMAZON-02) (AMAZON-02)
8	151.139.128.11 151.139.128.11	20446 (HIGHWINDS3) (HIGHWINDS3)
1 2	66.155.71.149 66.155.71.149	13768 (COGECO-PEER1) (COGECO-PEER1)
1	3.68.1.119 3.68.1.119	16509 (AMAZON-02) (AMAZON-02)
2 2	18.157.70.90 18.157.70.90	16509 (AMAZON-02) (AMAZON-02)
1	34.98.67.61 34.98.67.61	15169 (GOOGLE) (GOOGLE)
1	2.18.234.233 2.18.234.233	16625 (AKAMAI-AS) (AKAMAI-AS)
1	13.224.96.106 13.224.96.106	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c06::9d	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
1	2600:9000:219... 2600:9000:2190:bc00:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
2 3	34.98.64.218 34.98.64.218	15169 (GOOGLE) (GOOGLE)
2	104.111.242.245 104.111.242.245	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a00:1288:80:... 2a00:1288:80:800::7001	203220 (YAHOO-DEB) (YAHOO-DEB)
2	13.235.142.106 13.235.142.106	16509 (AMAZON-02) (AMAZON-02)
1	13.127.55.210 13.127.55.210	16509 (AMAZON-02) (AMAZON-02)
3 3	18.156.147.57 18.156.147.57	16509 (AMAZON-02) (AMAZON-02)
2 3	3.126.56.137 3.126.56.137	16509 (AMAZON-02) (AMAZON-02)
9	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
4	146.20.128.202 146.20.128.202	27357 (RACKSPACE) (RACKSPACE)
1	13.224.96.60 13.224.96.60	16509 (AMAZON-02) (AMAZON-02)
1	13.224.96.82 13.224.96.82	16509 (AMAZON-02) (AMAZON-02)
22	146.20.132.52 146.20.132.52	27357 (RACKSPACE) (RACKSPACE)
1	2600:9000:219... 2600:9000:2190:0:9:a948:8e80:93a1	16509 (AMAZON-02) (AMAZON-02)
1	3.7.18.15 3.7.18.15	16509 (AMAZON-02) (AMAZON-02)
15	146.20.128.38 146.20.128.38	27357 (RACKSPACE) (RACKSPACE)
3 3	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (AMOBEE) (AMOBEE)
1	54.73.172.176 54.73.172.176	16509 (AMAZON-02) (AMAZON-02)
1	142.250.74.198 142.250.74.198	15169 (GOOGLE) (GOOGLE)
3	13.224.90.44 13.224.90.44	16509 (AMAZON-02) (AMAZON-02)
3 3	18.196.197.61 18.196.197.61	16509 (AMAZON-02) (AMAZON-02)
1 2	2606:4700::68... 2606:4700::6812:d05	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	151.101.66.49 151.101.66.49	54113 (FASTLY) (FASTLY)
1 1	85.114.159.118 85.114.159.118	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
4 4	2a00:1288:110... 2a00:1288:110:c305::8000	34010 (YAHOO-IRD) (YAHOO-IRD)
2 2	76.223.111.18 76.223.111.18	16509 (AMAZON-02) (AMAZON-02)
2	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
2 2	35.186.193.173 35.186.193.173	15169 (GOOGLE) (GOOGLE)
4 4	72.251.244.140 72.251.244.140	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
2 2	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
1	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
2	185.86.138.143 185.86.138.143	201081 (SMARTADSE...) (SMARTADSERVER)
1	52.49.172.98 52.49.172.98	16509 (AMAZON-02) (AMAZON-02)
2	37.157.6.242 37.157.6.242	198622 (ADFORM) (ADFORM)
2	2600:1f18:612... 2600:1f18:612b:4264:c589:eae1:ee6a:30d1	14618 (AMAZON-AES) (AMAZON-AES)
5 5	52.29.208.72 52.29.208.72	16509 (AMAZON-02) (AMAZON-02)
5	18.156.58.231 18.156.58.231	16509 (AMAZON-02) (AMAZON-02)
1	34.107.231.31 34.107.231.31	15169 (GOOGLE) (GOOGLE)
1	69.16.175.42 69.16.175.42	33438 (HIGHWINDS2) (HIGHWINDS2)
1	2620:116:800d... 2620:116:800d:21:5a23:9c4e:e774:96c1	16509 (AMAZON-02) (AMAZON-02)
1 1	185.29.132.241 185.29.132.241	30419 (MEDIAMATH...) (MEDIAMATH-INC)
2 2	37.157.2.234 37.157.2.234	198622 (ADFORM) (ADFORM)
1	82.113.101.132 82.113.101.132	6805 (TDDE-ASN1) (TDDE-ASN1)
1	74.205.28.1 74.205.28.1	27357 (RACKSPACE) (RACKSPACE)
1	2600:9000:219... 2600:9000:2190:4c00:2:d490:4d80:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:219... 2600:9000:2190:8400:4:b37b:9440:93a1	16509 (AMAZON-02) (AMAZON-02)
2	35.190.74.49 35.190.74.49	15169 (GOOGLE) (GOOGLE)
4	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
609	89

1 54.151.228.157 (Singapore, Singapore) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-151-228-157.ap-southeast-1.compute.amazonaws.com

star2.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 13.224.96.126 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-96-126.zrh50.r.cloudfront.net

www.thestar.com.my	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

122 13.224.96.73 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-96-73.zrh50.r.cloudfront.net

cdn.thestar.com.my	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:26f0:1700:181::268b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

scdn.cxense.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.cxense.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6810:5614 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a03:2880:f02d:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.75.88.126 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-88-126.deploy.static.akamaitechnologies.com

s7.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
v1.addthisedge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
m.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.219.132.38 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: s3-ap-southeast-1.amazonaws.com

s3.ap-southeast-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

46 13.224.96.50 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-96-50.zrh50.r.cloudfront.net

apicms.thestar.com.my	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.235.40 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-40.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.234.190 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-190.deploy.static.akamaitechnologies.com

amplify.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2190:4800:1c:47d:4bc0:93a1 (United States)

ASN16509 (AMAZON-02, US)

tw.netcore.co.in	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a03:2880:f12d:181:face:b00c:0:25de (Frankfurt am Main, Germany) 1 redirects

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 70.42.32.95 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com

tr.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 147.75.85.120 (Schiphol, Netherlands)

ASN54825 (PACKET, US)

api.cxense.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 185.33.221.52 (Amsterdam, Netherlands) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 725.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

6f3ae07be95ae97387d8b294da3b5285.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
1af8959025b4889effcf75e52beb7e3a.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.129.250.65 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-129-250-65.us-east-2.compute.amazonaws.com

ads.vidoomy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.96.13 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-96-13.zrh50.r.cloudfront.net

uats3.thestar.com.my	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 13.228.188.75 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-228-188-75.ap-southeast-1.compute.amazonaws.com

sites.thestar.com.my	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 13.224.96.7 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-224-96-7.zrh50.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:26f0:1700:16::b856:fbc4 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

cdnt.netcoresmartech.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdndc.netcoresmartech.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6813:9308 (United States)

ASN13335 (CLOUDFLARENET, US)

script.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

34 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:831::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.129.131 (United States)

ASN54113 (FASTLY, US)

52a360d4000447a08efd7617080680a9.js.ubembed.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.249.84 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 84.249.186.35.bc.googleusercontent.com

j93557g.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.94.180.125 (Amsterdam, Netherlands) 2 redirects

ASN35220 (SPOTX-AMS, US)

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 116.202.80.167 (Osterhofen, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.167.80.202.116.clients.your-server.de

p1cluster.cxense.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
comcluster.cxense.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
id.cxense.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

53 2a00:1450:4001:812::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

34 142.250.186.162 (United States) 8 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2.18.234.21 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.50.243.239 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-50-243-239.eu-west-1.compute.amazonaws.com

pixel.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 151.139.128.11 (United States)

ASN20446 (HIGHWINDS3, US)

ad.lkqd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
creative.lkqd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 66.155.71.149 (Portsmouth, United Kingdom) 1 redirects

ASN13768 (COGECO-PEER1, CA)

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.68.1.119 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-68-1-119.eu-central-1.compute.amazonaws.com

a.vidoomy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.157.70.90 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-157-70-90.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.67.61 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 61.67.98.34.bc.googleusercontent.com

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.234.233 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-233.deploy.static.akamaitechnologies.com

ads.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.96.106 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-96-106.zrh50.r.cloudfront.net

assets.ubembed.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c06::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2190:bc00:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.98.64.218 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.242.245 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-242-245.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:80:800::7001 (Frankfurt am Main, Germany)

ASN203220 (YAHOO-DEB, GB)

ads.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.235.142.106 (Mumbai, India)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-235-142-106.ap-south-1.compute.amazonaws.com

twa.netcoresmartech.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.127.55.210 (Mumbai, India)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-127-55-210.ap-south-1.compute.amazonaws.com

wdc.netcoresmartech.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.156.147.57 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-147-57.eu-central-1.compute.amazonaws.com

pixel.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.126.56.137 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 146.20.128.202 (United States)

ASN27357 (RACKSPACE, US)

v.lkqd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.96.60 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-96-60.zrh50.r.cloudfront.net

pagestates-tracking.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.96.82 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-96-82.zrh50.r.cloudfront.net

assets-tracking.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 146.20.132.52 (United States)

ASN27357 (RACKSPACE, US)

t.lkqd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2190:0:9:a948:8e80:93a1 (United States)

ASN16509 (AMAZON-02, US)

js.boxx.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.7.18.15 (Mumbai, India)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-7-18-15.ap-south-1.compute.amazonaws.com

psegment.netcoresmartech.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 146.20.128.38 (United States)

ASN27357 (RACKSPACE, US)

cs.lkqd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:678:cb4:bbbb::11 (United Kingdom) 3 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.73.172.176 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-73-172-176.eu-west-1.compute.amazonaws.com

tracking.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.74.198 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.224.90.44 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-90-44.zrh50.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.196.197.61 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-197-61.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:d05 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.66.49 (United States) 1 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.159.118 (Germany) 1 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1288:110:c305::8000 (Dublin, Ireland) 4 redirects

ASN34010 (YAHOO-IRD, GB)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 76.223.111.18 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 15.197.193.217 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.186.193.173 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com

gcm.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 72.251.244.140 (Amsterdam, Netherlands) 4 redirects

ASN29791 (VOXEL-DOT-NET, US)

tracking.m6r.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.173.144.165 (Frankfurt am Main, Germany) 2 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.86.138.143 (France)

ASN201081 (SMARTADSERVER, FR)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.49.172.98 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-49-172-98.eu-west-1.compute.amazonaws.com

global.cloud.netacuity.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.6.242 (Denmark)

ASN198622 (ADFORM, DK)

adx.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1f18:612b:4264:c589:eae1:ee6a:30d1 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

4cywq-eqnre.ads.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.29.208.72 (Frankfurt am Main, Germany) 5 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-208-72.eu-central-1.compute.amazonaws.com

ads.adaptv.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 18.156.58.231 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-58-231.eu-central-1.compute.amazonaws.com

ads-eu.v.ssp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.107.231.31 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 31.231.107.34.bc.googleusercontent.com

p.adlooxtracking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.16.175.42 (United States)

ASN33438 (HIGHWINDS2, US)
PTR: hwcdn.net

rtbpass-us.andbeyond.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:5a23:9c4e:e774:96c1 (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.29.132.241 (United Kingdom) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.2.234 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 82.113.101.132 (Offenbach, Germany)

ASN6805 (TDDE-ASN1, DE)
PTR: portal.o2online.de

portal.o2online.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.205.28.1 (United States)

ASN27357 (RACKSPACE, US)

server-204.lkqd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2190:4c00:2:d490:4d80:93a1 (United States)

ASN16509 (AMAZON-02, US)

wrappers.geoedge.be	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2190:8400:4:b37b:9440:93a1 (United States)

ASN16509 (AMAZON-02, US)

rumcdn.geoedge.be	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.74.49 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 49.74.190.35.bc.googleusercontent.com

handyfireman.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

ade.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
187	thestar.com.my www.thestar.com.my cdn.thestar.com.my apicms.thestar.com.my uats3.thestar.com.my sites.thestar.com.my	6 MB
77	doubleclick.net 8 redirects securepubads.g.doubleclick.net googleads.g.doubleclick.net cm.g.doubleclick.net stats.g.doubleclick.net googleads4.g.doubleclick.net ad.doubleclick.net	537 KB
69	googlesyndication.com 6f3ae07be95ae97387d8b294da3b5285.safeframe.googlesyndication.com 1af8959025b4889effcf75e52beb7e3a.safeframe.googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com ade.googlesyndication.com	338 KB
53	2mdn.net s0.2mdn.net	3 MB
50	lkqd.net ad.lkqd.net v.lkqd.net t.lkqd.net cs.lkqd.net creative.lkqd.net server-204.lkqd.net	2 MB
13	yahoo.com 6 redirects ads.yahoo.com ups.analytics.yahoo.com pr-bh.ybp.yahoo.com ads-eu.v.ssp.yahoo.com	6 KB
10	googletagservices.com www.googletagservices.com	313 KB
10	google.com adservice.google.com www.google.com analytics.google.com	2 KB
10	cxense.com scdn.cxense.com cdn.cxense.com api.cxense.com p1cluster.cxense.com comcluster.cxense.com id.cxense.com	71 KB
9	netcoresmartech.com cdnt.netcoresmartech.com twa.netcoresmartech.com cdndc.netcoresmartech.com wdc.netcoresmartech.com psegment.netcoresmartech.com	68 KB
8	advertising.com 8 redirects pixel.advertising.com ads.adaptv.advertising.com	5 KB
8	facebook.com 1 redirects www.facebook.com	2 KB
8	googleapis.com fonts.googleapis.com ajax.googleapis.com	151 KB
7	crazyegg.com script.crazyegg.com pagestates-tracking.crazyegg.com assets-tracking.crazyegg.com tracking.crazyegg.com	28 KB
7	adnxs.com 2 redirects ib.adnxs.com	6 KB
7	gstatic.com fonts.gstatic.com www.gstatic.com	135 KB
6	google.de adservice.google.de www.google.de	2 KB
6	facebook.net connect.facebook.net	372 KB
5	scorecardresearch.com 1 redirects sb.scorecardresearch.com	3 KB
4	adform.net 2 redirects adx.adform.net c1.adform.net	2 KB
4	m6r.eu 4 redirects tracking.m6r.eu	3 KB
4	casalemedia.com 2 redirects dsum-sec.casalemedia.com	4 KB
4	spotxchange.com 2 redirects sync.search.spotxchange.com	2 KB
4	google-analytics.com www.google-analytics.com	75 KB
4	outbrain.com amplify.outbrain.com tr.outbrain.com	4 KB
4	addthis.com s7.addthis.com m.addthis.com	217 KB
4	cloudflare.com cdnjs.cloudflare.com	39 KB
3	w55c.net 3 redirects pm.w55c.net	3 KB
3	amazon-adsystem.com c.amazon-adsystem.com	39 KB
3	turn.com 3 redirects ad.turn.com	1 KB
3	openx.net 2 redirects us-u.openx.net	478 B
3	jsdelivr.net cdn.jsdelivr.net	44 KB
2	handyfireman.com handyfireman.com	651 B
2	geoedge.be wrappers.geoedge.be rumcdn.geoedge.be	77 KB
2	tremorhub.com 4cywq-eqnre.ads.tremorhub.com	926 B
2	smartadserver.com rtb-csync.smartadserver.com	326 B
2	rubiconproject.com 2 redirects pixel.rubiconproject.com	923 B
2	ctnsnet.com 2 redirects gcm.ctnsnet.com	813 B
2	adsrvr.org match.adsrvr.org	529 B
2	3lift.com 2 redirects eb2.3lift.com	946 B
2	tribalfusion.com 1 redirects a.tribalfusion.com s.tribalfusion.com	1 KB
2	teads.tv sync.teads.tv	344 B
2	bidswitch.net 2 redirects x.bidswitch.net	1 KB
2	sitescout.com 1 redirects pixel-sync.sitescout.com	454 B
2	adsafeprotected.com pixel.adsafeprotected.com static.adsafeprotected.com	14 KB
2	ubembed.com 52a360d4000447a08efd7617080680a9.js.ubembed.com assets.ubembed.com	49 KB
2	googletagmanager.com www.googletagmanager.com	111 KB
2	vidoomy.com ads.vidoomy.com a.vidoomy.com	6 KB
1	o2online.de portal.o2online.de	609 B
1	mathtag.com 1 redirects sync.mathtag.com	862 B
1	quantserve.com cms.quantserve.com	463 B
1	andbeyond.media rtbpass-us.andbeyond.media	147 KB
1	adlooxtracking.com p.adlooxtracking.com	4 KB
1	netacuity.com global.cloud.netacuity.com	445 B
1	adition.com 1 redirects dsp.adfarm1.adition.com	584 B
1	everesttech.net 1 redirects sync-tm.everesttech.net	538 B
1	boxx.ai js.boxx.ai	616 B
1	stickyadstv.com ads.stickyadstv.com	598 B
1	mookie1.com odr.mookie1.com	324 B
1	j93557g.com j93557g.com	30 KB
1	addthisedge.com v1.addthisedge.com	955 B
1	netcore.co.in tw.netcore.co.in	1 KB
1	moatads.com z.moatads.com	1 KB
1	amazonaws.com s3.ap-southeast-1.amazonaws.com	151 KB
1	star2.com 1 redirects star2.com	231 B
0	hicloud.com Failed dtm-drcn.platform.hicloud.com Failed
609	66

	Domain	Requested by
122	cdn.thestar.com.my	www.thestar.com.my cdn.thestar.com.my sites.thestar.com.my ajax.googleapis.com
53	s0.2mdn.net	www.thestar.com.my s0.2mdn.net 6f3ae07be95ae97387d8b294da3b5285.safeframe.googlesyndication.com
46	apicms.thestar.com.my	www.thestar.com.my
34	cm.g.doubleclick.net	8 redirects googleads.g.doubleclick.net 6f3ae07be95ae97387d8b294da3b5285.safeframe.googlesyndication.com www.thestar.com.my
34	pagead2.googlesyndication.com	6f3ae07be95ae97387d8b294da3b5285.safeframe.googlesyndication.com googleads.g.doubleclick.net securepubads.g.doubleclick.net www.googletagservices.com ad.doubleclick.net tpc.googlesyndication.com www.thestar.com.my s0.2mdn.net
24	tpc.googlesyndication.com	6f3ae07be95ae97387d8b294da3b5285.safeframe.googlesyndication.com googleads.g.doubleclick.net securepubads.g.doubleclick.net tpc.googlesyndication.com s0.2mdn.net
22	t.lkqd.net	ad.lkqd.net
21	securepubads.g.doubleclick.net	www.thestar.com.my securepubads.g.doubleclick.net www.googletagservices.com
15	cs.lkqd.net	ad.lkqd.net
14	www.thestar.com.my	www.thestar.com.my
10	googleads.g.doubleclick.net	6f3ae07be95ae97387d8b294da3b5285.safeframe.googlesyndication.com www.thestar.com.my
10	www.googletagservices.com	securepubads.g.doubleclick.net 6f3ae07be95ae97387d8b294da3b5285.safeframe.googlesyndication.com www.googletagservices.com
9	googleads4.g.doubleclick.net	www.thestar.com.my ad.doubleclick.net
8	www.facebook.com	1 redirects www.thestar.com.my
7	ad.lkqd.net	www.thestar.com.my ad.lkqd.net
7	ib.adnxs.com	2 redirects www.thestar.com.my googleads.g.doubleclick.net
6	6f3ae07be95ae97387d8b294da3b5285.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
6	fonts.gstatic.com	fonts.googleapis.com
6	connect.facebook.net	www.thestar.com.my connect.facebook.net
5	ads-eu.v.ssp.yahoo.com	www.thestar.com.my
5	ads.adaptv.advertising.com	5 redirects
5	sb.scorecardresearch.com	1 redirects www.thestar.com.my
5	fonts.googleapis.com	www.thestar.com.my sites.thestar.com.my s0.2mdn.net
4	ade.googlesyndication.com	www.thestar.com.my
4	tracking.m6r.eu	4 redirects
4	pr-bh.ybp.yahoo.com	4 redirects
4	v.lkqd.net	ad.lkqd.net
4	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
4	sync.search.spotxchange.com	2 redirects www.thestar.com.my googleads.g.doubleclick.net
4	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com www.thestar.com.my
4	www.google.com	6f3ae07be95ae97387d8b294da3b5285.safeframe.googlesyndication.com tpc.googlesyndication.com www.thestar.com.my
4	script.crazyegg.com	www.thestar.com.my script.crazyegg.com
4	sites.thestar.com.my	cdn.thestar.com.my www.thestar.com.my sites.thestar.com.my
4	adservice.google.com	securepubads.g.doubleclick.net
4	adservice.google.de	securepubads.g.doubleclick.net
4	cdnjs.cloudflare.com	www.thestar.com.my
3	pm.w55c.net	3 redirects
3	c.amazon-adsystem.com	www.thestar.com.my
3	ad.turn.com	3 redirects
3	ups.analytics.yahoo.com	2 redirects googleads.g.doubleclick.net
3	pixel.advertising.com	3 redirects
3	cdndc.netcoresmartech.com	cdnt.netcoresmartech.com
3	us-u.openx.net	2 redirects googleads.g.doubleclick.net
3	cdn.cxense.com	scdn.cxense.com cdn.cxense.com
3	tr.outbrain.com	amplify.outbrain.com www.thestar.com.my
3	s7.addthis.com	www.thestar.com.my s7.addthis.com
3	cdn.jsdelivr.net	www.thestar.com.my ajax.googleapis.com
3	ajax.googleapis.com	www.thestar.com.my securepubads.g.doubleclick.net sites.thestar.com.my
2	handyfireman.com	www.thestar.com.my
2	c1.adform.net	2 redirects
2	4cywq-eqnre.ads.tremorhub.com	ad.lkqd.net
2	adx.adform.net	ad.lkqd.net
2	rtb-csync.smartadserver.com	googleads.g.doubleclick.net
2	pixel.rubiconproject.com	2 redirects
2	gcm.ctnsnet.com	2 redirects
2	match.adsrvr.org	6f3ae07be95ae97387d8b294da3b5285.safeframe.googlesyndication.com
2	eb2.3lift.com	2 redirects
2	twa.netcoresmartech.com	www.thestar.com.my
2	sync.teads.tv	googleads.g.doubleclick.net
2	www.google.de	www.thestar.com.my
2	stats.g.doubleclick.net	www.googletagmanager.com www.thestar.com.my
2	analytics.google.com	www.googletagmanager.com
2	x.bidswitch.net	2 redirects
2	pixel-sync.sitescout.com	1 redirects 6f3ae07be95ae97387d8b294da3b5285.safeframe.googlesyndication.com
2	cdnt.netcoresmartech.com	tw.netcore.co.in www.thestar.com.my
2	www.googletagmanager.com	www.thestar.com.my www.googletagmanager.com
2	api.cxense.com	cdn.cxense.com
2	scdn.cxense.com	www.thestar.com.my
1	rumcdn.geoedge.be	rtbpass-us.andbeyond.media
1	wrappers.geoedge.be	www.thestar.com.my
1	server-204.lkqd.net	www.thestar.com.my
1	creative.lkqd.net	www.thestar.com.my
1	portal.o2online.de	www.thestar.com.my
1	sync.mathtag.com	1 redirects
1	cms.quantserve.com	6f3ae07be95ae97387d8b294da3b5285.safeframe.googlesyndication.com
1	rtbpass-us.andbeyond.media	www.thestar.com.my
1	p.adlooxtracking.com	www.thestar.com.my
1	global.cloud.netacuity.com	www.thestar.com.my
1	www.gstatic.com	s0.2mdn.net
1	dsp.adfarm1.adition.com	1 redirects
1	sync-tm.everesttech.net	1 redirects
1	s.tribalfusion.com	www.thestar.com.my
1	a.tribalfusion.com	1 redirects
1	ad.doubleclick.net	www.googletagservices.com
1	tracking.crazyegg.com	script.crazyegg.com
1	psegment.netcoresmartech.com	www.thestar.com.my
1	js.boxx.ai	cdnt.netcoresmartech.com
1	assets-tracking.crazyegg.com	script.crazyegg.com
1	pagestates-tracking.crazyegg.com	script.crazyegg.com
1	id.cxense.com	cdn.cxense.com
1	wdc.netcoresmartech.com	www.thestar.com.my
1	ads.yahoo.com	googleads.g.doubleclick.net
1	comcluster.cxense.com	cdn.cxense.com
1	static.adsafeprotected.com	www.thestar.com.my pixel.adsafeprotected.com
1	assets.ubembed.com	52a360d4000447a08efd7617080680a9.js.ubembed.com
1	ads.stickyadstv.com	www.thestar.com.my
1	odr.mookie1.com	www.thestar.com.my
1	a.vidoomy.com	www.thestar.com.my
1	pixel.adsafeprotected.com	6f3ae07be95ae97387d8b294da3b5285.safeframe.googlesyndication.com
1	p1cluster.cxense.com	cdn.cxense.com
1	j93557g.com	www.thestar.com.my
1	52a360d4000447a08efd7617080680a9.js.ubembed.com	www.googletagmanager.com
1	m.addthis.com	s7.addthis.com
1	v1.addthisedge.com	s7.addthis.com
1	1af8959025b4889effcf75e52beb7e3a.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	uats3.thestar.com.my	www.thestar.com.my
1	ads.vidoomy.com	securepubads.g.doubleclick.net
1	tw.netcore.co.in	www.thestar.com.my
1	amplify.outbrain.com	www.thestar.com.my
1	z.moatads.com	s7.addthis.com
1	s3.ap-southeast-1.amazonaws.com	www.thestar.com.my
1	star2.com	1 redirects
0	dtm-drcn.platform.hicloud.com Failed	www.thestar.com.my
609	113

This site contains links to these domains. Also see Links.

Domain
newsstand.thestar.com.my
www.dimsum.my
www.thestartv.com
mystarjob.com
www.carsifu.my
www.starproperty.my
www.ibilik.my
rage.com.my
www.mstar.com.my
www.kuali.com
www.starcherish.com
www.988.com.my
www.suria.my
mystar.newspaperdirect.com
advertising.thestar.com.my
events.thestar.com.my
perfectlivin.com
www.rage.com.my
starproperty.my
starsearch.thestar.com.my
www.kuntum.com.my
sso.thestar.com.my
login.thestar.com.my
biz.thestar.com.my
thestarmall.com.my
promocodes.thestar.com.my
www.soba.com.my
api.cxense.com
bookstore.thestar.com.my
starmediagroup.my
www.starmediagroup.my
www.youtube.com
www.instagram.com
twitter.com
www.facebook.com
t.me
play.google.com
itunes.apple.com
cdc.hispace.hicloud.com

Subject Issuer	Validity	Valid
*.thestar.com.my Amazon	`2021-08-16` - `2022-09-14`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
*.cxense.com DigiCert SHA2 Secure Server CA	`2021-05-21` - `2022-05-26`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-09-21` - `2022-09-20`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-08-26` - `2021-11-24`	3 months	crt.sh
odc-addthis-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2021-04-25` - `2022-04-27`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
*.s3-ap-southeast-1.amazonaws.com Amazon	`2021-03-26` - `2022-03-15`	a year	crt.sh
moatads.com DigiCert SHA2 Secure Server CA	`2021-01-21` - `2022-01-25`	a year	crt.sh
*.outbrain.com DigiCert SHA2 Secure Server CA	`2021-05-25` - `2022-06-01`	a year	crt.sh
*.netcore.co.in GlobalSign RSA OV SSL CA 2018	`2021-03-18` - `2022-02-28`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
*.google.de GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
*.vidoomy.com Sectigo RSA Domain Validation Secure Server CA	`2021-08-06` - `2022-09-05`	a year	crt.sh
sites.thestar.com.my R3	`2021-10-30` - `2022-01-28`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
*.scorecardresearch.com Amazon	`2021-02-28` - `2022-03-29`	a year	crt.sh
cdnt.netcoresmartech.com DigiCert SHA2 Secure Server CA	`2021-09-20` - `2022-06-08`	9 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.js.ubembed.com GlobalSign Atlas R3 DV TLS CA 2020	`2021-03-22` - `2022-04-23`	a year	crt.sh
j93557g.com R3	`2021-10-31` - `2022-01-29`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
fw.adsafeprotected.com Amazon	`2021-08-11` - `2022-09-09`	a year	crt.sh
ad.lkqd.net R3	`2021-09-28` - `2021-12-27`	3 months	crt.sh
ads.stickyadstv.com DigiCert SHA2 Secure Server CA	`2021-09-19` - `2022-09-20`	a year	crt.sh
assets.ubembed.com Amazon	`2021-03-06` - `2022-04-04`	a year	crt.sh
www.google.de GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
static.adsafeprotected.com Amazon	`2021-09-05` - `2022-10-04`	a year	crt.sh
teads.tv R3	`2021-11-03` - `2022-02-01`	3 months	crt.sh
ui.aps.ads.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-10-25` - `2021-12-15`	2 months	crt.sh
*.netcoresmartech.com AlphaSSL CA - SHA256 - G2	`2021-01-13` - `2022-02-14`	a year	crt.sh
*.lkqd.net DigiCert TLS RSA SHA256 2020 CA1	`2021-07-09` - `2022-07-14`	a year	crt.sh
*.crazyegg.com DigiCert SHA2 Secure Server CA	`2020-07-26` - `2022-07-23`	2 years	crt.sh
*.boxx.ai AlphaSSL CA - SHA256 - G2	`2020-08-04` - `2022-08-05`	2 years	crt.sh
c.amazon-adsystem.com Amazon	`2021-07-06` - `2022-06-27`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
*.smartadserver.com DigiCert ECC Secure Server CA	`2020-01-30` - `2022-02-03`	2 years	crt.sh
*.cloud.netacuity.com Amazon	`2021-04-11` - `2022-05-10`	a year	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2021-09-06` - `2022-10-07`	a year	crt.sh
*.tremorhub.com Amazon	`2021-06-27` - `2022-07-26`	a year	crt.sh
p.adlooxtracking.com GTS CA 1D4	`2021-10-22` - `2022-01-20`	3 months	crt.sh
*.andbeyond.media Starfield Secure Certificate Authority - G2	`2021-02-22` - `2022-03-26`	a year	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-22` - `2022-09-21`	a year	crt.sh
*.sitescout.com RapidSSL RSA CA 2018	`2020-01-15` - `2022-02-02`	2 years	crt.sh
*.o2online.de DigiCert TLS RSA SHA256 2020 CA1	`2021-01-19` - `2022-02-19`	a year	crt.sh
creative.lkqd.net R3	`2021-09-27` - `2021-12-26`	3 months	crt.sh
gw.geoedge.be Amazon	`2021-10-13` - `2022-11-10`	a year	crt.sh
handyfireman.com R3	`2021-11-11` - `2022-02-09`	3 months	crt.sh

This page contains 51 frames:

Primary Page: https://www.thestar.com.my/lifestyle
Frame ID: 75EF35D2E59FFCC80BD6CC98DD1DD3DC
Requests: 299 HTTP requests in this frame

Frame: https://6f3ae07be95ae97387d8b294da3b5285.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: AC6730A3E7EDA8C9676F037032455AC1
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvxhLjzY4cWbiQ_E9Tmtg6rjlF6CUfSFTQLQo0Fi6_VdWgQoEaB0dmabd6Uy9SDI3Tk5jiAG9-Xc6g4YHh0usDyWT1O8sSi_e5cA8RIXOvns5Ku-9zE778iWehwnvS0jetOvAaQHrkiTXTiB-CraurhXI5T_WFw1iDbpU2q2_w6R6OlQ2xzebaVSEzukUi2_Jt2OvVCyG05zm2JSj82_i2XZBr82eOdLX24RFcPtGcXzSUyp5ujJvuBlUZmwOxKj141_sgRuMx06nuxh8pqcPRa4WQLk4VV6yX45fygDoHF4cjG9o9ab7qNN8gfDzYkUXqf9kvcaI0sD1ygPL4Muls7YxvSMuir3_8UnkNXyG5p4Dm6qChVMg&sai=AMfl-YTOcdY8a4FMMls4m7rN_iugIXl8oauLLsp8w8m8P93Lynf1yytUPfVZCslRRTKBPLGJTELkERxhV3xDZgJVnPwZAzKfkgjxXFhVaKLIwk-BgS77-kMvWwuKAh_ZEW8&sig=Cg0ArKJSzBF0KxS51Y5eEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: D53F9D22DCCCF4CD20047F44B7B03BEA
Requests: 12 HTTP requests in this frame

Frame: https://6f3ae07be95ae97387d8b294da3b5285.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 1A67CB3877AB2817B38DBD1C56A46A3B
Requests: 16 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvS9ZAR5vuQtKePk85GzaN19k6ibwE94yC97qUwUqB4hrYwevsOz2fGj9_HjihgQgjt2FMx_VvKAtIjNLpp1l3fEoc4G0TgNnYiJwRpWomqC7y-DvyW0hjLXk8pHndymHz4ymdTfPSwerlDzM-1bItGW_eD1fu-agG3WT7FoeNWJn4DfIRoPUss3fFiqwWFjH11EY2AZwp8M2I30UN8sbNfxTaLSgQ4pItVPp4muLWswHOA52iL3pVAFdXzadLTIC3QKz_OMKL-KVEuJ-pnWw6hFgAAn4YUaU6VR_cU0OFmVXhGVp0BsR0CL3XYUqizhGSo01X_N6ainn8UcQvUUG0Hv57xOR7OOzzlPD-XD_TLO8Aoy2qOYnWF_gYyAcm6ftInSGXsqPjpj4H7L0cuxu7gO1r53oxjx95kHFeMmaw-lJs&sig=Cg0ArKJSzPa0595ZnacaEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 612A108F5549110C8689B5F735EFE6C6
Requests: 14 HTTP requests in this frame

Frame: https://sites.thestar.com.my/tsolnewsletter/default.aspx?s=lifestyle
Frame ID: 8EDAE6D898F0EADFC59D2EAE5FF3A386
Requests: 12 HTTP requests in this frame

Frame: https://sites.thestar.com.my/tsolnewsletter/subscription_footer.aspx
Frame ID: 0B243DCD4C8E669B08AA344CA00B7C57
Requests: 2 HTTP requests in this frame

Frame: https://1af8959025b4889effcf75e52beb7e3a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: F1ED7A6683DECE4EE70F99578573AE85
Requests: 1 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: BAA092FFF814107E7BC8ED7065C47698
Requests: 1 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: 21E761E57A3177262E73A8913638FFE7
Requests: 1 HTTP requests in this frame

Frame: https://cdn.cxense.com/sp1.html
Frame ID: 6F183743C87CFD4BE8676F67444F9F17
Requests: 4 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst1pY8AM_faA39GUuN1rLQBXceivICzABB2kxKZTGXPLLy88gX0QPNT1oubEsauTDS83yCa0l3upGF6PNKLmEPnJPsMYkhE37ARPwhuySvqT5HzrR5xIrqq76DUyElpPmObsat68dbpdq1UI7qVbF4ewKofEhfb_q4sry4-JYH7c6zCe9PHh0LnM2KmhPs601uZmpt-55AiqBlt4bLecdWp-wLYuENuvaRNra-j6Ze3ppbcaxJCuII3t5FfLq4zGey7d0_u1L-fMjjvBbF0TDF_aX9w8-q2kczEVpXCy4BN3DoPB0x3mO03wODRp-u_rSrZj_ceNwg&sig=Cg0ArKJSzP3WVX0v87QhEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 43282C915615D18E74B669E9493D23A1
Requests: 5 HTTP requests in this frame

Frame: https://6f3ae07be95ae97387d8b294da3b5285.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 0D87DB3F13ACFA32459EBCF9A93F2728
Requests: 14 HTTP requests in this frame

Frame: https://6f3ae07be95ae97387d8b294da3b5285.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 5D3C32E1EAF5B633C3FA09E0B9FA1763
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMX_6gIQ4KTvAhjT1byfATAB&v=APEucNUjZIkJwV0hYRIbF1gqxJxYLcVfz1rtUyi1_BYWSvfjsNhKqMOjc3rlrmD-FIBa8NhHIEGECPxJlgfMX1tDK0fMFkydmSNsW537fr9MqVGB9UYzu_ESQMH5mMwWBLesCjKVKwjy_2C9wGnU_7-E7G2lkm7N2QSuZriNx7BQOPyjtGmqujk
Frame ID: F1D666313DBC5FBF668B0338C33DD9EF
Requests: 5 HTTP requests in this frame

Frame: https://6f3ae07be95ae97387d8b294da3b5285.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: A30EE41F0FF792723D8B4492CCE004C5
Requests: 20 HTTP requests in this frame

Frame: https://script.crazyegg.com/pages/data-scripts/0012/7021.json?t=1
Frame ID: 2FEDECFB88767F3D7CE81190A5F61981
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQ4p3QAhj52_-5ATAB&v=APEucNU4p3HS-Sz3KitzQbIgane2Z9xhSWEFM4-yBP2z93tHBsqVFhkbCOaei6Z_9yLIah3CqPdw8F0jm3qzo8m_MZvpqwQQqBYM7_briPBnbXyaMRROJM3drrOb7Xpc-rqQa3w41bC6iYuSy_xbHbjoZnsgOPxnK1cKfC6QStiezM1AjSIGSZw
Frame ID: 9E5E1C11A776614CC53154263DC08655
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CImz_L0CEMatq_ACGNO9k7gBMAE&v=APEucNW1ua9aZ4gfZgeylLGgR0rM-MH6-bBReNud0-xwN-HRdprsnxkgYwJben4B_YNMP0PervJzt6-foQ78P3wzJZnxSE2TyCy5FkVA3eRb-FaB_5apYLwzoRuF1OXGnpZu00G1SFLiR86_iNt09PpiXh5Hy1T0LhPjG_w6wmLz3qR-wN8cEkM
Frame ID: 51F25C70F71997AAA2A38A0DD8516312
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CK_PCBDdhLiuAhiMgZO7ATAB&v=APEucNX3u5m1Dgo4bJKPEOcA93SMoPmX2VHosBh4nAiwFVueHhuFeatDTHARuDT0eYdCLsZS8kLsVrWiVAz2RkEfPShAxUT-SBASDwPkr2UdvvPgee_4z0Nl091NR_vNYzHLAd68U5BCPkFLBIQobsYA_BNlV5hODuH3nGCboWwfHA99mBeja7U
Frame ID: 9F31926204B466DA4A5C2349FE9615E4
Requests: 4 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/formats.js
Frame ID: 0344521C5152DC8516545D3BA5B5A45B
Requests: 2 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/formats.js
Frame ID: 15F410D6CD13DAF3D0CC5434F875CC6D
Requests: 2 HTTP requests in this frame

Frame: https://a.vidoomy.com/api/rtbserver/cookie?i=CEN&uid=no-consent
Frame ID: 6245B365444B25624A72A6E95BE2CBD5
Requests: 1 HTTP requests in this frame

Frame: https://s0.2mdn.net/9951322/1615304082096/index.html
Frame ID: 32B6682A6075F8976A46AD4042623E40
Requests: 16 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: B1BB9F42D295D3F9384E87E545417D9D
Requests: 6 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: 5DDE75538A004D9453E059DE78EE57C4
Requests: 6 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 40EEA2CC024E975CC8DFB0B0AECB0A34
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 5EC0F3304C102581B6F3F10808674FBE
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 7B7B074D5EBFC1D9946470D26F03E07D
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 99E97396E99593091CD203A00682A112
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 6E5A17663AE63424F4E423FB5A0AFA75
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: EC983B0AA90467B78DB1C77FF3F933CE
Requests: 1 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: 31CD28FB87C09E8E73EE3FE4F92BA7E5
Requests: 1 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Frame ID: 0040B773742462682191B1FA2C8A08BD
Requests: 5 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/5997682615482664064/index.html
Frame ID: BD8DA81890C89439D4878E5E9723CE1F
Requests: 22 HTTP requests in this frame

Frame: https://s0.2mdn.net/ads/richmedia/studio/mu/templates/brand_awareness_blanket/responsive/V1/index.html?e=69&leftOffset=0&topOffset=0&c=XtQeBMMEM2&t=1&renderingType=2
Frame ID: 1757BE1B82C083446110A9087159BFA6
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 5FDF65133C950223986D2592F7952ED7
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 0528781AAE6C777EAC1DCFC02FFC9FB6
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 713F373EC5B0A948302BBB8E68858F2C
Requests: 3 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: B123959881751D9831F97A3C220AF804
Requests: 6 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: A9054431D45067FA02EE48A0C7F6D0F7
Requests: 1 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: 59D9944B4FA7979B7001959E4D45CD05
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 06250D8B83C58E36756E0B65F5B00204
Requests: 1 HTTP requests in this frame

Frame: https://6f3ae07be95ae97387d8b294da3b5285.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 209D610D346E50BFC930384272AE37F0
Requests: 15 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: 74BAD2266E09380CC15FA2291384FBEF
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARiQ5uioATAB&v=APEucNWc2ysegWIGpRoxbxmtSefVkcxtbKur6oeJDgE661AgY9PDJhihpIj3paFJO5r1UBOthmD6wj-AEDtv2Wv-cOsLzTHZ7deod1E4P7iOxRjWI9cWX9EQS5sdMnp8Ku1LHKw2Ddk5VkyOuBTDt_mo3JfhWaVnny5OxUrIrpiOsMC1vq47jCQ
Frame ID: F28B57CF28C85948D37D0C92FED88519
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/ads/richmedia/studio/pv2/61693943/20210611043737613/300x250.html?e=69&leftOffset=0&topOffset=0&c=bPeYJD4jAw&t=1&renderingType=2
Frame ID: 3EE02873C11C1269C1B0B8512252FCFA
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 89ACDAD98DE7050C3047088D2941B755
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: DA08643DABA7FE8F93F6C01594E7A3F7
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/W74_wbIuhH6bObXj0uCjode8PwiBrxgOKnAqo6ShAmY.js
Frame ID: 5412660A1D7A2FD7C3555BD68D3BF5EE
Requests: 1 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/ad.js
Frame ID: 96F3AD8F442D9F502E15D992F665EB6F
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Malaysia Lifestyle Feature Stories | The Star

Page URL History Show full URLs

http://star2.com/ HTTP 301
https://www.thestar.com.my/lifestyle Page URL

Page Statistics

609
Requests

89 %
HTTPS

35 %
IPv6

66
Domains

113
Subdomains

89
IPs

10
Countries

15090 kB
Transfer

24372 kB
Size

65
Cookies

60 Outgoing links

These are links going to different origins than the main page.

URL: https://newsstand.thestar.com.my/epaper/
Title: ePaper

Search URL Search Domain Scan URL

URL: https://www.dimsum.my/
Title: dimsum entertainment

Search URL Search Domain Scan URL

URL: https://www.thestartv.com/
Title: TheStarTV.com

Search URL Search Domain Scan URL

URL: http://mystarjob.com/
Title: myStarjob.com

Search URL Search Domain Scan URL

URL: https://www.carsifu.my/
Title: Carsifu

Search URL Search Domain Scan URL

URL: https://www.starproperty.my/
Title: StarProperty

Search URL Search Domain Scan URL

URL: https://www.ibilik.my/
Title: iBilik

Search URL Search Domain Scan URL

URL: http://rage.com.my/
Title: R.AGE

Search URL Search Domain Scan URL

URL: https://www.mstar.com.my/
Title: mStar

Search URL Search Domain Scan URL

URL: https://www.kuali.com/
Title: Kuali

Search URL Search Domain Scan URL

URL: https://newsstand.thestar.com.my/
Title: Newsstand

Search URL Search Domain Scan URL

URL: https://www.starcherish.com/
Title: StarCherish.com

Search URL Search Domain Scan URL

URL: http://www.988.com.my/
Title: 988 FM

Search URL Search Domain Scan URL

URL: https://www.suria.my/
Title: Suria FM

Search URL Search Domain Scan URL

URL: http://mystar.newspaperdirect.com/epaper/viewer.aspx
Title: The Star ePaper

Search URL Search Domain Scan URL

URL: http://advertising.thestar.com.my/
Title: Advertise with Us

Search URL Search Domain Scan URL

URL: https://newsstand.thestar.com.my/epaper
Title: ePaper

Search URL Search Domain Scan URL

URL: https://events.thestar.com.my/
Title: Events

Search URL Search Domain Scan URL

URL: https://perfectlivin.com/home/
Title: Exhibitions

Search URL Search Domain Scan URL

URL: https://www.rage.com.my/
Title: R.AGE

Search URL Search Domain Scan URL

URL: https://starproperty.my/
Title: StarProperty

Search URL Search Domain Scan URL

URL: https://starsearch.thestar.com.my/
Title: StarSearch

Search URL Search Domain Scan URL

URL: https://mystarjob.com/
Title: myStarjob

Search URL Search Domain Scan URL

URL: https://www.kuntum.com.my/
Title: Kuntum

Search URL Search Domain Scan URL

URL: https://sso.thestar.com.my/?lng=en&channel=1&ru=HNQ8Auw31qgZZU47ZjHUhHKJStkK3H51/pPcFdJ1gQ9cFgPiSalasDvF6DeumuZw47cObuAE4j0IAbfh0V61OGhpCzJTDWVHqOypCSIzKYg=
Title: Log In

Search URL Search Domain Scan URL

URL: https://login.thestar.com.my/accountinfo/profile.aspx
Title: Manage Profile

Search URL Search Domain Scan URL

URL: https://login.thestar.com.my/accountinfo/changepassword.aspx
Title: Change Password

Search URL Search Domain Scan URL

URL: https://login.thestar.com.my/accountinfo/sessions.aspx
Title: Manage Logins

Search URL Search Domain Scan URL

URL: https://login.thestar.com.my/accountinfo/subscriptioninfo.aspx
Title: Manage Subscription

Search URL Search Domain Scan URL

URL: https://login.thestar.com.my/accountinfo/transhistory.aspx
Title: Transaction History

Search URL Search Domain Scan URL

URL: https://login.thestar.com.my/accountinfo/billing.aspx
Title: Manage Billing Info

Search URL Search Domain Scan URL

URL: https://www.thestartv.com/c/news
Title: Videos

Search URL Search Domain Scan URL

URL: http://biz.thestar.com.my/portfolio/
Title: My Portfolio

Search URL Search Domain Scan URL

URL: https://thestarmall.com.my/collections/the-star?utm_source=tsol&utm_medium=meganavi&utm_campaign=general
Title: The Star Mall

Search URL Search Domain Scan URL

URL: https://promocodes.thestar.com.my/
Title: Vouchers

Search URL Search Domain Scan URL

URL: http://events.thestar.com.my/
Title: Events

Search URL Search Domain Scan URL

URL: http://www.starcherish.com/
Title: StarCherish.com

Search URL Search Domain Scan URL

URL: https://www.soba.com.my/
Title: SOBA 2021

Search URL Search Domain Scan URL

URL: https://api.cxense.com/public/widget/click/YH3F_M_2zxP68d6PwXLQCtsWV9aC2E4DogTCvYEyULoHXDoUAsMdBA6I18h-TOTrWTgAqjFnT63Lj-JBkftbA2IFThYMUXcRLJ-ohGQdcqbfWfaXChMR4XXm3XD1F9a4uBShVLD78JYcFGEo4sWHxOBs7VjNkTITmSAgIXEipqL1N2IOz-GevUbvbrBy9zT589AuVsMVxyGg46D68eKJuokQEd9MQBnANdjqq6o44UICaUeYFjdv4mk0ZRNZLTpFl27yAWx5kUKoR4b5QCLVwKbDa1Q43ct8gtefv_txDlCsg5j7cR1qHpxlf6-U8GMh6G6Nz6vmw62-55mtH8Lqahw56_JcGquqI6d9KliTeUNYl40LWYa74NAiQ3mfRLAdzLdJouIBPC1ViEFxP5td6ChfQV1P_bPTQsvk3TjbkjySl5VQPZvu_llGocDqf19f85gkjDhOw0gdsDObdcF3i0J1bGbAgKPkD8naXrWY4wE16NBEnYJC4Q_Lx6IkHP53y84dGOyWKwcsMqUO3AGDy-O5Ni7pR6cxRyviBX8VZ-I8f5DmH07WZ64I997dDukW6S6fXfkmCv-HSCgEzE1P3ee7fiaHzyBK1W6MOdMpORAtlgkO6erNQ44WDibhfVgjT87kpZ28vPOogwUujUGe59mTnjRz5XrF2vGTSDES_6X_795SNCR9I9GPvZ550g73FX9Adn5xTdfrcKgfPeQ0aRp3uL4rh_0qVORixBGGp0JCIQ0
Title: Hong Kong Disneyland closes for one day as staff take Covid-19 tests

Search URL Search Domain Scan URL

URL: https://api.cxense.com/public/widget/click/YHvBre8_ZJgF_For9Vd9U5aXcIe0Ub0AS9u3RYWs_AsitnPFXD_0FzKzccp2eqs_a1MA0qEfvR7gSDEQHggUEKT4QnXXXog1bxBNvgQnFaoah8ycR5jfw3U0UbCKaOwgRunU-xRmMZdRDvVOOh5eEsJYeEns8YKdAGTYXwyxbsicI_Iwm4xXSf1ixOLNqbdIHvaFZCfRVWRUuAUdHxgfkqGZjglzYVPygJqKxE1aQVAPe7FrdwthwO4ICOtHrQ1oTd0I9hAmAmTU69dZou63LnGSkpe0Tal0DjSgAKLoHWC9UA1nepeSZPO8IfxVmVuNf23qGNdGew1XzQRrXeXe5AOd2Mw-aNIZ4oJg0oHu7cA63opq6Hk2X0_AUaScHYZ1GhDWoj4TSsvhExzFEj1pTHN9he05HA0AhYPovbY6BIrt3K2Qzdv6cI2zuU30rjVNUSzyrP3NVkjsr7IhDeOxKmqvdui1_uoY7rPsR4RdaTBaUjbDkUOQVOGP7wv3gjcTybgl9cOP-FKwJr6zHPhoTYUBoL4yaAyg4q5zpuzU0pOV9bxVauP0gL71KJAyNgiiPxcDfwm6DbAfU-z0JhMlTgE_eqULe2ZVlrgXr2Inof5ccRaOYdMeJDm28gGJ9I-lFI9VPBq_84YQ31jlJn3fOTKtP0llN4q9CImSnqObLRcg4RgzPvCppJ_S3KPV41AGd83YvYRG_NP5j60liVm0tcd3SaI0
Title: Opinion: If you love something, don't look it up on social media

Search URL Search Domain Scan URL

URL: https://api.cxense.com/public/widget/click/NjwnYPlYUd618glFkbmL6hOAOocSzYYSzpL7NCamWX4bEsIQiGdmlRRg7VEoRDIn5rovqafwWz5PaGukv5wX0mYz58g1d6RkzuBDpjT9cREKawAWJcFrQ6BtpD4_GOXSKsQzvTNw6voqudLaQdEC5QeJvN2DmSjYt4RX3tn6z5kSzibyV5ohg_nLz3ENxqZWBlMz2_UD_pIsSG5V1ud2zDmQNt71xU8yOujQfEILlplYwt08Prb4PWExHistlfCXgTY58395dZCKiuawRNd8dI3qxKGFICaLGPphK7Ygs_rgdno95af1OWTkpl1xfdnO-GQVZI44S0YigeAvBPn-UYoN7w8RB9XT-Cqkdw6uATTvU_3Ue2WUrk7_OsCXSFYG2puNXFv_QneYiyCqhkC8Ci1LzYvPGrbpQQH_4bGU-JJ4r14N7jyom4DfnV84WbCRPzviKLG3rW_TeAG5PGxHiwtceOPkEsLDWXYRkzxU-1H5El_YIAPmfWBAMiXGSeFdKKGiOf3F8FQlJqzWOEkaA1nI2B_3uplzthPcY4FQqQAJwcgQENXSV4dDnXa8-PD5k9dIF74zdHy-3D6QjsPk__9Eq8dWezq1puOtNhnq9iZ3i_1-hpTQbJmXWhXiNcV4MBpiZJV4B64Uxswyijn9m0puZSxHeyatrwPHJKU0
Title: More opportunities for air travel

Search URL Search Domain Scan URL

URL: https://api.cxense.com/public/widget/click/QOaxzBYlvOPd0DE1MhZCZMiS24dmrw3BuHhXgMQMsAkidaBCSO2_wHdkfB30m159z1akl41hjOlUG5ZC7GYrh5TIqhoaU4FA0NYbw2j14wgpf7wry-zIng4g3BI4SNKUPaw-eskUETVnRRPQUX8k7JA6aK9Q6wc3OgieuqVt7vrVJW7GY3GPRcNuGYNRdVC1hR5sBYTzlUKL6J3goSqQwdL8Vrr9YjbIakf3aCcrCjKpPXGNXrGlVgdSYKeSnv-2gwdUjmHHrfh3Cgc5IjWTjQI84dDIs49CXAUFcTi6OPnhhNQ-DjsOlXmvspGj7Xl9Z3BHkkWwU9dlquYw3H5SEjfK9z38nc9TT-DiseJ81f5kkhKibcog_6-W5Lgy9B1yHxuixo3pxwlA6XGFBBpuKb0c9sYYPMrLjktI-KJoCpzO1JLYDlIJ2qVHDkh5AHNt1nrYC4ZJYrAX45bfr8At6zNGwHZ6IgumyruBT45BaKhaEcQtnomTgR9oR8JKUG9cpO3qk527lAFnoI19u_S-f2YfHdbGS56K_MDV02hOiHhr_-e_qNMbPzGf2ETdV-GLH51faUKsd85As0FC-uR0fyh13laRZVQ95qDbZkrFITkC81sbMPmTpsb-_mEirM5_lqht-U_hxFzmrB6DoxIw0E2Cl6WQ7Kdb8Sd7rdxj8ugjcDbj4uz7PlmRDMbe55r-_AaBc9LC3M6YHshC6i00
Title: Twitter rolls out redesigned misinformation warning labels

Search URL Search Domain Scan URL

URL: https://api.cxense.com/public/widget/click/ulfIrb-wrrLjnPu89mt0hCgIrPTPLySbvJE8sEu9o7QD-Lz8t41mBNv_OrF0nOVjFHLMWFf_E8xW7I-5Od31JAr2_naj1FvaP60Ftjpo9Lh49-pkFHDfWYfb5GwhxJnVd_OiXpZaphU8Ubnt0Q39be5mKvPo1Whj17hez1jnALp06NrQoRI7Q93rgoD67I8zy1S0T0DqkUo-xIBKiH0bkHefYY8WooWdp1LUByY2Z94I_YlF2E4AzFUkVCUsspZouy8upZoQ0IrThr1M30hi0bs0os-FE2WEVj_i-vy_nE7J2RVw8Nr-z3nDk9Hi0n1gvNYsirbRRqrOulpUD-x5mn8MKInGPeWu4J1swfp2kI8hs4oAv1njrCEVBwtIgDhUCvBZ5tQxMwXvIg2HRFwuZfAD_hP-FeJu6B1RnWy2ghm4unJseBnGoOJKHUxSjIlKNcMHiD4YjoXQSquKtk2IRPCs04z3j8Q9yEsuPrQ32EVrYcaIzu-yEhoOebFfmbiMjTxUXe303BkD9HY9JiXuALwMsHSTdl9GdADtFqO0CZbVBGizO5uS5_cqf0g5OI7zJbG6qsSEONB5lt0p4MDp-pk3MXwHdqDpW03vDZw2TYE4GddsnhbdI29yubosJYjPDgliid0BLYCP0YezMpqpqeVSKM4LRYgNDBG9hRRksYBm7oJ0pKGIfB6tRztLXSrv9b2ZMsgjne2EJZ3e5Kmhqk3Gx5lxyJaJ0
Title: Terengganu records 6,565 Muslim divorces from 2020 to Oct 2021, says exco

Search URL Search Domain Scan URL

URL: https://bookstore.thestar.com.my/
Title: Other Publications

Search URL Search Domain Scan URL

URL: http://starmediagroup.my/careers/life-with-us/
Title: Job Opportunities

Search URL Search Domain Scan URL

URL: https://www.starmediagroup.my/
Title: Investor Relations

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/thestaronline

Search URL Search Domain Scan URL

URL: https://www.instagram.com/thestaronline/?hl=en

Search URL Search Domain Scan URL

URL: http://twitter.com/staronline

Search URL Search Domain Scan URL

URL: http://www.facebook.com/TheStarOnline

Search URL Search Domain Scan URL

URL: https://t.me/thestar_official

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.knx.thestarmobile

Search URL Search Domain Scan URL

URL: https://itunes.apple.com/app/the-star-mobile/id428184176?mt=8

Search URL Search Domain Scan URL

URL: http://cdc.hispace.hicloud.com/000000WJ

Search URL Search Domain Scan URL

URL: https://api.cxense.com/public/widget/click/aa0nd5F7GgKd0cHPS5Ox5_WMBBgTEok05ITp0pHKJTCtDNTFTw35cN9JBWyCIv-p5ZmF1H_oCf0pCEH9zNaAVENJoTXvUcYKflvxeFCdbGY40bn947sES-GdI9mqmv6e-yjnOCxd7qa-4znYi23jcIRQW2Dz9gm8HYrUakmFo2CVZ1xrlGMVQrBIEqRjFGmCVESaNp8pgEg7I_ECU-CowqY20OL84IMNdecmnwB1b_eq8-P4qc6uPxais_u-8z6NOJsg5EhTuj92VxlL_ZQ5kxPIvPehVoG2LaN_DrFwNslHDz8p0T9UX_3BdpopEGzDXFGGrRC87IKPScysGomIHKWFU5ZxfZX8GZCrYaSlyIvYJgIYBCqUQ4mC7ovQdnxEypKvb9pG4rK3ebMUPcnk2XHr2yHEbgOmLp9z8i4kyW2WmqnTsxdzYtCKhVvRkDrv9b__LqsyCe5PB_FaU-CemdjHfzk6vqcHZHpRtUmhi88Fi83HSvQ0AyB73NBkJOxweLT3BKbvnZgFJ2G03KAwV_vXXv8ousW8wVzaU-RE5GY-o-B0TmQ5Xd93MxQIHp1AWyykiiAuQUwirh80ZYByl-ajCrmwUO-Fc_mstdg_1dmYJDy4DbgXOJdnjm_3uLyyMcAFJ8aFjvI466TtKujYBCc_RVc4qToFTtpDlwKoPO0YpG8YR6ioVgkBG1uTq2nH0
Title: Read

Search URL Search Domain Scan URL

URL: https://api.cxense.com/public/widget/click/P2wuDV4tuvSG77SuDb627B49S1FqTlaK6cnpgLAsNQiTbTFmJgn6heIjtQnIIOmdQUuD-Voe6Xasz1uWDYmqK_Rc-MBrVj3zF-zk0CyQ3jVF81Xw8ryTK6HcJFTxKAXUA4YkCkX-KVtYAv3qUV0jOTVD_Lg7ySFpjLD2jaA3WSkqNpS4On1sjdDKjJOR0G5BtyYWBA025zm6QTygJbAe_R6eU1jaOPkHDMue7lv0bytrI8W-XerquIjyHBx3PVHX_B6-gBrn0v4HWGN8pZ75DNtR0CDg6tve6fNK8tBG11LKBk8fM-cVzaYX1kGHhCn0_qCJlaDEa3ZDJiHeDUHesCkLJ8PJ53pYiYVaN-RI1xB0fzZFOip0jnvPh3OZLcOTB5lzSnpQ9UobvPWcTcedjhQPR2wGilZd9bSJALmB5I6JJU2fSIgoOMBcdsab34syGTEjhMufnPYp-Hxc0dLCWDuwCX_QXLxnO1Hs163owteTZtFNbgqdFWTE1YmHoNnyvB9owWxgPpB70MlivM40Rt0_fHEejLVEBZnMh9u5vW0C_mLlbl2fWp1bs30nRwZVD4Wa2_DF8Zvwx0STKJhKdhCVnAh-b_NGHeI2HdSGBOSYk8vKsYv63xRLlxYEHgGJXObmPQF1roprtVrt8gpmq-85oA-7W5we65_Lq09MjSAb92264MwrN-rjS0mNk7HA9Qs8qXc0
Title: Read

Search URL Search Domain Scan URL

URL: https://api.cxense.com/public/widget/click/cemXx56NsQPtxD6JyZmi8yyPjLtDcwOALlwjy8tTUulgm8H54n1VWzRtNiHu-z4hnD85b0cH2xxq5dYmuMMmwMIm7Kl5GVssVPgEAjbZgc60Uc1MSBl-Ntjm3wQHgrq3Ga4XcAz6wAOlq9R2vH_fpZC14htphPVerNPQpZp_F29QRBGd7aLiWCKrEyFY5msu4dh2npxNDY3hfS1PyOka5bG62tgE0kfH9XIcWXLbkLYeSRdHXq8lzvIInKi8gFqWxfPXWCKosBTstoMR9U85-u5h7jUCiypMf_HBfnLULTHzxoHjLQmnyDEEy7UacJr5wPXD5OrMIrt_Sq7k-qDbdp1ztniXCjJXSY_k14wRIFqdEyDlJ9_LIR7Jiz9B3jlKru2-fmagp1kmmeRo3WfqvqXhJHkCHscM-vH_wc5MqYangixR3f4b7_1_ejjSMBhCj-zdt90K7YnznOtrdvFqacxZiXPF_SrMuVhcSnpbMTcVU4obZZOS6mnC9gNXjPuqCCPquGLTkBfpH4n2uRlnWeTAcFo4MaJ4e_gRgU8N7dsyQpSO7fGtMI-YWrlioKQ7u17y8ZNEOQSmFkCBHtyXjVYdvX92R6hiXP7l-4fOvNXe9W1PORTxbPhBc_IbyLYIlFFqcfGehFSxUf3kYkYvPSRMHRQpUQTTVgtngEW0gpPP60qGnpMj-roUe-5gtV7na5owAQAqLa860
Title: Read

Search URL Search Domain Scan URL

URL: https://api.cxense.com/public/widget/click/_FdLdVeD9puOwNRd_T1pLHFhD2Zlhs-5m80c-m5xdH0tv9LDUjN5AlDsIQpkqMUQD1EdA1uaH6V8dOQX3PEXST2DgVwk9Pd1QPgX1cVvJ8WgotRx9EA0Yv5u1BTxpuEPGZN6OGIuAbjTeRu_3Z1ibvqljy8LSpvWQPmg2SjRgvUdGkWuhjlgcXg92FXy7YAaven7oJ0uKE2VQHNmlc6OCj_4zCYD39ndPhYtu7NIXRrp4YIhQJcxSMJWDogiT6LwLFQhje4bybgu6ZDtWUeiyInD1nD9qZzZwzf-xk5nB3bLqj0c9ddo37B6V0zYq8kiGRTACIMOuZUoCTKklJ92GVaHBMC0TbRUUFneqw4sUNczQnJetYGP7c396CKUihn-Kv66Q_mqiqbzzTKlooHn1qkV_IWLRyRMz7CTcQlM6gwmqnbwmEmAPhvoioIWLxLkpHe3ZbCoxxmntHSuqsba4-GqIbH3sFKg5l871dj7Y1aIbdV-1OYsDM6FEVFKQzpv6avVU59sNabSUzeoMlKPtZXT_LVXXB8bxYYMN0XN3x4so6YrGC-babkx0x2YhXm-y40B_dI6eecJX1lsd_uBTQPKsrMlt6jifykCGQEAlbO5URJcmjMufa-IjEFlOL1J6D5_jlKkgJZd-BTLKjU-KFClCslZJDE5dwb2jDvIGLOA0BtqYlaZ6beoqKrbG4boxHCPYg0
Title: Read

Search URL Search Domain Scan URL

URL: https://api.cxense.com/public/widget/click/Sqw7tLzhchFKxKHRQEaxftnUgkHRCzJlSUw5mL8MzI3lwTjO0ElLb-JYvJ_UKY7wqg3MOwSquyd_REajp3YK56k1U14bT1pG3f9ixyVRRCttBUT7YsFcZWDMcsxN9KYeMp75VdBNSumlW2jPojg6x7jTtdaApbQ5KZ-mi01pIo_Fk-4UpXevAfhf3w4q_E8fv_nimo5UemrNnADwpUsCIiW4_XvhpsOmkXRGVHEajrogxJ7VPCWGKDhQ4-uK189q-8PoJG0ytBVsY0waFH63q-qTGwpxaUUxVUBsJStsEXBrbQK2EF7vzW8724Jp4SfMYEfLvnbq0_uxoBRu2e97PkG56rRcQa-ecaOyBECM4G3DUySdvfgOtjuOrl0X_azSID3HfZgA7GfHWxZTb9O8ZJxZhtCa4adFJuiLT3Hk95-hgK91N-GnVR5quh5fY4JOOVwdRMjzSv8is1e3oMfMRIN3IhsJZQGCHS-LW-_1zen0At6AqfbvGhH1hJJC-gZPW--ojfwoi4R7GWKMYJkb15pyiJcoZUeQ8cOuKJeyqOcrGGMU7OPLjH9zNSkzOPkPe3GwV2-pPZ805sN-NZED8QAwmZuYtbHkUchnjt9wQm_YhNf1Ctmc9NudxvCRb0X31jFMslsbMgNIfrDw1wpBwjrvmo67zlDJG-v8U12LmnqlMDawaqqt1GWwHuGR6HmEQD8b3GPcZQXj2zJpkg0
Title: Read

Search URL Search Domain Scan URL

URL: https://api.cxense.com/public/widget/click/2N12GaH7KichRz2kuapn0SGitjkzi-YM7wpcepZ0ILL4Ozu-PmGMkRyEGUGSLgqjjGf2_UexHWkh2N7fD9d_dLecvm6qV5oTcWzpRG4Q-NY4Hb3qkxglhJigFClNInBRJqowdd-CUuG1S5bF9igGV7xWlQFxvIg4vlIhVpH_68NHIhpWVd6S4HmQEkLWA4Q4JmyXL8Q5NCKv3QYyG61u2huO3PiL8tpeXifBmdC6G-ThRhqkJvKUbIgQ1CrNcD17KCpGvSdjmisTmLkEq47wk_nnDFZdJwrEDapGPVAhifz06IqhzprDZ4X0HUykXqfqEN-4LoTuVIOcglwRaYcbZ8Y3VjAGkpb5jZnB3uDTRuMtEJ2nSzkh6nIBEpKvg0W96dr7Yv_Z8rVE971rctYsUfs6heRx4cpOXbHl52_SoDazTsncmrWUhXrkwej2PecBJc7roCirG2QkHgbco-w-FxiW1FIjmNc5sbwJMLghFjTIC_AzYXjv59b7rx2qMiC50CZG8hiCYV8_wnCY7q9ThS9YefMtVio30NClVWyPF_JXYo1yeCC1MJ3QlWrbQZ0wYmwL_HSjUjBfdCeGADoQLIY8PXDpbWtJDGF54ybrfIC5aT7OdQircl7I8taVUqLUs7tYEBVqMPGAh6M0J4-AVY8bYr6_ItyoHyBVoWxqoX1o2shF-BRvWcQc7pndgETvrxRPSR1zQG_b-pP92mga0
Title: Read

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://star2.com/ HTTP 301
https://www.thestar.com.my/lifestyle Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 225

https://sb.scorecardresearch.com/b?c1=2&c2=6035691&ns__t=1637122695241&ns_c=UTF-8&cv=3.5&c8=Malaysia%20Lifestyle%20Feature%20Stories%20%7C%20The%20Star&c7=https%3A%2F%2Fwww.thestar.com.my%2Flifestyle&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=6035691&ns__t=1637122695241&ns_c=UTF-8&cv=3.5&c8=Malaysia%20Lifestyle%20Feature%20Stories%20%7C%20The%20Star&c7=https%3A%2F%2Fwww.thestar.com.my%2Flifestyle&c9=

Request Chain 243

https://sync.search.spotxchange.com/partner?source=217759&sync_limit=7 HTTP 302
https://sync.search.spotxchange.com/partner?source=217759&sync_limit=7&__user_check__=1&sync_id=62a4b2c0-475d-11ec-b606-174deb1e0506

Request Chain 265

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIqAfn1gVcpq7Odv9b6ovyw&google_cver=1

Request Chain 266

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YZSCh8wdfFakTfYb34ZaCQAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIqAfn1gVcpq7Odv9b6ovyw&google_cver=1

Request Chain 267

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEPRiWz9KvsOigOhRWy2kmnA&google_cver=1

Request Chain 268

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Njk4Njc3NzQxMDM3NzYxMzQ4Nw%3D%3D

Request Chain 280

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=120&redir=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fcookie%3Fi%3DCEN%26uid%3D%7BuserId%7D HTTP 302
https://a.vidoomy.com/api/rtbserver/cookie?i=CEN&uid=no-consent

Request Chain 281

https://x.bidswitch.net/sync?ssp=vidoomy&user_id=883388795.275462120254379.712536965 HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=vidoomy&user_id=883388795.275462120254379.712536965 HTTP 302
https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=2957a701-4ad8-4a38-8ac5-5a03cc9cc255&ssp=vidoomy&gdpr=&gdpr_consent=

Request Chain 292

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEGs_TEO4Xu6xrYIIa8vtHQM&google_cver=1

Request Chain 293

https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
https://us-u.openx.net/w/1.0/cm?cc=1&id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NWQ4ZGU4MTgtOGFiYy0yOTk1LWRmNDYtNWI1MjU1ZTA0NWUz

Request Chain 294

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
https://sync.teads.tv/um?eid=3&uid=CAESEANrNqzKR9Ikwh3XLljLC6E&google_cver=1

Request Chain 302

https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEKLsWoJvYC8FGNk0jwYW5n4&google_cver=1

Request Chain 303

https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=NjJhNGIyNGYtNDc1ZC0xMWVjLWI2MDYtMTc0ZGViMWUwNTA2

Request Chain 315

https://cm.g.doubleclick.net/pixel?google_nid=adtech_dbm&google_cm&google_dbm&_origin=1 HTTP 302
https://pixel.advertising.com/ups/55946/sync?uid=CAESENv4imaPvq-f_94mT6HMicY&_origin=1&google_cver=1 HTTP 302
https://ups.analytics.yahoo.com/ups/55946/sync?uid=CAESENv4imaPvq-f_94mT6HMicY&_origin=1&google_cver=1&apid=UP62ce996b-475d-11ec-bfe8-02eceacfbc66

Request Chain 316

https://pixel.advertising.com/ups/55946/sync?_origin=1&redir=true HTTP 302
https://pixel.advertising.com/ups/55946/sync?_origin=1&redir=true&verify=true HTTP 302
https://ups.analytics.yahoo.com/ups/55946/sync?_origin=1&redir=true&apid=UP62ce996b-475d-11ec-bfe8-02eceacfbc66 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=adtech_dbm&google_hm=VVA2MmNlOTk2Yi00NzVkLTExZWMtYmZlOC0wMmVjZWFjZmJjNjY%3D

Request Chain 317

https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS1tS0FxcW45RTJ1RWJBNVJwc2cyVldZZl9YMG1uS3NzQn5B

Request Chain 380

https://ad.turn.com/r/cs?pid=65 HTTP 302
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3860057541173397272

Request Chain 388

https://ad.turn.com/r/cs?pid=65 HTTP 302
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3787999947135469336

Request Chain 412

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESELPVy8rOtCMzjbs-N1364bs&google_cver=1&google_push=AYg5qPJwyAVlektimR6U5cXjonMwO25W_SGYxaWeHYY0axJHt6G5BFqarQT4ljY7fnW7oCqDGnTDTvJumJqoI8o9qUSrtbMtih63 HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESELPVy8rOtCMzjbs-N1364bs&google_cver=1&google_push=AYg5qPJwyAVlektimR6U5cXjonMwO25W_SGYxaWeHYY0axJHt6G5BFqarQT4ljY7fnW7oCqDGnTDTvJumJqoI8o9qUSrtbMtih63 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=Z3R0cmpMT2cxTU5jb001&google_gid=CAESELPVy8rOtCMzjbs-N1364bs&google_cver=1&google_push=AYg5qPJwyAVlektimR6U5cXjonMwO25W_SGYxaWeHYY0axJHt6G5BFqarQT4ljY7fnW7oCqDGnTDTvJumJqoI8o9qUSrtbMtih63

Request Chain 413

https://a.tribalfusion.com/i.match?p=b6&u=CAESEKaQwa-KAKrsqoFA2nkDL-M&google_cver=1&google_push=AYg5qPIHEZoFNA3-XX3HQPVVBTDQgZAl873AfafFsBe-EdFU9jfGHMyVMssC5964Mm1qBxGzb105xZO_729ru9aD8h1C1lUP3jy0&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPIHEZoFNA3-XX3HQPVVBTDQgZAl873AfafFsBe-EdFU9jfGHMyVMssC5964Mm1qBxGzb105xZO_729ru9aD8h1C1lUP3jy0%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEKaQwa-KAKrsqoFA2nkDL-M&google_cver=1&google_push=AYg5qPIHEZoFNA3-XX3HQPVVBTDQgZAl873AfafFsBe-EdFU9jfGHMyVMssC5964Mm1qBxGzb105xZO_729ru9aD8h1C1lUP3jy0&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPIHEZoFNA3-XX3HQPVVBTDQgZAl873AfafFsBe-EdFU9jfGHMyVMssC5964Mm1qBxGzb105xZO_729ru9aD8h1C1lUP3jy0%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 414

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEDz5H506Qz-MPgE4u-AW1js&google_cver=1&google_push=AYg5qPLeuss6BO9PLFmjO7CZwUayettLHXJ2ZXkPoKbkMgR59s4lvRFFsJnC1GvgvbyVdlK7B8ivALUhZE2di5xLpAbneVRkETA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEDz5H506Qz-MPgE4u-AW1js&google_push=AYg5qPLeuss6BO9PLFmjO7CZwUayettLHXJ2ZXkPoKbkMgR59s4lvRFFsJnC1GvgvbyVdlK7B8ivALUhZE2di5xLpAbneVRkETA

Request Chain 415

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEByzGuGMaV3vbVZfmbdsvAQ&google_cver=1&google_push=AYg5qPK-LxzJZPxtsYF_XmuDM6_ez7fg9kYI1U1D5DF5p8TcjkVmQpZVeDw47SJi3Qn-Yn9bbWtAQl7rnDmvp5zDFUphDxa9jJqJ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzAzMTM4ODQzODg2MzQxMTM0Nw%3D%3D&google_push=AYg5qPK-LxzJZPxtsYF_XmuDM6_ez7fg9kYI1U1D5DF5p8TcjkVmQpZVeDw47SJi3Qn-Yn9bbWtAQl7rnDmvp5zDFUphDxa9jJqJ

Request Chain 416

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEDthQkMK0Z3o868sOoyGaZ8&google_cver=1&google_push=AYg5qPKTdFWh1F6wDy60-Mogktb16e5YY2_8Yn6uU6NCxy_ntCl_KHqXZW3-kO-hvgaWlsjakRdKslsV2hxX1cBos7E0Z5fMZOY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPKTdFWh1F6wDy60-Mogktb16e5YY2_8Yn6uU6NCxy_ntCl_KHqXZW3-kO-hvgaWlsjakRdKslsV2hxX1cBos7E0Z5fMZOY&google_hm=ODczMTIxNjg1NDgwOTQxMTI2Ng%3D%3D

Request Chain 417

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESENKAb9BaB5vGFJb5_sQLtzY&google_cver=1&google_push=AYg5qPJgEkGAKeua9PjreLZOTD7X0kgyVA5FmR-lFcO6qhOcUmOt69NHLLjECjun6pmdgMQQUxmuGswjLsaHpOXKNkp4DtsJO5bw HTTP 302
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&cmp_cs=&us_privacy=&sync=1&google_push=AYg5qPJgEkGAKeua9PjreLZOTD7X0kgyVA5FmR-lFcO6qhOcUmOt69NHLLjECjun6pmdgMQQUxmuGswjLsaHpOXKNkp4DtsJO5bw&google_gid=CAESENKAb9BaB5vGFJb5_sQLtzY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=OTU4NzE0MTM3NzgzMzk3NzMzNw%3D%3D&google_push=AYg5qPJgEkGAKeua9PjreLZOTD7X0kgyVA5FmR-lFcO6qhOcUmOt69NHLLjECjun6pmdgMQQUxmuGswjLsaHpOXKNkp4DtsJO5bw

Request Chain 442

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEHOt5m1SGWBe4rmYy7IEZRw&google_cver=1&google_push=AYg5qPLgo7TI22Jiiaqgo31wVt9cgKc4_7me0nmrvY2HOHwBcFGlsX35J7zxzBdzMogOn0W2wOwSugwHpulHaxQ0eACXqjeSNeIc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AYg5qPLgo7TI22Jiiaqgo31wVt9cgKc4_7me0nmrvY2HOHwBcFGlsX35J7zxzBdzMogOn0W2wOwSugwHpulHaxQ0eACXqjeSNeIc&google_hm=G-BErZI9SDC87sfsep6DSFM

Request Chain 443

https://tracking.m6r.eu/sync/adxRedirect?gdprFallback=true&google_gid=&google_gid=CAESEB9CtzwHb_dLO9PTPDL88Yc&google_cver=1&google_push=AYg5qPIbwYN6CDDuRw-06ouuXKVtrTPBM5H3gCc7KlTx6Fqxz7ctf49We0NQgoUV73tmKkiDfy7wxCflbS-Fpq2UHe53-IjHYh_8LA HTTP 302
https://tracking.m6r.eu/sync/adxRedirect?gdprFallback=true&google_gid=&google_gid=CAESEB9CtzwHb_dLO9PTPDL88Yc&google_cver=1&google_push=AYg5qPIbwYN6CDDuRw-06ouuXKVtrTPBM5H3gCc7KlTx6Fqxz7ctf49We0NQgoUV73tmKkiDfy7wxCflbS-Fpq2UHe53-IjHYh_8LA&checkcookies=true HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=m6r&google_ula=158217889&google_hm=lwO2ty501NMrHQo3RozVmw&google_push=AYg5qPIbwYN6CDDuRw-06ouuXKVtrTPBM5H3gCc7KlTx6Fqxz7ctf49We0NQgoUV73tmKkiDfy7wxCflbS-Fpq2UHe53-IjHYh_8LA

Request Chain 444

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEDthQkMK0Z3o868sOoyGaZ8&google_cver=1&google_push=AYg5qPIKz-UT_03-Sd9NDfYdhOItx-4A4mwTMdEHGldTWrR39IX_99UKJfJMRXKeLPjxM5uoOAw9l3Ad5TesNH6itsctwJcthQx8Yw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPIKz-UT_03-Sd9NDfYdhOItx-4A4mwTMdEHGldTWrR39IX_99UKJfJMRXKeLPjxM5uoOAw9l3Ad5TesNH6itsctwJcthQx8Yw&google_hm=ODczMTIxNjg1NDgwOTQxMTI2Ng%3D%3D

Request Chain 445

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEBwyc5EKGZ1WfrKOUQFfslc&google_cver=1&google_push=AYg5qPLb_FEQjXxTxOPMVDPypPxmxr1iiJlgV7TOhyDH8eI0mCxQQrGS59piQSmRqG6rD46VHPVhKsFJyOlC6ZZnS7J1F0PCivdGvw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1czMEwxMFMtMTQtOUxQSA==&google_push=AYg5qPLb_FEQjXxTxOPMVDPypPxmxr1iiJlgV7TOhyDH8eI0mCxQQrGS59piQSmRqG6rD46VHPVhKsFJyOlC6ZZnS7J1F0PCivdGvw

Request Chain 446

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEPTIBB9yhrid9dfSM8S67-c&google_cver=1&google_push=AYg5qPIvZFQUnNbLKCeKK8lonrYTYkHFJAiJHL6C3MjBGnlEc7Tuh4ZLEXQr677jvGSud7frWZuFdNHHmDD8Ps9x-CSF76ww2-escA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZSCh8wdfFakTfYb34ZaCQAABFsAAAIB&google_push=AYg5qPIvZFQUnNbLKCeKK8lonrYTYkHFJAiJHL6C3MjBGnlEc7Tuh4ZLEXQr677jvGSud7frWZuFdNHHmDD8Ps9x-CSF76ww2-escA&google_gid=CAESEPTIBB9yhrid9dfSM8S67-c&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZSCh8wdfFakTfYb34ZaCQAABFsAAAIB&google_push=AYg5qPIvZFQUnNbLKCeKK8lonrYTYkHFJAiJHL6C3MjBGnlEc7Tuh4ZLEXQr677jvGSud7frWZuFdNHHmDD8Ps9x-CSF76ww2-escA&google_gid=CAESEPTIBB9yhrid9dfSM8S67-c&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZSCh8wdfFakTfYb34ZaCQAABFsAAAIB&google_push=AYg5qPIvZFQUnNbLKCeKK8lonrYTYkHFJAiJHL6C3MjBGnlEc7Tuh4ZLEXQr677jvGSud7frWZuFdNHHmDD8Ps9x-CSF76ww2-escA&google_gid=CAESEPTIBB9yhrid9dfSM8S67-c&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZSCh8wdfFakTfYb34ZaCQAABFsAAAIB&google_push=AYg5qPIvZFQUnNbLKCeKK8lonrYTYkHFJAiJHL6C3MjBGnlEc7Tuh4ZLEXQr677jvGSud7frWZuFdNHHmDD8Ps9x-CSF76ww2-escA&google_gid=CAESEPTIBB9yhrid9dfSM8S67-c&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZSCh8wdfFakTfYb34ZaCQAABFsAAAIB&google_push=AYg5qPIvZFQUnNbLKCeKK8lonrYTYkHFJAiJHL6C3MjBGnlEc7Tuh4ZLEXQr677jvGSud7frWZuFdNHHmDD8Ps9x-CSF76ww2-escA&google_gid=CAESEPTIBB9yhrid9dfSM8S67-c&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZSCh8wdfFakTfYb34ZaCQAABFsAAAIB&google_push=AYg5qPIvZFQUnNbLKCeKK8lonrYTYkHFJAiJHL6C3MjBGnlEc7Tuh4ZLEXQr677jvGSud7frWZuFdNHHmDD8Ps9x-CSF76ww2-escA&google_gid=CAESEPTIBB9yhrid9dfSM8S67-c&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZSCh8wdfFakTfYb34ZaCQAABFsAAAIB&google_push=AYg5qPIvZFQUnNbLKCeKK8lonrYTYkHFJAiJHL6C3MjBGnlEc7Tuh4ZLEXQr677jvGSud7frWZuFdNHHmDD8Ps9x-CSF76ww2-escA&google_gid=CAESEPTIBB9yhrid9dfSM8S67-c&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZSCh8wdfFakTfYb34ZaCQAABFsAAAIB&google_push=AYg5qPIvZFQUnNbLKCeKK8lonrYTYkHFJAiJHL6C3MjBGnlEc7Tuh4ZLEXQr677jvGSud7frWZuFdNHHmDD8Ps9x-CSF76ww2-escA&google_gid=CAESEPTIBB9yhrid9dfSM8S67-c&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZSCh8wdfFakTfYb34ZaCQAABFsAAAIB&google_push=AYg5qPIvZFQUnNbLKCeKK8lonrYTYkHFJAiJHL6C3MjBGnlEc7Tuh4ZLEXQr677jvGSud7frWZuFdNHHmDD8Ps9x-CSF76ww2-escA&google_gid=CAESEPTIBB9yhrid9dfSM8S67-c&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZSCh8wdfFakTfYb34ZaCQAABFsAAAIB&google_push=AYg5qPIvZFQUnNbLKCeKK8lonrYTYkHFJAiJHL6C3MjBGnlEc7Tuh4ZLEXQr677jvGSud7frWZuFdNHHmDD8Ps9x-CSF76ww2-escA&google_gid=CAESEPTIBB9yhrid9dfSM8S67-c&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZSCh8wdfFakTfYb34ZaCQAABFsAAAIB&google_push=AYg5qPIvZFQUnNbLKCeKK8lonrYTYkHFJAiJHL6C3MjBGnlEc7Tuh4ZLEXQr677jvGSud7frWZuFdNHHmDD8Ps9x-CSF76ww2-escA&google_gid=CAESEPTIBB9yhrid9dfSM8S67-c&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZSCh8wdfFakTfYb34ZaCQAABFsAAAIB&google_push=AYg5qPIvZFQUnNbLKCeKK8lonrYTYkHFJAiJHL6C3MjBGnlEc7Tuh4ZLEXQr677jvGSud7frWZuFdNHHmDD8Ps9x-CSF76ww2-escA&google_gid=CAESEPTIBB9yhrid9dfSM8S67-c&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZSCh8wdfFakTfYb34ZaCQAABFsAAAIB&google_push=AYg5qPIvZFQUnNbLKCeKK8lonrYTYkHFJAiJHL6C3MjBGnlEc7Tuh4ZLEXQr677jvGSud7frWZuFdNHHmDD8Ps9x-CSF76ww2-escA&google_gid=CAESEPTIBB9yhrid9dfSM8S67-c&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZSCh8wdfFakTfYb34ZaCQAABFsAAAIB&google_push=AYg5qPIvZFQUnNbLKCeKK8lonrYTYkHFJAiJHL6C3MjBGnlEc7Tuh4ZLEXQr677jvGSud7frWZuFdNHHmDD8Ps9x-CSF76ww2-escA&google_gid=CAESEPTIBB9yhrid9dfSM8S67-c&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZSCh8wdfFakTfYb34ZaCQAABFsAAAIB&google_push=AYg5qPIvZFQUnNbLKCeKK8lonrYTYkHFJAiJHL6C3MjBGnlEc7Tuh4ZLEXQr677jvGSud7frWZuFdNHHmDD8Ps9x-CSF76ww2-escA&google_gid=CAESEPTIBB9yhrid9dfSM8S67-c&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZSCh8wdfFakTfYb34ZaCQAABFsAAAIB&google_push=AYg5qPIvZFQUnNbLKCeKK8lonrYTYkHFJAiJHL6C3MjBGnlEc7Tuh4ZLEXQr677jvGSud7frWZuFdNHHmDD8Ps9x-CSF76ww2-escA&google_gid=CAESEPTIBB9yhrid9dfSM8S67-c&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZSCh8wdfFakTfYb34ZaCQAABFsAAAIB&google_push=AYg5qPIvZFQUnNbLKCeKK8lonrYTYkHFJAiJHL6C3MjBGnlEc7Tuh4ZLEXQr677jvGSud7frWZuFdNHHmDD8Ps9x-CSF76ww2-escA&google_gid=CAESEPTIBB9yhrid9dfSM8S67-c&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZSCh8wdfFakTfYb34ZaCQAABFsAAAIB&google_push=AYg5qPIvZFQUnNbLKCeKK8lonrYTYkHFJAiJHL6C3MjBGnlEc7Tuh4ZLEXQr677jvGSud7frWZuFdNHHmDD8Ps9x-CSF76ww2-escA&google_gid=CAESEPTIBB9yhrid9dfSM8S67-c&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZSCh8wdfFakTfYb34ZaCQAABFsAAAIB&google_push=AYg5qPIvZFQUnNbLKCeKK8lonrYTYkHFJAiJHL6C3MjBGnlEc7Tuh4ZLEXQr677jvGSud7frWZuFdNHHmDD8Ps9x-CSF76ww2-escA&google_gid=CAESEPTIBB9yhrid9dfSM8S67-c&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZSCh8wdfFakTfYb34ZaCQAABFsAAAIB&google_push=AYg5qPIvZFQUnNbLKCeKK8lonrYTYkHFJAiJHL6C3MjBGnlEc7Tuh4ZLEXQr677jvGSud7frWZuFdNHHmDD8Ps9x-CSF76ww2-escA&google_gid=CAESEPTIBB9yhrid9dfSM8S67-c&google_cver=1

Request Chain 449

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEHOt5m1SGWBe4rmYy7IEZRw&google_cver=1&google_push=AYg5qPJoRjen73upujMeQ4pBnVHzvvRddkPya4M-VWK-yeAdsZHjXaUHc730-xGIz4rz4hyNfMUjr4KkxhCBY6gY5YxAUAPc4F4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AYg5qPJoRjen73upujMeQ4pBnVHzvvRddkPya4M-VWK-yeAdsZHjXaUHc730-xGIz4rz4hyNfMUjr4KkxhCBY6gY5YxAUAPc4F4&google_hm=iwR53D1ERz6EMSHLbIcggFM

Request Chain 450

https://tracking.m6r.eu/sync/adxRedirect?gdprFallback=true&google_gid=&google_gid=CAESEB9CtzwHb_dLO9PTPDL88Yc&google_cver=1&google_push=AYg5qPKZd6V5mm_kLyy7CAHwcFDZZ-waj5tFVOqXSxHkyBy-ivsFQsQjpcZBIJJFpO0cB_9OBrvXZVKYvO1hc-0XtHgO6x5c1UtH HTTP 302
https://tracking.m6r.eu/sync/adxRedirect?gdprFallback=true&google_gid=&google_gid=CAESEB9CtzwHb_dLO9PTPDL88Yc&google_cver=1&google_push=AYg5qPKZd6V5mm_kLyy7CAHwcFDZZ-waj5tFVOqXSxHkyBy-ivsFQsQjpcZBIJJFpO0cB_9OBrvXZVKYvO1hc-0XtHgO6x5c1UtH&checkcookies=true HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=m6r&google_ula=158217889&google_hm=kRwNBDIiLonDnUBWg4B1FA&google_push=AYg5qPKZd6V5mm_kLyy7CAHwcFDZZ-waj5tFVOqXSxHkyBy-ivsFQsQjpcZBIJJFpO0cB_9OBrvXZVKYvO1hc-0XtHgO6x5c1UtH

Request Chain 451

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEDthQkMK0Z3o868sOoyGaZ8&google_cver=1&google_push=AYg5qPJ0zdk8DBPDnWYFwrgBFp4dJ0_DD2nUVjQem79YGaxd2h6ERcoBtEGYPq91yILT91jWpmaawoOkro9iG5EJPOzjDAdANVc8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPJ0zdk8DBPDnWYFwrgBFp4dJ0_DD2nUVjQem79YGaxd2h6ERcoBtEGYPq91yILT91jWpmaawoOkro9iG5EJPOzjDAdANVc8&google_hm=ODczMTIxNjg1NDgwOTQxMTI2Ng%3D%3D

Request Chain 452

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEBwyc5EKGZ1WfrKOUQFfslc&google_cver=1&google_push=AYg5qPLU5O4evsD6yE-EOMZIGLVuLa_E-WhGgzmSTngWG8g9TDG3dVCNwZlhKFgMEEnx28t_VGp2sAepZwURFb7AdFkPXpYdr_k HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1czMEwxMFMtMVYtQlVKWQ==&google_push=AYg5qPLU5O4evsD6yE-EOMZIGLVuLa_E-WhGgzmSTngWG8g9TDG3dVCNwZlhKFgMEEnx28t_VGp2sAepZwURFb7AdFkPXpYdr_k

Request Chain 453

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEPTIBB9yhrid9dfSM8S67-c&google_cver=1&google_push=AYg5qPLE3wufIVoC_6_fcElCcZNolTs7Vo91H2jy58sgrAefajhp2-kqTDLfVK61MI48S46xnWFSh4_wa01QCjTK3XD5hTlY54Us HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZSCh8wdfFakTfYb34ZaCQAABFsAAAIB&google_gid=CAESEPTIBB9yhrid9dfSM8S67-c&google_push=AYg5qPLE3wufIVoC_6_fcElCcZNolTs7Vo91H2jy58sgrAefajhp2-kqTDLfVK61MI48S46xnWFSh4_wa01QCjTK3XD5hTlY54Us&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZSCh8wdfFakTfYb34ZaCQAABFsAAAIB&google_gid=CAESEPTIBB9yhrid9dfSM8S67-c&google_push=AYg5qPLE3wufIVoC_6_fcElCcZNolTs7Vo91H2jy58sgrAefajhp2-kqTDLfVK61MI48S46xnWFSh4_wa01QCjTK3XD5hTlY54Us&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZSCh8wdfFakTfYb34ZaCQAABFsAAAIB&google_gid=CAESEPTIBB9yhrid9dfSM8S67-c&google_push=AYg5qPLE3wufIVoC_6_fcElCcZNolTs7Vo91H2jy58sgrAefajhp2-kqTDLfVK61MI48S46xnWFSh4_wa01QCjTK3XD5hTlY54Us&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZSCh8wdfFakTfYb34ZaCQAABFsAAAIB&google_gid=CAESEPTIBB9yhrid9dfSM8S67-c&google_push=AYg5qPLE3wufIVoC_6_fcElCcZNolTs7Vo91H2jy58sgrAefajhp2-kqTDLfVK61MI48S46xnWFSh4_wa01QCjTK3XD5hTlY54Us&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZSCh8wdfFakTfYb34ZaCQAABFsAAAIB&google_gid=CAESEPTIBB9yhrid9dfSM8S67-c&google_push=AYg5qPLE3wufIVoC_6_fcElCcZNolTs7Vo91H2jy58sgrAefajhp2-kqTDLfVK61MI48S46xnWFSh4_wa01QCjTK3XD5hTlY54Us&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZSCh8wdfFakTfYb34ZaCQAABFsAAAIB&google_gid=CAESEPTIBB9yhrid9dfSM8S67-c&google_push=AYg5qPLE3wufIVoC_6_fcElCcZNolTs7Vo91H2jy58sgrAefajhp2-kqTDLfVK61MI48S46xnWFSh4_wa01QCjTK3XD5hTlY54Us&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZSCh8wdfFakTfYb34ZaCQAABFsAAAIB&google_gid=CAESEPTIBB9yhrid9dfSM8S67-c&google_push=AYg5qPLE3wufIVoC_6_fcElCcZNolTs7Vo91H2jy58sgrAefajhp2-kqTDLfVK61MI48S46xnWFSh4_wa01QCjTK3XD5hTlY54Us&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZSCh8wdfFakTfYb34ZaCQAABFsAAAIB&google_gid=CAESEPTIBB9yhrid9dfSM8S67-c&google_push=AYg5qPLE3wufIVoC_6_fcElCcZNolTs7Vo91H2jy58sgrAefajhp2-kqTDLfVK61MI48S46xnWFSh4_wa01QCjTK3XD5hTlY54Us&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZSCh8wdfFakTfYb34ZaCQAABFsAAAIB&google_gid=CAESEPTIBB9yhrid9dfSM8S67-c&google_push=AYg5qPLE3wufIVoC_6_fcElCcZNolTs7Vo91H2jy58sgrAefajhp2-kqTDLfVK61MI48S46xnWFSh4_wa01QCjTK3XD5hTlY54Us&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZSCh8wdfFakTfYb34ZaCQAABFsAAAIB&google_gid=CAESEPTIBB9yhrid9dfSM8S67-c&google_push=AYg5qPLE3wufIVoC_6_fcElCcZNolTs7Vo91H2jy58sgrAefajhp2-kqTDLfVK61MI48S46xnWFSh4_wa01QCjTK3XD5hTlY54Us&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZSCh8wdfFakTfYb34ZaCQAABFsAAAIB&google_gid=CAESEPTIBB9yhrid9dfSM8S67-c&google_push=AYg5qPLE3wufIVoC_6_fcElCcZNolTs7Vo91H2jy58sgrAefajhp2-kqTDLfVK61MI48S46xnWFSh4_wa01QCjTK3XD5hTlY54Us&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZSCh8wdfFakTfYb34ZaCQAABFsAAAIB&google_gid=CAESEPTIBB9yhrid9dfSM8S67-c&google_push=AYg5qPLE3wufIVoC_6_fcElCcZNolTs7Vo91H2jy58sgrAefajhp2-kqTDLfVK61MI48S46xnWFSh4_wa01QCjTK3XD5hTlY54Us&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZSCh8wdfFakTfYb34ZaCQAABFsAAAIB&google_gid=CAESEPTIBB9yhrid9dfSM8S67-c&google_push=AYg5qPLE3wufIVoC_6_fcElCcZNolTs7Vo91H2jy58sgrAefajhp2-kqTDLfVK61MI48S46xnWFSh4_wa01QCjTK3XD5hTlY54Us&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZSCh8wdfFakTfYb34ZaCQAABFsAAAIB&google_gid=CAESEPTIBB9yhrid9dfSM8S67-c&google_push=AYg5qPLE3wufIVoC_6_fcElCcZNolTs7Vo91H2jy58sgrAefajhp2-kqTDLfVK61MI48S46xnWFSh4_wa01QCjTK3XD5hTlY54Us&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZSCh8wdfFakTfYb34ZaCQAABFsAAAIB&google_gid=CAESEPTIBB9yhrid9dfSM8S67-c&google_push=AYg5qPLE3wufIVoC_6_fcElCcZNolTs7Vo91H2jy58sgrAefajhp2-kqTDLfVK61MI48S46xnWFSh4_wa01QCjTK3XD5hTlY54Us&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZSCh8wdfFakTfYb34ZaCQAABFsAAAIB&google_gid=CAESEPTIBB9yhrid9dfSM8S67-c&google_push=AYg5qPLE3wufIVoC_6_fcElCcZNolTs7Vo91H2jy58sgrAefajhp2-kqTDLfVK61MI48S46xnWFSh4_wa01QCjTK3XD5hTlY54Us&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZSCh8wdfFakTfYb34ZaCQAABFsAAAIB&google_gid=CAESEPTIBB9yhrid9dfSM8S67-c&google_push=AYg5qPLE3wufIVoC_6_fcElCcZNolTs7Vo91H2jy58sgrAefajhp2-kqTDLfVK61MI48S46xnWFSh4_wa01QCjTK3XD5hTlY54Us&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZSCh8wdfFakTfYb34ZaCQAABFsAAAIB&google_gid=CAESEPTIBB9yhrid9dfSM8S67-c&google_push=AYg5qPLE3wufIVoC_6_fcElCcZNolTs7Vo91H2jy58sgrAefajhp2-kqTDLfVK61MI48S46xnWFSh4_wa01QCjTK3XD5hTlY54Us&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZSCh8wdfFakTfYb34ZaCQAABFsAAAIB&google_gid=CAESEPTIBB9yhrid9dfSM8S67-c&google_push=AYg5qPLE3wufIVoC_6_fcElCcZNolTs7Vo91H2jy58sgrAefajhp2-kqTDLfVK61MI48S46xnWFSh4_wa01QCjTK3XD5hTlY54Us&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZSCh8wdfFakTfYb34ZaCQAABFsAAAIB&google_gid=CAESEPTIBB9yhrid9dfSM8S67-c&google_push=AYg5qPLE3wufIVoC_6_fcElCcZNolTs7Vo91H2jy58sgrAefajhp2-kqTDLfVK61MI48S46xnWFSh4_wa01QCjTK3XD5hTlY54Us&google_cver=1

Request Chain 494

https://ad.turn.com/r/cs?pid=65 HTTP 302
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3787999947135469336

Request Chain 510

https://www.facebook.com/tr/?id=1133176620062218&ev=Microdata&dl=https%3A%2F%2Fwww.thestar.com.my%2Flifestyle&rl=&if=false&ts=1637122696631&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Malaysia%20Lifestyle%20Feature%20Stories%20%7C%20The%20Star%22%2C%22meta%3Adescription%22%3A%22Malaysia%20lifestyle%20stories.%20Provides%20feature%20articles%2C%20guidelines%20and%20tips%20on%20art%2C%20fashion%2C%20travel%2C%20parenting%2C%20food%2C%20health%20and%20environment.%22%7D&cd[OpenGraph]=%7B%22og%3Adescription%22%3A%22Malaysia%20lifestyle%20stories.%20Provides%20feature%20articles%2C%20guidelines%20and%20tips%20on%20art%2C%20fashion%2C%20travel%2C%20parenting%2C%20food%2C%20health%20and%20environment.%22%2C%22og%3Atitle%22%3A%22Malaysia%20Lifestyle%20Feature%20Stories%20%7C%20The%20Star%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fcdn.thestar.com.my%2FThemes%2Fimg%2FnewTsol_logo_socmedia.png%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fwww.thestar.com.my%2Flifestyle%22%2C%22og%3Atype%22%3A%22website%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22WebPage%22%2C%22headline%22%3A%22Malaysia%20Lifestyle%20Feature%20Stories%20%7C%20The%20Star%22%2C%22articleSection%22%3A%22lifestyle%22%2C%22creator%22%3A%22The%20Star%20Online%22%2C%22thumbnailUrl%22%3A%22https%3A%2F%2Fcdn.thestar.com.my%2FThemes%2Fimg%2FnewTsol_logo_socmedia.png%22%2C%22dateCreated%22%3A%222019-07-29T14%3A48%3A52Z%22%2C%22url%22%3A%22http%3A%2F%2Fwww.thestar.com.my%2Flifestyle%22%2C%22keywords%22%3A%5B%22%22%5D%7D%5D&sw=1600&sh=1200&v=2.9.48&r=stable&a=tmgoogletagmanager&ec=1&o=30&fbp=fb.2.1637122695787.182521506&it=1637122695560&coo=false&es=automatic&tm=3&rqm=GET HTTP 302
https://www.facebook.com/tr/?a=tmgoogletagmanager&cd[DataLayer]=%5B%5D&cd[JSON-LD]=%5B%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22WebPage%22%2C%22headline%22%3A%22Malaysia%20Lifestyle%20Feature%20Stories%20%7C%20The%20Star%22%2C%22articleSection%22%3A%22lifestyle%22%2C%22creator%22%3A%22The%20Star%20Online%22%2C%22thumbnailUrl%22%3A%22https%3A%2F%2Fcdn.thestar.com.my%2FThemes%2Fimg%2FnewTsol_logo_socmedia.png%22%2C%22dateCreated%22%3A%222019-07-29T14%3A48%3A52Z%22%2C%22url%22%3A%22http%3A%2F%2Fwww.thestar.com.my%2Flifestyle%22%2C%22keywords%22%3A%5B%22%22%5D%7D%5D&cd[Meta]=%7B%22title%22%3A%22Malaysia%20Lifestyle%20Feature%20Stories%20%7C%20The%20Star%22%2C%22meta%3Adescription%22%3A%22Malaysia%20lifestyle%20stories.%20Provides%20feature%20articles%2C%20guidelines%20and%20tips%20on%20art%2C%20fashion%2C%20travel%2C%20parenting%2C%20food%2C%20health%20and%20environment.%22%7D&cd[OpenGraph]=%7B%22og%3Adescription%22%3A%22Malaysia%20lifestyle%20stories.%20Provides%20feature%20articles%2C%20guidelines%20and%20tips%20on%20art%2C%20fashion%2C%20travel%2C%20parenting%2C%20food%2C%20health%20and%20environment.%22%2C%22og%3Atitle%22%3A%22Malaysia%20Lifestyle%20Feature%20Stories%20%7C%20The%20Star%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fcdn.thestar.com.my%2FThemes%2Fimg%2FnewTsol_logo_socmedia.png%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fwww.thestar.com.my%2Flifestyle%22%2C%22og%3Atype%22%3A%22website%22%7D&cd[Schema.org]=%5B%5D&coo=false&dl=https%3A%2F%2Fwww.thestar.com.my%2Flifestyle&ec=1&es=automatic&ev=Microdata&fbp=fb.2.1637122695787.182521506&id=1133176620062218&if=false&it=1637122695560&o=30&r=stable&redirect=0&rl=&rqm=GET&sh=1200&sw=1600&tm=3&ts=1637122696631&v=2.9.48

Request Chain 515

https://cm.g.doubleclick.net/pixel?google_nid=smartrtb_dbm&google_cm&google_dbm HTTP 302
https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEPFdG19D7m2N4MQUQuYagZM&google_cver=1

Request Chain 520

https://ads.adaptv.advertising.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=756437901&gdpr=0&gdpr_consent=&pageUrl=http%3A%2F%2Fwww.thestar.com.my%2F&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=56965&hp=1 HTTP 302
https://ads-eu.v.ssp.yahoo.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=756437901&gdpr=0&gdpr_consent=&pageUrl=http%3A%2F%2Fwww.thestar.com.my%2F&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=56965&hp=1&a.y_rid=d5f3399c-5ee4-4e14-a32a-494390a59231&a.is_yahoo=3&redirect_y=dHM9MTYzNzEyMjY5Njc3OS43MDY1NDM6YXBpZD1VUDYyY2U5OTZiLTQ3NWQtMTFlYy1iZmU4LTAyZWNlYWNmYmM2NjpyZXF1ZXN0X2lkPWQ1ZjMzOTljLTVlZTQtNGUxNC1hMzJhLTQ5NDM5MGE1OTIzMQ==

Request Chain 522

https://ads.adaptv.advertising.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=1800723623&gdpr=0&gdpr_consent=&pageUrl=http%3A%2F%2Fwww.thestar.com.my%2F&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=56965&hp=1 HTTP 302
https://ads-eu.v.ssp.yahoo.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=1800723623&gdpr=0&gdpr_consent=&pageUrl=http%3A%2F%2Fwww.thestar.com.my%2F&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=56965&hp=1&a.y_rid=be8219c6-a071-4e0e-be40-0f143a0ed9ea&a.is_yahoo=3&redirect_y=dHM9MTYzNzEyMjY5Njc4MC4zMTgxMTU6YXBpZD1VUDYyY2U5OTZiLTQ3NWQtMTFlYy1iZmU4LTAyZWNlYWNmYmM2NjpyZXF1ZXN0X2lkPWJlODIxOWM2LWEwNzEtNGUwZS1iZTQwLTBmMTQzYTBlZDllYQ==

Request Chain 524

https://ads.adaptv.advertising.com/a/h/88k_nHSg_6XSp1263gyM+rBJnqbGxDqsAEHMK88FGSM=?cb=983730991&gdpr=0&gdpr_consent=&pet=preroll&pageUrl=http%3A%2F%2Fwww.thestar.com.my%2F&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=56965&hp=1 HTTP 302
https://ads-eu.v.ssp.yahoo.com/a/h/88k_nHSg_6XSp1263gyM+rBJnqbGxDqsAEHMK88FGSM=?cb=983730991&gdpr=0&gdpr_consent=&pet=preroll&pageUrl=http%3A%2F%2Fwww.thestar.com.my%2F&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=56965&hp=1&a.y_rid=6024c815-272e-4019-b751-740871aab99b&a.is_yahoo=3&redirect_y=dHM9MTYzNzEyMjY5Njc4MC41ODQ0NzM6YXBpZD1VUDYyY2U5OTZiLTQ3NWQtMTFlYy1iZmU4LTAyZWNlYWNmYmM2NjpyZXF1ZXN0X2lkPTYwMjRjODE1LTI3MmUtNDAxOS1iNzUxLTc0MDg3MWFhYjk5Yg==

Request Chain 525

https://ads.adaptv.advertising.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHxk7bKbXb_mQ=?cb=608979966&gdpr=0&gdpr_consent=&pet=preroll&pageUrl=http%3A%2F%2Fwww.thestar.com.my%2F&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=56965&hp=1 HTTP 302
https://ads-eu.v.ssp.yahoo.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHxk7bKbXb_mQ=?cb=608979966&gdpr=0&gdpr_consent=&pet=preroll&pageUrl=http%3A%2F%2Fwww.thestar.com.my%2F&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=56965&hp=1&a.y_rid=217b0a95-faa0-4624-a29e-5481e7787a6e&a.is_yahoo=3&redirect_y=dHM9MTYzNzEyMjY5Njc4MC43MzU4NDA6YXBpZD1VUDYyY2U5OTZiLTQ3NWQtMTFlYy1iZmU4LTAyZWNlYWNmYmM2NjpyZXF1ZXN0X2lkPTIxN2IwYTk1LWZhYTAtNDYyNC1hMjllLTU0ODFlNzc4N2E2ZQ==

Request Chain 526

https://ads.adaptv.advertising.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHZZQf70KjSEs=?cb=58812099&gdpr=0&gdpr_consent=&pet=preroll&pageUrl=http%3A%2F%2Fwww.thestar.com.my%2F&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=56965&hp=1 HTTP 302
https://ads-eu.v.ssp.yahoo.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHZZQf70KjSEs=?cb=58812099&gdpr=0&gdpr_consent=&pet=preroll&pageUrl=http%3A%2F%2Fwww.thestar.com.my%2F&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=56965&hp=1&a.y_rid=9f9771d4-8089-47b2-8c05-05b0934ac32a&a.is_yahoo=3&redirect_y=dHM9MTYzNzEyMjY5Njc4MS4wMzU2NDU6YXBpZD1VUDYyY2U5OTZiLTQ3NWQtMTFlYy1iZmU4LTAyZWNlYWNmYmM2NjpyZXF1ZXN0X2lkPTlmOTc3MWQ0LTgwODktNDdiMi04YzA1LTA1YjA5MzRhYzMyYQ==

Request Chain 543

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESELPVy8rOtCMzjbs-N1364bs&google_cver=1&google_push=AYg5qPIRKPLJPbGarA9UrBzP6lSFCSuuI6QKbBRx0KSjB_v48e97E_GFeQ0O9k9VY7QI9CU116O1L5LmiBozbmtIz0Lnw1Aw9Utiyg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=Z3R0cmpMT2cxTU5jb001&google_gid=CAESELPVy8rOtCMzjbs-N1364bs&google_cver=1&google_push=AYg5qPIRKPLJPbGarA9UrBzP6lSFCSuuI6QKbBRx0KSjB_v48e97E_GFeQ0O9k9VY7QI9CU116O1L5LmiBozbmtIz0Lnw1Aw9Utiyg

Request Chain 544

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEOXJhzubQW1qDVwNydvmuh8&google_cver=1&google_push=AYg5qPJxKxID2iLog7JBCTEH4dKUd8QJw99p8o3Bbds2VlC5G3yZs2yrIEn546LY7L4kAAB3WMnF46Lu_2RUk3f5HbyW4svzg6zC HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AYg5qPJxKxID2iLog7JBCTEH4dKUd8QJw99p8o3Bbds2VlC5G3yZs2yrIEn546LY7L4kAAB3WMnF46Lu_2RUk3f5HbyW4svzg6zC

Request Chain 546

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEDthQkMK0Z3o868sOoyGaZ8&google_cver=1&google_push=AYg5qPI2msSIoH20lQcGyiNa_loeedmFOQCXZnvqxl1RqDTvyGmRSVVN1puKPZ8wSp95bWV09iKFihpFMHNhUsTQyU5uKJwzF8ZT HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPI2msSIoH20lQcGyiNa_loeedmFOQCXZnvqxl1RqDTvyGmRSVVN1puKPZ8wSp95bWV09iKFihpFMHNhUsTQyU5uKJwzF8ZT&google_hm=ODczMTIxNjg1NDgwOTQxMTI2Ng%3D%3D

Request Chain 547

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESELSJpmW1jMC7NJKfsCHeeHk&google_cver=1&google_push=AYg5qPLAJD60cigHgOx8Wd4C5caqRR_jze2GJGUqJuQIRxrl8zuHll2y9JlNS6gTJap6tmajN9CTbTG0YE9OrzIxOH89c97H-4rwaA HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESELSJpmW1jMC7NJKfsCHeeHk&google_cver=1&google_push=AYg5qPLAJD60cigHgOx8Wd4C5caqRR_jze2GJGUqJuQIRxrl8zuHll2y9JlNS6gTJap6tmajN9CTbTG0YE9OrzIxOH89c97H-4rwaA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzQ0NDkwOTM0NDY5OTA3MTExMw&google_push=AYg5qPLAJD60cigHgOx8Wd4C5caqRR_jze2GJGUqJuQIRxrl8zuHll2y9JlNS6gTJap6tmajN9CTbTG0YE9OrzIxOH89c97H-4rwaA

Request Chain 548

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEPTIBB9yhrid9dfSM8S67-c&google_cver=1&google_push=AYg5qPKWbYb0BbwZB2knkm7c1ZXXRqDJP4A7IZev5NzWT6D7kB_8nFXvTk5ttCsu1sYIotoZzYjLmrIIcA1zWTvbT6zFyeLuhK6ibA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZSCh8wdfFakTfYb34ZaCQAABFsAAAIB&google_gid=CAESEPTIBB9yhrid9dfSM8S67-c&google_push=AYg5qPKWbYb0BbwZB2knkm7c1ZXXRqDJP4A7IZev5NzWT6D7kB_8nFXvTk5ttCsu1sYIotoZzYjLmrIIcA1zWTvbT6zFyeLuhK6ibA&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZSCh8wdfFakTfYb34ZaCQAABFsAAAIB&google_gid=CAESEPTIBB9yhrid9dfSM8S67-c&google_push=AYg5qPKWbYb0BbwZB2knkm7c1ZXXRqDJP4A7IZev5NzWT6D7kB_8nFXvTk5ttCsu1sYIotoZzYjLmrIIcA1zWTvbT6zFyeLuhK6ibA&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZSCh8wdfFakTfYb34ZaCQAABFsAAAIB&google_gid=CAESEPTIBB9yhrid9dfSM8S67-c&google_push=AYg5qPKWbYb0BbwZB2knkm7c1ZXXRqDJP4A7IZev5NzWT6D7kB_8nFXvTk5ttCsu1sYIotoZzYjLmrIIcA1zWTvbT6zFyeLuhK6ibA&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZSCh8wdfFakTfYb34ZaCQAABFsAAAIB&google_gid=CAESEPTIBB9yhrid9dfSM8S67-c&google_push=AYg5qPKWbYb0BbwZB2knkm7c1ZXXRqDJP4A7IZev5NzWT6D7kB_8nFXvTk5ttCsu1sYIotoZzYjLmrIIcA1zWTvbT6zFyeLuhK6ibA&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZSCh8wdfFakTfYb34ZaCQAABFsAAAIB&google_gid=CAESEPTIBB9yhrid9dfSM8S67-c&google_push=AYg5qPKWbYb0BbwZB2knkm7c1ZXXRqDJP4A7IZev5NzWT6D7kB_8nFXvTk5ttCsu1sYIotoZzYjLmrIIcA1zWTvbT6zFyeLuhK6ibA&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZSCh8wdfFakTfYb34ZaCQAABFsAAAIB&google_gid=CAESEPTIBB9yhrid9dfSM8S67-c&google_push=AYg5qPKWbYb0BbwZB2knkm7c1ZXXRqDJP4A7IZev5NzWT6D7kB_8nFXvTk5ttCsu1sYIotoZzYjLmrIIcA1zWTvbT6zFyeLuhK6ibA&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZSCh8wdfFakTfYb34ZaCQAABFsAAAIB&google_gid=CAESEPTIBB9yhrid9dfSM8S67-c&google_push=AYg5qPKWbYb0BbwZB2knkm7c1ZXXRqDJP4A7IZev5NzWT6D7kB_8nFXvTk5ttCsu1sYIotoZzYjLmrIIcA1zWTvbT6zFyeLuhK6ibA&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZSCh8wdfFakTfYb34ZaCQAABFsAAAIB&google_gid=CAESEPTIBB9yhrid9dfSM8S67-c&google_push=AYg5qPKWbYb0BbwZB2knkm7c1ZXXRqDJP4A7IZev5NzWT6D7kB_8nFXvTk5ttCsu1sYIotoZzYjLmrIIcA1zWTvbT6zFyeLuhK6ibA&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZSCh8wdfFakTfYb34ZaCQAABFsAAAIB&google_gid=CAESEPTIBB9yhrid9dfSM8S67-c&google_push=AYg5qPKWbYb0BbwZB2knkm7c1ZXXRqDJP4A7IZev5NzWT6D7kB_8nFXvTk5ttCsu1sYIotoZzYjLmrIIcA1zWTvbT6zFyeLuhK6ibA&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZSCh8wdfFakTfYb34ZaCQAABFsAAAIB&google_gid=CAESEPTIBB9yhrid9dfSM8S67-c&google_push=AYg5qPKWbYb0BbwZB2knkm7c1ZXXRqDJP4A7IZev5NzWT6D7kB_8nFXvTk5ttCsu1sYIotoZzYjLmrIIcA1zWTvbT6zFyeLuhK6ibA&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZSCh8wdfFakTfYb34ZaCQAABFsAAAIB&google_gid=CAESEPTIBB9yhrid9dfSM8S67-c&google_push=AYg5qPKWbYb0BbwZB2knkm7c1ZXXRqDJP4A7IZev5NzWT6D7kB_8nFXvTk5ttCsu1sYIotoZzYjLmrIIcA1zWTvbT6zFyeLuhK6ibA&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZSCh8wdfFakTfYb34ZaCQAABFsAAAIB&google_gid=CAESEPTIBB9yhrid9dfSM8S67-c&google_push=AYg5qPKWbYb0BbwZB2knkm7c1ZXXRqDJP4A7IZev5NzWT6D7kB_8nFXvTk5ttCsu1sYIotoZzYjLmrIIcA1zWTvbT6zFyeLuhK6ibA&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZSCh8wdfFakTfYb34ZaCQAABFsAAAIB&google_gid=CAESEPTIBB9yhrid9dfSM8S67-c&google_push=AYg5qPKWbYb0BbwZB2knkm7c1ZXXRqDJP4A7IZev5NzWT6D7kB_8nFXvTk5ttCsu1sYIotoZzYjLmrIIcA1zWTvbT6zFyeLuhK6ibA&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZSCh8wdfFakTfYb34ZaCQAABFsAAAIB&google_gid=CAESEPTIBB9yhrid9dfSM8S67-c&google_push=AYg5qPKWbYb0BbwZB2knkm7c1ZXXRqDJP4A7IZev5NzWT6D7kB_8nFXvTk5ttCsu1sYIotoZzYjLmrIIcA1zWTvbT6zFyeLuhK6ibA&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZSCh8wdfFakTfYb34ZaCQAABFsAAAIB&google_gid=CAESEPTIBB9yhrid9dfSM8S67-c&google_push=AYg5qPKWbYb0BbwZB2knkm7c1ZXXRqDJP4A7IZev5NzWT6D7kB_8nFXvTk5ttCsu1sYIotoZzYjLmrIIcA1zWTvbT6zFyeLuhK6ibA&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZSCh8wdfFakTfYb34ZaCQAABFsAAAIB&google_gid=CAESEPTIBB9yhrid9dfSM8S67-c&google_push=AYg5qPKWbYb0BbwZB2knkm7c1ZXXRqDJP4A7IZev5NzWT6D7kB_8nFXvTk5ttCsu1sYIotoZzYjLmrIIcA1zWTvbT6zFyeLuhK6ibA&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZSCh8wdfFakTfYb34ZaCQAABFsAAAIB&google_gid=CAESEPTIBB9yhrid9dfSM8S67-c&google_push=AYg5qPKWbYb0BbwZB2knkm7c1ZXXRqDJP4A7IZev5NzWT6D7kB_8nFXvTk5ttCsu1sYIotoZzYjLmrIIcA1zWTvbT6zFyeLuhK6ibA&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZSCh8wdfFakTfYb34ZaCQAABFsAAAIB&google_gid=CAESEPTIBB9yhrid9dfSM8S67-c&google_push=AYg5qPKWbYb0BbwZB2knkm7c1ZXXRqDJP4A7IZev5NzWT6D7kB_8nFXvTk5ttCsu1sYIotoZzYjLmrIIcA1zWTvbT6zFyeLuhK6ibA&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZSCh8wdfFakTfYb34ZaCQAABFsAAAIB&google_gid=CAESEPTIBB9yhrid9dfSM8S67-c&google_push=AYg5qPKWbYb0BbwZB2knkm7c1ZXXRqDJP4A7IZev5NzWT6D7kB_8nFXvTk5ttCsu1sYIotoZzYjLmrIIcA1zWTvbT6zFyeLuhK6ibA&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZSCh8wdfFakTfYb34ZaCQAABFsAAAIB&google_gid=CAESEPTIBB9yhrid9dfSM8S67-c&google_push=AYg5qPKWbYb0BbwZB2knkm7c1ZXXRqDJP4A7IZev5NzWT6D7kB_8nFXvTk5ttCsu1sYIotoZzYjLmrIIcA1zWTvbT6zFyeLuhK6ibA&google_cver=1

609 HTTP transactions
9 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request lifestyle Show response
www.thestar.com.my/
Redirect Chain

http://star2.com/
https://www.thestar.com.my/lifestyle

1 MB
280 KB

305ms
265ms

Document
text/html

13.224.96.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com.my/lifestyle

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.126 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-126.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

85d56bd84b1fdaa79be51a248386ace108d78ba17ca60e5bf26eb6a2685af408

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

content-type: text/html; charset=UTF-8
date: Wed, 17 Nov 2021 04:18:10 GMT
server: nginx
cache-control: no-cache, private
referrer-policy: no-referrer-when-downgrade
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Access-Control-Allow-Headers, Access-Control-Allow-Origin, Content-Type
access-control-allow-origin: https://dev-smebizhub.starmediagroup.my
content-encoding: gzip
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 1437ff2cfbc1ea8c7a36e6b0ce6e935a.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: WdCP4JRghDiwtWNFqqP8Khs_fnJ80RxrTDgSii8dx6yabZO1JBiWiw==

Redirect headers

Content-Type: text/html; charset=UTF-8
Location: https://www.thestar.com.my/lifestyle
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Wed, 17 Nov 2021 04:19:44 GMT
Content-Length: 159

GET
H2 200 bootstrap.min.css
cdn.thestar.com.my/Themes/css/ 119 KB
20 KB 72ms
27ms Stylesheet
text/css 13.224.96.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.thestar.com.my/Themes/css/bootstrap.min.css
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-73.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cf6286ab735948b1b8687b6b442c55e262bc1d6ba79f781b8d7d23586f0606bf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: Ud66jYeCteNVhUEoIGU_tSliJ0c5oW8O
content-encoding: gzip
etag: W/"67d856a36edacea9564bd92310f7d792"
last-modified: Thu, 01 Oct 2020 02:17:09 GMT
server: AmazonS3
age: 1888
x-amz-meta-cb-modifiedtime: Thu, 12 Oct 2017 02:23:22 GMT
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 5e318b3ea3fa81a8c20898c2f8c40e7c.cloudfront.net (CloudFront)
cache-control: max-age=604800
date: Wed, 17 Nov 2021 03:55:17 GMT
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: I635WG69aP8tGL6J1P2whyiMgdNNoLbQSN0yzSYZEIb1uGKrVL7LTg==

GET
H2 200 css
fonts.googleapis.com/ 6 KB
1 KB 36ms
15ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:300,300i,400,400i,700,700i,900,900i&display=swap

Requested by

Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8f3638a07274186824d584038c798c850e3f3229223e79346461b1595db501c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 17 Nov 2021 04:17:03 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 17 Nov 2021 04:18:10 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 17 Nov 2021 04:18:10 GMT

GET
H2 200 tsol2019_pw.css
cdn.thestar.com.my/Themes/css/ 95 KB
19 KB 90ms
46ms Stylesheet
text/css 13.224.96.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.thestar.com.my/Themes/css/tsol2019_pw.css?v=20210907
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-73.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 047b2010d498213bc9246a93ba819dda53a216bf764ad9b5ee2e5ae471bff3df

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: JLP6p4mvBqhuPwiBudp0Ky45oyObPENs
content-encoding: gzip
last-modified: Tue, 07 Sep 2021 11:35:06 GMT
server: AmazonS3
x-amz-cf-pop: ZRH50-C1
etag: W/"51aa1d9f719d49263320ddc699f4d473"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 5e318b3ea3fa81a8c20898c2f8c40e7c.cloudfront.net (CloudFront)
date: Wed, 17 Nov 2021 04:18:10 GMT
x-amz-cf-id: hQFZECItm7X61PLGMoZ1Z4A4LpDDF4Nm7yb6KhVvIRJCziHGRoD7mA==

GET
H2 200 story2017.min.css
cdn.thestar.com.my/Themes/css/ 9 KB
3 KB 80ms
35ms Stylesheet
text/css 13.224.96.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.thestar.com.my/Themes/css/story2017.min.css?v=20211012
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-73.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 249491720598f893eed99f05872f325bf73976054034f2ef607a6456f8b00e0a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: RINYdiUFqx5RbBXLoy9MUCt0LzLzu8vl
content-encoding: gzip
last-modified: Tue, 12 Oct 2021 07:47:15 GMT
server: AmazonS3
x-amz-cf-pop: ZRH50-C1
etag: W/"52c0c23ec3dcca702452b20101925ff1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 5e318b3ea3fa81a8c20898c2f8c40e7c.cloudfront.net (CloudFront)
date: Wed, 17 Nov 2021 04:18:10 GMT
x-amz-cf-id: _D72aDNHcZUFDPEZfnSJSnIfUj9B9XwOUPkXvwV_URHz4Qq2Tx5_2g==

GET
H2 200 info.css
cdn.thestar.com.my/Themes/css/ 5 KB
2 KB 68ms
24ms Stylesheet
text/css 13.224.96.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.thestar.com.my/Themes/css/info.css
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-73.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 581e25592a67045516265f84c02caa0310999ac85b8330fdcdc79f363b33611f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: 1.51bKGEb0PTv3hSOCmiJ.243PQ3nZx3
content-encoding: gzip
etag: W/"1aa5bc290203717673262f578a590dd3"
last-modified: Thu, 01 Oct 2020 02:17:10 GMT
server: AmazonS3
age: 2087
x-amz-meta-cb-modifiedtime: Fri, 16 Aug 2013 10:10:13 GMT
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 5e318b3ea3fa81a8c20898c2f8c40e7c.cloudfront.net (CloudFront)
cache-control: max-age=604800
date: Wed, 17 Nov 2021 03:55:17 GMT
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: ENUrUlNnAEi4kOm0i8eCWkLP2NnFtMAJ95euvnw9GCS2cO-n2cSL4g==

GET
H2 200 bookmark.min.css
cdn.thestar.com.my/Themes/css/ 9 KB
3 KB 90ms
46ms Stylesheet
text/css 13.224.96.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.thestar.com.my/Themes/css/bookmark.min.css?v=20201123
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-73.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9b698821cb8ad51c19ae43cdc91d3fa37b0d1edc1c12a7ba1d0b940b5986c778

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: 42ZCDGB1EwVQij9jOKaY5QxStJiy4Bw_
content-encoding: gzip
last-modified: Mon, 23 Nov 2020 02:09:17 GMT
server: AmazonS3
x-amz-cf-pop: ZRH50-C1
etag: W/"ca09feb941c19c5454a23f3542209d12"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 5e318b3ea3fa81a8c20898c2f8c40e7c.cloudfront.net (CloudFront)
cache-control: 604800
date: Wed, 17 Nov 2021 04:18:10 GMT
x-amz-cf-id: TM_ihtqMPihhBPtsm5L20YUh7FwBtgIuvnjuZTYLv6c0haaaiYnfFQ==

GET
H2 200 main.css
cdn.thestar.com.my/Themes/css/ 61 KB
11 KB 87ms
44ms Stylesheet
text/css 13.224.96.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.thestar.com.my/Themes/css/main.css?v=20210323
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-73.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 105ba69e2aff3f8717305031c87902d1fe2019a1244e9631e94fbc13720cbe38

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: PMoxhUo9c.Ny4l9.a9O5ocBph4gH9coY
content-encoding: gzip
last-modified: Tue, 23 Mar 2021 09:12:53 GMT
server: AmazonS3
x-amz-cf-pop: ZRH50-C1
etag: W/"8e58989af013f4d0a582b93158a24b22"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 5e318b3ea3fa81a8c20898c2f8c40e7c.cloudfront.net (CloudFront)
cache-control: 604800
date: Wed, 17 Nov 2021 04:18:10 GMT
x-amz-cf-id: RElEMyXWenAJwBL-HbKd32fVJLvPwy3maAXjJ7Dn4O868TvLs09Vkg==

GET
H2 200 promo.css
cdn.thestar.com.my/Themes/css/ 3 KB
1 KB 100ms
56ms Stylesheet
text/css 13.224.96.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.thestar.com.my/Themes/css/promo.css
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-73.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 316344e85419e921d1f7f7f5e846f8081e17b2da631e24ee1a9dba4d544fddb1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: cTpHpLtDfO6oDRjJlvCAo1Uuwxd5Mw7d
content-encoding: gzip
last-modified: Tue, 17 Aug 2021 04:47:39 GMT
server: AmazonS3
x-amz-cf-pop: ZRH50-C1
etag: W/"36f8ccb7da7a85cd553bd68d3b27eccf"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 5e318b3ea3fa81a8c20898c2f8c40e7c.cloudfront.net (CloudFront)
date: Wed, 17 Nov 2021 04:18:10 GMT
x-amz-cf-id: KwBgxtutcEwLrXsJ8oBEWBXehuUr2Yyys7AosT5nSE_BSpTPKxtYCA==

GET
H2 200 stock.search.min.css
cdn.thestar.com.my/Themes/css/ 577 B
1008 B 71ms
28ms Stylesheet
text/css 13.224.96.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.thestar.com.my/Themes/css/stock.search.min.css
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-73.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d8fd2a2d3ba29a9c4df14f66b1bd33e9a5db41f9e43527d8e2341fdecf4ed7bc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: DYuyOSWJKpUHMg69YtSIuMPMhqtqRHMW
via: 1.1 5e318b3ea3fa81a8c20898c2f8c40e7c.cloudfront.net (CloudFront)
etag: "abd4fa5dfda7656031ff9bc791e31ebb"
last-modified: Thu, 01 Oct 2020 02:17:10 GMT
server: AmazonS3
age: 1410
x-amz-meta-cb-modifiedtime: Fri, 25 Aug 2017 08:10:23 GMT
x-cache: Hit from cloudfront
content-type: text/css
cache-control: max-age=604800
date: Wed, 17 Nov 2021 03:55:17 GMT
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-length: 577
x-amz-cf-id: 0QxkhlG4TxkdarE0msenLRkfqJWc32BX3ytClNoIAP4IkX0SE2-yIA==

GET
H2 200 font-awesome.min.css
cdn.thestar.com.my/Themes/css/ 30 KB
7 KB 67ms
24ms Stylesheet
text/css 13.224.96.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.thestar.com.my/Themes/css/font-awesome.min.css
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-73.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6de5f10ccef7544ae2724a6baaf888e54031959cd40e133126d64fc913a005fa

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: 2vubh.PhxEhgJpFKBG0pP31KYJZnb.Rf
content-encoding: gzip
etag: W/"79f8083e69a38052ae8392709b1610c8"
last-modified: Thu, 01 Oct 2020 02:17:10 GMT
server: AmazonS3
age: 3007
x-amz-meta-cb-modifiedtime: Mon, 20 Jan 2020 03:30:42 GMT
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 5e318b3ea3fa81a8c20898c2f8c40e7c.cloudfront.net (CloudFront)
cache-control: max-age=604800
date: Wed, 17 Nov 2021 03:28:44 GMT
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: nI1csFCvGKJ-dWQwnmtQSDd6P8HJWhQes_RyLss4w0cIpDtPXu76pg==

GET
H2 200 global-bar.min.css
cdn.thestar.com.my/GlobalBar/css/ 5 KB
2 KB 59ms
16ms Stylesheet
text/css 13.224.96.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.thestar.com.my/GlobalBar/css/global-bar.min.css
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-73.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: efa875fbc07e6790f68ce847dfdeed6f81ca93a301b27b7440682b20f688023b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: 2rSoaAo0F0M_gC.wHNQEHLISGuYe8kUJ
content-encoding: gzip
etag: W/"2352a7924ab6600445060ce8da2f9e61"
last-modified: Thu, 01 Oct 2020 02:31:14 GMT
server: AmazonS3
age: 79563
x-amz-meta-cb-modifiedtime: Wed, 01 Jul 2020 07:40:54 GMT
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 5e318b3ea3fa81a8c20898c2f8c40e7c.cloudfront.net (CloudFront)
cache-control: max-age=604800
date: Tue, 16 Nov 2021 06:12:08 GMT
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: DU02MDvVeGp_t-Qu_9EanXobfS7_wazZQzNTUzplGVVyHg2wm3-oCw==

GET
H2 200 audio.css
cdn.thestar.com.my/Components/Audio/ 9 KB
2 KB 87ms
45ms Stylesheet
text/css 13.224.96.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.thestar.com.my/Components/Audio/audio.css
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-73.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4bf4a9bd526fe56f0c1f728a46defffe19897d8fc49ed811d10ac3f208007c2c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: 4fEQPXNNtWhcIBa_DYlOd_C68bas6KnV
content-encoding: gzip
etag: W/"6b621e92f808f4c887d5eb54d7b5bf18"
last-modified: Thu, 01 Oct 2020 04:47:53 GMT
server: AmazonS3
x-amz-cf-pop: ZRH50-C1
x-amz-meta-cb-modifiedtime: Wed, 09 Jan 2019 02:04:14 GMT
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 5e318b3ea3fa81a8c20898c2f8c40e7c.cloudfront.net (CloudFront)
cache-control: max-age=604800
date: Wed, 17 Nov 2021 04:18:10 GMT
x-amz-cf-id: dWmc7PXp9OmV0xoA67ax-Ko4u2lNLDhnbSRZrR9035Mln9W39KwkTA==

GET
H2 200 owl.carousel.min.css
cdn.thestar.com.my/Themes/css/ 4 KB
1 KB 66ms
24ms Stylesheet
text/css 13.224.96.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.thestar.com.my/Themes/css/owl.carousel.min.css
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-73.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 122e0de24633a9fa3d0668b02f8ff785df8f58990d3d263b955d967a9542c682

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: jBZo_fxdrmNQeQ0zDiLYp2wHUQrzyzsK
content-encoding: gzip
last-modified: Thu, 01 Oct 2020 02:17:09 GMT
server: AmazonS3
age: 2385
etag: W/"1189f89df639b70679aa1be29335a613"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 5e318b3ea3fa81a8c20898c2f8c40e7c.cloudfront.net (CloudFront)
cache-control: max-age=604800
date: Wed, 17 Nov 2021 03:55:17 GMT
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: t3tlVWrvB9ybzx0hnJinwV5qdecLfXt2QpRMjF6bbZ3tA7aFBVgtBQ==

GET
H2 200 style.min.css
cdn.thestar.com.my/Themes/css/ 3 KB
2 KB 86ms
44ms Stylesheet
text/css 13.224.96.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.thestar.com.my/Themes/css/style.min.css?v=20201123
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-73.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c540a9231b20ee699d027d00ff6e0ff728eb955d7a54ebc6498fb75125f92c12

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: M_PjCpdDSoC2zNKkgGTFEIcv_E5IWxic
content-encoding: gzip
last-modified: Wed, 23 Dec 2020 04:32:43 GMT
server: AmazonS3
x-amz-cf-pop: ZRH50-C1
etag: W/"b4247f523472dd6ecb8dc9f88b2590bb"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 5e318b3ea3fa81a8c20898c2f8c40e7c.cloudfront.net (CloudFront)
cache-control: 604800
date: Wed, 17 Nov 2021 04:18:10 GMT
x-amz-cf-id: JxyLJzmf2oDL1vxERZtIpAvijA3_jYaKtD0JXnXdeDcQ6UvmzYU9zQ==

GET
H/1.1 200
OK cx.cce.js Show response
scdn.cxense.com/ 22 KB
6 KB 51ms
10ms Script
application/x-javascript 2a02:26f0:1700:181::268b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://scdn.cxense.com/cx.cce.js
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:1700:181::268b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 78b341647e8bf718869378550c0c14b87bfe33967b4944d7dac6a2a1f3290d4c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Wed, 17 Nov 2021 04:18:11 GMT
Content-Encoding: gzip
Last-Modified: Thu, 08 Jul 2021 14:49:19 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5864
Expires: Wed, 17 Nov 2021 05:18:11 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.1.1/ 85 KB
30 KB 32ms
6ms Script
text/javascript 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.1.1/jquery.min.js

Requested by

Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 16 Nov 2021 13:58:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 51588
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30244
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 16 Nov 2022 13:58:22 GMT

GET
H2 200 parsely-onload.min.js Show response
cdn.thestar.com.my/Themes/js/ 5 KB
2 KB 66ms
24ms Script
application/javascript 13.224.96.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.thestar.com.my/Themes/js/parsely-onload.min.js
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-73.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9de09574b3b0c74b29652aa2b38db155ce59c20c765b4a515429c6934f2c3a36

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: 1DWUB0MLRA9Gin_ixr7MS2Yy_RpKtHx_
content-encoding: gzip
last-modified: Thu, 01 Oct 2020 02:19:23 GMT
server: AmazonS3
age: 2202
etag: W/"cf0b5aed788300bcd41cf265d84655dd"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 5e318b3ea3fa81a8c20898c2f8c40e7c.cloudfront.net (CloudFront)
cache-control: max-age=604800
date: Wed, 17 Nov 2021 03:55:17 GMT
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: Qmwr-y1hURfeEnGBEvN_xc8Vl8m-TsBSBUFDFosoC76gQc5yaQsB1Q==

GET
H2 200 URI.min.js Show response
cdnjs.cloudflare.com/ajax/libs/URI.js/1.18.10/ 45 KB
13 KB 52ms
20ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/URI.js/1.18.10/URI.min.js

Requested by

Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

39259f689de4a4b42fe99ce88884ca2d525ccca82c0c7d99e7ab8f900bd24196

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 04:18:10 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 446398
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 13131
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:04:03 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03cf3-b370"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W%2Fm1gvo%2B%2Btdn%2F7PHpdUBNy0jgy1q8WRGME0vGM%2BAq0%2FxNaMyMxSHaTH3ZAcR2fvWC2rTCDn6EvoTfFEcQyqM8cicHSMVe%2BfJasPSIb%2FXJdk956s58TYHgWol0ZCq7QVteCYdpoRe%2FY1evvwbc56ep67X"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6af6274dabc64224-AMS
expires: Mon, 07 Nov 2022 04:18:10 GMT

GET
H2 200 moment.min.js Show response
cdnjs.cloudflare.com/ajax/libs/moment.js/2.18.1/ 50 KB
16 KB 51ms
19ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/moment.js/2.18.1/moment.min.js

Requested by

Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d618d4869738e0dc22360f0ec0cbb6433257843f24723fac240dda0906685238

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 04:18:10 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 10972
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 15476
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:13:26 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03f26-c909"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AuMhhYKj4VO8BlVlVkuDtdRZrULuSMHzAKzM%2FYseZJSfChMZ8fYNvEbuzfWGtVa8zH1jsAwIJ5HKFerwISmUUP7mKmUQKF7r1uQe8UxQpZzJSIel3abHaqKmrBwRemtQVWrXd1RHZO2pvL4VWDV443Ok"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6af6274dabc84224-AMS
expires: Mon, 07 Nov 2022 04:18:10 GMT

GET
H2 200 postscribe.min.js Show response
cdnjs.cloudflare.com/ajax/libs/postscribe/2.0.8/ 17 KB
5 KB 72ms
40ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/postscribe/2.0.8/postscribe.min.js

Requested by

Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c4e20f53f5ef0ed44b783437aa3f4638a9a56cc4aa29ae83ed9212eb2807052a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 04:18:10 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 59339
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 5117
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:15:38 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03faa-45f4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mYdBMQ7vfTdsX08kT9%2BU6hb7tt5X1z5aLuHlTGN3feDBKtVc7%2B9qNayvs9IjGnWoeG9X5UIOOuk7ozH5%2BRznUPcSfwhFxPXxza5ld5DAYz9DhoOsGGox85luSbkaTk5ZazY6gprF5zlE8EAt3S1ri526"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6af6274dabc94224-AMS
expires: Mon, 07 Nov 2022 04:18:10 GMT

GET
H2 200 js.cookie.js Show response
cdn.thestar.com.my/Themes/js/ 4 KB
2 KB 65ms
24ms Script
application/javascript 13.224.96.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.thestar.com.my/Themes/js/js.cookie.js
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-73.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 55b0a4a2ab61a84eef7acffed553b8bd6daca362fbce16f8b9a9cb3cb72b8789

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: 9uuOoJhuZtR5PqudHFYxAz77EF7flIiw
content-encoding: gzip
last-modified: Thu, 01 Oct 2020 02:19:23 GMT
server: AmazonS3
age: 1642
etag: W/"6e9eb1f53afb135aedaf90739c867738"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 5e318b3ea3fa81a8c20898c2f8c40e7c.cloudfront.net (CloudFront)
cache-control: max-age=604800
date: Wed, 17 Nov 2021 03:55:17 GMT
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: D8G0GBuQlKksTGOuDdBb9DaAT9J-8McbQXWFiL-tyvKYk7aoVhRWUA==

GET
H2 200 jquery.dotdotdot.min.js Show response
cdn.thestar.com.my/Themes/js/ 6 KB
3 KB 78ms
38ms Script
application/javascript 13.224.96.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.thestar.com.my/Themes/js/jquery.dotdotdot.min.js
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-73.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: eb2631a273e438a2a4eecf22f4272d4abf5b4cd2564506c0597ccacdc318ea3d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: hAkLNIGL3rohYqiNd1Iog0CmHxxih5th
content-encoding: gzip
last-modified: Thu, 01 Oct 2020 02:19:23 GMT
server: AmazonS3
x-amz-cf-pop: ZRH50-C1
etag: W/"e7489c03aaea168ba084298955d7fb9a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 5e318b3ea3fa81a8c20898c2f8c40e7c.cloudfront.net (CloudFront)
cache-control: max-age=604800
date: Wed, 17 Nov 2021 04:18:10 GMT
x-amz-cf-id: P-plFpmoUzNhml-SPG_mXM0A1jJNhilusy-_xkA_aQhBKyyb-2nZIA==

GET
H2 200 vue.min.js Show response
cdn.jsdelivr.net/npm/vue@2.5.12/dist/ 85 KB
32 KB 67ms
29ms Script
application/javascript 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/vue@2.5.12/dist/vue.min.js

Requested by

Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f8117e9e4039e48e73dddefb54e3e5cf0bd2509688a8f64ed0f3c03845029cea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 04:18:10 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1927706
x-jsd-version: 2.5.12
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by: cache-fra19174-FRA, cache-ams21082-AMS
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"1532d-b7N+P+qNjCY0IJSHys6z84RECdI"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cf-ray: 6af6274db89e0b3f-AMS

GET
H2 200 axios.min.js Show response
cdnjs.cloudflare.com/ajax/libs/axios/0.19.0/ 13 KB
4 KB 54ms
23ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/axios/0.19.0/axios.min.js

Requested by

Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4b52781951c70cc8a2ae2afdaac5d673c656c3be0f1c769fa6c1e9e4f5ed8d3b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 04:18:10 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 54281
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 4224
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:06:02 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03d6a-3580"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xqQQE6BFAFNwbuOrZMXrqX2lzPiJS5L9cG7Eb6yr%2FUAYySNTXDJsx57MMw5KbCeZ3cfCVxCaSxXPLknW877%2BvfIf05DXd8p6Y7Af4VEB2bDmDqgZGutzaZD4c85ALvkekXXxQDEG%2FCcRrLCVLaZe5L8x"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6af6274dabca4224-AMS
expires: Mon, 07 Nov 2022 04:18:10 GMT

GET
H2 200 Main.min.js Show response
cdn.thestar.com.my/Themes/js/ 30 KB
7 KB 68ms
27ms Script
application/javascript 13.224.96.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.thestar.com.my/Themes/js/Main.min.js
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-73.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7e78e48d0030ee8f1bb143e6bed1e23831aa407edc7f1f5def849ebce11a3b7c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: U3PZu35WxYgH9GSSGClLY_x.o0Yt34Ii
content-encoding: gzip
last-modified: Thu, 01 Oct 2020 02:19:23 GMT
server: AmazonS3
age: 3072
etag: W/"5a6ec816592fcb73b4e4596a8b65b8a1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 5e318b3ea3fa81a8c20898c2f8c40e7c.cloudfront.net (CloudFront)
cache-control: max-age=604800
date: Wed, 17 Nov 2021 03:28:44 GMT
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: 2C03yYRIQsjsszmDxMsL7Gu5QZq-Cj7hnF2g3CudRkLL8qAVW2VNxw==

GET
H2 200 widget_mixin.js Show response
cdn.thestar.com.my/Themes/js/ 12 KB
3 KB 87ms
47ms Script
application/javascript 13.224.96.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.thestar.com.my/Themes/js/widget_mixin.js
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-73.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: dd1448fcedd66fd634ecd7509d683798a1832b029b85735ed1deef908f1390ff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: y9PpVJXd2Oxkkq3Zw.83CUlh1k4ay25d
content-encoding: gzip
last-modified: Thu, 01 Oct 2020 02:19:23 GMT
server: AmazonS3
x-amz-cf-pop: ZRH50-C1
etag: W/"548632554aa77d76e34e3dc08ab3671c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 5e318b3ea3fa81a8c20898c2f8c40e7c.cloudfront.net (CloudFront)
cache-control: max-age=604800
date: Wed, 17 Nov 2021 04:18:10 GMT
x-amz-cf-id: F0nN2hUut6xrFut5QGU2eRcDzNLeLqWUJiR_JnY8GCFX8duVVt0L9w==

GET
H2 200 slick.min.js Show response
cdn.thestar.com.my/Themes/js/ 41 KB
10 KB 75ms
35ms Script
application/javascript 13.224.96.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.thestar.com.my/Themes/js/slick.min.js
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-73.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e02af7df9a190d88380e2dcec2050ecaa493ae2d23526dbeec67f6907df3a752

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: oBAIRKEGoB7KIU6Csj.8nhVNzUkorXJ.
content-encoding: gzip
last-modified: Thu, 01 Oct 2020 02:19:23 GMT
server: AmazonS3
age: 2643
etag: W/"b53bdfc29e18f4d493d775a8023fbdc8"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 5e318b3ea3fa81a8c20898c2f8c40e7c.cloudfront.net (CloudFront)
cache-control: max-age=604800
date: Wed, 17 Nov 2021 03:34:53 GMT
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: h4-asPKGLXj4qK90ctICGfKGeGKTFeHSAc88gUeJFhAbdJfY9EO5gw==

GET
H2 200 jquery.unveil.js Show response
cdn.thestar.com.my/Themes/js/ 1 KB
1 KB 89ms
79ms Script
application/javascript 13.224.96.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.thestar.com.my/Themes/js/jquery.unveil.js
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-73.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b957ea6cdda4e5509beca77d581506f6fedd9167de1a5c7494e89a405ca764

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: 1Fhcx_qG5J0whBMLGKTITGVNVu.uQj3f
content-encoding: gzip
last-modified: Thu, 01 Oct 2020 02:19:23 GMT
server: AmazonS3
age: 2137
etag: W/"4f4ed40e89655177903ad7eafdec4b05"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 5e318b3ea3fa81a8c20898c2f8c40e7c.cloudfront.net (CloudFront)
cache-control: max-age=604800
date: Wed, 17 Nov 2021 03:55:17 GMT
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: gHm8usmHB5ORcZRogGWDYDVLbMt1pLxZekwuzW07c0Izl6Al93T53g==

GET
H2 200 all.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 22ms
6ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/all.js

Requested by

Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

65c8657f8d16589244d3eaa750e5bb928c407922bce5627bbaca1c58b6dae9f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: sEX5ePMVD+oQRxNuRRCeyg==
cross-origin-resource-policy: cross-origin
expires: Wed, 17 Nov 2021 04:36:03 GMT
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 1688
x-fb-rlafr: 0
x-fb-debug: 5qQwYKY2P+D/AJVn8Z7sNh2HN/MchvLZjkDUV4STMreLbeTUZnUyaXvXcCbnyNpU1yoI1/LrlwCpJmRcwKjFSA==
x-fb-trip-id: 917726464
x-fb-content-md5: bd0ca63793dbce2b2fb4c805549cd13c
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Wed, 17 Nov 2021 04:18:10 GMT
x-frame-options: DENY
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "19c9631a0bdcd0a82bed0ccabf1e96bb"
timing-allow-origin: *
priority: u=3,i
access-control-expose-headers: X-FB-Content-MD5

GET
H2 200 owl.carousel.min.js Show response
cdn.thestar.com.my/Themes/js/ 39 KB
11 KB 74ms
35ms Script
application/javascript 13.224.96.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.thestar.com.my/Themes/js/owl.carousel.min.js
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-73.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 64e2027cfa89bd33663a465bbae111e5a4cb253ba68406ce689d3307f25f79c5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: 91xkUJd7Bp9Lc31.TzW9M055eNZW.MwS
content-encoding: gzip
last-modified: Thu, 01 Oct 2020 02:19:23 GMT
server: AmazonS3
age: 2439
etag: W/"d93af4022365dfda42a48dd0ce25f2a8"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 5e318b3ea3fa81a8c20898c2f8c40e7c.cloudfront.net (CloudFront)
cache-control: max-age=604800
date: Wed, 17 Nov 2021 03:55:17 GMT
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: g3EYRdHZNfVwZCi2HEmcPCrMpdMpb_JXsOiYL9njOljP-nMBNgmWfg==

GET
H2 200 mediatag.min.js Show response
cdn.thestar.com.my/Themes/js/ 4 KB
2 KB 67ms
27ms Script
application/javascript 13.224.96.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.thestar.com.my/Themes/js/mediatag.min.js
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-73.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 57b4a8736adf73f8686e12a5dc8b5b446c57168d97d0fd8f1ef1c840542d3d43

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: b0vOp9rRVixzOzR4Bf0NM4XxBsi8pwbX
content-encoding: gzip
last-modified: Thu, 01 Oct 2020 02:19:23 GMT
server: AmazonS3
age: 2252
etag: W/"bb66382c1748b25c891b9dda58d4f49e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 5e318b3ea3fa81a8c20898c2f8c40e7c.cloudfront.net (CloudFront)
cache-control: max-age=604800
date: Wed, 17 Nov 2021 03:55:17 GMT
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: AA0Gy1xK07olr6Poi1PM63kau1GXUzBTM5tDh0tzOyzyKTceXz8gyA==

GET
H2 200 mediahelper.min.js Show response
cdn.thestar.com.my/Themes/js/ 1 KB
911 B 64ms
25ms Script
application/javascript 13.224.96.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.thestar.com.my/Themes/js/mediahelper.min.js
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-73.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2b99d7da83110b09c1b9d952a13835c84318995ba10b61d5c18a9b70d96c5cf5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: HUI8bjkjkMsvDB1fosoXf3g0O_f3RwT_
content-encoding: gzip
last-modified: Thu, 01 Oct 2020 02:19:23 GMT
server: AmazonS3
age: 2181
etag: W/"fe91adf3dfdcbd82bfc8d88e948a9356"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 5e318b3ea3fa81a8c20898c2f8c40e7c.cloudfront.net (CloudFront)
cache-control: max-age=604800
date: Wed, 17 Nov 2021 03:55:17 GMT
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: va3UnqI4IyRv9KrfguXa2HuSTt6-rt1q-gR80hMZIxsklsYl-bd8qQ==

GET
H2 200 widgettop.min.css
cdn.thestar.com.my/Themes/css/ 355 B
734 B 84ms
45ms Stylesheet
text/css 13.224.96.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.thestar.com.my/Themes/css/widgettop.min.css
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-73.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7801e6d6dfe4bb0739f38b4a875eedd3caeb86fd83907d6e8a9f840ea1253d9f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: 6LdMa_qUjKDTJSqTM9TkvNfEg3XGMDcu
via: 1.1 5e318b3ea3fa81a8c20898c2f8c40e7c.cloudfront.net (CloudFront)
last-modified: Thu, 01 Oct 2020 02:17:10 GMT
server: AmazonS3
x-amz-cf-pop: ZRH50-C1
etag: "d4d7dfa253b7eb381717d2d49bef8b6c"
x-cache: Hit from cloudfront
content-type: text/css
cache-control: max-age=604800
date: Wed, 17 Nov 2021 04:18:10 GMT
accept-ranges: bytes
content-length: 355
x-amz-cf-id: rZ6yBkeTqZ_T1PLnuIGe_KarK4a40jVpWEckR17IbJ7O94Xc4fbIDQ==

GET
H2 200 widgettop.min.js Show response
cdn.thestar.com.my/Themes/js/ 2 KB
1 KB 74ms
35ms Script
application/javascript 13.224.96.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.thestar.com.my/Themes/js/widgettop.min.js
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-73.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 871ff658d9767aa340756d6c5fa46759091ca65abc2071c3f3381cd0b09954de

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: AkiyUjdvcgUq1yi0xs0KA79p__MQh0HQ
content-encoding: gzip
last-modified: Thu, 01 Oct 2020 02:19:23 GMT
server: AmazonS3
age: 1491
etag: W/"ab52bf3882cd9e5f3a5ba5d6a12f30a6"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 5e318b3ea3fa81a8c20898c2f8c40e7c.cloudfront.net (CloudFront)
cache-control: max-age=604800
date: Wed, 17 Nov 2021 03:55:17 GMT
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: ugEK6Y73A4zUe4_UiXv61K7_AyuzNXijSE054KaAbvhPFBy_a72qrw==

GET
H2 200 addthis_widget.js Show response
s7.addthis.com/js/300/ 353 KB
114 KB 32ms
9ms Script
application/javascript 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/js/300/addthis_widget.js

Requested by

Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: "5f971164-5834c"
vary: Accept-Encoding
x-distribution: 99
content-type: application/javascript
cache-control: public, max-age=600
date: Wed, 17 Nov 2021 04:18:10 GMT
x-host: s7.addthis.com
content-length: 116325

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 77 KB
27 KB 75ms
27ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

sffe /

Resource Hash

2d16b7dd1dd51de053865b8efbaa6362956026a068c2e8786740d8486dd7a9be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 04:18:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1046 / 903 of 1000 / last-modified: 1637103958"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26684
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 17 Nov 2021 04:18:11 GMT

GET
H2 200 prebid.js Show response
cdn.thestar.com.my/Themes/js/ 164 KB
51 KB 89ms
79ms Script
application/javascript 13.224.96.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.thestar.com.my/Themes/js/prebid.js
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-73.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2b3188194dd55d8784117eb05af34e23ba99afdc63d9cd4d50ed6a590f6f979c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: 67.sgCE89AV.n1xtsN0drtyH7BPwq.Ko
content-encoding: gzip
last-modified: Thu, 01 Oct 2020 02:19:23 GMT
server: AmazonS3
x-amz-cf-pop: ZRH50-C1
etag: W/"6a5a380e94250c137e88f922a29ee5e0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 5e318b3ea3fa81a8c20898c2f8c40e7c.cloudfront.net (CloudFront)
cache-control: max-age=604800
date: Wed, 17 Nov 2021 04:18:10 GMT
x-amz-cf-id: cJ37SGcDd3HZXoRX3xEIFD57FFo6gzoRnOCo2WjGPlwBmLFbxW4n0g==

GET
H2 200 lifestyle2019.min.css
cdn.thestar.com.my/Themes/css/ 3 KB
1 KB 803ms
765ms Stylesheet
text/css 13.224.96.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.thestar.com.my/Themes/css/lifestyle2019.min.css
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-73.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6330fb58911032268ef5505230db6cc38e241185c4f6b0e2b884fd104ed6bac4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: TdD1A1cj1jbFdVUOtACIhOcF9fhzN0ie
content-encoding: gzip
last-modified: Thu, 01 Oct 2020 02:17:10 GMT
server: AmazonS3
x-amz-cf-pop: ZRH50-C1
etag: W/"8284cbb5a3d4879fdb0e77cc1f396c37"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: text/css
via: 1.1 5e318b3ea3fa81a8c20898c2f8c40e7c.cloudfront.net (CloudFront)
cache-control: max-age=604800
date: Wed, 17 Nov 2021 04:18:11 GMT
x-amz-cf-id: blMfQ2Y2aDiEcOO2XYdrIdIcKMVuQxTZWFIUTEnFvSxNYUNPJmxXfQ==

GET
H2 200 close.png
cdn.thestar.com.my/Themes/img/ 563 B
949 B 78ms
69ms Image
image/png 13.224.96.73
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.thestar.com.my/Themes/img/close.png
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-73.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 081d444de733f8f3e5a1fa79b128371245ed03613029cba549a07bbac5c07ecf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: oh5atXrQlnGzmYKMe0FMd8_aHZ3eX2lz
via: 1.1 5e318b3ea3fa81a8c20898c2f8c40e7c.cloudfront.net (CloudFront)
last-modified: Thu, 01 Oct 2020 02:15:05 GMT
server: AmazonS3
age: 2241
etag: "3f435ca1cfc6bdb9cd5fa80a4bbf782f"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=604800
date: Wed, 17 Nov 2021 03:55:17 GMT
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-length: 563
x-amz-cf-id: SoFHJxhJB1HgiSs3pNdR40xuAhj1D5ZWQvUswhhFpu55CbANZO6Oig==

GET
H2 200 responsive.min.css
cdn.thestar.com.my/Themes/css/ 14 KB
4 KB 83ms
79ms Stylesheet
text/css 13.224.96.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.thestar.com.my/Themes/css/responsive.min.css
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-73.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2a1ac7ba856a43cf71b7cc3657ec9766bf8779d370f2f36b140aa0d3eff755af

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: S_B3oJBTQs9EQLENGudTdjShAznEKos3
content-encoding: gzip
etag: W/"6d5c03350c2ef1690958ba685903187f"
last-modified: Thu, 01 Oct 2020 02:17:10 GMT
server: AmazonS3
x-amz-cf-pop: ZRH50-C1
x-amz-meta-cb-modifiedtime: Sun, 03 Nov 2019 20:31:38 GMT
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 5e318b3ea3fa81a8c20898c2f8c40e7c.cloudfront.net (CloudFront)
cache-control: max-age=604800
date: Wed, 17 Nov 2021 04:18:10 GMT
x-amz-cf-id: KpF6dFJmC-Q7Qu340hYOQMlLyaxV8OJViBV68uzCx2GvGh1dQX9WQw==

GET
H2 200 navi-selection-revamp.js Show response
cdn.thestar.com.my/Themes/js/navigation/ 2 KB
1 KB 42ms
42ms Script
application/javascript 13.224.96.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.thestar.com.my/Themes/js/navigation/navi-selection-revamp.js?v=20191107
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-73.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 72885c7b721704e236e38ed9af84078e146c7156c2ff91bceac0b47ee77f71a0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: Xgkepuq2ZP4xhniY2q2qEC2fXiNjsxtR
content-encoding: gzip
last-modified: Fri, 02 Oct 2020 03:25:40 GMT
server: AmazonS3
x-amz-cf-pop: ZRH50-C1
etag: W/"05a862eb21f9c8caf895696ef1f910bd"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 5e318b3ea3fa81a8c20898c2f8c40e7c.cloudfront.net (CloudFront)
cache-control: max-age=604800
date: Wed, 17 Nov 2021 04:18:10 GMT
x-amz-cf-id: XpcW8ME_wg_SsGPnfjUE_M2TjsXuWGW8623gEcIEaRf9UnbhtYdEZA==

GET
H2 200 jquery.mockjax.min.js Show response
cdn.thestar.com.my/Themes/js/auto.complete/ 6 KB
3 KB 20ms
20ms Script
application/javascript 13.224.96.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.thestar.com.my/Themes/js/auto.complete/jquery.mockjax.min.js
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-73.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d8a3e2c87ff151b415ee2a65965a6c6459431d1430730c9a8a204ab0705b4938

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: yML40Dwy7cpBkYZgqvzVNYbVA60KAgRX
content-encoding: gzip
last-modified: Thu, 01 Oct 2020 02:21:22 GMT
server: AmazonS3
x-amz-cf-pop: ZRH50-C1
etag: W/"9ece6212dc680985754b05aa60c8e93f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 5e318b3ea3fa81a8c20898c2f8c40e7c.cloudfront.net (CloudFront)
cache-control: max-age=604800
date: Wed, 17 Nov 2021 04:18:10 GMT
x-amz-cf-id: jyIZI-UbYSQA5Rfi6ltu5_hMn2sxti5EOVE_kO1o5MShwaJQQAKT8Q==

GET
H2 200 jquery.autocomplete.min.js Show response
cdn.thestar.com.my/Themes/js/auto.complete/ 12 KB
4 KB 12ms
12ms Script
application/javascript 13.224.96.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.thestar.com.my/Themes/js/auto.complete/jquery.autocomplete.min.js
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-73.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 69b39b769a35b7575db31a2a73151c20a3fc7df2eca7ed00d719e47e41531bbf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: mQkM_q5GT_pIjmvvnEcIoZj9O0dEgdVs
content-encoding: gzip
last-modified: Thu, 01 Oct 2020 02:21:22 GMT
server: AmazonS3
age: 1269
etag: W/"bbeb164fb98847e6aa277d13acc0b845"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 5e318b3ea3fa81a8c20898c2f8c40e7c.cloudfront.net (CloudFront)
cache-control: max-age=604800
date: Wed, 17 Nov 2021 04:00:07 GMT
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: LI76HjFr2rq_72XAKM_FBKpD49hpyJQ09fii19JSP0d5gTWnlOENVQ==

GET
H/1.1 200
OK stocklookup.js Show response
s3.ap-southeast-1.amazonaws.com/biz.thestar.com.my/json/ 150 KB
151 KB 679ms
176ms Script
application/js 52.219.132.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.ap-southeast-1.amazonaws.com/biz.thestar.com.my/json/stocklookup.js
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.219.132.38 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-ap-southeast-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: adf5166318214b4494ee90af8dd48f51d9743fa2c05a857fb5b77976e2c7d69e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Wed, 17 Nov 2021 04:18:11 GMT
Last-Modified: Wed, 17 Nov 2021 01:06:46 GMT
Server: AmazonS3
x-amz-request-id: 48TSRCS5B4V5PGKK
ETag: "21dfa630fed6920d219fcacb575f2302"
x-amz-version-id: zg7SpB4huoChQfu7.Q7FvX5F3J4JRs1q
x-amz-storage-class: REDUCED_REDUNDANCY
Accept-Ranges: bytes
Content-Type: application/js
Content-Length: 153894
x-amz-id-2: MWiMADneuCEX8H4KPOaUMBMiGoCpYYVeFcukNHzKe0Ctw6Foy1fcfRSPfAAAiRpZ/x35BBEjlKA=

GET
H2 200 search-menu-1.1.min.js Show response
cdn.thestar.com.my/Themes/js/auto.complete/ 3 KB
2 KB 20ms
20ms Script
application/javascript 13.224.96.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.thestar.com.my/Themes/js/auto.complete/search-menu-1.1.min.js
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-73.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 37ded0b4eb56a3a29160e59249c93bc9a73e47f5dc62678b2c696fbda31b35c8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: ADs_LRbMGQrRKgf_H0FFRDpMK5UzUvHm
content-encoding: gzip
last-modified: Thu, 01 Oct 2020 02:21:22 GMT
server: AmazonS3
x-amz-cf-pop: ZRH50-C1
etag: W/"93c40729a04be6e873673e3df9485ae2"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 5e318b3ea3fa81a8c20898c2f8c40e7c.cloudfront.net (CloudFront)
cache-control: max-age=604800
date: Wed, 17 Nov 2021 04:18:10 GMT
x-amz-cf-id: vv-nU5SG8Rc6rSfWiH4MQWg5MMh1GD79pt3XRiqbWxDDiXycOJn5Jg==

GET
H2 200 lifestyle.min.css
www.thestar.com.my/theme_metro/css/ 249 B
570 B 396ms
391ms Stylesheet
text/css 13.224.96.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thestar.com.my/theme_metro/css/lifestyle.min.css
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-126.zrh50.r.cloudfront.net
Software: nginx /
Resource Hash: 4b53441ff024b71c72f69202b5be4edf376ebce81ceaed3be6f9cdbd54bda03e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: public
date: Wed, 17 Nov 2021 04:18:11 GMT
content-encoding: gzip
last-modified: Wed, 20 Nov 2019 10:11:26 GMT
server: nginx
x-amz-cf-pop: ZRH50-C1
etag: W/"5dd5114e-f9"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/css
via: 1.1 1437ff2cfbc1ea8c7a36e6b0ce6e935a.cloudfront.net (CloudFront)
cache-control: max-age=2592000, public
x-amz-cf-id: E1wisQ3DtK48b9_v_HOB5HCqkk-RVMb6qIhXrr9DeEgLbn8cmucn5w==
expires: Fri, 17 Dec 2021 04:18:11 GMT

GET
H2 200 jquery.waypoints.min.js Show response
cdn.thestar.com.my/Themes/js/ 9 KB
3 KB 40ms
29ms Script
application/x-javascript 13.224.96.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.thestar.com.my/Themes/js/jquery.waypoints.min.js
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-73.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 368daab67b1a5b2b2802edbbac79a2aa4ba992a2ebf9c67b98ad784d8004018c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: yo61.NhdtJolCh9B8C4GtAbkicwegKQ.
content-encoding: gzip
etag: W/"7d05f92297dede9ecfe3706efb95677a"
last-modified: Thu, 01 Oct 2020 02:19:23 GMT
server: AmazonS3
age: 3361
x-amz-meta-cb-modifiedtime: Fri, 02 Sep 2016 23:22:48 GMT
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 5e318b3ea3fa81a8c20898c2f8c40e7c.cloudfront.net (CloudFront)
cache-control: max-age=604800
date: Wed, 17 Nov 2021 03:22:10 GMT
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: iEN6uvBEx7S3_Ga10W5fOFoZ_JoNz9uUhW8NeIC-f7UqRQZF0sAnpQ==

GET
H2 200 1369569.jpg
apicms.thestar.com.my/uploads/images/2021/11/16/thumbs/medium/ 9 KB
10 KB 801ms
753ms Image
image/jpeg 13.224.96.50
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://apicms.thestar.com.my/uploads/images/2021/11/16/thumbs/medium/1369569.jpg
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-50.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a9ca795304c8b99277dac5ad1829379ff842215e567588c388854cd952435769

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 8455bcb2c0203b0c4ee93b610d75e69b.cloudfront.net (CloudFront)
last-modified: Tue, 16 Nov 2021 03:30:01 GMT
server: AmazonS3
x-amz-cf-pop: ZRH50-C1
etag: "d734e5330171f257d80cfa77e0f74b85"
x-cache: RefreshHit from cloudfront
content-type: image/jpeg
cache-control: max-age = 31536000
date: Wed, 17 Nov 2021 04:18:12 GMT
accept-ranges: bytes
content-length: 9575
x-amz-cf-id: PGWmUtGMA0wvKNpUBLMPn6ygnpZljCA74kJwdqt0K1XN6Iu4ncFbEg==

GET
H2 200 publishtimedate.min.js Show response
www.thestar.com.my/theme_metro/js/ 1 KB
868 B 220ms
208ms Script
application/javascript 13.224.96.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thestar.com.my/theme_metro/js/publishtimedate.min.js
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-126.zrh50.r.cloudfront.net
Software: nginx /
Resource Hash: fda5aa5ee4e11b687c642eade57b974abd885a338def3b3af5df484e3d79056c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: public
date: Wed, 17 Nov 2021 04:18:11 GMT
content-encoding: gzip
last-modified: Wed, 20 Nov 2019 10:11:52 GMT
server: nginx
x-amz-cf-pop: ZRH50-C1
etag: W/"5dd51168-40e"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=utf-8
via: 1.1 1437ff2cfbc1ea8c7a36e6b0ce6e935a.cloudfront.net (CloudFront)
cache-control: max-age=2592000, public
x-amz-cf-id: iDICOhEYFaQDKElsqznw5K-FnuYVQgrwRP-pqttg-99lh9pzet1JwQ==
expires: Fri, 17 Dec 2021 04:18:11 GMT

GET
H2 200 all.js Show response
connect.facebook.net/en_US/ 285 KB
82 KB 27ms
6ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/all.js?hash=9740d8d093774a2428c018bba730b872

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f5988209651833a610498c3bd287b942b1b2fbda7c8cf1b953f52377830291de

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.thestar.com.my/lifestyle
Origin: https://www.thestar.com.my
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: eI4AZ5mwvGJEY0+TMhAXwg==
cross-origin-resource-policy: cross-origin
expires: Wed, 16 Nov 2022 20:17:46 GMT
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 82912
x-fb-rlafr: 0
x-fb-debug: eC2iBapAWtIQgBAdIl5eZmJ3YIgVj7M51gPylY6ssBdNMQiiCPRUtc/sXJFh85JAfCLjL75KmqTvm9D00YwAVA==
x-fb-trip-id: 917726464
x-fb-content-md5: f05723aa2aa6ee911e83a617e17b34fb
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Wed, 17 Nov 2021 04:18:10 GMT
x-frame-options: DENY
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "34b03f58f5ba73a05ab33755d0166405"
timing-allow-origin: *
priority: u=3,i
access-control-expose-headers: X-FB-Content-MD5

GET
H2 200 moatframe.js Show response
z.moatads.com/addthismoatframe568911941483/ 2 KB
1 KB 33ms
8ms Script
application/x-javascript 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/addthismoatframe568911941483/moatframe.js
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 04:18:10 GMT
content-encoding: gzip
last-modified: Fri, 08 Nov 2019 20:13:52 GMT
server: AmazonS3
x-amz-request-id: D5503D14AA2F06AA
etag: "f14b4e1f799b14f798a195f43cf58376"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=41089
accept-ranges: bytes
content-length: 948
x-amz-id-2: JgalEtxvSAtZmM7+naGfrhsdf0JFS0gJW8lypWF8Tp90EkcPp4c3eAnpK+RDOIL1ltWgpx8wc3s=

GET
H/1.1 200
OK obtp.js Show response
amplify.outbrain.com/cp/ 8 KB
3 KB 48ms
9ms Script
application/x-javascript 2.18.234.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://amplify.outbrain.com/cp/obtp.js
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 998d9415269d92557b561a936955f7590d5052865044a9191a528b5a36f3afc9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Wed, 17 Nov 2021 04:18:11 GMT
Content-Encoding: gzip
Last-Modified: Mon, 04 Oct 2021 12:12:10 GMT
Server: AkamaiNetStorage
ETag: "973e2603f46b719eecf8139c22b897a0:1633349530.816673"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=1200
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3150
Expires: Wed, 17 Nov 2021 04:38:11 GMT

GET
H2 200 Lifestyle.js Show response
cdn.thestar.com.my/Themes/js/gpt/ 6 KB
2 KB 20ms
19ms Script
application/javascript 13.224.96.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.thestar.com.my/Themes/js/gpt/Lifestyle.js
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-73.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 47b79d50b3c3a076a0d004cd617e8d820fede7299fa25f7e7f5e059facfcf6fa

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: be4dkHV8uy1IRgKTUL9X3UgqfRTKW_YX
content-encoding: gzip
etag: W/"d94ae44e21068adc9b3c79b663ae03d4"
last-modified: Tue, 14 Sep 2021 06:28:56 GMT
server: AmazonS3
x-amz-cf-pop: ZRH50-C1
x-amz-meta-cb-modifiedtime: Tue, 14 Sep 2021 06:28:54 GMT
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 5e318b3ea3fa81a8c20898c2f8c40e7c.cloudfront.net (CloudFront)
date: Wed, 17 Nov 2021 04:18:10 GMT
x-amz-cf-id: v_u6jMAn5XWQcO_H4Nol8KNf7xJjSJCXEdUHTK7QK4Xb711rnGmC4w==

GET
H2 200 trending.js Show response
cdn.thestar.com.my/Themes/js/components/ 11 KB
3 KB 45ms
34ms Script
application/x-javascript 13.224.96.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.thestar.com.my/Themes/js/components/trending.js
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-73.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 86137a9ac4e088c8a5789b493a801945f3d514ba55f5857f969abd97a921ff1c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: PmP4SI4eo6T3BqPbD4XmAqMb5Pb7zsyP
content-encoding: gzip
etag: W/"55589494e9d3673100228685698f261f"
last-modified: Thu, 01 Oct 2020 02:21:01 GMT
server: AmazonS3
x-amz-cf-pop: ZRH50-C1
x-amz-meta-cb-modifiedtime: Thu, 03 Sep 2020 01:34:47 GMT
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 5e318b3ea3fa81a8c20898c2f8c40e7c.cloudfront.net (CloudFront)
cache-control: max-age=604800
date: Wed, 17 Nov 2021 04:18:10 GMT
x-amz-cf-id: HSybN2JgxV8x9gO8Emw9SfEhMDYCXajGhNec-8MXcHIpGp8kbcW59g==

GET
H2 200 BeautifulStripes.jpg
cdn.thestar.com.my/Themes/img/ 49 KB
50 KB 82ms
74ms Image
image/jpeg 13.224.96.73
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.thestar.com.my/Themes/img/BeautifulStripes.jpg
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-73.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d6a79823b97a8fb159f6faf444ae13ba4dfb5c8f6f246463c8da7dbefcefdf88

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: aOmxWNBEaWeqewCKcqy3kGngWidhj3P9
via: 1.1 5e318b3ea3fa81a8c20898c2f8c40e7c.cloudfront.net (CloudFront)
last-modified: Thu, 01 Oct 2020 02:15:05 GMT
server: AmazonS3
age: 1078
etag: "10055c8b9320d80ffc1157f50923ab55"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=604800
date: Wed, 17 Nov 2021 04:00:13 GMT
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-length: 50492
x-amz-cf-id: mgCCrPyNnx9_QHEZRRPdFY6LrhhRUnUsdwe4KWJa9NXIZ9lV0pPXqw==

GET
H2 200 BigSmileNoTeeth.jpg
cdn.thestar.com.my/Themes/img/ 35 KB
35 KB 35ms
26ms Image
image/jpeg 13.224.96.73
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.thestar.com.my/Themes/img/BigSmileNoTeeth.jpg
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-73.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a8a5bfe42e0256eb7e8b8d90f79517f59b77ee66db6d0d5e0d9e090e9d357143

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: OTXe04Cs3zGzbcwhh_ey4DI956jRlUGA
via: 1.1 5e318b3ea3fa81a8c20898c2f8c40e7c.cloudfront.net (CloudFront)
last-modified: Thu, 01 Oct 2020 02:15:05 GMT
server: AmazonS3
age: 2937
etag: "6dbf88e4e6fda8c13c3f95bb3bfe3024"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=604800
date: Wed, 17 Nov 2021 03:29:14 GMT
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-length: 35890
x-amz-cf-id: jxFZYH-gd1UH24PHbsTfYU-0rWBxOTgK1_kLHC5SdIKC_5pMLLtr4g==

GET
H2 200 Contradictheory.jpg
cdn.thestar.com.my/Themes/img/ 28 KB
28 KB 85ms
76ms Image
image/jpeg 13.224.96.73
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.thestar.com.my/Themes/img/Contradictheory.jpg
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-73.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0e7cabd0fab2db3bfb7cf8dea96afed2e7411e19d889f6e8ceddba5bd9365694

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 03:31:15 GMT
via: 1.1 5e318b3ea3fa81a8c20898c2f8c40e7c.cloudfront.net (CloudFront)
last-modified: Thu, 01 Oct 2020 02:15:05 GMT
server: AmazonS3
age: 2816
etag: "d58b17041d3944feb9a7c9e2932dd899"
x-cache: Hit from cloudfront
x-amz-version-id: vZ0haub6L3AJItnwJyxK3vNh3h0x0m3H
cache-control: max-age=604800
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-type: image/jpeg
content-length: 28253
x-amz-cf-id: vIUzRuEHsRKFYas3r5jscPLGNKfzAvybOCYff1xGbZ6GKEeeYw23xg==

GET
H2 200 DogTalk.jpg
cdn.thestar.com.my/Themes/img/ 40 KB
40 KB 80ms
72ms Image
image/jpeg 13.224.96.73
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.thestar.com.my/Themes/img/DogTalk.jpg
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-73.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2fd66cc444617b118565d8a44c8a559936a719c216aa3c913a91bb9cc7e0e1d8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: Bvsqr9ypsXwqNSfcraR2RhUaU5wxJbmz
via: 1.1 5e318b3ea3fa81a8c20898c2f8c40e7c.cloudfront.net (CloudFront)
last-modified: Thu, 01 Oct 2020 02:15:06 GMT
server: AmazonS3
age: 2937
etag: "e9949c89c7c8ad33958fe848c0efcf2c"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=604800
date: Wed, 17 Nov 2021 03:29:14 GMT
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-length: 40847
x-amz-cf-id: M4r5T9NjPwcEbtRnqDB6bPI10T6YybPEDY84hPGVfetm0kAnBayeTA==

GET
H2 200 HealthWithPerdana.jpg
cdn.thestar.com.my/Themes/img/ 26 KB
27 KB 77ms
69ms Image
image/jpeg 13.224.96.73
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.thestar.com.my/Themes/img/HealthWithPerdana.jpg
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-73.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4a243748025f32a370d184025724a3f3f77ef50a833dfcf20e211aafe9bca558

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 03:31:15 GMT
via: 1.1 5e318b3ea3fa81a8c20898c2f8c40e7c.cloudfront.net (CloudFront)
last-modified: Thu, 01 Oct 2020 02:15:06 GMT
server: AmazonS3
age: 2816
etag: "25efc7f2a96e14bb9721a5c436eace2c"
x-cache: Hit from cloudfront
x-amz-version-id: g34em40KwhKCwkePo3K0vYPcXYETLBsM
cache-control: max-age=604800
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-type: image/jpeg
content-length: 26820
x-amz-cf-id: hPlSHDxYlxRknbFS6iexVcZDCbowmXjE_jr37qyzI4OG8odSnbbNig==

GET
H2 200 HeartAndSoul.jpg
cdn.thestar.com.my/Themes/img/ 24 KB
25 KB 36ms
28ms Image
image/jpeg 13.224.96.73
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.thestar.com.my/Themes/img/HeartAndSoul.jpg
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-73.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b52c493cc0225216ff572f1a7e786a40c6c709fa510bc4b66ef696cb2e86f630

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: XavRiyzIPaS7oGenH8ixZ7NWI4nXrX3A
via: 1.1 5e318b3ea3fa81a8c20898c2f8c40e7c.cloudfront.net (CloudFront)
last-modified: Thu, 01 Oct 2020 02:15:06 GMT
server: AmazonS3
age: 2937
etag: "dce38dd49187dbfa3e7fae356d016597"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=604800
date: Wed, 17 Nov 2021 03:31:13 GMT
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-length: 25027
x-amz-cf-id: 246ZwkTiga5lKs1_KrGYtNpOt0UVgm0cyMP21iHMJXSdUKOBTMyEZQ==

GET
H2 200 HumanWrites.jpg
cdn.thestar.com.my/Themes/img/ 28 KB
29 KB 83ms
76ms Image
image/jpeg 13.224.96.73
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.thestar.com.my/Themes/img/HumanWrites.jpg
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-73.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2450f73a36bcde1d8995e0645f456f86314c06b871622c76878cce07b1a2d9dd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: YlU2oKOsp0q0Lwiuh0TUtjoT4C.uAid8
via: 1.1 5e318b3ea3fa81a8c20898c2f8c40e7c.cloudfront.net (CloudFront)
last-modified: Thu, 01 Oct 2020 02:15:06 GMT
server: AmazonS3
age: 2937
etag: "934f0897f87e1c02e7191ed664cf78d7"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=604800
date: Wed, 17 Nov 2021 03:29:14 GMT
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-length: 28941
x-amz-cf-id: kRnLPjVAeaXVhc5rdiX0NnHMXUcIRwdIiVxYRYFHj5IPqE5xs50MwA==

GET
H2 200 KatzTales.jpg
cdn.thestar.com.my/Themes/img/ 41 KB
41 KB 82ms
74ms Image
image/jpeg 13.224.96.73
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.thestar.com.my/Themes/img/KatzTales.jpg
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-73.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 44df23eec24dabd68180756aa397d6ee96a6ee5db32dcb14662873b83e3ab57e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: Dv5uVZvZVAjvPY0Znu.nK_42T5IPcmm7
via: 1.1 5e318b3ea3fa81a8c20898c2f8c40e7c.cloudfront.net (CloudFront)
last-modified: Thu, 01 Oct 2020 02:15:06 GMT
server: AmazonS3
age: 2937
etag: "1622d4e6a443c9c201739fa12f392fb9"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=604800
date: Wed, 17 Nov 2021 03:29:14 GMT
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-length: 41987
x-amz-cf-id: o5SVwfTUJuc3AcIrfvI4w1veMaBNO2yMmFaes12t1FYVofZC-CUOAQ==

GET
H2 200 OffTheBeat.jpg
cdn.thestar.com.my/Themes/img/ 40 KB
40 KB 85ms
78ms Image
image/jpeg 13.224.96.73
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.thestar.com.my/Themes/img/OffTheBeat.jpg
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-73.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a75c774a582e773336615f81fb1479409604aeca906a625e8f133fe360e5df29

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: VrI.gf0981T17lG0Db6tXkLhbgZ4zoHi
via: 1.1 5e318b3ea3fa81a8c20898c2f8c40e7c.cloudfront.net (CloudFront)
last-modified: Thu, 01 Oct 2020 02:15:06 GMT
server: AmazonS3
x-amz-cf-pop: ZRH50-C1
etag: "cd12743b0b401ef5d3bfbf5f063d571b"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=604800
date: Wed, 17 Nov 2021 04:18:10 GMT
accept-ranges: bytes
content-length: 40472
x-amz-cf-id: 5QW2lQ7PE6z9_F4_v8ZNpkMV5DfsrZzhNu70ekts_Tj0WZwX3D07pA==

GET
H2 200 PositiveParenting.jpg
cdn.thestar.com.my/Themes/img/ 23 KB
24 KB 82ms
75ms Image
image/jpeg 13.224.96.73
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.thestar.com.my/Themes/img/PositiveParenting.jpg
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-73.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5161b1d196cb6439dd988585efbe769030f86d567f23a1b21db17a2146cf2728

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: ervnYQ4rkK46gBHLhHB0pAYqdrjO_JHi
via: 1.1 5e318b3ea3fa81a8c20898c2f8c40e7c.cloudfront.net (CloudFront)
last-modified: Thu, 01 Oct 2020 02:15:06 GMT
server: AmazonS3
age: 2937
etag: "a9fe0f3cdbf98600ec023837eb6f4f43"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=604800
date: Wed, 17 Nov 2021 03:29:14 GMT
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-length: 23786
x-amz-cf-id: T_ZcXMa9f7CbxvPhSCY_Q43cXTiM0fj9Pnh-gyUWgKaNLJGyijYXwg==

GET
H2 200 SunnySideUp.jpg
cdn.thestar.com.my/Themes/img/ 33 KB
34 KB 35ms
28ms Image
image/jpeg 13.224.96.73
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.thestar.com.my/Themes/img/SunnySideUp.jpg
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-73.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6744513667dae41ae5913c9a9966e3b6f12dae75d3115745e5e7aeb792aa4c64

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: w_Z9C8mrU7RmCWZDp9E0PJ.HspCJCzS2
via: 1.1 5e318b3ea3fa81a8c20898c2f8c40e7c.cloudfront.net (CloudFront)
last-modified: Thu, 01 Oct 2020 02:15:06 GMT
server: AmazonS3
age: 2937
etag: "3b8211f8d824d4b1630b301bb01b3d98"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=604800
date: Wed, 17 Nov 2021 03:29:14 GMT
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-length: 33920
x-amz-cf-id: GCIIOPTYs8HCEM6SG1dTsm5gq2a8zNctK0VB4BOcbTMHYiT_d76plw==

GET
H2 200 TellMeAbout.jpg
cdn.thestar.com.my/Themes/img/ 29 KB
30 KB 83ms
76ms Image
image/jpeg 13.224.96.73
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.thestar.com.my/Themes/img/TellMeAbout.jpg
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-73.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 07a234fd1568c80f98b54c51e1ac8a1ae0c6a45f7620cb9a63e8a8e3f2a2f49c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: eoKqnyRZ05U3adAAWAzg9sntAmDycxFN
via: 1.1 5e318b3ea3fa81a8c20898c2f8c40e7c.cloudfront.net (CloudFront)
last-modified: Thu, 01 Oct 2020 02:15:05 GMT
server: AmazonS3
age: 2936
etag: "e20cff0e271ee60771465574e4ae5adc"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=604800
date: Wed, 17 Nov 2021 03:29:15 GMT
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-length: 29827
x-amz-cf-id: _2Uy4rFcMmqLoYaaYkP3wy7BaqSI5nrgvOZVsfpeVE8rOpmaHXxAgQ==

GET
H2 200 TheDoctorSays.jpg
cdn.thestar.com.my/Themes/img/ 27 KB
28 KB 36ms
29ms Image
image/jpeg 13.224.96.73
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.thestar.com.my/Themes/img/TheDoctorSays.jpg
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-73.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 13633c0a5180d50a99489394c184258265ff122578dfe5bf3a1125d100d22519

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: 4HmICt8iChZ5ZchBZiLL5hjPPgWB7j1l
via: 1.1 5e318b3ea3fa81a8c20898c2f8c40e7c.cloudfront.net (CloudFront)
last-modified: Thu, 01 Oct 2020 02:15:06 GMT
server: AmazonS3
age: 2936
etag: "08e0595eadcbf39602fc1dd7a13a0b30"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=604800
date: Wed, 17 Nov 2021 03:31:13 GMT
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-length: 28157
x-amz-cf-id: wquLb4LMLqFeG2iCAXVh-uCezRWaHFbrusiN-XwznKHzBBFTh6LvAA==

GET
H2 200 TravelGab.jpg
cdn.thestar.com.my/Themes/img/ 39 KB
39 KB 84ms
78ms Image
image/jpeg 13.224.96.73
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.thestar.com.my/Themes/img/TravelGab.jpg
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-73.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b5e0c7877aa221145bf571ae5c1852a0f46405adedc7cca11437090ecfc68e61

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 03:31:15 GMT
via: 1.1 5e318b3ea3fa81a8c20898c2f8c40e7c.cloudfront.net (CloudFront)
last-modified: Thu, 01 Oct 2020 02:15:06 GMT
server: AmazonS3
age: 2816
etag: "75a1d4147c9e32316595eba33e3eed70"
x-cache: Hit from cloudfront
x-amz-version-id: TjjqHf3mf_pjhXNZK9DP6tEtTQLvPEVF
cache-control: max-age=604800
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-type: image/jpeg
content-length: 39727
x-amz-cf-id: vX73cBmVX7sWxAJz7eaeBtgssVjugVofvRSQTdAkkKPTjcwwpkXFQQ==

GET
H2 200 TwoFit.jpg
cdn.thestar.com.my/Themes/img/ 41 KB
42 KB 83ms
77ms Image
image/jpeg 13.224.96.73
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.thestar.com.my/Themes/img/TwoFit.jpg
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-73.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b4cf52a428fa9eefc8798f68043c8d379b7f11fc843d8bd2b70744c14b702de1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 03:31:15 GMT
via: 1.1 5e318b3ea3fa81a8c20898c2f8c40e7c.cloudfront.net (CloudFront)
last-modified: Thu, 01 Oct 2020 02:15:06 GMT
server: AmazonS3
age: 2816
etag: "07b7efdb35bb44c2fd5188b3d8ccc96d"
x-cache: Hit from cloudfront
x-amz-version-id: i0hVMAd7jNNvVno69Hs_2ToKjP7LubL4
cache-control: max-age=604800
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-type: image/jpeg
content-length: 42461
x-amz-cf-id: ckNfGEWtxqrQWALdBnlNBjm-4HzgfK_06er8w4fjKVC3BmUW6mykkA==

GET
H2 200 WomensWorld.jpg
cdn.thestar.com.my/Themes/img/ 34 KB
35 KB 84ms
77ms Image
image/jpeg 13.224.96.73
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.thestar.com.my/Themes/img/WomensWorld.jpg
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-73.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b4b593212670230567541ed4822eaad8308eea565f449d7968bf57b27a65d37e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: 92eH4Quf.rXMut8NdHvD4fsY2V0EuNWw
via: 1.1 5e318b3ea3fa81a8c20898c2f8c40e7c.cloudfront.net (CloudFront)
last-modified: Thu, 01 Oct 2020 02:15:06 GMT
server: AmazonS3
age: 2875
etag: "159b5108121cf9c97bb47dfca8574c10"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=604800
date: Wed, 17 Nov 2021 03:30:16 GMT
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-length: 35322
x-amz-cf-id: 6b5n7aGd1iqkUajGwVuswigrCOUi0q7oc2a_WNP9BMANzmBRTfzLSQ==

GET
H2 200 WorldsOfWonder.jpg
cdn.thestar.com.my/Themes/img/ 65 KB
66 KB 38ms
31ms Image
image/jpeg 13.224.96.73
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.thestar.com.my/Themes/img/WorldsOfWonder.jpg
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-73.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 20150f4b865203e2a0c9cf776548d1a6a341fb574471b1704e082beba85511e2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: ZlW61_qWTlEM7ftteNOtlvl0X_dgkmrH
via: 1.1 5e318b3ea3fa81a8c20898c2f8c40e7c.cloudfront.net (CloudFront)
last-modified: Thu, 01 Oct 2020 02:15:06 GMT
server: AmazonS3
age: 2936
etag: "67b587ac899859d881b0661dd53420e5"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=604800
date: Wed, 17 Nov 2021 03:29:15 GMT
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-length: 66823
x-amz-cf-id: Vx49kH4jBwTXbyVHO1YBE6WNvBwFe5LuhcWMXA86DpMYzIsLPC8E8w==

GET
H2 200 TipsyTurvy.png
cdn.thestar.com.my/Themes/img/ 217 KB
218 KB 84ms
77ms Image
image/png 13.224.96.73
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.thestar.com.my/Themes/img/TipsyTurvy.png
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-73.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1d59759e0fd8b49078150d8baf1d177d5b954a1a73151774d9a7c65cfe2b66da

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: VPf8x488sd77_0Xscse.5vBGsMF3nhOo
via: 1.1 5e318b3ea3fa81a8c20898c2f8c40e7c.cloudfront.net (CloudFront)
last-modified: Thu, 01 Oct 2020 02:15:06 GMT
server: AmazonS3
age: 2936
etag: "e4d6d2b28ec27691df2bd5ef8c19b9e5"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=604800
date: Wed, 17 Nov 2021 03:29:15 GMT
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-length: 222658
x-amz-cf-id: Y76t9W8mC7MYfiaegeXPcVqBr8wVSGQ7HIjZCSFfGnHQlmbBqAO0ow==

GET
H2 200 CooksNook.png
cdn.thestar.com.my/Themes/img/ 231 KB
231 KB 101ms
95ms Image
image/png 13.224.96.73
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.thestar.com.my/Themes/img/CooksNook.png
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-73.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 190f1df3e8b2e79514b050601e0d2e02f7f3f1f17ec100cf92c2648c66b29a26

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: yfMVVBjnKNU3C3aSf_AlXAgjHfBtH0Eb
via: 1.1 5e318b3ea3fa81a8c20898c2f8c40e7c.cloudfront.net (CloudFront)
last-modified: Thu, 01 Oct 2020 02:15:05 GMT
server: AmazonS3
age: 1079
etag: "486b3d60d0506962b7668a8aede28866"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=604800
date: Wed, 17 Nov 2021 04:00:13 GMT
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-length: 236233
x-amz-cf-id: Q4pR8mIuuIEmz4GQreQEOyZRkbc1BEWLALDRf3blVQIZ4yRlYQbjHg==

GET
H2 200 CuriousCook.png
cdn.thestar.com.my/Themes/img/ 213 KB
214 KB 40ms
35ms Image
image/png 13.224.96.73
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.thestar.com.my/Themes/img/CuriousCook.png
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-73.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7682feca24bb60605ec4b3c7558e21a407071f73f84e590a8573f98daf743002

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: iDcXvqoLWP5NdAjB3Qq_uH6woKQuDRXm
via: 1.1 5e318b3ea3fa81a8c20898c2f8c40e7c.cloudfront.net (CloudFront)
last-modified: Thu, 01 Oct 2020 02:15:05 GMT
server: AmazonS3
age: 2936
etag: "d298796eeff1e0ec2736f32cafdaff3f"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=604800
date: Wed, 17 Nov 2021 03:29:15 GMT
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-length: 218148
x-amz-cf-id: NSFUjh4Apk34PsMYjsUegl5QFWqyAGSHxB2NIbyaX3xTWiHvD16ZaQ==

GET
H2 200 LoveFoodHateWaste.png
cdn.thestar.com.my/Themes/img/ 241 KB
242 KB 83ms
78ms Image
image/png 13.224.96.73
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.thestar.com.my/Themes/img/LoveFoodHateWaste.png
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-73.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ed8e35b378bf75a41150c818f189a3413a627d95869888ef8c5f85ab76f57249

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: ncvgdD9ox012msrwdmx550lyv.YUvXt3
via: 1.1 5e318b3ea3fa81a8c20898c2f8c40e7c.cloudfront.net (CloudFront)
last-modified: Thu, 01 Oct 2020 02:15:06 GMT
server: AmazonS3
age: 1078
etag: "cc800259c2f09497ba77f15972bcb0a8"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=604800
date: Wed, 17 Nov 2021 04:00:13 GMT
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-length: 246704
x-amz-cf-id: qPi4y2hQhZmRK_yRSAsOG5scBv0PZJqZ34Xhp0Rkc6OHjg35BGnrww==

GET
H2 200 CookingTheBooks.png
cdn.thestar.com.my/Themes/img/ 214 KB
215 KB 50ms
45ms Image
image/png 13.224.96.73
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.thestar.com.my/Themes/img/CookingTheBooks.png
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-73.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 27d1f9c93289f3721ee15e9e6597faddeb56bc231b0c107e4f9800e7f82ff680

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: 4c4gmFMbI7_A5aKRz1tLh_xnshwPWe.k
via: 1.1 5e318b3ea3fa81a8c20898c2f8c40e7c.cloudfront.net (CloudFront)
last-modified: Thu, 01 Oct 2020 02:15:05 GMT
server: AmazonS3
age: 2936
etag: "65383e43c2231d07a77cc11cce2351f1"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=604800
date: Wed, 17 Nov 2021 03:29:15 GMT
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-length: 219551
x-amz-cf-id: UBxQpTND6sb5tVI70rK_j3nIBXghma4-5WhAY8QCZxr-tYsMEx3Cbg==

GET
H2 200 DearThelma.jpg
cdn.thestar.com.my/Themes/img/ 56 KB
56 KB 83ms
78ms Image
image/jpeg 13.224.96.73
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.thestar.com.my/Themes/img/DearThelma.jpg
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-73.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 93b75f78a9a8bfa3b014d2a7cf2690fed0edb04d7973bece110415053a010f6b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: IFlNW5OMwJghUJJ52h8fmDC_CTuwkCjq
via: 1.1 5e318b3ea3fa81a8c20898c2f8c40e7c.cloudfront.net (CloudFront)
last-modified: Thu, 01 Oct 2020 02:15:05 GMT
server: AmazonS3
age: 2935
etag: "c87952c529e47648b17e8f6b6c5aae30"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=604800
date: Wed, 17 Nov 2021 03:31:14 GMT
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-length: 57285
x-amz-cf-id: reFyX53ygJCu2O7IjmozA91oc1gqJCjq-Wd7CaBhTIDKpHYl94KLuw==

GET
H2 200 HoroscopeBanner.jpg
cdn.thestar.com.my/Themes/img/ 194 KB
194 KB 60ms
55ms Image
image/jpeg 13.224.96.73
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.thestar.com.my/Themes/img/HoroscopeBanner.jpg
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-73.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: aedc122e3866115ac4f8c4c0897a8a8f3e9ce0943cab0b2fa492a0e45d87193f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: vlBiO27ePADrbj6j3_zoPF6vhns1aUag
via: 1.1 5e318b3ea3fa81a8c20898c2f8c40e7c.cloudfront.net (CloudFront)
last-modified: Thu, 01 Oct 2020 02:15:06 GMT
server: AmazonS3
age: 2935
etag: "29ab6507c2e9ef6f5f03406443f6d719"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=604800
date: Wed, 17 Nov 2021 03:29:16 GMT
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-length: 198551
x-amz-cf-id: JdNRh1qaxAlSlg2OYYl4pg4bDaWGOOG4uoj7FnJxRvp7Ji35xQbG9g==

GET
H2 200 1370810.jpg
apicms.thestar.com.my/uploads/images/2021/11/17/thumbs/small/ 8 KB
8 KB 76ms
33ms Image
image/jpeg 13.224.96.50
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://apicms.thestar.com.my/uploads/images/2021/11/17/thumbs/small/1370810.jpg
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-50.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 626c2b325ac7f1ff47bc9f1598e1d4097214f4a5f5ea0a29651b6375334b2579

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 8455bcb2c0203b0c4ee93b610d75e69b.cloudfront.net (CloudFront)
last-modified: Wed, 17 Nov 2021 03:52:16 GMT
server: AmazonS3
age: 192
etag: "83365063eb9153311d7adb8c75a6d717"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age = 31536000
date: Wed, 17 Nov 2021 04:15:00 GMT
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-length: 8127
x-amz-cf-id: ytVnuLTsccx0QiMw4KTenAsRzuTNAKbiHIotkV7ILlUbRb_AlVG31A==

GET
H2 200 1370063.jpg
apicms.thestar.com.my/uploads/images/2021/11/16/thumbs/small/ 5 KB
5 KB 78ms
35ms Image
image/jpeg 13.224.96.50
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://apicms.thestar.com.my/uploads/images/2021/11/16/thumbs/small/1370063.jpg
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-50.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a4e2219cd9310226c27a8dd06173b129ca94f301f6cc95382a642c5163d2e06b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 8455bcb2c0203b0c4ee93b610d75e69b.cloudfront.net (CloudFront)
last-modified: Tue, 16 Nov 2021 10:15:19 GMT
server: AmazonS3
x-amz-cf-pop: ZRH50-C1
etag: "d893f65d20f5ac2c1d9a78917ac32705"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age = 31536000
date: Wed, 17 Nov 2021 04:18:11 GMT
accept-ranges: bytes
content-length: 5141
x-amz-cf-id: vIQNPEleVUX85xwcrSMX-edRvj0V9tkd8gKj-SK2akv9qIbf7iYjhg==

GET
H2 200 1370448.jpg
apicms.thestar.com.my/uploads/images/2021/11/17/thumbs/small/ 12 KB
12 KB 74ms
32ms Image
image/jpeg 13.224.96.50
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://apicms.thestar.com.my/uploads/images/2021/11/17/thumbs/small/1370448.jpg
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-50.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 574c2837d5820f8891301e58a370a0990bb14c156e690f7beb7037af5d7602a3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 8455bcb2c0203b0c4ee93b610d75e69b.cloudfront.net (CloudFront)
last-modified: Tue, 16 Nov 2021 23:16:18 GMT
server: AmazonS3
x-amz-cf-pop: ZRH50-C1
etag: "1c008c7cb85654aa824cac4deea47e8c"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age = 31536000
date: Wed, 17 Nov 2021 04:18:11 GMT
accept-ranges: bytes
content-length: 12049
x-amz-cf-id: Vz1mU7hlNNQ4zZx77AVULX2VT_Bx9MT_g8E74PlpRT08NqYNsOao2Q==

GET
H2 200 1370832.jpg
apicms.thestar.com.my/uploads/images/2021/11/17/thumbs/small/ 5 KB
5 KB 55ms
33ms Image
image/jpeg 13.224.96.50
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://apicms.thestar.com.my/uploads/images/2021/11/17/thumbs/small/1370832.jpg
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-50.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9d536ce81f02f7b89ec3a769c60165780e4ff67393290a0ad27fcb1af4241817

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 04:12:11 GMT
via: 1.1 8455bcb2c0203b0c4ee93b610d75e69b.cloudfront.net (CloudFront)
last-modified: Wed, 17 Nov 2021 04:10:00 GMT
server: AmazonS3
age: 361
etag: "f4a5b484ce1c402a8adf1121119cb08b"
x-cache: Hit from cloudfront
x-amz-version-id: null
cache-control: max-age = 31536000
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-type: image/jpeg
content-length: 4959
x-amz-cf-id: vsCUYyYL72xfN-wHuzFejcB54sYgcb7J84cKN_LtKKLdnqBtExZnEg==

GET
H2 200 1369669.jpg
apicms.thestar.com.my/uploads/images/2021/11/16/thumbs/small/ 9 KB
9 KB 818ms
806ms Image
image/jpeg 13.224.96.50
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://apicms.thestar.com.my/uploads/images/2021/11/16/thumbs/small/1369669.jpg
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-50.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f5f8cc2a78606c0ee2780cd3eebf4478a3c8b4b753366e7f9c62c4ae87554977

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 8455bcb2c0203b0c4ee93b610d75e69b.cloudfront.net (CloudFront)
last-modified: Tue, 16 Nov 2021 05:27:24 GMT
server: AmazonS3
x-amz-cf-pop: ZRH50-C1
etag: "b51edd2ac42cc18cc8400ead70c03f1f"
x-cache: RefreshHit from cloudfront
content-type: image/jpeg
cache-control: max-age = 31536000
date: Wed, 17 Nov 2021 04:18:12 GMT
accept-ranges: bytes
content-length: 8997
x-amz-cf-id: J4d43lowzxjGTVRygiyMkBwXJ6cS85VSKyZZUEvdb8lu6ds8UzxPyA==

GET
H2 200 505.jpg
apicms.thestar.com.my/uploads/authors/ 334 KB
334 KB 768ms
768ms Image
image/jpeg 13.224.96.50
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://apicms.thestar.com.my/uploads/authors/505.jpg
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-50.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ac6197aaeb7461b8b018c9ddce616d5dbed613877e15420649ec972d9720ad68

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 8455bcb2c0203b0c4ee93b610d75e69b.cloudfront.net (CloudFront)
last-modified: Wed, 13 Jan 2021 03:13:28 GMT
server: AmazonS3
x-amz-cf-pop: ZRH50-C1
etag: "94ac7acfcf2a59fc817b713f58b504ce"
x-cache: RefreshHit from cloudfront
content-type: image/jpeg
x-amz-storage-class: INTELLIGENT_TIERING
cache-control: public
date: Wed, 17 Nov 2021 04:18:12 GMT
accept-ranges: bytes
content-length: 341526
x-amz-cf-id: AQehv85XQ_5gT-Cp_DrqljHwiCZ6K_dbsmfoh4y4M51PlrlWVMENaA==
expires: Thu, 26 Dec 2030 16:00:00 GMT

GET
H2 200 600.jpg
apicms.thestar.com.my/uploads/authors/ 593 KB
594 KB 790ms
789ms Image
image/jpeg 13.224.96.50
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://apicms.thestar.com.my/uploads/authors/600.jpg
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-50.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 576992dff06c4b0fcecc2012f97b0a3d8050b7418b2894d3d6f97efbd3304170

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 8455bcb2c0203b0c4ee93b610d75e69b.cloudfront.net (CloudFront)
last-modified: Wed, 13 Jan 2021 03:14:06 GMT
server: AmazonS3
x-amz-cf-pop: ZRH50-C1
etag: "393ea19959e28f7eec1aa2652b7975a3"
x-cache: RefreshHit from cloudfront
content-type: image/jpeg
x-amz-storage-class: INTELLIGENT_TIERING
cache-control: public
date: Wed, 17 Nov 2021 04:18:12 GMT
accept-ranges: bytes
content-length: 606936
x-amz-cf-id: u0n1MZIv2UubmsYBg_B1Fw-0Q1XKNJUIBRsyW-THaa7XvZmEQcBPPw==
expires: Thu, 26 Dec 2030 16:00:00 GMT

GET
H2 200 interestNewsletter.js Show response
cdn.thestar.com.my/Widgets/newsletter/ 6 KB
2 KB 43ms
31ms Script
application/x-javascript 13.224.96.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.thestar.com.my/Widgets/newsletter/interestNewsletter.js
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-73.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: baa0892fb63bfb0affd093b3b974ef7f32ff1a8cafee6cae315170577c801b32

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: OJhzSb36lv_e2e_eLt.R5ULyfPyIIEoO
content-encoding: gzip
etag: W/"61ac8b26c984038e9df9929cb5c676c4"
last-modified: Mon, 11 Jan 2021 07:11:15 GMT
server: AmazonS3
x-amz-cf-pop: ZRH50-C1
x-amz-meta-cb-modifiedtime: Mon, 11 Jan 2021 07:11:09 GMT
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 5e318b3ea3fa81a8c20898c2f8c40e7c.cloudfront.net (CloudFront)
date: Wed, 17 Nov 2021 04:18:10 GMT
x-amz-cf-id: Hasj82njEqPRe3Zk4E6VojYBFvObpomzn_dCo0Xls9dDniAloEgbmQ==

GET
H2 200 adframe.js Show response
cdn.thestar.com.my/Themes/js/cXense/ 20 B
369 B 39ms
26ms Script
application/javascript 13.224.96.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.thestar.com.my/Themes/js/cXense/adframe.js
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-73.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ef549d4f64eff079682d21179b21640f4f902f34489c385e544f7f64b8a87c6e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 5e318b3ea3fa81a8c20898c2f8c40e7c.cloudfront.net (CloudFront)
last-modified: Tue, 31 Mar 2020 03:00:46 GMT
server: AmazonS3
age: 1423
etag: "4b63ac77cdfef7177c6491be489b65af"
x-cache: Hit from cloudfront
content-type: application/javascript
date: Wed, 17 Nov 2021 04:00:07 GMT
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-length: 20
x-amz-cf-id: sUEdNoRFQ3m4M9Fr7W7G--ghdH-ei-mAUC103MB3tsTRAVxRiJbQmA==

GET
H2 200 PaywallBypassBlocker.min.js Show response
cdn.thestar.com.my/Themes/js/cXense/ 2 KB
1 KB 39ms
27ms Script
application/javascript 13.224.96.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.thestar.com.my/Themes/js/cXense/PaywallBypassBlocker.min.js
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-73.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c34be4417f25834d203def539d55dbbafa3c5228ea573f75f5ed732d0882a4ce

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
last-modified: Thu, 02 Apr 2020 09:12:54 GMT
server: AmazonS3
age: 2557
etag: W/"3c634545d455f0caf2404ad403ad5b43"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 5e318b3ea3fa81a8c20898c2f8c40e7c.cloudfront.net (CloudFront)
date: Wed, 17 Nov 2021 04:00:07 GMT
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: MJCoLO9BoiNLFH9IEyf_9a_dhkBPKwdvuLM8K1qqtCcn_eCRR4G5aQ==

GET
H2 200 global-bar.min.js Show response
cdn.thestar.com.my/GlobalBar/ 2 KB
878 B 82ms
71ms Script
application/javascript 13.224.96.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.thestar.com.my/GlobalBar/global-bar.min.js?v=20210824
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-73.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 96594a5870fb25c08fae392cc11b5efef3748685e976288ad9eaf519342ec33f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: 8O0CMBQeHqW8XChYcX855mARkjFxavBp
content-encoding: gzip
last-modified: Tue, 24 Aug 2021 03:08:02 GMT
server: AmazonS3
age: 6393
etag: W/"1f887f9550cb7ddb935f32ac10b498d2"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 5e318b3ea3fa81a8c20898c2f8c40e7c.cloudfront.net (CloudFront)
cache-control: 604800
date: Wed, 17 Nov 2021 02:57:31 GMT
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: yNplKCN4OueTUWhW4H4TXQhvZcVHiWLSeYNEndHba4FBCZqqC1vAmA==

GET
H2 200 bootstrap.min.js Show response
cdn.thestar.com.my/Themes/js/ 36 KB
10 KB 44ms
33ms Script
application/javascript 13.224.96.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.thestar.com.my/Themes/js/bootstrap.min.js
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-73.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: t4hMdTiZici9FqL_hKTCNOgWrk2xRcD2
content-encoding: gzip
last-modified: Thu, 01 Oct 2020 02:19:23 GMT
server: AmazonS3
x-amz-cf-pop: ZRH50-C1
etag: W/"5869c96cc8f19086aee625d670d741f9"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 5e318b3ea3fa81a8c20898c2f8c40e7c.cloudfront.net (CloudFront)
cache-control: max-age=604800
date: Wed, 17 Nov 2021 04:18:10 GMT
x-amz-cf-id: WRcUldnTrdib2gnDwbkFN99LnM1T0ihm4Q_7z25nkGYlCzyHS_UWUg==

GET
H2 200 bookmark.min.js Show response
cdn.thestar.com.my/Themes/js/ 15 KB
3 KB 38ms
27ms Script
application/javascript 13.224.96.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.thestar.com.my/Themes/js/bookmark.min.js?v=20210708
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-73.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b000baee5b2289f2dd58d1e39e06d15c97b5b7b6b3cb6e17a5c536cfd975e8a4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: Z0fkRI3Qs7.ptV8xrur4Rr40uEsd1AYG
content-encoding: gzip
last-modified: Thu, 08 Jul 2021 02:27:41 GMT
server: AmazonS3
age: 2112
etag: W/"f00c102b1c696ad88642b9298ccfd57c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 5e318b3ea3fa81a8c20898c2f8c40e7c.cloudfront.net (CloudFront)
cache-control: 604800
date: Wed, 17 Nov 2021 04:00:07 GMT
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: Bf_-LcdaAqEJtIj8e7HQrH7cPS8BHrY4LHPt__ugLTDAh3SGoCMZeA==

GET
H2 200 loginstatusV2.js Show response
cdn.thestar.com.my/Themes/js/ 6 KB
2 KB 38ms
27ms Script
application/javascript 13.224.96.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.thestar.com.my/Themes/js/loginstatusV2.js?v=20200420
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-73.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b61c2c4b07a9ff596ac8fb4ced20988a9de454225943dad54ec3016e4928003d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: S_5Wy2QtS9yESUg_t_Txig1hXajjOehE
content-encoding: gzip
last-modified: Thu, 01 Oct 2020 02:19:23 GMT
server: AmazonS3
age: 1128
etag: W/"bd6868868331c99696757c9430bba64b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 5e318b3ea3fa81a8c20898c2f8c40e7c.cloudfront.net (CloudFront)
cache-control: max-age=604800
date: Wed, 17 Nov 2021 04:00:07 GMT
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: OnwtMRdirtpaBmuSyZ1jcLAMjel9BfHlEkijYHhnHG2iQkMRv74yYQ==

GET
H2 200 rangetouch.js Show response
cdn.thestar.com.my/Components/Audio/ 7 KB
3 KB 91ms
80ms Script
application/javascript 13.224.96.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.thestar.com.my/Components/Audio/rangetouch.js
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-73.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: dc7f6e3a40dff7ac871bb5572dc316cffd3a872d5d9142c19f50ef8c2843797a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: SncXBizfzGgqFTTIKV4OY0WbJjbfBIUK
content-encoding: gzip
last-modified: Fri, 02 Oct 2020 03:23:27 GMT
server: AmazonS3
x-amz-cf-pop: ZRH50-C1
etag: W/"3d0c65f1a02e9c37f8151823305fac49"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 5e318b3ea3fa81a8c20898c2f8c40e7c.cloudfront.net (CloudFront)
cache-control: max-age=604800
date: Wed, 17 Nov 2021 04:18:10 GMT
x-amz-cf-id: gLSFPxH8SFmFfxsP9-s2YJikWmGbZVMqU1iA2O6khdk8PMGISRxnsg==

GET
H2 200 audiov11.js Show response
cdn.thestar.com.my/Components/Audio/ 23 KB
6 KB 90ms
79ms Script
application/javascript 13.224.96.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.thestar.com.my/Components/Audio/audiov11.js
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-73.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 452401583c42f3b8f6992ed4d1a1c21b8c34d9b1d3475e2f7bfe09009c5e482c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: MyE0S7wRqEofYd4m5t_f9MFpkuZ1q._c
content-encoding: gzip
last-modified: Tue, 23 Mar 2021 07:31:48 GMT
server: AmazonS3
x-amz-cf-pop: ZRH50-C1
etag: W/"9e21be23ac165d96439e5fa5b53ebbc7"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 5e318b3ea3fa81a8c20898c2f8c40e7c.cloudfront.net (CloudFront)
date: Wed, 17 Nov 2021 04:18:10 GMT
x-amz-cf-id: yJaE-JZslNM7aB6TysPCEzAxRLjLb_RXRr4sXofrN-wyY-AwgaB-aw==

GET
H2 200 lazysizes.min.js Show response
cdn.thestar.com.my/Themes/js/ 7 KB
3 KB 80ms
68ms Script
application/javascript 13.224.96.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.thestar.com.my/Themes/js/lazysizes.min.js
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-73.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 98fd6d37a4d49e1651aedf49857bb021f6c61058c262aa01ed2444d3f81c5f39

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: ecK.TIVb9okgvRXhj4mOs9F095sYYP3F
content-encoding: gzip
last-modified: Thu, 01 Oct 2020 02:19:23 GMT
server: AmazonS3
age: 3557
etag: W/"3150bf538edc0788afd7c673a0c5dfee"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 5e318b3ea3fa81a8c20898c2f8c40e7c.cloudfront.net (CloudFront)
cache-control: max-age=604800
date: Wed, 17 Nov 2021 03:21:01 GMT
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: PVBfuAA-21gHCNeNaCA4xRfQLrB05XgKGKSqAaSqmjCV98nvs1HQCA==

GET
H2 200 script.js Show response
www.thestar.com.my/theme_metro/js/ 41 KB
9 KB 247ms
235ms Script
application/javascript 13.224.96.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thestar.com.my/theme_metro/js/script.js?v=20210315
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-126.zrh50.r.cloudfront.net
Software: nginx /
Resource Hash: 8b419e3880844b388be6e5741bfba63db8a32da77ebf64237a86e1dcdbb86fa2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: public
date: Wed, 17 Nov 2021 04:18:11 GMT
content-encoding: gzip
last-modified: Thu, 15 Jul 2021 01:47:32 GMT
server: nginx
x-amz-cf-pop: ZRH50-C1
etag: W/"60ef93b4-a292"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=utf-8
via: 1.1 1437ff2cfbc1ea8c7a36e6b0ce6e935a.cloudfront.net (CloudFront)
cache-control: max-age=2592000, public
x-amz-cf-id: XBPsXULDbNzJLgbXiK1k8vDolUKvPFsbgQYRfnY12UOZRsuLTKf4xQ==
expires: Fri, 17 Dec 2021 04:18:11 GMT

GET
H2 200 anno.js Show response
cdn.thestar.com.my/Themes/js/ 29 KB
7 KB 90ms
79ms Script
application/javascript 13.224.96.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.thestar.com.my/Themes/js/anno.js?v=20201130
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-73.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: aa6226cb013c006ba243f8c4161a9b2954024a784c0c665fafa50ddd2b72d56d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: OuDkpiwuPGW_Q4zrNCpISbqT1sd95PIt
content-encoding: gzip
last-modified: Mon, 30 Nov 2020 06:39:37 GMT
server: AmazonS3
age: 1936
etag: W/"b879d81b10441b73e051d05ff6f260ee"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 5e318b3ea3fa81a8c20898c2f8c40e7c.cloudfront.net (CloudFront)
cache-control: 604800
date: Wed, 17 Nov 2021 04:00:07 GMT
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: PVPKakkTQErZ6zWtg6DTqIPfXNDqCm9kBhIOoSqW1BbA3wxJCxaI4w==

GET
H2 200 anno.css
cdn.thestar.com.my/Themes/css/ 7 KB
2 KB 80ms
69ms Stylesheet
text/css 13.224.96.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.thestar.com.my/Themes/css/anno.css
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-73.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a684a7fead41f8763e01290db33ff62ce49ea93e849c65a8e1bb0260b91f991a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: IYdciccd_JNS28aqgJlMBoSXxrU06r2A
content-encoding: gzip
last-modified: Wed, 18 Nov 2020 03:20:26 GMT
server: AmazonS3
age: 1919
etag: W/"1729e7e979d354b09b68b9ee92c30ed5"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 5e318b3ea3fa81a8c20898c2f8c40e7c.cloudfront.net (CloudFront)
cache-control: 604800
date: Wed, 17 Nov 2021 04:00:07 GMT
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: kO2zLIyIBT1IOMOX1NqVbEm8fhTTuy2R_9yV9AUiesC858pFLxGs-g==

GET
H2 200 userTour.min.js Show response
cdn.thestar.com.my/Themes/js/ 3 KB
2 KB 80ms
69ms Script
application/javascript 13.224.96.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.thestar.com.my/Themes/js/userTour.min.js?v=20201123
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-73.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 091bffc74d80325dfeda3fd6d7cfa7345e4c05475683bba43288e71b976b9097

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: pkk7sT48scecda5qmWoyb0i.tvcRLuw2
content-encoding: gzip
last-modified: Mon, 23 Nov 2020 05:03:43 GMT
server: AmazonS3
age: 1957
etag: W/"eb2cabf0b74693fdc24dedaf1fd53c9a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 5e318b3ea3fa81a8c20898c2f8c40e7c.cloudfront.net (CloudFront)
cache-control: 604800
date: Wed, 17 Nov 2021 04:00:07 GMT
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: BG8bGLOfLjLd_EHWhDeasW_AJE7JClveLvcEpdDlPs5I1yM92ayhpw==

GET
H2 200 flyin.css
cdn.thestar.com.my/Components/Flyin/ 4 KB
2 KB 89ms
79ms Stylesheet
text/css 13.224.96.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.thestar.com.my/Components/Flyin/flyin.css
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-73.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 90767ecb25166ad6de23d6c3c47369b320bc0800c2c52cd814cc49043eb9ecf7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: evw7KHSrtiPtOJ_cB9Mj.lS9SfYJ4IAS
content-encoding: gzip
last-modified: Tue, 15 Jun 2021 03:33:00 GMT
server: AmazonS3
x-amz-cf-pop: ZRH50-C1
etag: W/"cacb78daa8eabcadd3288b939abb913b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 5e318b3ea3fa81a8c20898c2f8c40e7c.cloudfront.net (CloudFront)
date: Wed, 17 Nov 2021 04:18:10 GMT
x-amz-cf-id: h3VMY8L_1YPF5iJIgbiG4A0u68AL21Xht77v9STfGidZwi9KPPP5lQ==

GET
H2 200 css
fonts.googleapis.com/ 1 KB
468 B 26ms
15ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:400,900

Requested by

Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

89c9421ac39490aa9d49852dea53fd6bae0f07639ed1d50b3879b4299e64ca43

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 17 Nov 2021 04:18:10 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 17 Nov 2021 04:18:10 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 17 Nov 2021 04:18:10 GMT

GET
H2 200 times-solid.png
cdn.thestar.com.my/Themes/img/ 195 B
573 B 83ms
80ms Image
image/png 13.224.96.73
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.thestar.com.my/Themes/img/times-solid.png
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-73.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d1a4b5737534ed3628e1cfac272c9ffb0d3cb070c186b7dc93698f2ad671ac6c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: kAFO.STgsqhnKgaHPEgDJWsM6I..4uJG
via: 1.1 5e318b3ea3fa81a8c20898c2f8c40e7c.cloudfront.net (CloudFront)
last-modified: Thu, 01 Oct 2020 02:15:05 GMT
server: AmazonS3
x-amz-cf-pop: ZRH50-C1
etag: "1e6a99b6d4f0f30e2275083e00cc8aad"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=604800
date: Wed, 17 Nov 2021 04:18:10 GMT
accept-ranges: bytes
content-length: 195
x-amz-cf-id: CiNg_qmannM4uUMwxJMNTtFR9lpgA6TDMNsE5C3xWr9lH7HLsnwXYg==

GET
H2 200 Flyin_20210318_1.js Show response
cdn.thestar.com.my/Components/Flyin/ 11 KB
4 KB 90ms
80ms Script
application/x-javascript 13.224.96.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.thestar.com.my/Components/Flyin/Flyin_20210318_1.js
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-73.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 978b1153b68636a7a174eebaf2eaa694b324794c24b125504d4fe66925d6e453

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: paStmdHs3y5LBSsYHwMQRhv8w6RM2Zxk
content-encoding: gzip
etag: W/"4f184793a238c26f0e6b3b3af6f1a686"
last-modified: Thu, 18 Mar 2021 01:25:27 GMT
server: AmazonS3
x-amz-cf-pop: ZRH50-C1
x-amz-meta-cb-modifiedtime: Thu, 18 Mar 2021 01:24:11 GMT
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 5e318b3ea3fa81a8c20898c2f8c40e7c.cloudfront.net (CloudFront)
date: Wed, 17 Nov 2021 04:18:10 GMT
x-amz-cf-id: mhQKx0tgA4tlk7X156-hM2fYQjK1THlqz8pEBtXTqmpNKs2IM3AwNA==

GET
H/1.1 200
OK smartechclient.js Show response
tw.netcore.co.in/ 918 B
1 KB 110ms
16ms Script
application/javascript 2600:9000:2190:4800:1c:47d:4bc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tw.netcore.co.in/smartechclient.js
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:4800:1c:47d:4bc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2e666287f9fbe6949481feff10334c4fbdad9d459bf6d2625045e921de1c0b67

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Wed, 17 Nov 2021 03:26:35 GMT
Via: 1.1 a06cb72e779e366fcd004926eacd5b85.cloudfront.net (CloudFront)
Last-Modified: Mon, 08 Nov 2021 15:14:09 GMT
Server: AmazonS3
Age: 3313
ETag: "18d07e6462ca5ecd1362c1ba61f89b4f"
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Connection: keep-alive
X-Amz-Cf-Pop: ZRH50-C1
Content-Length: 918
X-Amz-Cf-Id: 0Z9FR1-z6nYkaAYpsEzS_AWJANUBHWER_hh-07GvdeF9_qBALmmFJA==

GET
H2 200 logo-tsol-full.svg
cdn.thestar.com.my/Themes/img/ 2 KB
2 KB 71ms
69ms Image
image/svg+xml 13.224.96.73
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.thestar.com.my/Themes/img/logo-tsol-full.svg
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-73.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cc24e970a499fa71fd78aab5a09370b1021809f75b223ff73cdbc5ccb7366a4d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: ZB2.WLCHfckzpHruIV3tbVJ5i5eMVE7d
content-encoding: gzip
etag: W/"983d389524dd1f83d822a74af679d9fe"
last-modified: Thu, 01 Oct 2020 02:15:05 GMT
server: AmazonS3
age: 1852
x-amz-meta-cb-modifiedtime: Tue, 04 Feb 2020 07:50:39 GMT
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 5e318b3ea3fa81a8c20898c2f8c40e7c.cloudfront.net (CloudFront)
cache-control: max-age=604800
date: Wed, 17 Nov 2021 03:55:17 GMT
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: Gs0GH0uk8GiuUaLNvJdM4DDpv9cIJMwajf0b1du0vQp3xLb_myOM5g==

GET
H2 200 tsol-sprites.svg
cdn.thestar.com.my/Themes/img/ 95 KB
26 KB 81ms
80ms Image
image/svg+xml 13.224.96.73
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.thestar.com.my/Themes/img/tsol-sprites.svg
Requested by: Host: cdn.thestar.com.my
URL: https://cdn.thestar.com.my/Themes/css/tsol2019_pw.css?v=20210907
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-73.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3eae04d2bcf8165655a2d164bfaf44ed72b38bef84aefa1f477c273ee3cefced

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.thestar.com.my/Themes/css/tsol2019_pw.css?v=20210907
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: nepKuIFWZLQ.0Tc7GuCPXpFr_VLZlyTX
content-encoding: gzip
etag: W/"f72aac0fbcfab1977790a9027f2fda83"
last-modified: Wed, 02 Jun 2021 06:30:46 GMT
server: AmazonS3
age: 1817
x-amz-meta-cb-modifiedtime: Mon, 31 May 2021 07:35:08 GMT
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 5e318b3ea3fa81a8c20898c2f8c40e7c.cloudfront.net (CloudFront)
cache-control: max-age=604800
date: Wed, 17 Nov 2021 03:55:18 GMT
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: bkObz1TFsHEa8AmsGxGSZV_GflYPBbCZQHkemzPXjJTrFW_V3MdlJQ==

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v20/ 22 KB
23 KB 35ms
12ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v20/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,300i,400,400i,700,700i,900,900i&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.thestar.com.my
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 04:27:49 GMT
x-content-type-options: nosniff
age: 431421
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22992
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:18:57 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 12 Nov 2022 04:27:49 GMT

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v20/ 23 KB
24 KB 28ms
7ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v20/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,300i,400,400i,700,700i,900,900i&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.thestar.com.my
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 15 Nov 2021 21:26:28 GMT
x-content-type-options: nosniff
age: 111102
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23484
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:19:01 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Tue, 15 Nov 2022 21:26:28 GMT

GET
H2 200 status
www.facebook.com/x/oauth/ 0
0 55ms
26ms Fetch
text/plain 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/x/oauth/status?client_id=388467334571811&input_token&origin=1&redirect_uri=https%3A%2F%2Fwww.thestar.com.my%2Flifestyle&sdk=joey&wants_cookie_data=true

Requested by

Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 0
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: FsfKW8jh6z4dLDjVkCi5cRRUW0902X82cDv3ApcMSaJ5/wS8Z3LynkUeuHTeLMrS5RlMgbgSuOnurZ/cuAR/Ng==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
fb-s: unknown
date: Wed, 17 Nov 2021 04:18:11 GMT
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.thestar.com.my
access-control-expose-headers: fb-s
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK cachedClickId Show response
tr.outbrain.com/ 35 B
239 B 404ms
94ms Script
application/javascript 70.42.32.95
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL: https://tr.outbrain.com/cachedClickId?marketerId=00a149fe9401c432f57edaa96ee66b065d
Requested by: Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.95 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Wed, 17 Nov 2021 04:18:11 GMT
content-encoding: gzip
X-TraceId: 0aac068373705efce5087f4e30d88b7b
Content-Length: 56
Content-Type: application/javascript

GET
H/1.1 200
OK unifiedPixel
tr.outbrain.com/ 43 B
256 B 402ms
93ms Image
image/gif 70.42.32.95
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.outbrain.com/unifiedPixel?marketerId=00a149fe9401c432f57edaa96ee66b065d&obApiVersion=1.1&obtpVersion=1.5.2&name=PAGE_VIEW&dl=https%3A%2F%2Fwww.thestar.com.my%2Flifestyle&optOut=false&bust=06795255324730345
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.95 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Wed, 17 Nov 2021 04:18:11 GMT
Cache-Control: no-cache
X-TraceId: 4ce5712957ed2bfb5b75b3032926e442
content-encoding: gzip
Content-Length: 60
Content-Type: image/gif;

GET
H/1.1 200
OK cx.js Show response
cdn.cxense.com/ 116 KB
27 KB 29ms
9ms Script
application/x-javascript 2a02:26f0:1700:181::268b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.cxense.com/cx.js
Requested by: Host: scdn.cxense.com
URL: https://scdn.cxense.com/cx.cce.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:1700:181::268b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: b64f53bf69d080d62a915b32b4c7c8a2b31a787b3ccf64c4a63aeba170355c22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Wed, 17 Nov 2021 04:18:11 GMT
Content-Encoding: gzip
Last-Modified: Thu, 07 Oct 2021 12:43:03 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 27751
Expires: Wed, 17 Nov 2021 05:18:11 GMT

GET
H2 200 pubads_impl_2021111101.js Show response
securepubads.g.doubleclick.net/gpt/ 343 KB
115 KB 15ms
15ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111101.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

sffe /

Resource Hash

604496ee6acca620cd59265c2302f6a03fe02d65bc5306d952f0fa94d92fa5c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 04:18:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 117937
x-xss-protection: 0
last-modified: Thu, 11 Nov 2021 09:34:48 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 17 Nov 2021 04:18:11 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 307 B
183 B 30ms
15ms XHR
application/json 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.thestar.com.my

Requested by

Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

326a76064c9120bf8ec2ba9c04cb8188357cd8a9977ed748604a973115fac06d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 17 Nov 2021 04:18:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 158
x-xss-protection: 0
expires: Wed, 17 Nov 2021 04:18:11 GMT

GET
H/1.1 200
OK segment Show response
api.cxense.com/profile/user/ 77 B
692 B 47ms
14ms Script
text/javascript 147.75.85.120
PACKET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.cxense.com/profile/user/segment?callback=cXJsonpCBkw30kx2h4tj67gfd&persisted=ec30973424ff3948df3ac1b786e3d43d71aa5a89&json=%7B%22identities%22%3A%5B%7B%22id%22%3A%22kw30kx2e2p7uqcar%22%2C%22type%22%3A%22cx%22%7D%5D%7D

Requested by

Host: cdn.cxense.com
URL: https://cdn.cxense.com/cx.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

147.75.85.120 Schiphol, Netherlands, ASN54825 (PACKET, US),

Reverse DNS

Software

Jetty(9.4.28.v20200408) /

Resource Hash

bffe93273e57aa64e0c9a1040dd0312eb77f1487b6f61ba8266e7765dea1c21f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 Nov 2021 04:18:11 GMT
x-content-type-options: nosniff
server: Jetty(9.4.28.v20200408)
strict-transport-security: max-age=31536000
p3p: policyref="http://www.cxense.com/w3c/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-store, no-cache, must-revalidate
content-type: text/javascript;charset=utf-8
content-length: 77
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 Topicbar-v2.txt Show response
cdn.thestar.com.my/Components/TopicBar/ 3 KB
1 KB 50ms
20ms XHR
text/plain 13.224.96.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.thestar.com.my/Components/TopicBar/Topicbar-v2.txt?v=1637122691565
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-73.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 50cc9da5b58beb7ea6c5e70219d452dd3902c06f8315bf8edc0f7935d91eaa89

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: kk_xhWaN7o7AlOUsaAzqNJFtICw1hU8a
content-encoding: gzip
last-modified: Mon, 08 Nov 2021 20:16:27 GMT
server: AmazonS3
x-amz-cf-pop: ZRH50-C1
etag: W/"60451d8c8b56d205336c2ee8bebcc3f5"
access-control-max-age: 3000
access-control-allow-methods: GET, PUT, POST, HEAD
content-type: text/plain
access-control-allow-origin: *
cache-control: max-age=180
date: Wed, 17 Nov 2021 04:18:11 GMT
x-cache: Hit from cloudfront
x-amz-cf-id: BchL0IWrxB6-6-gBLKdDDkzr8mUGIMNTIxaUOqYYASkMtJbd29gshA==
via: 1.1 af287426c130b47dba79bf825f91ebbb.cloudfront.net (CloudFront)

GET
H2 200 1362793.jpg
apicms.thestar.com.my/uploads/images/2021/11/10/ 76 KB
77 KB 20ms
20ms Image
image/jpeg 13.224.96.50
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://apicms.thestar.com.my/uploads/images/2021/11/10/1362793.jpg
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-50.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 284511b6ae2f6457228a9773bce0b43bcf4956dfe75f461db32a427dd9633975

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 04:00:25 GMT
via: 1.1 8455bcb2c0203b0c4ee93b610d75e69b.cloudfront.net (CloudFront)
last-modified: Wed, 10 Nov 2021 06:11:51 GMT
server: AmazonS3
age: 1067
etag: "09a61e3d4df540d15804b0426b7a85bc"
x-cache: Hit from cloudfront
x-amz-version-id: null
cache-control: public
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-type: image/jpeg
content-length: 78240
x-amz-cf-id: ypr-5DPF70V6w5avlwiNUrTXucsnujDDjwvW74QjS8GFGnUlmqZn5w==
expires: Thu, 26 Dec 2030 16:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 19 B
702 B 57ms
26ms XHR
application/json 185.33.221.52
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.52 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

725.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.thestar.com.my/lifestyle
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 17 Nov 2021 04:18:11 GMT
X-Proxy-Origin: 136.243.198.83; 136.243.198.83; 725.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: ab2ac4f3-0667-4c79-a125-4a6bbcdebb22
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.thestar.com.my
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 S6u9w4BMUTPHh50XSwiPGQ.woff2
fonts.gstatic.com/s/lato/v20/ 22 KB
22 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v20/S6u9w4BMUTPHh50XSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,300i,400,400i,700,700i,900,900i&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d4243c8e973ec0cfc707904891ae4e3efc03dbc8923acb9755f9a35c92269a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.thestar.com.my
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 16 Nov 2021 08:02:57 GMT
x-content-type-options: nosniff
age: 72914
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22572
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:18:56 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 16 Nov 2022 08:02:57 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 63ms
14ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.thestar.com.my

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 17 Nov 2021 04:18:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 50ms
14ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.thestar.com.my

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 17 Nov 2021 04:18:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 537 B
288 B 107ms
106ms XHR
text/plain 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=458646202015815&correlator=3667185988417455&output=ldjh&impl=fifs&eid=44748552&vrg=2021111101&ptt=17&sc=1&sfv=1-0-38&ecs=20211117&iu_parts=21764785206%2CDesktop%2CDesktop_TSOL%2CDesktop_TSOL_Lifestyle%2CDesktop_TSOL_Lifestyle_Mid%2CDesktop_TSOL_Lifestyle_Mid_STO&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2F5&prev_iu_szs=1x1&ists=1&eri=1&cust_params=CxSegments%3D%26smg-page%3DLifestyle&cookie_enabled=1&bc=31&abxe=1&lmt=1637122691&dt=1637122691601&dlt=1637122690123&idt=1037&frm=20&biw=1600&bih=1200&oid=2&adxs=288&adys=300&adks=3183639125&ucis=1&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.thestar.com.my%2Flifestyle&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x881&msz=1x-1&ga_vid=763206404.1637122692&ga_sid=1637122692&ga_hid=1391293907&ga_fc=false&fws=516&ohw=1600&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

1f65396dd4e0cd5ee18fd6cbfb2abbcbc0ac4ab15b623b19f71e7050cf7095d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 04:18:11 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 258
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.thestar.com.my
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 544 B
294 B 42ms
42ms XHR
text/plain 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=458646202015815&correlator=3532663154646501&output=ldjh&impl=fifs&eid=44748552&vrg=2021111101&ptt=17&sc=1&sfv=1-0-38&ecs=20211117&iu_parts=21764785206%2CDesktop%2CDesktop_TSOL%2CDesktop_TSOL_Lifestyle%2CDesktop_TSOL_Lifestyle_BTF%2CDesktop_TSOL_Lifestyle_BTF_Crawler&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2F5&prev_iu_szs=970x90&eri=1&cust_params=CxSegments%3D%26smg-page%3DLifestyle&cookie_enabled=1&bc=31&abxe=1&lmt=1637122691&dt=1637122691607&dlt=1637122690123&idt=1037&frm=20&biw=1600&bih=1200&oid=2&adxs=315&adys=1200&adks=319871931&ucis=2&ifi=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.thestar.com.my%2Flifestyle&vis=1&dmc=8&scr_x=0&scr_y=0&psz=970x-1&msz=970x-1&ga_vid=763206404.1637122692&ga_sid=1637122692&ga_hid=1391293907&ga_fc=false&fws=516&ohw=1600&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

360982e60bf04856ad71239174fd4477a4164fdc45638af2e938f115ef663812

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 04:18:11 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 264
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.thestar.com.my
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 18 KB
8 KB 47ms
47ms XHR
text/plain 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=458646202015815&correlator=1688480554436386&output=ldjh&impl=fifs&eid=44748552&vrg=2021111101&ptt=17&sc=1&sfv=1-0-38&ecs=20211117&iu_parts=21764785206%2CResponsive%2CResponsive_TSOL%2CResponsive_TSOL_AdRefresh&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=1x1&eri=1&cust_params=CxSegments%3D%26smg-page%3DLifestyle&cookie_enabled=1&bc=31&abxe=1&lmt=1637122691&dt=1637122691609&dlt=1637122690123&idt=1037&frm=20&biw=1600&bih=1200&oid=2&adxs=0&adys=172&adks=1690029205&ucis=3&ifi=3&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.thestar.com.my%2Flifestyle&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x1&msz=1x-1&ga_vid=763206404.1637122692&ga_sid=1637122692&ga_hid=1391293907&ga_fc=false&fws=4&ohw=1600&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

16f4370a1530b2d1badf72a22a328259cf7c395c40fa0fe6a087879ef445742b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 04:18:11 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8629
x-xss-protection: 0
google-lineitem-id: 5592321794
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138337062213
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.thestar.com.my
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
6f3ae07be95ae97387d8b294da3b5285.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame AC67 6 KB
4 KB 75ms
14ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://6f3ae07be95ae97387d8b294da3b5285.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Wed, 17 Nov 2021 04:18:11 GMT
expires: Thu, 17 Nov 2022 04:18:11 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 1365479.jpg
apicms.thestar.com.my/uploads/images/2021/11/12/thumbs/large/ 131 KB
131 KB 782ms
782ms Image
image/jpeg 13.224.96.50
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://apicms.thestar.com.my/uploads/images/2021/11/12/thumbs/large/1365479.jpg
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-50.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d93f517edf75c15040099c3476ac1a0de7c68aa1358af0203e91d21abdb7301f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 8455bcb2c0203b0c4ee93b610d75e69b.cloudfront.net (CloudFront)
last-modified: Fri, 12 Nov 2021 05:34:04 GMT
server: AmazonS3
x-amz-cf-pop: ZRH50-C1
etag: "2059b98e7bb611009a9c64585ffd45ed"
x-cache: RefreshHit from cloudfront
content-type: image/jpeg
cache-control: max-age = 31536000
date: Wed, 17 Nov 2021 04:18:13 GMT
accept-ranges: bytes
content-length: 133761
x-amz-cf-id: wOj0jCnSaPBYoz9s4fdSaR9z8HwcP6kzpUURXvjhYKSmCPV187h6lg==

GET
H2 200 1370771.png
apicms.thestar.com.my/uploads/images/2021/11/17/thumbs/large/ 582 KB
583 KB 792ms
792ms Image
image/png 13.224.96.50
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://apicms.thestar.com.my/uploads/images/2021/11/17/thumbs/large/1370771.png
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-50.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: bc2dfdff47a3456e2c2f03163dc6fef00836af565fdb14e9aec1e1bfc371a66b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 8455bcb2c0203b0c4ee93b610d75e69b.cloudfront.net (CloudFront)
last-modified: Wed, 17 Nov 2021 02:43:00 GMT
server: AmazonS3
x-amz-cf-pop: ZRH50-C1
etag: "86d160015507781cff603cc3111778b4"
x-cache: RefreshHit from cloudfront
content-type: image/png
cache-control: max-age = 31536000
date: Wed, 17 Nov 2021 04:18:13 GMT
accept-ranges: bytes
content-length: 596226
x-amz-cf-id: re_DeAhJmdweuH46_QoBwXlV5f1LdaWBqzTM8gtbhpi2HF8-y3QTBw==

GET
H2 200 1369401.jpg
apicms.thestar.com.my/uploads/images/2021/11/16/thumbs/large/ 72 KB
72 KB 758ms
758ms Image
image/jpeg 13.224.96.50
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://apicms.thestar.com.my/uploads/images/2021/11/16/thumbs/large/1369401.jpg
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-50.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e6eb2bf8fb67da6affc23f05f8beacd803c2a42a38bc87f37db54ae84696f610

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 8455bcb2c0203b0c4ee93b610d75e69b.cloudfront.net (CloudFront)
last-modified: Mon, 15 Nov 2021 23:35:18 GMT
server: AmazonS3
x-amz-cf-pop: ZRH50-C1
etag: "08bec65649a1e558a1bbd38344170cd4"
x-cache: RefreshHit from cloudfront
content-type: image/jpeg
cache-control: max-age = 31536000
date: Wed, 17 Nov 2021 04:18:13 GMT
accept-ranges: bytes
content-length: 73640
x-amz-cf-id: to3BQulEDNR3cb7-2ymLFusT3Kwd4LzR4qdZHHtV1AlwyodnMFrBTA==

GET
H2 200 1370578.jpg
apicms.thestar.com.my/uploads/images/2021/11/17/thumbs/large/ 55 KB
56 KB 752ms
752ms Image
image/jpeg 13.224.96.50
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://apicms.thestar.com.my/uploads/images/2021/11/17/thumbs/large/1370578.jpg
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-50.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 21f94ed0b016f05891f49afa7c5db6668b9b22c226e9c98c4c0e44f3be5c09f7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 8455bcb2c0203b0c4ee93b610d75e69b.cloudfront.net (CloudFront)
last-modified: Tue, 16 Nov 2021 21:55:41 GMT
server: AmazonS3
x-amz-cf-pop: ZRH50-C1
etag: "620a9692f7d5ed2d21c554c14cfd0fe0"
x-cache: RefreshHit from cloudfront
content-type: image/jpeg
cache-control: max-age = 31536000
date: Wed, 17 Nov 2021 04:18:13 GMT
accept-ranges: bytes
content-length: 56522
x-amz-cf-id: 67_ia8M6cH3_cxp9NyCKkEFI4WDXdi5EgyyloxHuIfUHkhi2OAqXVg==

GET
H2 200 1370699.jpeg
apicms.thestar.com.my/uploads/images/2021/11/17/thumbs/large/ 162 KB
163 KB 763ms
762ms Image
image/jpeg 13.224.96.50
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://apicms.thestar.com.my/uploads/images/2021/11/17/thumbs/large/1370699.jpeg
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-50.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5cab9b172410fa583828fca2511d6200bbc4cca9be36370c3483b2fe7ed137ea

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 8455bcb2c0203b0c4ee93b610d75e69b.cloudfront.net (CloudFront)
last-modified: Wed, 17 Nov 2021 01:37:34 GMT
server: AmazonS3
x-amz-cf-pop: ZRH50-C1
etag: "0536e1c7e61efbf29430986e13e532f8"
x-cache: RefreshHit from cloudfront
content-type: image/jpeg
cache-control: max-age = 31536000
date: Wed, 17 Nov 2021 04:18:13 GMT
accept-ranges: bytes
content-length: 165901
x-amz-cf-id: ChDFsM5MrvndN2UTsYC1wvFQDY75p_AyLxIN7xeSDZvW9sy9LKlg_w==

GET
H2 200 1365491.jpeg
apicms.thestar.com.my/uploads/images/2021/11/12/thumbs/large/ 126 KB
126 KB 756ms
756ms Image
image/jpeg 13.224.96.50
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://apicms.thestar.com.my/uploads/images/2021/11/12/thumbs/large/1365491.jpeg
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-50.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8c28883748bb860db758cfc7971aff049d9f2564801f609fb1887e9ad81cd548

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 8455bcb2c0203b0c4ee93b610d75e69b.cloudfront.net (CloudFront)
last-modified: Fri, 12 Nov 2021 05:44:52 GMT
server: AmazonS3
x-amz-cf-pop: ZRH50-C1
etag: "ea2aee0292429ec30b5cc8659c2e6f24"
x-cache: RefreshHit from cloudfront
content-type: image/jpeg
cache-control: max-age = 31536000
date: Wed, 17 Nov 2021 04:18:13 GMT
accept-ranges: bytes
content-length: 128628
x-amz-cf-id: PI3VThRVyKWpcYDgQJxlXwwiN96CWYYcouzX7VVkVXQgryl6Up0n8A==

GET
H2 200 slick.css
cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/ 2 KB
677 B 325ms
24ms Stylesheet
text/css 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/slick.css

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.1.1/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

de1e399b07289f3b0a8d35142e363e128124a1185770e214e25e58030dad48e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 04:18:11 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1927875
x-jsd-version: 1.8.1
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by: cache-fra19130-FRA, cache-ams21055-AMS
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"6f0-qUoFmzF4tK3sCeMoGs4oGaMAlaQ"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cf-ray: 6af627588a170b3f-AMS

GET
H2 200 slick.min.js Show response
cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/ 42 KB
11 KB 299ms
23ms Script
application/javascript 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/slick.min.js

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.1.1/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 04:18:11 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1927875
x-jsd-version: 1.8.1
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by: cache-fra19125-FRA, cache-ams21053-AMS
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"a76f-O0GzvJVmhQFaNHoiOOcdsp36Dbs"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cf-ray: 6af627588a1b0b3f-AMS

GET
H2 200 1346133.jpg
apicms.thestar.com.my/uploads/images/2021/10/27/thumbs/large/ 73 KB
73 KB 766ms
766ms Image
image/jpeg 13.224.96.50
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://apicms.thestar.com.my/uploads/images/2021/10/27/thumbs/large/1346133.jpg
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-50.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f78735d9873e865e2a13aa6599aaec6a41071ce4616b72546b6cac53df0438f5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 8455bcb2c0203b0c4ee93b610d75e69b.cloudfront.net (CloudFront)
last-modified: Wed, 27 Oct 2021 02:51:38 GMT
server: AmazonS3
x-amz-cf-pop: ZRH50-C1
etag: "8c8df17ba49695a0cae646f32fe65e1f"
x-cache: RefreshHit from cloudfront
content-type: image/jpeg
cache-control: max-age = 31536000
date: Wed, 17 Nov 2021 04:18:13 GMT
accept-ranges: bytes
content-length: 74528
x-amz-cf-id: d4P4o6QgtX5J9-AqxxHt1qhIacvJGM-xyQ9WcrqORnNk_hAWnqjEYQ==

GET
H2 200 1365536.jpg
apicms.thestar.com.my/uploads/images/2021/11/12/thumbs/large/ 76 KB
76 KB 775ms
775ms Image
image/jpeg 13.224.96.50
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://apicms.thestar.com.my/uploads/images/2021/11/12/thumbs/large/1365536.jpg
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-50.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1f0582e3b12ca3a7df37fd2dd477379a32cfcae45f5319500c26355ba3fea12e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 8455bcb2c0203b0c4ee93b610d75e69b.cloudfront.net (CloudFront)
last-modified: Fri, 12 Nov 2021 07:24:18 GMT
server: AmazonS3
x-amz-cf-pop: ZRH50-C1
etag: "08e9b12fa484defaefc17483b469ad18"
x-cache: RefreshHit from cloudfront
content-type: image/jpeg
cache-control: max-age = 31536000
date: Wed, 17 Nov 2021 04:18:13 GMT
accept-ranges: bytes
content-length: 77767
x-amz-cf-id: FISIe4jXxDTO9-TnX6R7DNDfaq-INl9gLauK6-r-3zOGnjhvr3CHSg==

GET
H2 200 1369059.jpg
apicms.thestar.com.my/uploads/images/2021/11/15/thumbs/medium/ 29 KB
29 KB 782ms
782ms Image
image/jpeg 13.224.96.50
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://apicms.thestar.com.my/uploads/images/2021/11/15/thumbs/medium/1369059.jpg
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-50.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d7c0cfb7dc0af573f0a97927b432f456d8864de6e694bdced18b601c98637aba

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 8455bcb2c0203b0c4ee93b610d75e69b.cloudfront.net (CloudFront)
last-modified: Mon, 15 Nov 2021 15:26:10 GMT
server: AmazonS3
x-amz-cf-pop: ZRH50-C1
etag: "3aa4bd538d1574ba1218575e2417d93a"
x-cache: RefreshHit from cloudfront
content-type: image/jpeg
cache-control: max-age = 31536000
date: Wed, 17 Nov 2021 04:18:13 GMT
accept-ranges: bytes
content-length: 29772
x-amz-cf-id: FktzhKzoCQlZjF0hJgMrA0Oq0fbxb2ET7KgiraooGYdqFKVs4CHhHQ==

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 17 KB
9 KB 276ms
276ms XHR
text/plain 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=458646202015815&correlator=2081480773589334&output=ldjh&impl=fifs&eid=44748552&vrg=2021111101&ptt=17&sc=1&sfv=1-0-38&ecs=20211117&iu_parts=21764785206%2CDesktop%2CDesktop_TSOL%2CDesktop_TSOL_Lifestyle%2CDesktop_TSOL_Lifestyle_ATF%2CDesktop_TSOL_Lifestyle_ATF_Megalead&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2F5&prev_iu_szs=970x90%7C970x250&eri=1&cust_params=CxSegments%3D%26smg-page%3DLifestyle&cookie_enabled=1&bc=31&abxe=1&lmt=1637122691&dt=1637122691657&dlt=1637122690123&idt=1037&frm=20&biw=1600&bih=1200&oid=2&adxs=315&adys=167&adks=1041811136&ucis=4&ifi=4&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.thestar.com.my%2Flifestyle&vis=1&dmc=8&scr_x=0&scr_y=0&psz=970x0&msz=970x0&ga_vid=763206404.1637122692&ga_sid=1637122692&ga_hid=1391293907&ga_fc=false&fws=4&ohw=1600&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

1c8d27872211b897a03078825f202c2010b4180507be9a71700afdccf945f9ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 04:18:11 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9525
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.thestar.com.my
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 1370015.jpg
apicms.thestar.com.my/uploads/images/2021/11/16/thumbs/medium/ 19 KB
19 KB 746ms
746ms Image
image/jpeg 13.224.96.50
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://apicms.thestar.com.my/uploads/images/2021/11/16/thumbs/medium/1370015.jpg
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-50.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: fa7b44be8f1b6364dbbafed2ca240403303d3a03108645960d046decdeb90058

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 8455bcb2c0203b0c4ee93b610d75e69b.cloudfront.net (CloudFront)
last-modified: Tue, 16 Nov 2021 09:36:25 GMT
server: AmazonS3
x-amz-cf-pop: ZRH50-C1
etag: "17e90e8cb149f3f213dc8a559daea310"
x-cache: RefreshHit from cloudfront
content-type: image/jpeg
cache-control: max-age = 31536000
date: Wed, 17 Nov 2021 04:18:13 GMT
accept-ranges: bytes
content-length: 19065
x-amz-cf-id: OIECU5P11s_ylRfGVDvwhtHRu2SEOUzLyISDd7FeURqpmR01hYGLug==

GET
H2 200 1369823.jpg
apicms.thestar.com.my/uploads/images/2021/11/16/thumbs/medium/ 20 KB
21 KB 791ms
791ms Image
image/jpeg 13.224.96.50
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://apicms.thestar.com.my/uploads/images/2021/11/16/thumbs/medium/1369823.jpg
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-50.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0675bb1d58e711fbe21fcd3a4abe46f171363050dac2c795d4d3508dbb3f9c37

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 8455bcb2c0203b0c4ee93b610d75e69b.cloudfront.net (CloudFront)
last-modified: Tue, 16 Nov 2021 11:10:27 GMT
server: AmazonS3
x-amz-cf-pop: ZRH50-C1
etag: "68301bfd67543c10af7efae1c2283ea0"
x-cache: RefreshHit from cloudfront
content-type: image/jpeg
cache-control: max-age = 31536000
date: Wed, 17 Nov 2021 04:18:13 GMT
accept-ranges: bytes
content-length: 20683
x-amz-cf-id: AuEGR-R39ksHlpWf1N-cTryutVCW8B1i0xRtHuazIc8S1rRpCFhoJQ==

GET
H2 200 1362860.jpeg
apicms.thestar.com.my/uploads/images/2021/11/10/thumbs/medium/ 23 KB
24 KB 785ms
784ms Image
image/jpeg 13.224.96.50
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://apicms.thestar.com.my/uploads/images/2021/11/10/thumbs/medium/1362860.jpeg
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-50.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 192080a8d9731ecc5252628e00db0755e263d6cb211760794b7741eebbea4c7e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 8455bcb2c0203b0c4ee93b610d75e69b.cloudfront.net (CloudFront)
last-modified: Wed, 10 Nov 2021 06:43:36 GMT
server: AmazonS3
x-amz-cf-pop: ZRH50-C1
etag: "bcc7d70b71567286bc9cfdfa31446dbc"
x-cache: RefreshHit from cloudfront
content-type: image/jpeg
cache-control: max-age = 31536000
date: Wed, 17 Nov 2021 04:18:13 GMT
accept-ranges: bytes
content-length: 23900
x-amz-cf-id: s1hpoOkqm0tW0Vs1Q9k0lN39NAa4b_DvuUPHwMAG0AP97DAbVMBLqg==

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame D53F 0
0 31ms
31ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvxhLjzY4cWbiQ_E9Tmtg6rjlF6CUfSFTQLQo0Fi6_VdWgQoEaB0dmabd6Uy9SDI3Tk5jiAG9-Xc6g4YHh0usDyWT1O8sSi_e5cA8RIXOvns5Ku-9zE778iWehwnvS0jetOvAaQHrkiTXTiB-CraurhXI5T_WFw1iDbpU2q2_w6R6OlQ2xzebaVSEzukUi2_Jt2OvVCyG05zm2JSj82_i2XZBr82eOdLX24RFcPtGcXzSUyp5ujJvuBlUZmwOxKj141_sgRuMx06nuxh8pqcPRa4WQLk4VV6yX45fygDoHF4cjG9o9ab7qNN8gfDzYkUXqf9kvcaI0sD1ygPL4Muls7YxvSMuir3_8UnkNXyG5p4Dm6qChVMg&sai=AMfl-YTOcdY8a4FMMls4m7rN_iugIXl8oauLLsp8w8m8P93Lynf1yytUPfVZCslRRTKBPLGJTELkERxhV3xDZgJVnPwZAzKfkgjxXFhVaKLIwk-BgS77-kMvWwuKAh_ZEW8&sig=Cg0ArKJSzBF0KxS51Y5eEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 17 Nov 2021 04:18:11 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Wed, 17 Nov 2021 04:18:11 GMT

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame D53F 77 KB
26 KB 18ms
17ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111101.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

sffe /

Resource Hash

2d16b7dd1dd51de053865b8efbaa6362956026a068c2e8786740d8486dd7a9be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 04:18:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1046 / 524 of 1000 / last-modified: 1637103958"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26684
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 17 Nov 2021 04:18:11 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D53F 119 KB
37 KB 54ms
18ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 04:18:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37119
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1636547677202025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 17 Nov 2021 04:18:11 GMT

GET
H2 200 1364557.jpg
apicms.thestar.com.my/uploads/images/2021/11/11/thumbs/medium/ 23 KB
24 KB 759ms
759ms Image
image/jpeg 13.224.96.50
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://apicms.thestar.com.my/uploads/images/2021/11/11/thumbs/medium/1364557.jpg
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-50.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c48cf06e3f0e6171b452da5388716c6de8be5a7df05181155280af6ba210633d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 8455bcb2c0203b0c4ee93b610d75e69b.cloudfront.net (CloudFront)
last-modified: Thu, 11 Nov 2021 10:33:16 GMT
server: AmazonS3
x-amz-cf-pop: ZRH50-C1
etag: "506643e7b3dfaf9ba5a78ab2420fabec"
x-cache: RefreshHit from cloudfront
content-type: image/jpeg
cache-control: max-age = 31536000
date: Wed, 17 Nov 2021 04:18:13 GMT
accept-ranges: bytes
content-length: 23714
x-amz-cf-id: DICiSC0Pyw0xN-jfvbNCertVqIP13GoVbi5ZMb01pqbVAmk8pjzDkw==

GET
H2 200 1369419.jpg
apicms.thestar.com.my/uploads/images/2021/11/16/thumbs/medium/ 14 KB
14 KB 810ms
810ms Image
image/jpeg 13.224.96.50
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://apicms.thestar.com.my/uploads/images/2021/11/16/thumbs/medium/1369419.jpg
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-50.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0683f77dee618b5235085e1608e871d6165adc1a90125fddcb4c12fed2a4c86e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 04:18:13 GMT
via: 1.1 8455bcb2c0203b0c4ee93b610d75e69b.cloudfront.net (CloudFront)
last-modified: Tue, 16 Nov 2021 00:09:41 GMT
server: AmazonS3
x-amz-cf-pop: ZRH50-C1
etag: "048842f97e5bd23a18f98a50cc50b20a"
x-cache: Miss from cloudfront
x-amz-version-id: null
cache-control: max-age = 31536000
accept-ranges: bytes
content-type: image/jpeg
content-length: 14414
x-amz-cf-id: Qkn8lhX69jiGrI7xSlU2iLWWRJPzO1mqFksDVOQ4xML5Lw2SYOTm_g==

GET
H2 200 KeesWorld.txt Show response
cdn.thestar.com.my/Components/KeesWorld/ 896 B
1 KB 764ms
764ms XHR
text/plain 13.224.96.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.thestar.com.my/Components/KeesWorld/KeesWorld.txt?v=1637122691687
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-73.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 36d9e203ca5f0ae182d85e683d9efd78b0539a33cff1bd5ae0cca47790ced611

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: vbNdwDPfzvIO_orTtcOOHmHek0C85U8F
via: 1.1 af287426c130b47dba79bf825f91ebbb.cloudfront.net (CloudFront)
etag: "dfc02d0fc0c8a4436caeb128fcda5b0a"
x-amz-cf-pop: ZRH50-C1
x-cache: RefreshHit from cloudfront
content-length: 896
last-modified: Tue, 16 Nov 2021 16:02:11 GMT
server: AmazonS3
date: Wed, 17 Nov 2021 04:18:13 GMT
access-control-max-age: 3000
access-control-allow-methods: GET, PUT, POST, HEAD
content-type: text/plain
access-control-allow-origin: *
cache-control: max-age=180
accept-ranges: bytes
x-amz-cf-id: I6_VmX_N1hgzRaJG9OeMK0MOL8-wryLCcSRaU9kzG6uwi9NsHjznFw==

GET
H2 200 1369024.jpg
apicms.thestar.com.my/uploads/images/2021/11/15/thumbs/medium/ 21 KB
21 KB 769ms
768ms Image
image/jpeg 13.224.96.50
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://apicms.thestar.com.my/uploads/images/2021/11/15/thumbs/medium/1369024.jpg
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-50.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9e3800923a287975f0ab2063ca56af8e49887a40db5f57a61d8a3dbeb19660d6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 8455bcb2c0203b0c4ee93b610d75e69b.cloudfront.net (CloudFront)
last-modified: Mon, 15 Nov 2021 12:37:06 GMT
server: AmazonS3
x-amz-cf-pop: ZRH50-C1
etag: "471e7eb559e4764c0b3fd0dabe629439"
x-cache: RefreshHit from cloudfront
content-type: image/jpeg
cache-control: max-age = 31536000
date: Wed, 17 Nov 2021 04:18:13 GMT
accept-ranges: bytes
content-length: 21250
x-amz-cf-id: cAqqyvl0CNt5lOw9RkAlZnHe7RPtq36ZGjG2bZH54AseGhYUhYdYGw==

GET
H2 200 1365999.jpg
apicms.thestar.com.my/uploads/images/2021/11/12/thumbs/medium/ 13 KB
14 KB 216ms
216ms Image
image/jpeg 13.224.96.50
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://apicms.thestar.com.my/uploads/images/2021/11/12/thumbs/medium/1365999.jpg
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-50.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f292ffd2720dcc16f9f5e2f0406eaf3a8986f0f026bbe883feeeddfe56b9e21c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 8455bcb2c0203b0c4ee93b610d75e69b.cloudfront.net (CloudFront)
last-modified: Fri, 12 Nov 2021 11:10:40 GMT
server: AmazonS3
x-amz-cf-pop: ZRH50-C1
etag: "f3dcad09a028a683acdaf431399cca28"
x-cache: RefreshHit from cloudfront
content-type: image/jpeg
cache-control: max-age = 31536000
date: Wed, 17 Nov 2021 04:18:12 GMT
accept-ranges: bytes
content-length: 13455
x-amz-cf-id: kh9CCzUx4NdAf1pCAHFuXbPr0bHQCB1XpTwQQ8tvFuWtnUjrYtBryA==

GET
H2 200 1369466.jpg
apicms.thestar.com.my/uploads/images/2021/11/16/thumbs/medium/ 14 KB
14 KB 753ms
753ms Image
image/jpeg 13.224.96.50
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://apicms.thestar.com.my/uploads/images/2021/11/16/thumbs/medium/1369466.jpg
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-50.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3727afb5c918a198e396e78d8e77e77d2423dd2c894ba774f6d6dc9a8a854436

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 8455bcb2c0203b0c4ee93b610d75e69b.cloudfront.net (CloudFront)
last-modified: Tue, 16 Nov 2021 01:14:01 GMT
server: AmazonS3
x-amz-cf-pop: ZRH50-C1
etag: "36e859c9ada07ce6f235ff358b5a2175"
x-cache: RefreshHit from cloudfront
content-type: image/jpeg
cache-control: max-age = 31536000
date: Wed, 17 Nov 2021 04:18:13 GMT
accept-ranges: bytes
content-length: 13840
x-amz-cf-id: lyqvzsEBtBAPtDVXG4VUPwnalTwauWMZh_ron3fCUWXezEs1fgiWiQ==

GET
H2 200 play-icon.png
www.thestar.com.my/theme_metro/images/ 835 B
1 KB 392ms
392ms Image
image/png 13.224.96.126
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thestar.com.my/theme_metro/images/play-icon.png
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-126.zrh50.r.cloudfront.net
Software: nginx /
Resource Hash: 42ba00577dd09005be874a620fec2c0c9bef0a72ccf4ae82337f8fbb1de0a7ac

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: public
date: Wed, 17 Nov 2021 04:18:11 GMT
via: 1.1 1437ff2cfbc1ea8c7a36e6b0ce6e935a.cloudfront.net (CloudFront)
last-modified: Thu, 18 Jul 2019 06:35:12 GMT
server: nginx
x-amz-cf-pop: ZRH50-C1
etag: "5d301320-343"
x-cache: Miss from cloudfront
content-type: image/png
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 835
x-amz-cf-id: mkGX62PBY8fPMsLO5KTVrr8bQb_vr2oQHDYGNZnzq8_M6ADLN9W0gQ==
expires: Fri, 17 Dec 2021 04:18:11 GMT

POST
H2 200 lifestyleKicker Show response
www.thestar.com.my/ 60 B
1 KB 377ms
377ms XHR
application/json 13.224.96.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com.my/lifestyleKicker

Requested by

Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.126 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-126.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

c3783d965f0a52b3b6531507e7d3dee751aa52ad9a6a34b7449e23a3c8914631

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://www.thestar.com.my/lifestyle
X-NewRelic-ID: VgIEVF9QChADU1hQAAUGUFc=
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Wed, 17 Nov 2021 04:18:12 GMT
content-encoding: gzip
x-amz-cf-pop: ZRH50-C1
via: 1.1 1437ff2cfbc1ea8c7a36e6b0ce6e935a.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-newrelic-app-data: PxQFVVVWAQACR1JVDgMAUlUHBRFORDQHUjZKA1ZLVVFHDFYPbU5yARBfWA86THlDQDg9KkNFRzo4clldFhQMDlwHShFkZHVYUh16Dl8VQQ0IWlITJg9RVVUXFRtbVHwPB1pTQUBKU0wAUghSCBQEHANVAFAITR5TSBQHUFRUAQsHB1BbUgMPVQYBFB8EBw8RVT8=
server: nginx
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://dev-smebizhub.starmediagroup.my
cache-control: no-cache, private
access-control-allow-headers: Access-Control-Allow-Headers, Access-Control-Allow-Origin, Content-Type
x-amz-cf-id: TIvFdJhGfAVjOUvlLgqfluZhAGGbfmDMgSh56wjN-dnR6kFOvRyEVQ==

POST
H2 200 lifestyleKicker Show response
www.thestar.com.my/ 60 B
1 KB 383ms
382ms XHR
application/json 13.224.96.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com.my/lifestyleKicker

Requested by

Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.126 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-126.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

163c3e85cf9f3f0812448da182d8f6f3d4fd4bde0ca0f05cafc0ed4e29e56668

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://www.thestar.com.my/lifestyle
X-NewRelic-ID: VgIEVF9QChADU1hQAAUGUFc=
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Wed, 17 Nov 2021 04:18:12 GMT
content-encoding: gzip
x-amz-cf-pop: ZRH50-C1
via: 1.1 1437ff2cfbc1ea8c7a36e6b0ce6e935a.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-newrelic-app-data: PxQFVVVWAQACR1JVDgMAUlUHBRFORDQHUjZKA1ZLVVFHDFYPbU5yARBfWA86THlDQDg9KkNFRzo4clldFhQMDlwHShFkZHVYUh16Dl8VQQ0IWlITJg9RVVUXFRtbVHwPB1pTQUBKU0wAUghSCBQEHANUCFEATR5TSBRWUAMAWgsJVlJUDgEFV1YBFB8EBw8RVT8=
server: nginx
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://dev-smebizhub.starmediagroup.my
cache-control: no-cache, private
access-control-allow-headers: Access-Control-Allow-Headers, Access-Control-Allow-Origin, Content-Type
x-amz-cf-id: gIncLNfDEF2hnLgJ6nPdF80Vt8nbCQW5azWC8-vleMPPS7yHIYcBzA==

POST
H2 200 lifestyleKicker Show response
www.thestar.com.my/ 60 B
1 KB 377ms
377ms XHR
application/json 13.224.96.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com.my/lifestyleKicker

Requested by

Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.126 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-126.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

c3783d965f0a52b3b6531507e7d3dee751aa52ad9a6a34b7449e23a3c8914631

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://www.thestar.com.my/lifestyle
X-NewRelic-ID: VgIEVF9QChADU1hQAAUGUFc=
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Wed, 17 Nov 2021 04:18:12 GMT
content-encoding: gzip
x-amz-cf-pop: ZRH50-C1
via: 1.1 1437ff2cfbc1ea8c7a36e6b0ce6e935a.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-newrelic-app-data: PxQFVVVWAQACR1JVDgMAUlUHBRFORDQHUjZKA1ZLVVFHDFYPbU5yARBfWA86THlDQDg9KkNFRzo4clldFhQMDlwHShFkZHVYUh16Dl8VQQ0IWlITJg9RVVUXFRtbVHwPB1pTQUBKU0wAUghSCBQEHANUClYBTR5TSBQFUFdXWgVVBlJQUwJWAlNVFB8EBw8RVT8=
server: nginx
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://dev-smebizhub.starmediagroup.my
cache-control: no-cache, private
access-control-allow-headers: Access-Control-Allow-Headers, Access-Control-Allow-Origin, Content-Type
x-amz-cf-id: MvD_oWAZhrt4AFewKMlLR2iHyiaHXBxJ1OF8tP7Y3vXceY-IqBaJog==

POST
H2 200 lifestyleKicker Show response
www.thestar.com.my/ 72 B
1 KB 381ms
381ms XHR
application/json 13.224.96.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com.my/lifestyleKicker

Requested by

Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.126 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-126.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

2e93ddaf28512c13d2e11ffe5c5257f0844783028ce9313714473404ab46b861

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://www.thestar.com.my/lifestyle
X-NewRelic-ID: VgIEVF9QChADU1hQAAUGUFc=
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Wed, 17 Nov 2021 04:18:13 GMT
content-encoding: gzip
x-amz-cf-pop: ZRH50-C1
via: 1.1 1437ff2cfbc1ea8c7a36e6b0ce6e935a.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-newrelic-app-data: PxQFVVVWAQACR1JVDgMAUlUHBRFORDQHUjZKA1ZLVVFHDFYPbU5yARBfWA86THlDQDg9KkNFRzo4clldFhQMDlwHShFkZHVYUh16Dl8VQQ0IWlITJg9RVVUXFRtbVHwPB1pTQUBKU0wAUghSCBQEHANUClMGTR5TSBQBUFZWAAUGXQIGVgMDVVFSFB8EBw8RVT8=
server: nginx
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://dev-smebizhub.starmediagroup.my
cache-control: no-cache, private
access-control-allow-headers: Access-Control-Allow-Headers, Access-Control-Allow-Origin, Content-Type
x-amz-cf-id: jwyiCrMZ_2Bk28FrtKUo5_sMD0JWUYXEeDJiUHQHrVeAz6IUHNrdzg==

POST
H2 200 lifestyleKicker Show response
www.thestar.com.my/ 62 B
1 KB 378ms
378ms XHR
application/json 13.224.96.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com.my/lifestyleKicker

Requested by

Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.126 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-126.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

bd4c14105660251a9a4fdc5ccad92bba46e6f995a9ebc54675c9f3b89ed9154b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://www.thestar.com.my/lifestyle
X-NewRelic-ID: VgIEVF9QChADU1hQAAUGUFc=
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Wed, 17 Nov 2021 04:18:13 GMT
content-encoding: gzip
x-amz-cf-pop: ZRH50-C1
via: 1.1 1437ff2cfbc1ea8c7a36e6b0ce6e935a.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-newrelic-app-data: PxQFVVVWAQACR1JVDgMAUlUHBRFORDQHUjZKA1ZLVVFHDFYPbU5yARBfWA86THlDQDg9KkNFRzo4clldFhQMDlwHShFkZHVYUh16Dl8VQQ0IWlITJg9RVVUXFRtbVHwPB1pTQUBKU0wAUghSCBQEHANUD1ABTR5TSBRWWFdQDQpTVwBXA1IBVFQGFB8EBw8RVT8=
server: nginx
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://dev-smebizhub.starmediagroup.my
cache-control: no-cache, private
access-control-allow-headers: Access-Control-Allow-Headers, Access-Control-Allow-Origin, Content-Type
x-amz-cf-id: EqH8aZb4-rVvopG1rK0QavVJfs-ZOHmXn8fV7VAuUfneaEz4tVTvwQ==

POST
H2 200 lifestyleKicker Show response
www.thestar.com.my/ 60 B
1 KB 378ms
378ms XHR
application/json 13.224.96.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com.my/lifestyleKicker

Requested by

Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.126 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-126.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

163c3e85cf9f3f0812448da182d8f6f3d4fd4bde0ca0f05cafc0ed4e29e56668

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://www.thestar.com.my/lifestyle
X-NewRelic-ID: VgIEVF9QChADU1hQAAUGUFc=
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Wed, 17 Nov 2021 04:18:13 GMT
content-encoding: gzip
x-amz-cf-pop: ZRH50-C1
via: 1.1 1437ff2cfbc1ea8c7a36e6b0ce6e935a.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-newrelic-app-data: PxQFVVVWAQACR1JVDgMAUlUHBRFORDQHUjZKA1ZLVVFHDFYPbU5yARBfWA86THlDQDg9KkNFRzo4clldFhQMDlwHShFkZHVYUh16Dl8VQQ0IWlITJg9RVVUXFRtbVHwPB1pTQUBKU0wAUghSCBQEHANUCFQITR5TSBQOAwdXCVFTBwJSAVUDXlxUFB8EBw8RVT8=
server: nginx
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://dev-smebizhub.starmediagroup.my
cache-control: no-cache, private
access-control-allow-headers: Access-Control-Allow-Headers, Access-Control-Allow-Origin, Content-Type
x-amz-cf-id: xJr6wWtY2lKYioPa__BFkgV6Y3tDS85-s4ASngs7wUdC0v1zCQVbYw==

POST
H2 200 lifestyleKicker Show response
www.thestar.com.my/ 62 B
1 KB 203ms
202ms XHR
application/json 13.224.96.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com.my/lifestyleKicker

Requested by

Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.126 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-126.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

bd4c14105660251a9a4fdc5ccad92bba46e6f995a9ebc54675c9f3b89ed9154b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://www.thestar.com.my/lifestyle
X-NewRelic-ID: VgIEVF9QChADU1hQAAUGUFc=
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Wed, 17 Nov 2021 04:18:14 GMT
content-encoding: gzip
x-amz-cf-pop: ZRH50-C1
via: 1.1 1437ff2cfbc1ea8c7a36e6b0ce6e935a.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-newrelic-app-data: PxQFVVVWAQACR1JVDgMAUlUHBRFORDQHUjZKA1ZLVVFHDFYPbU5yARBfWA86THlDQDg9KkNFRzo4clldFhQMDlwHShFkZHVYUh16Dl8VQQ0IWlITJg9RVVUXFRtbVHwPB1pTQUBKU0wAUghSCBQEHANUC1MATR5TSBQAA1NTC1cJXFcHBFNTUlNVFB8EBw8RVT8=
server: nginx
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://dev-smebizhub.starmediagroup.my
cache-control: no-cache, private
access-control-allow-headers: Access-Control-Allow-Headers, Access-Control-Allow-Origin, Content-Type
x-amz-cf-id: XNuC5ncugSy-Nm3zStT_vf5P9q15Nd2xcDzejZGthFzuNp_tQUp6hw==

POST
H2 200 lifestyleKicker Show response
www.thestar.com.my/ 62 B
1 KB 376ms
376ms XHR
application/json 13.224.96.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com.my/lifestyleKicker

Requested by

Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.126 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-126.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

bd4c14105660251a9a4fdc5ccad92bba46e6f995a9ebc54675c9f3b89ed9154b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://www.thestar.com.my/lifestyle
X-NewRelic-ID: VgIEVF9QChADU1hQAAUGUFc=
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Wed, 17 Nov 2021 04:18:14 GMT
content-encoding: gzip
x-amz-cf-pop: ZRH50-C1
via: 1.1 1437ff2cfbc1ea8c7a36e6b0ce6e935a.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-newrelic-app-data: PxQFVVVWAQACR1JVDgMAUlUHBRFORDQHUjZKA1ZLVVFHDFYPbU5yARBfWA86THlDQDg9KkNFRzo4clldFhQMDlwHShFkZHVYUh16Dl8VQQ0IWlITJg9RVVUXFRtbVHwPB1pTQUBKU0wAUghSCBQEHANVAFMJTR5TSBQBUQdWXFBVUVEAUgJTVFBTFB8EBw8RVT8=
server: nginx
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://dev-smebizhub.starmediagroup.my
cache-control: no-cache, private
access-control-allow-headers: Access-Control-Allow-Headers, Access-Control-Allow-Origin, Content-Type
x-amz-cf-id: pYH-aSbZ1gPRpi_Yq0W4oTGpS0-xniKYRQBHvFSJNUU8rFdDobAH3w==

POST
H2 200 lifestyleKicker Show response
www.thestar.com.my/ 72 B
1 KB 200ms
200ms XHR
application/json 13.224.96.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com.my/lifestyleKicker

Requested by

Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.126 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-126.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

2e93ddaf28512c13d2e11ffe5c5257f0844783028ce9313714473404ab46b861

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://www.thestar.com.my/lifestyle
X-NewRelic-ID: VgIEVF9QChADU1hQAAUGUFc=
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Wed, 17 Nov 2021 04:18:14 GMT
content-encoding: gzip
x-amz-cf-pop: ZRH50-C1
via: 1.1 1437ff2cfbc1ea8c7a36e6b0ce6e935a.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-newrelic-app-data: PxQFVVVWAQACR1JVDgMAUlUHBRFORDQHUjZKA1ZLVVFHDFYPbU5yARBfWA86THlDQDg9KkNFRzo4clldFhQMDlwHShFkZHVYUh16Dl8VQQ0IWlITJg9RVVUXFRtbVHwPB1pTQUBKU0wAUghSCBQEHANUCVUBTR5TSBRVUlZRCwJVXVNbVgIEVQACFB8EBw8RVT8=
server: nginx
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://dev-smebizhub.starmediagroup.my
cache-control: no-cache, private
access-control-allow-headers: Access-Control-Allow-Headers, Access-Control-Allow-Origin, Content-Type
x-amz-cf-id: Pw_AFnAIvn7_JqP-jRSUx-8VPH5ONogISKZnlxErBMEeRe-u6fsD4w==

GET
H2 200 tsol-default-image2017.png
cdn.thestar.com.my/Themes/img/ 6 KB
7 KB 43ms
43ms Image
image/png 13.224.96.73
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.thestar.com.my/Themes/img/tsol-default-image2017.png
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-73.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: be20d3ed7bdef0c2f7fa9c3da50988bb1ae4c5aa7495bafa13f72b4cd487f35f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: RCRcVtVZ9_oPQK7WY22HSnqO5is_qVf6
via: 1.1 5e318b3ea3fa81a8c20898c2f8c40e7c.cloudfront.net (CloudFront)
etag: "4ebc3a7f3379462dc5b4939706877446"
last-modified: Thu, 01 Oct 2020 02:15:06 GMT
server: AmazonS3
x-amz-cf-pop: ZRH50-C1
x-amz-meta-cb-modifiedtime: Tue, 04 Feb 2020 07:44:13 GMT
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=604800
date: Wed, 17 Nov 2021 04:18:14 GMT
accept-ranges: bytes
content-length: 6282
x-amz-cf-id: rZhpJCv6UID5xJQk7QRfRLgmgVmk64iOO8ZGpJCXIAdgda7yMupeXQ==

GET
H2 200 1369469.jpg
apicms.thestar.com.my/uploads/images/2021/11/16/thumbs/medium/ 12 KB
12 KB 795ms
794ms Image
image/jpeg 13.224.96.50
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://apicms.thestar.com.my/uploads/images/2021/11/16/thumbs/medium/1369469.jpg
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-50.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 682a653421b444fc54a05524d6d8f7258d2748823a16b7837bf25ed7d312758d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 8455bcb2c0203b0c4ee93b610d75e69b.cloudfront.net (CloudFront)
last-modified: Tue, 16 Nov 2021 01:17:09 GMT
server: AmazonS3
x-amz-cf-pop: ZRH50-C1
etag: "fe2659ef4e36b3c5e811069bdfb27960"
x-cache: RefreshHit from cloudfront
content-type: image/jpeg
cache-control: max-age = 31536000
date: Wed, 17 Nov 2021 04:18:16 GMT
accept-ranges: bytes
content-length: 12290
x-amz-cf-id: b8pYRpTxo1UVKxOpsfYsQvnwR32zUgZBcpUljiOYPwGEeVlV9Ral9Q==

GET
H2 200 1369505.png
apicms.thestar.com.my/uploads/images/2021/11/16/thumbs/medium/ 135 KB
136 KB 777ms
776ms Image
image/png 13.224.96.50
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://apicms.thestar.com.my/uploads/images/2021/11/16/thumbs/medium/1369505.png
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-50.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c928054865b7c55e58d9ea7bc74eef4a1231011f0c3d0d3e32ba80325a9fb7aa

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 8455bcb2c0203b0c4ee93b610d75e69b.cloudfront.net (CloudFront)
last-modified: Tue, 16 Nov 2021 02:19:05 GMT
server: AmazonS3
x-amz-cf-pop: ZRH50-C1
etag: "be49f8674d31d7fc6eabc7a8eb124096"
x-cache: RefreshHit from cloudfront
content-type: image/png
cache-control: max-age = 31536000
date: Wed, 17 Nov 2021 04:18:16 GMT
accept-ranges: bytes
content-length: 138552
x-amz-cf-id: 0KgEvUVKWVCbl4EFHU6dfvO2zVRDI0GKmiB-8Wy_5QLa6NYQZntB1w==

GET
H2 200 1368105.jpg
apicms.thestar.com.my/uploads/images/2021/11/15/thumbs/medium/ 19 KB
19 KB 765ms
764ms Image
image/jpeg 13.224.96.50
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://apicms.thestar.com.my/uploads/images/2021/11/15/thumbs/medium/1368105.jpg
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-50.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a7154e30d27e968a79e0ead53a408d7ddf321a39d907b910b5ae76c3a7c1daee

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 8455bcb2c0203b0c4ee93b610d75e69b.cloudfront.net (CloudFront)
last-modified: Sun, 14 Nov 2021 16:40:34 GMT
server: AmazonS3
x-amz-cf-pop: ZRH50-C1
etag: "ecf476e5495d4b799fbe8e500df9a267"
x-cache: RefreshHit from cloudfront
content-type: image/jpeg
cache-control: max-age = 31536000
date: Wed, 17 Nov 2021 04:18:16 GMT
accept-ranges: bytes
content-length: 19556
x-amz-cf-id: sDehMjuxc0KiETI-XCRZ_z-4d5pRrWlnutb1ZdGL--Vi7FeZ2M9VrQ==

GET
H2 200 1369358.jpg
apicms.thestar.com.my/uploads/images/2021/11/16/thumbs/medium/ 15 KB
16 KB 776ms
775ms Image
image/jpeg 13.224.96.50
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://apicms.thestar.com.my/uploads/images/2021/11/16/thumbs/medium/1369358.jpg
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-50.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 671eb2326d3cabe86d9e01b1ed181397faa7d99118e65f7df820563172246009

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 8455bcb2c0203b0c4ee93b610d75e69b.cloudfront.net (CloudFront)
last-modified: Mon, 15 Nov 2021 20:11:38 GMT
server: AmazonS3
x-amz-cf-pop: ZRH50-C1
etag: "3b1fa020cd7b72d7feb92b8c4185f7d3"
x-cache: RefreshHit from cloudfront
content-type: image/jpeg
cache-control: max-age = 31536000
date: Wed, 17 Nov 2021 04:18:16 GMT
accept-ranges: bytes
content-length: 15865
x-amz-cf-id: BsXId5C8XJG2HpJ27FyKQp-wXkCB87_SRgyKLzwbucyxrd6shuo1nQ==

GET
H2 200 1369465.jpg
apicms.thestar.com.my/uploads/images/2021/11/16/thumbs/medium/ 31 KB
32 KB 766ms
766ms Image
image/jpeg 13.224.96.50
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://apicms.thestar.com.my/uploads/images/2021/11/16/thumbs/medium/1369465.jpg
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-50.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e5230377bffd513e158a99813cb18c03ff740cbb726c5990bc03fcf99fe6242c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 04:18:16 GMT
via: 1.1 8455bcb2c0203b0c4ee93b610d75e69b.cloudfront.net (CloudFront)
last-modified: Tue, 16 Nov 2021 01:11:52 GMT
server: AmazonS3
x-amz-cf-pop: ZRH50-C1
etag: "ecab82315d89935f4b7a0fe8dfec2790"
x-cache: Miss from cloudfront
x-amz-version-id: null
cache-control: max-age = 31536000
accept-ranges: bytes
content-type: image/jpeg
content-length: 32076
x-amz-cf-id: oR4LfZvqahyWV4gjVTuMN6Uf2WNf1b2PQid0jkRlUXcejTeIh-JhPw==

GET
H2 200 1369046.jpg
apicms.thestar.com.my/uploads/images/2021/11/15/thumbs/medium/ 19 KB
19 KB 227ms
227ms Image
image/jpeg 13.224.96.50
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://apicms.thestar.com.my/uploads/images/2021/11/15/thumbs/medium/1369046.jpg
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-50.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 65255ba335c614b8ac7259426aaeccff7e9578f3a8bc0903bb597c9c4b11deec

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 04:18:15 GMT
via: 1.1 8455bcb2c0203b0c4ee93b610d75e69b.cloudfront.net (CloudFront)
last-modified: Mon, 15 Nov 2021 13:05:16 GMT
server: AmazonS3
x-amz-cf-pop: ZRH50-C1
etag: "0fce99efa23bb14efc3a44a362765021"
x-cache: Miss from cloudfront
x-amz-version-id: null
cache-control: max-age = 31536000
accept-ranges: bytes
content-type: image/jpeg
content-length: 19166
x-amz-cf-id: adI3AWawVff98rFh5qFc_PTQi2M-W_oQg7iWYs5prPU8twskgrUuAw==

GET
H2 200 1368910.jpg
apicms.thestar.com.my/uploads/images/2021/11/15/thumbs/medium/ 15 KB
15 KB 797ms
797ms Image
image/jpeg 13.224.96.50
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://apicms.thestar.com.my/uploads/images/2021/11/15/thumbs/medium/1368910.jpg
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-50.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 485c962ce095e1a1364d1a34b15c9e8b12a24736dc9dcfb365ac2ccd9cfd30ee

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 8455bcb2c0203b0c4ee93b610d75e69b.cloudfront.net (CloudFront)
last-modified: Mon, 15 Nov 2021 11:24:39 GMT
server: AmazonS3
x-amz-cf-pop: ZRH50-C1
etag: "4dba2975bba18b35eb2d43805423fe0d"
x-cache: RefreshHit from cloudfront
content-type: image/jpeg
cache-control: max-age = 31536000
date: Wed, 17 Nov 2021 04:18:16 GMT
accept-ranges: bytes
content-length: 15189
x-amz-cf-id: c6pi_yMhB8K4i-lmM7iLCoxkRz9nYr7LhViHoYj-0EC2tYzziNqxPg==

GET
H2 200 fontawesome-webfont.woff2
cdn.thestar.com.my/Themes/fonts/ 75 KB
76 KB 14ms
14ms Font
binary/octet-stream 13.224.96.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.thestar.com.my/Themes/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by: Host: cdn.thestar.com.my
URL: https://cdn.thestar.com.my/Themes/css/font-awesome.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-73.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer: https://cdn.thestar.com.my/Themes/css/font-awesome.min.css
Origin: https://www.thestar.com.my
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: ZzJSZtVVrlqTf6sRJI1XVNyPPupEdB22
via: 1.1 af287426c130b47dba79bf825f91ebbb.cloudfront.net (CloudFront)
etag: "af7ae505a9eed503f8b8e6982036873e"
age: 3067
x-cache: Hit from cloudfront
access-control-max-age: 3000
content-length: 77160
last-modified: Thu, 01 Oct 2020 02:18:02 GMT
server: AmazonS3
date: Wed, 17 Nov 2021 03:31:06 GMT
vary: Origin
access-control-allow-methods: GET, PUT, POST, HEAD
content-type: binary/octet-stream
access-control-allow-origin: *
cache-control: max-age=606000
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
x-amz-cf-id: L6XDGWDpjdKsvxncVfnHCTuBT8ARXGeHF-CJk9QrSXo8Yc3mdpRYFQ==

GET
H2 200 container.html Show response
6f3ae07be95ae97387d8b294da3b5285.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 1A67 6 KB
3 KB 308ms
6ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://6f3ae07be95ae97387d8b294da3b5285.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Wed, 17 Nov 2021 04:18:11 GMT
expires: Thu, 17 Nov 2022 04:18:11 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 17112021.jpg
cdn.thestar.com.my/Content/Comic/2021/11/ 420 KB
421 KB 773ms
772ms Image
image/jpeg 13.224.96.73
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.thestar.com.my/Content/Comic/2021/11/17112021.jpg
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-73.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b6f5e2d0c163cc82b4f436384379acca5764b75e93e6ea07eae82a5abe224273

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: En.BSquCO23hlgGzc8XKDR9tYnwj7hrG
via: 1.1 5e318b3ea3fa81a8c20898c2f8c40e7c.cloudfront.net (CloudFront)
last-modified: Tue, 16 Nov 2021 02:01:07 GMT
server: AmazonS3
x-amz-cf-pop: ZRH50-C1
etag: "a4c4b4e0edc779183b0655f5577b56b7"
x-cache: RefreshHit from cloudfront
content-type: image/jpeg
date: Wed, 17 Nov 2021 04:18:16 GMT
accept-ranges: bytes
content-length: 430294
x-amz-cf-id: lt0OlZNDujyNYqoVK2ae4m289iF0aUA6zX-f5JF_6imbw8TlarADcQ==

GET
H2 200 lifestyle.json Show response
cdn.thestar.com.my/Components/MostViewed/ 47 KB
9 KB 720ms
720ms XHR
application/json 13.224.96.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.thestar.com.my/Components/MostViewed/lifestyle.json
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-73.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8751e8f60194bd781cd21a3bd9dd0d5042c8d4e2f1b9e3135f07655f0d62d10c

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.thestar.com.my/lifestyle
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 04:18:16 GMT
content-encoding: gzip
vary: Accept-Encoding,Origin
x-amz-cf-pop: ZRH50-C1
x-cache: Miss from cloudfront
access-control-allow-origin: *
last-modified: Wed, 17 Nov 2021 03:20:48 GMT
server: AmazonS3
etag: W/"ac1fd72aab1d07a09b9fe5e63e7c262b"
access-control-max-age: 3000
access-control-allow-methods: GET, PUT, POST, HEAD
x-amz-version-id: 1luOeyu_8VrLe4dcK_G.IzYb9kGQxU.K
via: 1.1 af287426c130b47dba79bf825f91ebbb.cloudfront.net (CloudFront)
cache-control: max-age=180
content-type: application/json
x-amz-cf-id: w_4M09VU_eD82_95_ozVG20ZaLsW2dUpsJd5XtCipl2jOXJIWlPMaw==

GET
H2 200 TVGuide.txt Show response
cdn.thestar.com.my/Components/TVGuide/ 3 KB
1 KB 765ms
765ms XHR
application/json 13.224.96.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.thestar.com.my/Components/TVGuide/TVGuide.txt?v=1637122694847
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-73.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: edeffc3a54b35d31c40bd21aa88047128eeb87c177b2871cbc49e6a604cd0eac

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 04:18:16 GMT
content-encoding: gzip
vary: Accept-Encoding
x-amz-cf-pop: ZRH50-C1
x-cache: Miss from cloudfront
access-control-allow-origin: *
last-modified: Wed, 17 Nov 2021 04:13:57 GMT
server: AmazonS3
etag: W/"972cabe17c13d45da244b98a4c965d29"
access-control-max-age: 3000
access-control-allow-methods: GET, PUT, POST, HEAD
x-amz-version-id: 3vSBiIhRf4RXpLvPWVsqPBysCpp3ozNQ
via: 1.1 af287426c130b47dba79bf825f91ebbb.cloudfront.net (CloudFront)
cache-control: max-age=180
content-type: application/json
x-amz-cf-id: o1VempEdYuUcds0Jc6QBda4R7hec4nqN5L62D4acrkiZ4nKFXxtOhA==

GET
DATA 200
OK truncated
/ Frame D53F 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 667879646d8ae08e9e41d3f95b686e80b8bae69f53d2d87943b1ce4a3a075765

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 1364051.jpg
apicms.thestar.com.my/uploads/images/2021/11/11/thumbs/small/ 4 KB
5 KB 770ms
770ms Image
image/jpeg 13.224.96.50
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://apicms.thestar.com.my/uploads/images/2021/11/11/thumbs/small/1364051.jpg
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-50.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 38487eeebe1c08174ea474f7d754dc8b65dd732ecd1ba5fdcd6ffb28624d237c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 8455bcb2c0203b0c4ee93b610d75e69b.cloudfront.net (CloudFront)
last-modified: Thu, 11 Nov 2021 05:49:48 GMT
server: AmazonS3
x-amz-cf-pop: ZRH50-C1
etag: "073f2f070748bcfc5c41d2591c07e5cb"
x-cache: RefreshHit from cloudfront
content-type: image/jpeg
cache-control: max-age = 31536000
date: Wed, 17 Nov 2021 04:18:16 GMT
accept-ranges: bytes
content-length: 4294
x-amz-cf-id: OrEw03Py2OP-fdDmDt4sLTIz4_Gfl6LvBL6M-DR-Qqnj_nm74ZSAXQ==

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 19 B
702 B 16ms
16ms XHR
application/json 185.33.221.52
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.52 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

725.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.thestar.com.my/lifestyle
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 17 Nov 2021 04:18:14 GMT
X-Proxy-Origin: 136.243.198.83; 136.243.198.83; 725.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 9a061e09-920e-4a1d-b9b3-42df9584d961
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.thestar.com.my
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 19 B
702 B 28ms
13ms XHR
application/json 185.33.221.52
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.52 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

725.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.thestar.com.my/lifestyle
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 17 Nov 2021 04:18:14 GMT
X-Proxy-Origin: 136.243.198.83; 136.243.198.83; 725.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: bcea515a-c10d-4d7a-bed7-ce7ebd86be84
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.thestar.com.my
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 31ms
16ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.thestar.com.my

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 17 Nov 2021 04:18:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 317ms
15ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.thestar.com.my

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 17 Nov 2021 04:18:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 18 KB
8 KB 48ms
48ms XHR
text/plain 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=458646202015815&correlator=2957100398335289&output=ldjh&impl=fifs&eid=44748552&vrg=2021111101&ptt=17&sc=1&sfv=1-0-38&ecs=20211117&iu_parts=21764785206%2CDesktop%2CDesktop_TSOL%2CDesktop_TSOL_Index%2CDesktop_TSOL_Index_Mid%2CDesktop_TSOL_Index_Mid_Slider&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2F5&prev_iu_szs=1x1&eri=1&cust_params=CxSegments%3D%26smg-page%3DLifestyle&cookie=ID%3D6b175079070c0316%3AT%3D1637122691%3AS%3DALNI_MapJ0r0q-vPXLQi4JG-ehcNZ1FOXA&bc=31&abxe=1&lmt=1637122694&dt=1637122694899&dlt=1637122690123&idt=1037&frm=20&biw=1600&bih=1200&oid=2&adxs=180&adys=5764&adks=435363810&ucis=5&ifi=5&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.thestar.com.my%2Flifestyle&vis=1&dmc=8&scr_x=0&scr_y=0&psz=820x2158&msz=820x0&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H8_DZVchv-TZ_4Cd-12-8NL2UNTaFSLLplhc7mzmZSL5u0fMe6X_IEzrGbyu7NMzmlc0CdUlcaKaw6STcO0VoW7rnFSFSAHBLCA5Crtyt5d&ga_vid=763206404.1637122692&ga_sid=1637122692&ga_hid=1391293907&ga_fc=false&fws=4&ohw=1600&btvi=2&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

ec4f00b991d0f3ed55cdd1c2dab2e9222ac94b4f184e06f7621b2bd285d13010

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 04:18:14 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8633
x-xss-protection: 0
google-lineitem-id: 5529441009
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138345474143
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.thestar.com.my
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pubads_impl_2021111101.js Show response
securepubads.g.doubleclick.net/gpt/ Frame D53F 343 KB
115 KB 17ms
17ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111101.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

sffe /

Resource Hash

604496ee6acca620cd59265c2302f6a03fe02d65bc5306d952f0fa94d92fa5c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 04:18:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 117937
x-xss-protection: 0
last-modified: Thu, 11 Nov 2021 09:34:48 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 17 Nov 2021 04:18:14 GMT

GET
H2 200 1355535.jpg
apicms.thestar.com.my/uploads/images/2021/11/03/thumbs/small/ 7 KB
8 KB 765ms
764ms Image
image/jpeg 13.224.96.50
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://apicms.thestar.com.my/uploads/images/2021/11/03/thumbs/small/1355535.jpg
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-50.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 466b6211be89a10f64b78113f93049ecdcaa2f208fa32fa83f845a6aecef935e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 8455bcb2c0203b0c4ee93b610d75e69b.cloudfront.net (CloudFront)
last-modified: Wed, 03 Nov 2021 07:51:57 GMT
server: AmazonS3
x-amz-cf-pop: ZRH50-C1
etag: "65a736e148d115f679632fb466b1e555"
x-cache: RefreshHit from cloudfront
content-type: image/jpeg
cache-control: max-age = 31536000
date: Wed, 17 Nov 2021 04:18:16 GMT
accept-ranges: bytes
content-length: 7612
x-amz-cf-id: hSxLCI_yAkWXhDLCWsdfSD9h2zeSsbInCsNNZBp3vXQpSEuMyhNMnA==

GET
H2 200 1346403.jpg
apicms.thestar.com.my/uploads/images/2021/10/27/thumbs/small/ 10 KB
10 KB 772ms
772ms Image
image/jpeg 13.224.96.50
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://apicms.thestar.com.my/uploads/images/2021/10/27/thumbs/small/1346403.jpg
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-50.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9fc359cb8bd1a9505cb76ee31404f7b8ec5fb6a665e7f1922ab42edd00acf3e5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 8455bcb2c0203b0c4ee93b610d75e69b.cloudfront.net (CloudFront)
last-modified: Wed, 27 Oct 2021 05:38:55 GMT
server: AmazonS3
x-amz-cf-pop: ZRH50-C1
etag: "62d2f89e5912174f7b54e424d9269af9"
x-cache: RefreshHit from cloudfront
content-type: image/jpeg
cache-control: max-age = 31536000
date: Wed, 17 Nov 2021 04:18:16 GMT
accept-ranges: bytes
content-length: 10257
x-amz-cf-id: f3LHuSV7TYtJ8m99pP_goAwL7Rsukg2_1kXP9nKqpEcOuvUmSI1SQQ==

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 14 KB
8 KB 252ms
251ms XHR
text/plain 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=458646202015815&correlator=820737913875013&output=ldjh&impl=fifs&eid=44748552&vrg=2021111101&ptt=17&sc=1&sfv=1-0-38&ecs=20211117&iu_parts=21764785206%2CResponsive%2CResponsive_TSOL%2CResponsive_TSOL_Lifestyle%2CResponsive_TSOL_Lifestyle_ATF%2CResponsive_TSOL_Lifestyle_ATF_Rect&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2F5&prev_iu_szs=300x250&eri=1&cust_params=CxSegments%3D%26smg-page%3DLifestyle&cookie=ID%3D6b175079070c0316%3AT%3D1637122691%3AS%3DALNI_MapJ0r0q-vPXLQi4JG-ehcNZ1FOXA&bc=31&abxe=1&lmt=1637122694&dt=1637122694967&dlt=1637122690123&idt=1037&frm=20&biw=1600&bih=1200&oid=2&adxs=1035&adys=1050&adks=3227237424&ucis=6&ifi=6&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.thestar.com.my%2Flifestyle&vis=1&dmc=8&scr_x=0&scr_y=0&psz=370x0&msz=370x0&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H8_DZVchv-TZ_4Cd-12-8NL2UNTaFSLLplhc7mzmZSL5u0fMe6X_IEzrGbyu7NMzmlc0CdUlcaKaw6STcO0VoW7rnFSFSAHBLCA5Crtyt5d&ga_vid=763206404.1637122692&ga_sid=1637122692&ga_hid=1391293907&ga_fc=false&fws=4&ohw=420&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

bf2b0219a342862381f2a65d4f67a9f1a29cbe8f48187796f9c37f4d84d417c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 04:18:15 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8504
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.thestar.com.my
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 14 KB
8 KB 237ms
237ms XHR
text/plain 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=458646202015815&correlator=2176210707591923&output=ldjh&impl=fifs&eid=44748552&vrg=2021111101&ptt=17&sc=1&sfv=1-0-38&ecs=20211117&iu_parts=21764785206%2CDesktop%2CDesktop_TSOL%2CDesktop_TSOL_Lifestyle%2CDesktop_TSOL_Lifestyle_BTF%2CDesktop_TSOL_Lifestyle_BTF_Lead&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2F5&prev_iu_szs=728x90&eri=1&cust_params=CxSegments%3D%26smg-page%3DLifestyle&cookie=ID%3D6b175079070c0316%3AT%3D1637122691%3AS%3DALNI_MapJ0r0q-vPXLQi4JG-ehcNZ1FOXA&bc=31&abxe=1&lmt=1637122694&dt=1637122694974&dlt=1637122690123&idt=1037&frm=20&biw=1600&bih=1200&oid=2&adxs=226&adys=5749&adks=2640811392&ucis=7&ifi=7&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.thestar.com.my%2Flifestyle&vis=1&dmc=8&scr_x=0&scr_y=0&psz=728x0&msz=728x0&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H8_DZVchv-TZ_4Cd-12-8NL2UNTaFSLLplhc7mzmZSL5u0fMe6X_IEzrGbyu7NMzmlc0CdUlcaKaw6STcO0VoW7rnFSFSAHBLCA5Crtyt5d&ga_vid=763206404.1637122692&ga_sid=1637122692&ga_hid=1391293907&ga_fc=false&fws=4&ohw=1600&btvi=3&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

2b24603feab6c3be50d725bc010c30a1592ea1ae238fc993dc9bf81e6e53a0c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 04:18:15 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8490
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.thestar.com.my
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 612A 0
0 31ms
30ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvS9ZAR5vuQtKePk85GzaN19k6ibwE94yC97qUwUqB4hrYwevsOz2fGj9_HjihgQgjt2FMx_VvKAtIjNLpp1l3fEoc4G0TgNnYiJwRpWomqC7y-DvyW0hjLXk8pHndymHz4ymdTfPSwerlDzM-1bItGW_eD1fu-agG3WT7FoeNWJn4DfIRoPUss3fFiqwWFjH11EY2AZwp8M2I30UN8sbNfxTaLSgQ4pItVPp4muLWswHOA52iL3pVAFdXzadLTIC3QKz_OMKL-KVEuJ-pnWw6hFgAAn4YUaU6VR_cU0OFmVXhGVp0BsR0CL3XYUqizhGSo01X_N6ainn8UcQvUUG0Hv57xOR7OOzzlPD-XD_TLO8Aoy2qOYnWF_gYyAcm6ftInSGXsqPjpj4H7L0cuxu7gO1r53oxjx95kHFeMmaw-lJs&sig=Cg0ArKJSzPa0595ZnacaEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 17 Nov 2021 04:18:14 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H/1.1 200
OK thestar_11272.js Show response
ads.vidoomy.com/ Frame 612A 5 KB
6 KB 351ms
115ms Script
application/javascript 3.129.250.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.vidoomy.com/thestar_11272.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111101.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 3.129.250.65 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-129-250-65.us-east-2.compute.amazonaws.com
Software: Apache/2.4.46 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33 / PHP/7.0.33
Resource Hash: 285b7c6c61191d52864ac4d2300bd4656c44b06c2e7604f0a985d7cf2628d240

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 17 Nov 2021 04:18:15 GMT
Server: Apache/2.4.46 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33
X-Powered-By: PHP/7.0.33
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Connection: Keep-Alive
Keep-Alive: timeout=2, max=300
Content-Length: 5382

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 612A 119 KB
36 KB 319ms
17ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 04:18:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37119
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1636547677202025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 17 Nov 2021 04:18:15 GMT

GET
H2 200 default_columnist_profile_image.png
uats3.thestar.com.my/uploads/authors/ 2 KB
3 KB 54ms
12ms Image
image/png 13.224.96.13
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uats3.thestar.com.my/uploads/authors/default_columnist_profile_image.png
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-13.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 836b4bbc29fb388d4a3e4d0444561baf54188cba551b75153f231ec0db256cb1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 16 Nov 2021 08:57:50 GMT
via: 1.1 eb7b239aed47669f8a7b6ac95bc8aff1.cloudfront.net (CloudFront)
last-modified: Mon, 03 Jun 2019 06:38:57 GMT
server: AmazonS3
age: 69626
etag: "83b666aaab93fb477568930f0cfe4172"
x-cache: Hit from cloudfront
x-amz-version-id: v9kOQLEsl8RXJTsXf9RXmxkM_Lzg5VNI
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-type: image/png
content-length: 2527
x-amz-cf-id: kQP303lcv4afI_f8wCm13Fxfl9YI56Pwc54IZmHK1Go5foqmVs6-Qw==

GET
H/1.1 200
OK default.aspx Show response
sites.thestar.com.my/tsolnewsletter/ Frame 8EDA 6 KB
7 KB 666ms
182ms Document
text/html 13.228.188.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sites.thestar.com.my/tsolnewsletter/default.aspx?s=lifestyle
Requested by: Host: cdn.thestar.com.my
URL: https://cdn.thestar.com.my/Widgets/newsletter/interestNewsletter.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 13.228.188.75 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-228-188-75.ap-southeast-1.compute.amazonaws.com
Software: Microsoft-IIS/8.0 /
Resource Hash: 64c60d228acd04a4e568f74ca1192356445c20ebc4254a7a20d4ba7930851c6a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle

Response headers

Cache-Control: private
Content-Length: 6481
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/8.0
X-AspNet-Version: 4.0.30319
Date: Wed, 17 Nov 2021 04:19:20 GMT

GET
H2 200 Branded.txt Show response
cdn.thestar.com.my/Components/Branded/ 11 KB
2 KB 20ms
19ms XHR
text/plain 13.224.96.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.thestar.com.my/Components/Branded/Branded.txt?v=1637122694990
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-73.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6b4766101677974db880f025a94ba9a402c4cfa96d01986a5669f8ebe1a2b938

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: jIlhpyoAgFloA4CpRLnzDrWyD7.NI25H
content-encoding: gzip
etag: W/"ef43b866498a628c568ac6119ae6d5ff"
age: 70
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Wed, 17 Nov 2021 04:13:58 GMT
server: AmazonS3
date: Wed, 17 Nov 2021 04:17:06 GMT
access-control-max-age: 3000
access-control-allow-methods: GET, PUT, POST, HEAD
content-type: text/plain
via: 1.1 af287426c130b47dba79bf825f91ebbb.cloudfront.net (CloudFront)
cache-control: max-age=180
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: V_wOevqNEBWUU-RQQrxygy439fEUfRsYG0cSuGardnQUydWah4Rv_Q==

GET
H/1.1 200
OK subscription_footer.aspx Show response
sites.thestar.com.my/tsolnewsletter/ Frame 0B24 3 KB
3 KB 671ms
165ms Document
text/html 13.228.188.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sites.thestar.com.my/tsolnewsletter/subscription_footer.aspx
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 13.228.188.75 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-228-188-75.ap-southeast-1.compute.amazonaws.com
Software: Microsoft-IIS/8.0 /
Resource Hash: 464f48452dc22b498ca4ea5e1ead2629c2bec90df554d9990be0eebd18f4a645

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle

Response headers

Cache-Control: private
Content-Length: 3062
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/8.0
X-AspNet-Version: 4.0.30319
Date: Wed, 17 Nov 2021 04:19:20 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 19 B
702 B 14ms
13ms XHR
application/json 185.33.221.52
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.52 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

725.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.thestar.com.my/lifestyle
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 17 Nov 2021 04:18:15 GMT
X-Proxy-Origin: 136.243.198.83; 136.243.198.83; 725.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: b3f35fa0-e8ca-44f5-925e-9209d0545a4c
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.thestar.com.my
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 17 KB
9 KB 226ms
224ms XHR
text/plain 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=458646202015815&correlator=1372843883762226&output=ldjh&impl=fifs&eid=44748552&vrg=2021111101&ptt=17&sc=1&sfv=1-0-38&ecs=20211117&iu_parts=21764785206%2CResponsive%2CResponsive_TSOL%2CResponsive_TSOL_Lifestyle%2CResponsive_TSOL_Lifestyle_BTF%2CResponsive_TSOL_Lifestyle_BTF_Rect&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2F5&prev_iu_szs=300x250&eri=1&cust_params=CxSegments%3D%26smg-page%3DLifestyle&cookie=ID%3D6b175079070c0316%3AT%3D1637122691%3AS%3DALNI_MapJ0r0q-vPXLQi4JG-ehcNZ1FOXA&bc=31&abxe=1&lmt=1637122695&dt=1637122695005&dlt=1637122690123&idt=1037&frm=20&biw=1600&bih=1200&oid=2&adxs=1035&adys=1887&adks=1648517212&ucis=8&ifi=8&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.thestar.com.my%2Flifestyle&vis=1&dmc=8&scr_x=0&scr_y=0&psz=370x0&msz=370x0&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H8s1QsdRZ2xDngGt0hsQKUt-b_eprkbqydXBl3b0cHbvpFCv-d3G_fnAQ6isTKQ5ssIKy4Zmiy63jxypMPzDI6P7N8DaNIRoKDzWYfwu2MijA%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H8_DZVchv-TZ_4Cd-12-8NL2UNTaFSLLplhc7mzmZSL5u0fMe6X_IEzrGbyu7NMzmlc0CdUlcaKaw6STcO0VoW7rnFSFSAHBLCA5Crtyt5d&ga_vid=763206404.1637122692&ga_sid=1637122692&ga_hid=1391293907&ga_fc=false&fws=4&ohw=420&btvi=4&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

65a9240553f9cc74f375c07060dbf8c4634a6f5ce8d05258414f036e91c34b45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 04:18:15 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9435
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.thestar.com.my
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame D53F 107 B
165 B 317ms
15ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.thestar.com.my

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 17 Nov 2021 04:18:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame D53F 107 B
165 B 199ms
24ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.thestar.com.my

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 17 Nov 2021 04:18:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 home-grey.svg
cdn.thestar.com.my/Themes/img/ 1 KB
941 B 21ms
20ms Image
image/svg+xml 13.224.96.73
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.thestar.com.my/Themes/img/home-grey.svg
Requested by: Host: cdn.thestar.com.my
URL: https://cdn.thestar.com.my/Themes/css/main.css?v=20210323
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-73.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 270c56cdecd7bd45eb74a011b460b48fb1b068cc527fa8dc8581cd03b8fb3e7e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.thestar.com.my/Themes/css/main.css?v=20210323
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: iKT.5yejZvc4POdV8Tabe7aj6JXaFYKH
content-encoding: gzip
last-modified: Thu, 01 Oct 2020 02:15:05 GMT
server: AmazonS3
x-amz-cf-pop: ZRH50-C1
etag: W/"2f089abb1a815b7573aee61676ce494a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 5e318b3ea3fa81a8c20898c2f8c40e7c.cloudfront.net (CloudFront)
cache-control: max-age=604800
date: Wed, 17 Nov 2021 04:18:15 GMT
x-amz-cf-id: jdsLpHxCsFj-vv29jglnlg6vKfTmZVJtX61zCj9N35L9XOn0qbge1Q==

GET
H2 200 for-you-grey.svg
cdn.thestar.com.my/Themes/img/ 3 KB
1 KB 13ms
13ms Image
image/svg+xml 13.224.96.73
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.thestar.com.my/Themes/img/for-you-grey.svg
Requested by: Host: cdn.thestar.com.my
URL: https://cdn.thestar.com.my/Themes/css/main.css?v=20210323
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-73.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7de862c78c063457dd1efecec6a0e18a101a1f1c6004ab1ee5e4a47fb30ad70d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.thestar.com.my/Themes/css/main.css?v=20210323
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: w7MOlogLTHynNMKz5HAzX7B5N2iAIrp0
content-encoding: gzip
last-modified: Thu, 01 Oct 2020 02:15:05 GMT
server: AmazonS3
age: 3075
etag: W/"022db165b3c8a0fd90abf412efca1e65"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 5e318b3ea3fa81a8c20898c2f8c40e7c.cloudfront.net (CloudFront)
cache-control: max-age=604800
date: Wed, 17 Nov 2021 03:28:45 GMT
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: 6IGUjcP9pHiCwNlxrRYH44dwNel01WwlGXbZCRDALxo0iLA2IPeYUw==

GET
H2 200 bookmark-grey.svg
cdn.thestar.com.my/Themes/img/ 430 B
811 B 22ms
21ms Image
image/svg+xml 13.224.96.73
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.thestar.com.my/Themes/img/bookmark-grey.svg
Requested by: Host: cdn.thestar.com.my
URL: https://cdn.thestar.com.my/Themes/css/main.css?v=20210323
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-73.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 824108d6942edfd5d4eb473c8fb180227e21f6c8c6e9590579d2e6371091eaa2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.thestar.com.my/Themes/css/main.css?v=20210323
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: pAG2hmmE51fnq5Xp99Cla7Tf29NT6Exq
via: 1.1 5e318b3ea3fa81a8c20898c2f8c40e7c.cloudfront.net (CloudFront)
last-modified: Thu, 01 Oct 2020 02:15:05 GMT
server: AmazonS3
x-amz-cf-pop: ZRH50-C1
etag: "bce4e380fa2100c507926b4c875ef156"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=604800
date: Wed, 17 Nov 2021 04:18:15 GMT
accept-ranges: bytes
content-length: 430
x-amz-cf-id: VimNAHZUfGa7wsbVDfBJldhQEXfQi7xxpR0h0jV4bWJ2r6mgiJNNhA==

GET
H2 200 podcast-icon-grey.svg
cdn.thestar.com.my/Themes/img/ 1 KB
910 B 22ms
21ms Image
image/svg+xml 13.224.96.73
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.thestar.com.my/Themes/img/podcast-icon-grey.svg
Requested by: Host: cdn.thestar.com.my
URL: https://cdn.thestar.com.my/Themes/css/main.css?v=20210323
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-73.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 83fdcf272f1b3595e9fb6ff516c1d97f525ba9bdb405f1d1396111ea21f2fa20

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.thestar.com.my/Themes/css/main.css?v=20210323
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: lRDIEQegUr9xjkZKhFx9S7_qrf4WmSsn
content-encoding: gzip
last-modified: Thu, 01 Oct 2020 02:15:06 GMT
server: AmazonS3
x-amz-cf-pop: ZRH50-C1
etag: W/"cc05c46b7da9dbf62a65266a55f0476a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 5e318b3ea3fa81a8c20898c2f8c40e7c.cloudfront.net (CloudFront)
cache-control: max-age=604800
date: Wed, 17 Nov 2021 04:18:15 GMT
x-amz-cf-id: Ro0_9ZWRboBcV_AZ4dkZdT8Sl8RgQHdkYwHXhh5JJ9u6v2G_EMjIfw==

GET
H2 200 search-grey.svg
cdn.thestar.com.my/Themes/img/ 882 B
1 KB 21ms
21ms Image
image/svg+xml 13.224.96.73
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.thestar.com.my/Themes/img/search-grey.svg
Requested by: Host: cdn.thestar.com.my
URL: https://cdn.thestar.com.my/Themes/css/main.css?v=20210323
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-73.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d8fe0a5fd8c54e4deed0515142cc5269fc5709e07974a99399a0cb5d53477004

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.thestar.com.my/Themes/css/main.css?v=20210323
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: AuwJ7QRx8vivVMdQpCg5ZY2WKboXLadY
via: 1.1 5e318b3ea3fa81a8c20898c2f8c40e7c.cloudfront.net (CloudFront)
last-modified: Thu, 01 Oct 2020 02:15:06 GMT
server: AmazonS3
x-amz-cf-pop: ZRH50-C1
etag: "471e3523d499fc268cdd78c32c7b4cf9"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=604800
date: Wed, 17 Nov 2021 04:18:15 GMT
accept-ranges: bytes
content-length: 882
x-amz-cf-id: 015U0BlFuMnOv8Prxmc4pB3LGsR6tVXdo3_IBs0MqF9rdoZdAjjltw==

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame D53F 238 KB
25 KB 61ms
61ms XHR
text/plain 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2509025639470872&correlator=3461813022489907&output=ldjh&impl=fif&eid=31063712%2C44754276&vrg=2021111101&ptt=17&sc=1&sfv=1-0-38&ecs=20211117&iu_parts=21863666334%2C358804_thestar_1x1&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&cookie=ID%3D6b175079070c0316%3AT%3D1637122691%3AS%3DALNI_MapJ0r0q-vPXLQi4JG-ehcNZ1FOXA&cdm=www.thestar.com.my&bc=31&abxe=1&lmt=1637122695&dt=1637122695032&dlt=1637122691678&idt=3342&ea=0&frm=23&biw=1600&bih=1200&isw=1&ish=1&oid=2&adxs=0&adys=456&adks=3377693787&ucis=11ivey4d41jf&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=https%3A%2F%2Fwww.thestar.com.my%2Flifestyle&top=https%3A%2F%2Fwww.thestar.com.my%2Flifestyle&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x0&msz=1x0&ga_vid=394669793.1637122695&ga_sid=1637122695&ga_hid=1373372925&ga_fc=false&fws=256&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111101.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

d1eab120169aee7ec5e42aaec653a008d97a2ff80e37187ef96347c38b0e5d2d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 04:18:15 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25118
x-xss-protection: 0
google-lineitem-id: 5585854208
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138336445008
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.thestar.com.my
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
1af8959025b4889effcf75e52beb7e3a.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame F1ED 6 KB
3 KB 30ms
15ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://1af8959025b4889effcf75e52beb7e3a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Wed, 17 Nov 2021 04:18:15 GMT
expires: Thu, 17 Nov 2022 04:18:15 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK cx.cce.js Show response
scdn.cxense.com/ 22 KB
6 KB 23ms
9ms XHR
application/x-javascript 2a02:26f0:1700:181::268b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://scdn.cxense.com/cx.cce.js
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:1700:181::268b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 78b341647e8bf718869378550c0c14b87bfe33967b4944d7dac6a2a1f3290d4c

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.thestar.com.my/lifestyle
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Wed, 17 Nov 2021 04:18:15 GMT
Content-Encoding: gzip
Last-Modified: Thu, 08 Jul 2021 14:49:19 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5864
Expires: Wed, 17 Nov 2021 05:18:15 GMT

GET
H2 200 config.min.js Show response
cdn.thestar.com.my/GlobalBar/ 13 KB
1 KB 12ms
11ms Script
application/javascript 13.224.96.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.thestar.com.my/GlobalBar/config.min.js?v=20210824
Requested by: Host: cdn.thestar.com.my
URL: https://cdn.thestar.com.my/GlobalBar/global-bar.min.js?v=20210824
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-73.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8c6f45467304d598dd713c1f2efae51dec6b7a5cf1b0a4c1dd7fb19f91a1a9b0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: Bfkbu5QR.J4Ukzo4Nyc_ohF_n4VKMPWZ
content-encoding: gzip
last-modified: Tue, 24 Aug 2021 03:08:03 GMT
server: AmazonS3
age: 67890
etag: W/"0b2fd302f4aa64810a6329e06300d884"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 5e318b3ea3fa81a8c20898c2f8c40e7c.cloudfront.net (CloudFront)
cache-control: 604800
date: Tue, 16 Nov 2021 09:31:42 GMT
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: l2E_ZLqgQh69-SjtTxarq54qVMJ-ujnF8sOiS0a5iXq1SNNUMR6Nhg==

GET
H2 200 bar.min.js Show response
cdn.thestar.com.my/GlobalBar/ 18 KB
3 KB 12ms
12ms Script
application/x-javascript 13.224.96.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.thestar.com.my/GlobalBar/bar.min.js?v=20200703
Requested by: Host: cdn.thestar.com.my
URL: https://cdn.thestar.com.my/GlobalBar/global-bar.min.js?v=20210824
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-73.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 47269f8f454fbfd295cbae0bc19f51ba58c6a1511f4f7265f273b2fd912484f3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: fb003RZ_zGqi_3Iz5DBNjpr3fqYvMiS4
content-encoding: gzip
etag: W/"6df4e7b47257b431d12ae501b0983903"
last-modified: Thu, 01 Oct 2020 02:32:16 GMT
server: AmazonS3
age: 355796
x-amz-meta-cb-modifiedtime: Wed, 04 Mar 2020 09:39:04 GMT
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 5e318b3ea3fa81a8c20898c2f8c40e7c.cloudfront.net (CloudFront)
cache-control: max-age=604800
date: Sat, 13 Nov 2021 01:28:30 GMT
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: 9QCx_5OLZjPXitKzId90tuH-3tkXOlNBMkxOQmAZa1YQh_1anbWiig==

GET
H2 200 1361244.jpg
apicms.thestar.com.my/uploads/images/2021/11/09/thumbs/large/ 20 KB
20 KB 26ms
26ms Image
image/jpeg 13.224.96.50
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://apicms.thestar.com.my/uploads/images/2021/11/09/thumbs/large/1361244.jpg
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-50.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 94fd936c179a6f61421ebffb28242060644ddc0642d6038c687db51c642881cd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 8455bcb2c0203b0c4ee93b610d75e69b.cloudfront.net (CloudFront)
last-modified: Tue, 09 Nov 2021 00:39:36 GMT
server: AmazonS3
x-amz-cf-pop: ZRH50-C1
etag: "38bc34d62aa2b9a37109b5f5485c3fda"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age = 31536000
date: Wed, 17 Nov 2021 04:18:15 GMT
accept-ranges: bytes
content-length: 20582
x-amz-cf-id: lLox25C8G3QewfJXDTK1lFC9LY5fGWqBcOQ5NTfhiH4LL0Sepjk3rw==

GET
H2 200 1363857.jpg
apicms.thestar.com.my/uploads/images/2021/11/11/thumbs/large/ 38 KB
39 KB 25ms
24ms Image
image/jpeg 13.224.96.50
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://apicms.thestar.com.my/uploads/images/2021/11/11/thumbs/large/1363857.jpg
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-50.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f53c6536ca85e3c0edaf368262ff3b8946bbd8096164a5248e967ebd558a8d78

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 8455bcb2c0203b0c4ee93b610d75e69b.cloudfront.net (CloudFront)
last-modified: Thu, 11 Nov 2021 01:12:48 GMT
server: AmazonS3
x-amz-cf-pop: ZRH50-C1
etag: "842478b06eee6bf57a85c86dbd0f96e3"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age = 31536000
date: Wed, 17 Nov 2021 04:18:15 GMT
accept-ranges: bytes
content-length: 39134
x-amz-cf-id: EXX893K2MWbek_TU0A0HPpCpF0n1x2q1H3QKVPCE8D5yGfO7Mv-XLg==

GET
H2 200 1357189.jpg
apicms.thestar.com.my/uploads/images/2021/11/05/thumbs/large/ 43 KB
43 KB 24ms
23ms Image
image/jpeg 13.224.96.50
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://apicms.thestar.com.my/uploads/images/2021/11/05/thumbs/large/1357189.jpg
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-50.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f14da769ae232874c66664feb6031e0f938b51108b6d224896ff75c82ad2c903

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 8455bcb2c0203b0c4ee93b610d75e69b.cloudfront.net (CloudFront)
last-modified: Fri, 05 Nov 2021 03:41:41 GMT
server: AmazonS3
x-amz-cf-pop: ZRH50-C1
etag: "13d32df437ad14e88caacf3246eb9e18"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age = 31536000
date: Wed, 17 Nov 2021 04:18:15 GMT
accept-ranges: bytes
content-length: 44006
x-amz-cf-id: hQLjmTSfLxctFqhjsDqjViN2JHE8dg9Uz1_s1AZe_vnmYbn-7wl59g==

GET
H2 200 1369569.jpg
apicms.thestar.com.my/uploads/images/2021/11/16/thumbs/large/ 24 KB
24 KB 809ms
809ms Image
image/jpeg 13.224.96.50
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://apicms.thestar.com.my/uploads/images/2021/11/16/thumbs/large/1369569.jpg
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-50.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a8e6eac9e00db83792c8207a85d3918f3495d19266eb6599c996a17b304a2e55

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 8455bcb2c0203b0c4ee93b610d75e69b.cloudfront.net (CloudFront)
last-modified: Tue, 16 Nov 2021 03:30:02 GMT
server: AmazonS3
x-amz-cf-pop: ZRH50-C1
etag: "6fb79664140c3f4f41f411913bdb45b9"
x-cache: RefreshHit from cloudfront
content-type: image/jpeg
cache-control: max-age = 31536000
date: Wed, 17 Nov 2021 04:18:16 GMT
accept-ranges: bytes
content-length: 24363
x-amz-cf-id: HPMbo_yfOX5aRGmbWjxa70YnZLsQCBkKHQx3p0Wm-iP-8EHhbsMfcQ==

GET
H2 200 1368413.jpg
apicms.thestar.com.my/uploads/images/2021/11/15/thumbs/large/ 22 KB
22 KB 22ms
22ms Image
image/jpeg 13.224.96.50
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://apicms.thestar.com.my/uploads/images/2021/11/15/thumbs/large/1368413.jpg
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-50.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: fe98440db3e7d764e89e989318704e687f4ba75e7fd3bc8882ac3407a12187f0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 8455bcb2c0203b0c4ee93b610d75e69b.cloudfront.net (CloudFront)
last-modified: Mon, 15 Nov 2021 04:42:28 GMT
server: AmazonS3
x-amz-cf-pop: ZRH50-C1
etag: "15ee8b509c42812b11dd292e928673cf"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age = 31536000
date: Wed, 17 Nov 2021 04:18:15 GMT
accept-ranges: bytes
content-length: 22026
x-amz-cf-id: XIpqMjRTafsE9Zz-0TdpdrLhxj7QmqoCMSREf_WLasAqEVDHaUtZeA==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 173 KB
51 KB 56ms
32ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PVM4TH

Requested by

Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a46c8bb9f57811b56cae4e39d30e026d55f302b4999a8dfc434b63eb635401df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 04:18:15 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51493
x-xss-protection: 0
last-modified: Wed, 17 Nov 2021 03:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 17 Nov 2021 04:18:15 GMT

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 1 KB
1 KB 38ms
13ms Script
application/javascript 13.224.96.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-7.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 03:39:23 GMT
content-encoding: gzip
etag: W/"1827f116c73f319409b97f10b8a58ade"
last-modified: Fri, 26 Feb 2021 14:35:05 GMT
server: AmazonS3
age: 3284
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 8455bcb2c0203b0c4ee93b610d75e69b.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: ZEr3LbOo4FdZ_hSpcw6rjCEghyYIONyWUZq9d__AZbWIp1gT_0qhwQ==

GET
H2 200 home-red.svg
cdn.thestar.com.my/Themes/img/ 1 KB
950 B 12ms
12ms Image
image/svg+xml 13.224.96.73
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.thestar.com.my/Themes/img/home-red.svg
Requested by: Host: cdn.thestar.com.my
URL: https://cdn.thestar.com.my/Themes/css/main.css?v=20210323
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-73.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c88db5fef86344acc9f5a2df7e9c9b882fdea254e01b7a7ca6e0659f5895a21c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.thestar.com.my/Themes/css/main.css?v=20210323
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: KZWSU2EI3njfvx4j1TIh_Mn4THsKY6Uo
content-encoding: gzip
last-modified: Thu, 01 Oct 2020 02:15:05 GMT
server: AmazonS3
age: 3085
etag: W/"3ec8ad3cbc1fc0de9ce3d5ac429dfb77"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 5e318b3ea3fa81a8c20898c2f8c40e7c.cloudfront.net (CloudFront)
cache-control: max-age=604800
date: Wed, 17 Nov 2021 03:28:45 GMT
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: uDgEKFhGfHUFifl1ApmBPZvqqP8LpZ8Psj95UrdRwlZpFctMCUtjMg==

GET
H2 200 smartech_v4.0.js Show response
cdnt.netcoresmartech.com/ 240 KB
64 KB 76ms
14ms Script
application/javascript 2a02:26f0:1700:16::b856:fbc4
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdnt.netcoresmartech.com/smartech_v4.0.js
Requested by: Host: tw.netcore.co.in
URL: https://tw.netcore.co.in/smartechclient.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:1700:16::b856:fbc4 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3ab8e6f8fddfe06f50fd73a253860534077ca267ec570ad4f7db6fb041153339

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-meta-cache-control: max-age=2592000
content-encoding: gzip
last-modified: Wed, 20 Oct 2021 05:43:26 GMT
server: AmazonS3
x-amz-request-id: SKYG89RJY9BY5NB1
etag: "9d214ef8baf992c2d5a86ec134586fb7"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=523481
date: Wed, 17 Nov 2021 04:18:15 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
accept-ranges: bytes
x-amz-id-2: y2x7G9wR6dwrWJhh4cit/gFlQHMj1VFydfu/MnC/eJ5zIq3kNQ+JST1ptr7O5Nz4cy6XoMXoXNg=
expires: Tue, 23 Nov 2021 05:42:56 GMT

GET
H2 200 _ate.track.config_resp Show response
v1.addthisedge.com/live/boost/ra-5dfaeb0face4ad17/ 4 KB
955 B 14ms
13ms Script
application/javascript 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://v1.addthisedge.com/live/boost/ra-5dfaeb0face4ad17/_ate.track.config_resp
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-126.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: f4d194bc24a9585caa944053add27041d47a22913f8891aa843488e9369cdee9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 04:18:15 GMT
content-encoding: gzip
etag: 248765760--gzip
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: public, max-age=7, s-maxage=86400
content-disposition: attachment; filename=1.txt
content-length: 780

GET
H2 200 300lo.json Show response
m.addthis.com/live/red_lojson/ 89 B
249 B 162ms
161ms Script
application/javascript 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://m.addthis.com/live/red_lojson/300lo.json?si=619482826892a101&bkl=0&bl=1&pdt=677&sid=619482826892a101&pub=ra-5dfaeb0face4ad17&rev=v8.28.8-wp&ln=en&pc=men&cb=0&ab=-&dp=www.thestar.com.my&fp=&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&colc=1637122695156&jsl=129&uvs=61948282b8d5ba5f000&skipb=1&callback=addthis.cbs.jsonp__70072165961694230
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-126.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0a539a92b04d60f33f99a181aa6e4a0fa8645f3d4c9e9a1375fe049fcda2fde0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 Nov 2021 04:18:15 GMT
cache-control: max-age=0, no-cache, no-store, no-transform
content-disposition: attachment; filename=1.txt
content-length: 89
content-type: application/javascript;charset=utf-8

GET sh.f48a1a04fe8dbf021b4cda1d.html
s7.addthis.com/static/ Frame BAA0 0
0

GET
H2 200 sh.f48a1a04fe8dbf021b4cda1d.html Show response
s7.addthis.com/static/ Frame 21E7 71 KB
26 KB 21ms
21ms Document
text/html 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

7b6bfa13f0778c40bb2a00af9819bea2f07afcb4d071e7e4f436196953a5db4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle

Response headers

server: nginx/1.15.8
content-type: text/html
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: W/"5f971164-11adc"
timing-allow-origin: *
cache-control: public, max-age=86313600
p3p: CP="NON ADM OUR DEV IND COM STA"
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 26421
date: Wed, 17 Nov 2021 04:18:15 GMT
vary: Accept-Encoding
x-host: s7.addthis.com

GET
H2 200 7021.js Show response
script.crazyegg.com/pages/scripts/0012/ 5 KB
2 KB 86ms
22ms Script
text/javascript 2606:4700::6813:9308
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/scripts/0012/7021.js?454756
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 073871c472b0faf53307aa60ce6020d7f82a4a695d2caee068f606baa7951be8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 04:18:15 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 101657
cf-polished: origSize=4899
cf-ray: 6af6276d39224c2c-AMS
ce-version: 11.1.358
last-modified: Tue, 16 Nov 2021 00:03:58 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: CE-Version
cache-control: public, max-age=300, s-maxage=1209600
timing-allow-origin: *
cf-bgj: minify

GET
H/1.1 200
OK sp1.html Show response
cdn.cxense.com/ Frame 6F18 1 KB
880 B 9ms
9ms Document
text/html 2a02:26f0:1700:181::268b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.cxense.com/sp1.html
Requested by: Host: cdn.cxense.com
URL: https://cdn.cxense.com/cx.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:1700:181::268b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: c92cab84b44ac37925a00450873a018ac601883a2d6e7a760ea38fdde7671004

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle

Response headers

Accept-Ranges: bytes
Last-Modified: Fri, 30 Jul 2021 08:31:32 GMT
Server: AkamaiNetStorage
Content-Length: 510
Cache-Control: max-age=864000
Expires: Sat, 27 Nov 2021 04:18:15 GMT
Date: Wed, 17 Nov 2021 04:18:15 GMT
Connection: keep-alive
Content-Type: text/html
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Vary: Accept-Encoding

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 4328 0
0 31ms
30ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst1pY8AM_faA39GUuN1rLQBXceivICzABB2kxKZTGXPLLy88gX0QPNT1oubEsauTDS83yCa0l3upGF6PNKLmEPnJPsMYkhE37ARPwhuySvqT5HzrR5xIrqq76DUyElpPmObsat68dbpdq1UI7qVbF4ewKofEhfb_q4sry4-JYH7c6zCe9PHh0LnM2KmhPs601uZmpt-55AiqBlt4bLecdWp-wLYuENuvaRNra-j6Ze3ppbcaxJCuII3t5FfLq4zGey7d0_u1L-fMjjvBbF0TDF_aX9w8-q2kczEVpXCy4BN3DoPB0x3mO03wODRp-u_rSrZj_ceNwg&sig=Cg0ArKJSzP3WVX0v87QhEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 17 Nov 2021 04:18:15 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.3.1/ Frame 4328 85 KB
85 KB 309ms
7ms Script
text/javascript 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 16 Nov 2021 19:58:58 GMT
x-content-type-options: nosniff
age: 29957
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 86927
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 16 Nov 2022 19:58:58 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4328 119 KB
36 KB 112ms
27ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 04:18:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37119
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1636547677202025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 17 Nov 2021 04:18:15 GMT

GET
H2 200 Flyin.json Show response
cdn.thestar.com.my/Components/Flyin/ 728 B
1 KB 747ms
747ms XHR
application/json 13.224.96.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.thestar.com.my/Components/Flyin/Flyin.json?1637122695208
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-73.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f2590ae5064ef2d9094b8cdbeb20671838c606afb975f17bbc258be3cc065ae7

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.thestar.com.my/lifestyle
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: Huh0hY.Y9FkdS4CxHcB5PJWa3RugY00q
via: 1.1 af287426c130b47dba79bf825f91ebbb.cloudfront.net (CloudFront)
etag: "697be287f5aeba96625c6d1781575132"
x-amz-cf-pop: ZRH50-C1
x-amz-meta-cb-modifiedtime: Thu, 11 Nov 2021 19:39:43 G11T
x-cache: RefreshHit from cloudfront
access-control-max-age: 3000
content-length: 728
last-modified: Thu, 11 Nov 2021 11:39:24 GMT
server: AmazonS3
date: Wed, 17 Nov 2021 04:18:16 GMT
vary: Origin
access-control-allow-methods: GET, PUT, POST, HEAD
content-type: application/json
access-control-allow-origin: *
accept-ranges: bytes
x-amz-cf-id: B9Kh4BNhFf8ueBJS75YBuDDz55D-CghkDPAWVT_uXiXSxGaHk6fHFw==

GET
H2 200 container.html Show response
6f3ae07be95ae97387d8b294da3b5285.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 0D87 6 KB
3 KB 6ms
6ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://6f3ae07be95ae97387d8b294da3b5285.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Wed, 17 Nov 2021 04:18:11 GMT
expires: Thu, 17 Nov 2022 04:18:11 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2

200

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=6035691&ns__t=1637122695241&ns_c=UTF-8&cv=3.5&c8=Malaysia%20Lifestyle%20Feature%20Stories%20%7C%20The%20Star&c7=https%3A%2F%2Fwww.thestar.com.my%2Flifesty...
https://sb.scorecardresearch.com/b2?c1=2&c2=6035691&ns__t=1637122695241&ns_c=UTF-8&cv=3.5&c8=Malaysia%20Lifestyle%20Feature%20Stories%20%7C%20The%20Star&c7=https%3A%2F%2Fwww.thestar.com.my%2Flifest...

64 B
331 B

25ms
24ms

Image
image/gif

13.224.96.7
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=6035691&ns__t=1637122695241&ns_c=UTF-8&cv=3.5&c8=Malaysia%20Lifestyle%20Feature%20Stories%20%7C%20The%20Star&c7=https%3A%2F%2Fwww.thestar.com.my%2Flifestyle&c9=
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle
Protocol: H2
Server: 13.224.96.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-7.zrh50.r.cloudfront.net
Software: /
Resource Hash: 831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 04:18:15 GMT
via: 1.1 8455bcb2c0203b0c4ee93b610d75e69b.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH50-C1
etag: W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache: Miss from cloudfront
content-type: image/gif; charset=utf-8
content-length: 64
x-amz-cf-id: SHTpsJIZyCJESgAdPw1BPyY5O-1XJCxIaHefEOko9Wc9fWm4PbZNyA==

Redirect headers

date: Wed, 17 Nov 2021 04:18:15 GMT
via: 1.1 8455bcb2c0203b0c4ee93b610d75e69b.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH50-C1
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: https://sb.scorecardresearch.com/b2?c1=2&c2=6035691&ns__t=1637122695241&ns_c=UTF-8&cv=3.5&c8=Malaysia%20Lifestyle%20Feature%20Stories%20%7C%20The%20Star&c7=https%3A%2F%2Fwww.thestar.com.my%2Flifestyle&c9=
content-length: 226
x-amz-cf-id: jTaFFENeQcIkVjkqc2pD-YURd-0XdOHpUNhFt8s_PNon3KMrFG7d6w==

GET
H2 200 container.html Show response
6f3ae07be95ae97387d8b294da3b5285.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 5D3C 6 KB
3 KB 6ms
6ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://6f3ae07be95ae97387d8b294da3b5285.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Wed, 17 Nov 2021 04:18:11 GMT
expires: Thu, 17 Nov 2022 04:18:11 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame F1D6 624 B
733 B 39ms
17ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CMX_6gIQ4KTvAhjT1byfATAB&v=APEucNUjZIkJwV0hYRIbF1gqxJxYLcVfz1rtUyi1_BYWSvfjsNhKqMOjc3rlrmD-FIBa8NhHIEGECPxJlgfMX1tDK0fMFkydmSNsW537fr9MqVGB9UYzu_ESQMH5mMwWBLesCjKVKwjy_2C9wGnU_7-E7G2lkm7N2QSuZriNx7BQOPyjtGmqujk

Requested by

Host: 6f3ae07be95ae97387d8b294da3b5285.safeframe.googlesyndication.com
URL: https://6f3ae07be95ae97387d8b294da3b5285.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://6f3ae07be95ae97387d8b294da3b5285.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Wed, 17 Nov 2021 04:18:15 GMT
server: cafe
cache-control: private
content-length: 276
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 1A67 71 KB
30 KB 63ms
41ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C6OzVM6vhXOewLozuLDMCJslacP7LLfzVCHARaoffuK51vpkwHDgdrC0LbWAjDeRD-Xa8PzIcbs4Lbmr7LIy6IyoQiLdouCSmIvx9zqyBeXeF8KNpJtU5QnR_tpKM9GiGQLKQemcZXvuXEY1IHKU0rM_ryPA&dbm_d=AKAmf-By1nsNuE1WOHu4VpgVJwgwYm5aA3knv1fxTxRpDCluqQYr3iRSeshXfLRr-x6yc1VWri72q6hE-GkcoIGl2Ff6bgGgjJiaRe_iBq2twfPvSWO8Dd_AWs-7IqAa3PQhRgSfwzSj7Loa6US4oWNy0Vq_vaCQCwHfIApkZgxJ4hqiTs--M38jVKyTj1edqwkMMo2ffdBjDo6gbr9nsEYYiCFpEmyP3S_pdb4_rxl87m2rLr85zIl3eBW-bYv-N-3KVdUFQk8TCSgB68EUuPGonY9WX5TzVZTVpClgtREGQ33T-knl_0RgN12d2_MTxMCa7zy4tFObOz170VL-PtCKvLcxsKlamd-8IFPlUb1sixx0kVBgTK3pCYIlFBpbDTbLGoKy4x2xneeCSoWB94zNwcNampMsPMps_MSh2DCz6YpcY3ccuZ6UdLUznjni68dQwEHzoO1mEk3n4hJ_agfndAPjw1v5Yl99zlw0L7IwH2_BPpYqTEvz6ls6Yt57AUQZTYyKpvywlHn6QnO7P6qpnuB5bCIKsQxb1r0dPQ3I9mWQEptsqR1of4kUs_R4oCS6ebh4Kxil83vnRrbAx5kOtBO8tT5IVTyrUFNIXuhJl8HuSHC_SjYGtg_fFtfqi5RKd3JUccnRCTlywofCOhLzGQW_pyVUAldQCXcwjmSu_u212T7cv4hLL7IY9X_Nd6TDKmR7ZrXl3VsGbKmFAkxlw2Hmjopgs1ZFPRcxBkhnXobfb7BvcbGavs9ku2ifB-7XJVtQ_zsa8FGgkRzBI9bobZ6riRXwna0wpiOHMfd8hSCfjOTJU7Um5IT7ECfNeJzIl0NjWBlLjmFU34v4a346tBLmpe6JDkQ4SOgg-uTuK6fUw7V3aHGZyB-8YM532MgyRsMD5hAW05N4uKlgD8mYqmOydy12AhbUTr7wFRVU5hXmuBm0YQvlGItSa4fSYnpFrxKdOsDnds5wg1IWN4hl1SQiBHIC2LSYPE4vbTDLG_6vWWG2FFfMer4OK-yuILNX4F2ra3aSjCjc87i9s3bfF5Lgqa9ijgrU4MSecKgqs6mGGkbNlXGaw16GmJQVggHb1E5iUjW7aHC5Uq3U0OPVuI8bhc8Lr3lu9mMx0bclhuX3EbE9TgaURM1LBrxplKB2dQbAPCuKbwRCVtx1I98ri_3FTRaQ2mooV2_hldPuF41iWWm_7eeQZUgUK3VVIz0PK0rzRfYROa53-5vshfqt4c0jgY_b42ggcp77CiDt5nBpbk2qlgPx57tUrwSZ0qsFI9ktIkCjuDRzPULat_loItHT-NSCyNr24N5jZFZ9OdXxDEspQTDfpIgAx7tsU-gTZJEQeGDD8LMJhJCBLhMOCC16wNdaHdpgFPvTcVwMLE8FZJM7BvWgm3rGezj2x2FgWhwxLdXI1BJ5_ysOEknFxWGre_NQ128AouFeBdJU2xb0JzWwH0B7J60l7NllSRuN5kBTuDFvScVnxl5E1xhcG_lZQLnnI_o1TfkK3de0v_IvJksHTIosELJhzdWKqU59jWU4nV8JOadDk21oChdaV_kkt6WHEqdm8hQAkWtK1sa-KQ8wL-Jr9zlB8VO9mRVeAxLH0ov1ymrfV80lIMqjjReI_n-QUmPTJT0plWEUbqmCfHTDMEbfAB6WVqmtKYRfSVbR9C2GbdPdwR4Ew4-0QT4Gi2cFnDi1bPbcf9trrtcvV1FYc1X3JX_9KqAcrGVmB8m9NYkwU1QhnVlNix2y7pT3LWJu89Q88TY69HAGxACepX9QGvVD-JytYK-AuQdz40iOBF0Qh4Z6co-HpAkOyUcb6BLrgoPRCz0UpBpl0f1xGHyXLb3gV06QUwhn1U_7n86mB3H2ydbUgQmbi-eF4hnPw78mFwTn6Ph291H9x5rmvUHUC_zfyVI9VzPFZ63OkY7luZ5iwKNXOXMnNuJLWXr45hR3Fe6xnomf8Pa_vX-j5Jf02ll4QXXqlcL9ViRLFXwUtncl1_PIKnCspJAMu_qqGJTax8pIFzqPjaZZwwIFK5MDdnc1J5j_oXZCL51VP4JNL7_EOKZncFr0RmOdSwxRPP8DSk5yPXfGBQWCC2-1Z8EYcEvu1X3zHGE021XXx2c8D0NZCCfsbstMrJ1l89-Doo7n7qvfSqHN7L3zT-nHvrVtxpGsKbKv8k4Pviqsy9ImTwuiXpzsD130ajLPU1cvBTInL36SeWuNuQN5k31XyGVAh6QikLtrudc2RcBJfmp4-OSpS97aeofGfJ6YH4BuRkb99zMcEdh9kICttpumQJROVnxujbHktv-OfF3AdNEJVSIys-LXXCLLqf9tfeiVjWlnJ6oMRXYR_w0mUbgRJk1tonHYef-LYDzOTSTB7NrvT06_zFXBR5acwae9COZn9JLVcAT8eHedovR8RpYM2LGSjFZY2_mx9kIKFAI-w2fSDUg8oX6XeVYpdcQl2kKyfT4AgPdpkQc1BfFl7ZHt0NcnXMiopOyQrc26Tjk3mVzlwbTREEGqjQsrrhgpd9TDkGe15o_BXUvadFUwyAK6I_NRaaJDbN1PwTQEQSY16DCb96XfiwHklFJiCx-azYh-4BVVP20Cn9U91UE_VlUSrjWFvbIGTZL3d7whxPvhELhgWSPlmTGLEqjQ3MJZsEcLu0QkO_zCXZ7PDOkZRv7Jf_GZ3VRuRfpenN38FTlsLsV55lCsN0BYGte1460ayG_hzW2mFJS6kTn14UWNrDJpRwbFW786nWEYNVFOZLcFAFm0WWFWgMo3u95VYlZ0AdxGWiLdsexjr6uFJe1flal1ZFlJR1R4WVzbfyzYP7p9ZuyAapMP0nm_Wkt_K5zbZVotMVWXp7V03G0YLOiFUOrWWOA8B5fQ9YiT-P6T8jOqBZSOrEHPMO1UcViEGrb2RXh6VLXaMO-BQ9pa4C0ZlU-MnaemmsSLILpR4d-h9x9eMrZTDT7abAOrb06tBy5j1jlALlulta6AXf9Gcx3afT0LUMFl46aFGeGv_cS8uOrxjRkCcxSA05mvPkLGPT-NbeIoBli5Wg&cid=CAASEuRoZ9nZL5YXau16rESr2k5xKg&rfl=1%2Chttps%253A%252F%252Fwww.thestar.com.my%252Flifestyle%240

Requested by

Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

040f5ac59115982f4245b22221825e1c4ea3681eb5cdb513ac97b016f334375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6f3ae07be95ae97387d8b294da3b5285.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 Nov 2021 04:18:15 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30821
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1A67 42 B
494 B 62ms
39ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BM7Rbz5iR9IsEqA3cld_EFOrEPJtvW-fju2fHqvOaN1R448UnxckMkC8CMnuPinDdosrN_sE-Fa6j7OZdX3Ihu88Hc5ZPwdBeUAl3-3oMkBp51Xlw

Requested by

Host: 6f3ae07be95ae97387d8b294da3b5285.safeframe.googlesyndication.com
URL: https://6f3ae07be95ae97387d8b294da3b5285.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6f3ae07be95ae97387d8b294da3b5285.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 Nov 2021 04:18:15 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame 1A67 2 KB
1 KB 43ms
7ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/window_focus_fy2019.js

Requested by

Host: 6f3ae07be95ae97387d8b294da3b5285.safeframe.googlesyndication.com
URL: https://6f3ae07be95ae97387d8b294da3b5285.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6f3ae07be95ae97387d8b294da3b5285.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 04:05:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 765
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 01 Dec 2021 04:05:30 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1A67 119 KB
36 KB 53ms
25ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 6f3ae07be95ae97387d8b294da3b5285.safeframe.googlesyndication.com
URL: https://6f3ae07be95ae97387d8b294da3b5285.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6f3ae07be95ae97387d8b294da3b5285.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 04:18:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37119
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1636547677202025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 17 Nov 2021 04:18:15 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame 1A67 15 KB
7 KB 41ms
6ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 6f3ae07be95ae97387d8b294da3b5285.safeframe.googlesyndication.com
URL: https://6f3ae07be95ae97387d8b294da3b5285.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e7907336273196ef7b66c3c9377e5958d4c7e9691de3e67dca3a803138344a00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6f3ae07be95ae97387d8b294da3b5285.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 04:13:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 269
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6415
x-xss-protection: 0
server: cafe
etag: 16810888504096353422
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 01 Dec 2021 04:13:46 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 1A67 0
0 36ms
14ms Image
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQF25ZyoxHZwbUJ7CtIpaBhmERNtZGkpiimJgnTaTGxb2WGU9TMOb7IwaER89i_sTG-jIfjdKe97AZZJ4TZtrT75z5QVg
Requested by: Host: 6f3ae07be95ae97387d8b294da3b5285.safeframe.googlesyndication.com
URL: https://6f3ae07be95ae97387d8b294da3b5285.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6f3ae07be95ae97387d8b294da3b5285.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

GET
H2 200 container.html Show response
6f3ae07be95ae97387d8b294da3b5285.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame A30E 6 KB
3 KB 6ms
6ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://6f3ae07be95ae97387d8b294da3b5285.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Wed, 17 Nov 2021 04:18:11 GMT
expires: Thu, 17 Nov 2022 04:18:11 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK cx.js Show response
cdn.cxense.com/ Frame 6F18 116 KB
27 KB 10ms
9ms Script
application/x-javascript 2a02:26f0:1700:181::268b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.cxense.com/cx.js
Requested by: Host: cdn.cxense.com
URL: https://cdn.cxense.com/sp1.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:1700:181::268b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: b64f53bf69d080d62a915b32b4c7c8a2b31a787b3ccf64c4a63aeba170355c22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.cxense.com/sp1.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Wed, 17 Nov 2021 04:18:15 GMT
Content-Encoding: gzip
Last-Modified: Thu, 07 Oct 2021 12:43:03 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 27751
Expires: Wed, 17 Nov 2021 05:18:15 GMT

GET
H2 200 layers.fa6cd1947ce26e890d3d.js Show response
s7.addthis.com/static/ 263 KB
76 KB 10ms
9ms Script
application/javascript 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/layers.fa6cd1947ce26e890d3d.js

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: W/"5f971164-41cf5"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=86313600
date: Wed, 17 Nov 2021 04:18:15 GMT
x-host: s7.addthis.com
timing-allow-origin: *
content-length: 77617

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 164 KB
60 KB 23ms
22ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-3HWDM68GV8&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PVM4TH

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

32247e4255c9b88b04fb7c574402e134159561018b343665b43f697d64218087

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 04:18:15 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61822
x-xss-protection: 0
expires: Wed, 17 Nov 2021 04:18:15 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 28ms
6ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PVM4TH

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 4628
date: Wed, 17 Nov 2021 03:01:07 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Wed, 17 Nov 2021 05:01:07 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 98 KB
26 KB 7ms
6ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 25965
x-xss-protection: 0
pragma: public
x-fb-debug: UZar6/tVlbtT9kXXuLMFbZcL4fTCbuWfYCNeuipEgB+6fqL8fuW4jt92y1YAbKtuaq3J/HyaNd8Y65HlmII0HA==
x-fb-trip-id: 917726464
x-frame-options: DENY
date: Wed, 17 Nov 2021 04:18:15 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 / Show response
52a360d4000447a08efd7617080680a9.js.ubembed.com/ 2 KB
2 KB 37ms
6ms Script
application/json 151.101.129.131
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://52a360d4000447a08efd7617080680a9.js.ubembed.com/
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PVM4TH
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.131 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 17dc0fa8013badc8da17b8ba9fc231cd5f29a78e7d5796145492b7596a3518d1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 04:18:15 GMT
content-encoding: br
x-backend-region: eu_west_1
age: 4985
etag: 3d5e9bc6ac90efee4e88cc3d1c179593-v0.179.1
vary: Accept-Encoding, Referer
x-cache: Miss from cloudfront, HIT
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=0, must-revalidate
x-amz-cf-pop: FRA50-C1
accept-ranges: none
x-amz-apigw-id: I7ZKTGUgDoEFRRA=

GET
H2 200 iwtteAQ4FJP9DPzUxeLPrOdBvvyjKBtYq-E0epgtcCipEQpS-e81xQvxxbg_2fooSGZY8R6Dcdc Show response
j93557g.com/v2/0/ 103 KB
30 KB 62ms
28ms Script
text/javascript 35.186.249.84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://j93557g.com/v2/0/iwtteAQ4FJP9DPzUxeLPrOdBvvyjKBtYq-E0epgtcCipEQpS-e81xQvxxbg_2fooSGZY8R6Dcdc

Requested by

Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.186.249.84 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

84.249.186.35.bc.googleusercontent.com

Software

Resource Hash

d13ce18e8acc96169693df40fa690d67ba34264b389c415cc152324e0cf5823d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; preload
content-encoding: br
x-datacenter: gce-europe-west1
etag: "4d3d76fca384c4555909084ca51a6b2ca3757199853c945bba36920010b3982a"
vary: Accept-Encoding, Accept-Language
x-hostname: 94ecd830
content-type: text/javascript; charset=utf-8
cache-control: private, must-revalidate, max-age=21600
date: Wed, 17 Nov 2021 04:18:15 GMT
timing-allow-origin: *

GET dtm.js
dtm-drcn.platform.hicloud.com/download/web/ 0
0

GET
H/1.1

204

partner
sync.search.spotxchange.com/
Redirect Chain

https://sync.search.spotxchange.com/partner?source=217759&sync_limit=7
https://sync.search.spotxchange.com/partner?source=217759&sync_limit=7&__user_check__=1&sync_id=62a4b2c0-475d-11ec-b606-174deb1e0506

0
588 B

21ms
20ms

Image
text/plain

185.94.180.125
SPOTX-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.search.spotxchange.com/partner?source=217759&sync_limit=7&__user_check__=1&sync_id=62a4b2c0-475d-11ec-b606-174deb1e0506
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle
Protocol: HTTP/1.1
Server: 185.94.180.125 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-spotx-halt-type: Audience Dsp sync Priority Sync endpoint Source ID is not on enabled source whitelist
Date: Wed, 17 Nov 2021 04:18:15 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 44
Connection: keep-alive
Content-Length: 0

Redirect headers

Date: Wed, 17 Nov 2021 04:18:15 GMT
Server: nginx
Location: /partner?source=217759&sync_limit=7&__user_check__=1&sync_id=62a4b2c0-475d-11ec-b606-174deb1e0506
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 62
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK unifiedPixel
tr.outbrain.com/ 43 B
256 B 94ms
94ms Image
image/gif 70.42.32.95
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.outbrain.com/unifiedPixel?marketerId=00a149fe9401c432f57edaa96ee66b065d,002ad79d5e17fa1cd48be0f2c87f711f6d&obApiVersion=1.1&obtpVersion=1.5.2&name=PAGE_VIEW&dl=https%3A%2F%2Fwww.thestar.com.my%2Flifestyle&optOut=false&bust=07424039149995563
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.95 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Wed, 17 Nov 2021 04:18:15 GMT
Cache-Control: no-cache
X-TraceId: 4616c9790997d0684fc4cede9ae08e0c
content-encoding: gzip
Content-Length: 60
Content-Type: image/gif;

GET
H2 200 7021.json Show response
script.crazyegg.com/pages/data-scripts/0012/ Frame 2FED 10 KB
2 KB 54ms
26ms XHR
application/json 2606:4700::6813:9308
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/data-scripts/0012/7021.json?t=1
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0012/7021.js?454756
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8724c560720ad6f229ce95feca978ac957e0cb6931afb587e4174f1b082e52de

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 04:18:15 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 101655
ce-version: 11.1.358
content-length: 1378
timing-allow-origin: *
last-modified: Tue, 16 Nov 2021 00:04:00 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: CE-Version
cache-control: public, max-age=300, s-maxage=1209600
accept-ranges: bytes
cf-ray: 6af6276e1fce0b78-AMS

GET
H/1.1 200
OK segment Show response
api.cxense.com/profile/user/ 91 B
706 B 13ms
13ms Script
text/javascript 147.75.85.120
PACKET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.cxense.com/profile/user/segment?callback=cXJsonpCBkw30l0b9qpcc7pp0&persisted=94bfbd14c0ccdc7d377a4f4c47640ed80e32d6aa&json=%7B%22identities%22%3A%5B%7B%22id%22%3A%22kw30kx2e2p7uqcar%22%2C%22type%22%3A%22cx%22%7D%5D%7D

Requested by

Host: cdn.cxense.com
URL: https://cdn.cxense.com/cx.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

147.75.85.120 Schiphol, Netherlands, ASN54825 (PACKET, US),

Reverse DNS

Software

Jetty(9.4.28.v20200408) /

Resource Hash

f6ee047a79a6017e2c0521ed087a5981f031d00de6cdb8ca18dbdff028401ed7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 Nov 2021 04:18:15 GMT
x-content-type-options: nosniff
server: Jetty(9.4.28.v20200408)
strict-transport-security: max-age=31536000
p3p: policyref="http://www.cxense.com/w3c/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-store, no-cache, must-revalidate
content-type: text/javascript;charset=utf-8
content-length: 91
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK p1.js Show response
p1cluster.cxense.com/ Frame 6F18 46 B
634 B 23ms
2ms Script
text/javascript 116.202.80.167
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://p1cluster.cxense.com/p1.js
Requested by: Host: cdn.cxense.com
URL: https://cdn.cxense.com/sp1.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 116.202.80.167 Osterhofen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.167.80.202.116.clients.your-server.de
Software: Jetty(9.4.28.v20200408) /
Resource Hash: 3593c5cbd1faa7470718d510d267509a03f6127ef15893f9b516c3e55661c4ec

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.cxense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 04:18:15 GMT
last-modified: Mon, 17 May 2021 04:18:15 GMT
server: Jetty(9.4.28.v20200408)
etag: 3o4jh9zrffcqzrojv9rye3c11
p3p: policyref="http://www.cxense.com/w3c/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: private, proxy-revalidate
content-type: text/javascript;charset=utf-8
content-length: 46
expires: Thu, 17 Nov 2022 04:18:15 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 9E5E 640 B
363 B 18ms
18ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQ4p3QAhj52_-5ATAB&v=APEucNU4p3HS-Sz3KitzQbIgane2Z9xhSWEFM4-yBP2z93tHBsqVFhkbCOaei6Z_9yLIah3CqPdw8F0jm3qzo8m_MZvpqwQQqBYM7_briPBnbXyaMRROJM3drrOb7Xpc-rqQa3w41bC6iYuSy_xbHbjoZnsgOPxnK1cKfC6QStiezM1AjSIGSZw

Requested by

Host: 6f3ae07be95ae97387d8b294da3b5285.safeframe.googlesyndication.com
URL: https://6f3ae07be95ae97387d8b294da3b5285.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://6f3ae07be95ae97387d8b294da3b5285.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Wed, 17 Nov 2021 04:18:15 GMT
server: cafe
cache-control: private
content-length: 295
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 0D87 72 KB
30 KB 57ms
56ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B6T3ntvY9BAt0RvrX0pc1bBOy0pV2ZR6DmzexPlEW7MZ3zc89830iX7DH6ICHSCRo-oYDpJgb5sTPgBvTo7HhlMvTMWIZwj_qh_dNBvpCLjHD6_M0QVWi_0u9fARTNpyObITthgGrlrjGCD49coLNMc1MU2Q&dbm_d=AKAmf-ArD0Q-Gaz-6EsceSNGLxz1ntYkoU3LVEcS7oYXkHctXQkABxALsR6-u6hwWDbrD45Q-fgI8hqbKFkWvIrLAQdrHdLr1Q0yJhJAuJf1T65WJ1M0M7pYx4L1NktF2Lmu1-zQlmjAAYZTDp7Nl4Etas2s6vqeX_ZEb008e4LUeBvej-o6Q_hHbfhGQxMJ8XZbpck4xJZcK72w34gZaebWAvw378K5YqnHdwGb1QltH33EddXO9zzI4rzzxIjxsD_trc5qmZFUqsjbdC6D0WY2OW2PaMpQYUwLbbWFQLspFarSGM-UsKfdBAW7l6ZrN1ybhFnMklIuwWSDf-GZLpmOxNCjDwmfuzG9KLRYsEiOwgVldTsD9o55cYWf3Vh480Kbc6iL1yBQ36ysymQwa6t1wUBb3CFa2HFN-TQZJRtzt9yS_5FMEksF9m06qTDE6b_3h60hZ3YVCXXXgiWcKYa07hbyuDMgbS40GfYTcxzfXDxO50aiVlRdyPwWf9q2EX7jbcOKum3emn9kLOkSsWGgX_srKq-J7sdiLnCVaYE3tgJQLsjPW7gulxS_wHcBBV0FqUc5xBiELt-y9bf48COjLd_TtfxU9iEoJQ0KAR_YlJB0CLycowbClqdnN5EYtJyxk4fuvcOCN9vMn3JmJLuR0UFxY-OXYs8llR_q9szQ_yMGIC7qxQwzUGfHZPYPtRmDa-3woPDNl3GJho9d98hSfX4Grzn0tCmZEcKy3aJXt13bPrMUWGPS__eHzsbHbBLj1vOYLWTATyKCwvIzE9rz86OSYMaYv2r8C65yL0UvaO9LsqkFbF1blMza79dHoCW0drgv8B_IvEAPEpkSw1fQ4q_VvVzEMFYlh4ADCRavTdsYjaEqp30mzWnZhCmilV-DLxdLA7GzwvXJf4rU_0P9UUxWbwIJBDdwG59D6Z-OpuTA9mn5u4UsgWIoFsWR_7sI5TuC0TqYph912lVolnc2MnWytK4qiHgJ-_KBvF-5NOCn_oYn306SILFX9y60Q4kEt-Gm0RVa0q4F3xi7nGMcVmXFvOOb8oCZl6QC-47smuEbujftCTClpeKukqSxbXGLDF4KyqY6CQx-WV-48VGKNCMH__dDJEj0OgN975FoJ2o9to7sbcqk4ZTiuDZzl_LuD_K0FtqYgUmyNGXSHHJ0qabEpsosO5kdBbRWZasNUPC3-qR-jYUDYie9dBBVpE9VWb1JWTSJQ1rve6VCaMbDQrv5pGNpY_s8xoYAOMP1r5PLAwdivGvHZEXSr4e5UKYQ9Yi2abMX9QpyInjbBQlWK7LWopjv48VcpDhI77v3Cnm5oyPBwdNVyhjklOeLX3T08NEfdx3p73hUSNQRHKwMkUFGtbRnMKgNQ4pcWeHqFL9cqm_MAIdjzAIkh7bnhNvQ4qZeGHegWDB6zEPQ5ABLd4XOslz8GwCxZAfxwGvZfukJdJboBl6UrFSTEunj1KQWJ-_khr9ZG7EURIh66i-Me4Uddthna5hPpGHYu7EU7C2UhKJ0oiGKvGAhZWi44r8ScxY5U68AHJDZuVKo0NIMinpkIseIscvmkcPUIl6pmIQ6aBZKu55CAE-8owCHgxDahB_tef0kRP190-WpJ9BzjwbndoNO6k9ZOXeUngcO7qLJq6NpfLWUrH_xWdCzg0_UNBmE1gAO_nP2DM0V5P9AZV-nSiuZkFUCwi-Ac8PvazZ_Dh-l1FtTTrWa1wNgUlSmdYgv6q0cLCzdB-YURdCu4fpNKcqIr72Q43rViJUZyG7-oNXzW72zltL3EkOrOnBxO07bImcyONNULn5b3eGqvssL5vXHk1ErFbkjtPg2muoXt7nUR0tCwDwvuw8kUhK00FkjtXWihayWZ4ZyV1IYO0ZZQ-gXglCy3Hw_HLK-FSckf1YagoS9yI9SdeJx_fi-LtgiLgnS40YcPEtg8TbI0mRrKq6sx0AyTIcp9eMTzKhfpkpfljR6vv9uuPjwSwdSOTe_aDLgNyc52NPo34RJln_nH9bUewzCJv58ld_HtAs9knLzI730u0Zc7ZNOLU8kVVrmGGD3UhqXjOUI8CEn8a_yjF-mVUn57lbZPEdtgpfR1K_CCBA67F0yuy6YJzqBJ2QApjz1WK_Urz9s3s2RQd4SaenAWsnNSnxH-X3Lt_JhMlDsoCXWeWWe_7wDBr53Q3Bc8ShxpHTCGh2dEEomVA8j2ptI0oTij9EcGvWEWBFMjI9_qlk058rmq8YSZz7-ba7wwwYV0-IxCB1WRrgmnNmFK2vkVcT99Wt7N_lZAAHDEctND2_7Zvdga84YJ1_3gVjQsKPjO5urHqpMyLby7iZGzR77wVDVQ-_ryFwSEkV-MQ7gWjydI0UXUmhemMk6UQ9Wwm-eOJCR7tx7ye7OfiOBFXHThDl9b09QwLJN_TCi7CbZlqwvIoGW-3DKvnBlsHSHMwJiI8kFJEgxXlemZU7zgq6IfHEcLTujelFMRbMqpEFLJBBHEUkffc4s3D77Y94Uqkqv7KUPCLy0T5l-RaO2PTZZyI3I_RF4yT_10AL8m0gdWP_YHiP9PvupQtO6MmOQjNYj9e2bam75N63ZTcxzeRaGcG1n4o2L4R-1VLFmLnvBudnisu-mUMEteb_YCPzqUnPYRLaJoGFgE6lpScahPdkhkRIisPDsqmoELhVYltQ8zp4JfvxQ-owJICZpT68b-FpkGjoHlLeA9MUomVv5VaBj6r8LRaROD1dHhYPYNGaK5b_jPTg424fYyzhbAM9Mu_59Kb9nTUrK2qqAb8N3ai4Qi3QlVkTrhOD5az4-5fNe3QQO2xRbRIWoGpj2-MfIOiHkD6KhzltJko5sg9N-tgUyFn8SDoSRrOybaP9I44bsZ1p-eI0P7AUKAkH8Wxa-iBmJHu1mfp0FV185P0geW6uLgTmS5i7HMBoyA3mP63M1rt5C75aUXSFJ4UqP0-6lbZiKxFdFAaZwO3QMrptAWKq__o9SVgrNHHz2TksSEtBxlmE&cid=CAASEuRohLrwuqmlBE6alK1NSUDNrA&rfl=1%2Chttps%253A%252F%252Fwww.thestar.com.my%252Flifestyle%240

Requested by

Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c7288699dc7067913f1760ac348d3370a1cd7d18fa788f0d3a1a0d4222d84ad5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6f3ae07be95ae97387d8b294da3b5285.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 Nov 2021 04:18:15 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30828
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0D87 42 B
107 B 341ms
38ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BNbGp3kOFphClL2B8pptABP8Ju9DZri_isKuSBEDLboG5Y9BvfDAADzCaTPQc6BVIZUT0_y6gICQ5XJyOjRWcZ81N3HvhM7PNKjDS0EON2WaZ9UeE

Requested by

Host: 6f3ae07be95ae97387d8b294da3b5285.safeframe.googlesyndication.com
URL: https://6f3ae07be95ae97387d8b294da3b5285.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6f3ae07be95ae97387d8b294da3b5285.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 Nov 2021 04:18:15 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame 0D87 2 KB
1 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/window_focus_fy2019.js

Requested by

Host: 6f3ae07be95ae97387d8b294da3b5285.safeframe.googlesyndication.com
URL: https://6f3ae07be95ae97387d8b294da3b5285.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6f3ae07be95ae97387d8b294da3b5285.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 04:05:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 765
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 01 Dec 2021 04:05:30 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0D87 119 KB
36 KB 19ms
18ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 6f3ae07be95ae97387d8b294da3b5285.safeframe.googlesyndication.com
URL: https://6f3ae07be95ae97387d8b294da3b5285.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6f3ae07be95ae97387d8b294da3b5285.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 04:18:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37119
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1636547677202025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 17 Nov 2021 04:18:15 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame 0D87 15 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 6f3ae07be95ae97387d8b294da3b5285.safeframe.googlesyndication.com
URL: https://6f3ae07be95ae97387d8b294da3b5285.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e7907336273196ef7b66c3c9377e5958d4c7e9691de3e67dca3a803138344a00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6f3ae07be95ae97387d8b294da3b5285.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 04:13:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 269
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6415
x-xss-protection: 0
server: cafe
etag: 16810888504096353422
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 01 Dec 2021 04:13:46 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 51F2 499 B
381 B 17ms
16ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CImz_L0CEMatq_ACGNO9k7gBMAE&v=APEucNW1ua9aZ4gfZgeylLGgR0rM-MH6-bBReNud0-xwN-HRdprsnxkgYwJben4B_YNMP0PervJzt6-foQ78P3wzJZnxSE2TyCy5FkVA3eRb-FaB_5apYLwzoRuF1OXGnpZu00G1SFLiR86_iNt09PpiXh5Hy1T0LhPjG_w6wmLz3qR-wN8cEkM

Requested by

Host: 6f3ae07be95ae97387d8b294da3b5285.safeframe.googlesyndication.com
URL: https://6f3ae07be95ae97387d8b294da3b5285.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

583eda12fed77c078f7391866e53eedd80aec5b9b178a3537a3c4c3b09575485

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://6f3ae07be95ae97387d8b294da3b5285.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Wed, 17 Nov 2021 04:18:15 GMT
server: cafe
cache-control: private
content-length: 313
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 5D3C 79 KB
31 KB 56ms
54ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Cl2zTusyJMuiMW2hu50sAxK963VHd36FGxT2AqVu56M4O4awuXfkSU0_LDE-EUVlEud8LP5r7m6qBrjGUjdZ_Flr9O_wIecIxHlr7gF66wGl3VwPVsp7waHbB4ZBp15E60y-NgQQBcJfqWuvo_yWrU7QI9yg&dbm_d=AKAmf-CC3vSdNTSd03S7OPJWkSzCtSxzMOzqpmcRERMuGo9Tilf3pZvIUCUKEpj237V-uuNceYjMJ38s-2qlGsSarOOwiCRT3ksR3Za-g77CGD2iUqrocHGjrR7pSXhj1GU8SpD6pY0d7j9_NMiz3By5O3k8UFjsA83YXmKmXC5ZtqRW2jedRQDgB5KgFyTyqUo2fmd234xVwGGJCCiFl82kqKWWabMw09Z2EB6144bAiWphzb2g5jQYtWqC6K_Hwa6JD8FwrMBc1jI5aG_fDidAbQVKkzCFlcbPaZVYZDm_p9n5nquR_4NWN5PunY8mJWVDlAC9-2R40jlpU4EglOaK3Gf2a_gR-h0y7KKKotwM6THzFx-QWD0RQoivp9JJ0zGuXXvt2z3RljhRaRvQ_lPaHjdxnHGdBItJmGTIkwIbgkoTMe7gTsBy5EoRdWrK2EUYc6q9fj_czneR6XZdddJgnOqQsguNy8Vb101ekTJ8M3r9N-ip-6AIqXy1C98ZUBiKH0-1QnyetQ2824c68Pe1ASeeUnzRrSZRyNt2IL9NqPzV3OpwIooru9EMeaoMxG5mqIjkjHQORTXIDNZb_tHo6hmBz05uE-gRApkl8MRCZm25E18V4n7Tym1YIdC94QL7OIjHCYxCzq8gk74eRPeU5bHKy3hTw7EnCeP9ZCfpkn6JjZjmxW4HgejOwAsNsgm1peKlN647F85lhpTWZkPjCvnhqQy-n2x6XqJqqt2heWbJridqvbSX8P8kpviRlUJMlq1JWtvepiWKAkf8nCwtG2DCg1pJRPFXA0St8lw85Zps9Xq_6V2cBI0ZsOinim85HdgeSmypdzDs51v2MfLpo8dycL-ze_rGRuku__Il7XT5sYERxZtbElSoKVWVXcbUp1-2nAx1zv8dpYx4pjMTECOs2OxOtYeEbfZrCt9BJVdhzkJKfZh-rs8mgbMG8kzEZpMfFqYxkiShlvquxXtAnythwQ1O-Y4PaT9jjSgpolNN6UghwOKuNURQU57csCKviWFo7gD05QX3FUT6A0Vwc2Bj1EqCQiMtcj4Cauvz12aEr4fOpR52Tx20X7SHU7Zw9RFyL8r-O0fe5_wOBpVxHMjDqKm6Ydk8ZaxmiyrG0NFIbpLcVIZnCHzmRst773UPtiscK2m4DLNV37_fD9XSyId034s9Jx8r0dPeGLHi5p19giY0QrEkcU0kL8bZltarEWSi75uc_NSXPuap1nj-GLSQpl5Z0C_K-PXack7vu9b49E-uN-B2DyTg-Z9W5_rDv3hSPAb0LdK3T_NW_U2NEh86AMAylz0LWWx3pAjU55fhvHbf0wGEDtVmC7JlXq2pf4tgQjehesxxvkp8mTIQpLojkZjttu9P3qIKbQuSybsnlGs57tthTN04vvQfvunanQzPY2GtcKnAnC90l-PkX6kDcTGcY_GYIrbnf2R51zJ-qovtm6okm_S7VeMt_nLNR1JRrbVoFik6ey96_S-fOUSteCqisw6I0vfhRKPyqnNsIqxB0j5pQ4LUv3lclED7mE1sMq-5HXgX0GkrZw26UjrFUcoE1UVinqUgFpDLmd-xW0rrD2KyTuUtIb6Nlst2eMkkhaDbKjNy3kCQ1x1DYT3AOYUbiREm_2NpUKsPRjBz3Zu0q3OaH8PjUtx95SIWm6vZB73q1I6sOouw8d_6YDEvAXkUDRFSbIZAyRu4u-ipcGToWp3tdrKx9t_cT-ubQHqRaGNZRw502HQJ9aIBFnM6G79tib1ouc7wwn30pGZt3BjvGQZ7LpX5XVVi3aMSlERqYnCpDQnMpGwUqV2YMjVgrj1eGFPXWxZ4ZzscXW9G7w5IoBOPZtoFrG3wYcrLmY9nveuYxzuX8g9uUziYLQ-xKG-zaUIRGt5j2Ktzlr4JxC8QWYEEGWcREmFmHVMKgF87B5v1R89ay-uxTzhLUozCVXHrJ8VhbCHkUVMowAk_MeGT4Sur0_L8pEEw_Vb8UyyWgPuWFo00b6F7J3OMtGtnFTrXNovmyCFeU_t5ryY59PIChiz_YWpfROVksAVhF7TaIH6M5X3_oWPwGfU1hppE7XedxYjHf70PahBAheNaxDJMBbZdADuVxQUYFH5JTlsLz3sYiEC7CIF3K0q2wisda0IaUb0-2afl4h6UbbBZYUdZWPS0TvjPraRGNGMSwZqjgksXQzd2Te6-Wn9ljCTvSKoXthOnoUFw3jx-HxZYzB4jM1DqAoBxyTcFbmxlzxtZbRzhgulCjrAb_CoXNxhCmu4VhxMaN5kMK1VXhrEXY0sbHk0EI2Z-vOECOR8pBDie8fjfUqia4XXz8temhHqCFfzi2kd686RbotDx_AB55QLrvx7ciTu6UWaBV1e4UYfP3KPhh9APxFgIGnu4vSx7mmmRYU12uUHOQ9hoc8ufBlhFqJ1_dkjdjL3hacomkhmv8JURGVmb0UPKHBNymknQ8fQAhFr6c-MV4zBefjJHDWbzuJfXh4dYdjALPtikxjavp8YvgvEeoMycNtvt60kPTvb1cqX-yFgN-Op9sT6LnZOfZMAmKemGDMRnJsPCfJbIHeUQlvyXbY55Rp_NRLJ3iCTUpaQ40DXTT3mLHhuvnbLG757aomZUSkuPW7kjR0j4K8g2sdvyzFFs8uFsu8_oRkJ2fNVxQm1xu4s-5h6Q7M608rCCNBqHURWEKJW8i8OHdA3Sm7xzHG53DoCspDjU1oV6_p46ZRt82QCPTqpHv40q8WEscfxOae1IMBp8YncGkD_urDrvgJNCNQdgdbS1Bfi-jvxjkzVMQ7-IMeC-McSajbMlOcrzH8Qt8965dDZ3fmvMSMZTTiIdgGt0K6Ii-SxH-cdRA_xFOnUlXBpfD13DuBETtECMmhJqZXAo6vYF0oUjpV4Ldo4x9ylfPAAUSM5glntPK_D_IAQOezW38cqtybQpvll0S0e3akWIjIc4z2AOTFnirSQkXPa905aM5c2doFn_4s5OjRdf6faSovetdvcbnuZZT3nTKdI3iQ0N61XB09RTkKWN2GURL4P2ehRPpw&cid=CAASEuRo6vBGGDGeqbF1_LQcoArtLQ&rfl=1%2Chttps%253A%252F%252Fwww.thestar.com.my%252Flifestyle%240

Requested by

Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

77f1289eb36d8bc0247c7e2f7f4e7b992fb77fb5ae801fd62bf40f8b188f8a7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6f3ae07be95ae97387d8b294da3b5285.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 Nov 2021 04:18:15 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31604
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5D3C 42 B
107 B 332ms
39ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Byl67xrWc3wLpuKfvOXX35IvGggQyjhHu5-WPQebuYa9HH4Pb-LqCe5RqydBIiZd_HLS9bdmp74qGhlvhH-8A0z42qdZKKO0niEMqN9Z3A4F_07Hc

Requested by

Host: 6f3ae07be95ae97387d8b294da3b5285.safeframe.googlesyndication.com
URL: https://6f3ae07be95ae97387d8b294da3b5285.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6f3ae07be95ae97387d8b294da3b5285.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 Nov 2021 04:18:15 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame 5D3C 2 KB
1 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/window_focus_fy2019.js

Requested by

Host: 6f3ae07be95ae97387d8b294da3b5285.safeframe.googlesyndication.com
URL: https://6f3ae07be95ae97387d8b294da3b5285.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6f3ae07be95ae97387d8b294da3b5285.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 04:05:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 765
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 01 Dec 2021 04:05:30 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5D3C 119 KB
36 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 6f3ae07be95ae97387d8b294da3b5285.safeframe.googlesyndication.com
URL: https://6f3ae07be95ae97387d8b294da3b5285.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6f3ae07be95ae97387d8b294da3b5285.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 04:18:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37119
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1636547677202025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 17 Nov 2021 04:18:15 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame 5D3C 15 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 6f3ae07be95ae97387d8b294da3b5285.safeframe.googlesyndication.com
URL: https://6f3ae07be95ae97387d8b294da3b5285.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e7907336273196ef7b66c3c9377e5958d4c7e9691de3e67dca3a803138344a00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6f3ae07be95ae97387d8b294da3b5285.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 04:13:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 269
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6415
x-xss-protection: 0
server: cafe
etag: 16810888504096353422
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 01 Dec 2021 04:13:46 GMT

GET
DATA 200
OK truncated
/ Frame 612A 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 404166d904cdc960bdeb7cbe23c164f9e991bbee5a61de80cca8299728708bd9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 express_html_inpage_rendering_lib_200_275.js Show response
s0.2mdn.net/879366/ Frame 1A67 106 KB
38 KB 55ms
6ms Script
text/javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js

Requested by

Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6f3ae07be95ae97387d8b294da3b5285.safeframe.googlesyndication.com/
Origin: https://6f3ae07be95ae97387d8b294da3b5285.safeframe.googlesyndication.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 16 Nov 2021 14:48:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 48562
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37892
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:44:52 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 17 Nov 2021 14:48:53 GMT

GET
H2 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20211111/r20110914/elements/html/ Frame 1A67 8 KB
3 KB 276ms
13ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211111/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C6OzVM6vhXOewLozuLDMCJslacP7LLfzVCHARaoffuK51vpkwHDgdrC0LbWAjDeRD-Xa8PzIcbs4Lbmr7LIy6IyoQiLdouCSmIvx9zqyBeXeF8KNpJtU5QnR_tpKM9GiGQLKQemcZXvuXEY1IHKU0rM_ryPA&dbm_d=AKAmf-By1nsNuE1WOHu4VpgVJwgwYm5aA3knv1fxTxRpDCluqQYr3iRSeshXfLRr-x6yc1VWri72q6hE-GkcoIGl2Ff6bgGgjJiaRe_iBq2twfPvSWO8Dd_AWs-7IqAa3PQhRgSfwzSj7Loa6US4oWNy0Vq_vaCQCwHfIApkZgxJ4hqiTs--M38jVKyTj1edqwkMMo2ffdBjDo6gbr9nsEYYiCFpEmyP3S_pdb4_rxl87m2rLr85zIl3eBW-bYv-N-3KVdUFQk8TCSgB68EUuPGonY9WX5TzVZTVpClgtREGQ33T-knl_0RgN12d2_MTxMCa7zy4tFObOz170VL-PtCKvLcxsKlamd-8IFPlUb1sixx0kVBgTK3pCYIlFBpbDTbLGoKy4x2xneeCSoWB94zNwcNampMsPMps_MSh2DCz6YpcY3ccuZ6UdLUznjni68dQwEHzoO1mEk3n4hJ_agfndAPjw1v5Yl99zlw0L7IwH2_BPpYqTEvz6ls6Yt57AUQZTYyKpvywlHn6QnO7P6qpnuB5bCIKsQxb1r0dPQ3I9mWQEptsqR1of4kUs_R4oCS6ebh4Kxil83vnRrbAx5kOtBO8tT5IVTyrUFNIXuhJl8HuSHC_SjYGtg_fFtfqi5RKd3JUccnRCTlywofCOhLzGQW_pyVUAldQCXcwjmSu_u212T7cv4hLL7IY9X_Nd6TDKmR7ZrXl3VsGbKmFAkxlw2Hmjopgs1ZFPRcxBkhnXobfb7BvcbGavs9ku2ifB-7XJVtQ_zsa8FGgkRzBI9bobZ6riRXwna0wpiOHMfd8hSCfjOTJU7Um5IT7ECfNeJzIl0NjWBlLjmFU34v4a346tBLmpe6JDkQ4SOgg-uTuK6fUw7V3aHGZyB-8YM532MgyRsMD5hAW05N4uKlgD8mYqmOydy12AhbUTr7wFRVU5hXmuBm0YQvlGItSa4fSYnpFrxKdOsDnds5wg1IWN4hl1SQiBHIC2LSYPE4vbTDLG_6vWWG2FFfMer4OK-yuILNX4F2ra3aSjCjc87i9s3bfF5Lgqa9ijgrU4MSecKgqs6mGGkbNlXGaw16GmJQVggHb1E5iUjW7aHC5Uq3U0OPVuI8bhc8Lr3lu9mMx0bclhuX3EbE9TgaURM1LBrxplKB2dQbAPCuKbwRCVtx1I98ri_3FTRaQ2mooV2_hldPuF41iWWm_7eeQZUgUK3VVIz0PK0rzRfYROa53-5vshfqt4c0jgY_b42ggcp77CiDt5nBpbk2qlgPx57tUrwSZ0qsFI9ktIkCjuDRzPULat_loItHT-NSCyNr24N5jZFZ9OdXxDEspQTDfpIgAx7tsU-gTZJEQeGDD8LMJhJCBLhMOCC16wNdaHdpgFPvTcVwMLE8FZJM7BvWgm3rGezj2x2FgWhwxLdXI1BJ5_ysOEknFxWGre_NQ128AouFeBdJU2xb0JzWwH0B7J60l7NllSRuN5kBTuDFvScVnxl5E1xhcG_lZQLnnI_o1TfkK3de0v_IvJksHTIosELJhzdWKqU59jWU4nV8JOadDk21oChdaV_kkt6WHEqdm8hQAkWtK1sa-KQ8wL-Jr9zlB8VO9mRVeAxLH0ov1ymrfV80lIMqjjReI_n-QUmPTJT0plWEUbqmCfHTDMEbfAB6WVqmtKYRfSVbR9C2GbdPdwR4Ew4-0QT4Gi2cFnDi1bPbcf9trrtcvV1FYc1X3JX_9KqAcrGVmB8m9NYkwU1QhnVlNix2y7pT3LWJu89Q88TY69HAGxACepX9QGvVD-JytYK-AuQdz40iOBF0Qh4Z6co-HpAkOyUcb6BLrgoPRCz0UpBpl0f1xGHyXLb3gV06QUwhn1U_7n86mB3H2ydbUgQmbi-eF4hnPw78mFwTn6Ph291H9x5rmvUHUC_zfyVI9VzPFZ63OkY7luZ5iwKNXOXMnNuJLWXr45hR3Fe6xnomf8Pa_vX-j5Jf02ll4QXXqlcL9ViRLFXwUtncl1_PIKnCspJAMu_qqGJTax8pIFzqPjaZZwwIFK5MDdnc1J5j_oXZCL51VP4JNL7_EOKZncFr0RmOdSwxRPP8DSk5yPXfGBQWCC2-1Z8EYcEvu1X3zHGE021XXx2c8D0NZCCfsbstMrJ1l89-Doo7n7qvfSqHN7L3zT-nHvrVtxpGsKbKv8k4Pviqsy9ImTwuiXpzsD130ajLPU1cvBTInL36SeWuNuQN5k31XyGVAh6QikLtrudc2RcBJfmp4-OSpS97aeofGfJ6YH4BuRkb99zMcEdh9kICttpumQJROVnxujbHktv-OfF3AdNEJVSIys-LXXCLLqf9tfeiVjWlnJ6oMRXYR_w0mUbgRJk1tonHYef-LYDzOTSTB7NrvT06_zFXBR5acwae9COZn9JLVcAT8eHedovR8RpYM2LGSjFZY2_mx9kIKFAI-w2fSDUg8oX6XeVYpdcQl2kKyfT4AgPdpkQc1BfFl7ZHt0NcnXMiopOyQrc26Tjk3mVzlwbTREEGqjQsrrhgpd9TDkGe15o_BXUvadFUwyAK6I_NRaaJDbN1PwTQEQSY16DCb96XfiwHklFJiCx-azYh-4BVVP20Cn9U91UE_VlUSrjWFvbIGTZL3d7whxPvhELhgWSPlmTGLEqjQ3MJZsEcLu0QkO_zCXZ7PDOkZRv7Jf_GZ3VRuRfpenN38FTlsLsV55lCsN0BYGte1460ayG_hzW2mFJS6kTn14UWNrDJpRwbFW786nWEYNVFOZLcFAFm0WWFWgMo3u95VYlZ0AdxGWiLdsexjr6uFJe1flal1ZFlJR1R4WVzbfyzYP7p9ZuyAapMP0nm_Wkt_K5zbZVotMVWXp7V03G0YLOiFUOrWWOA8B5fQ9YiT-P6T8jOqBZSOrEHPMO1UcViEGrb2RXh6VLXaMO-BQ9pa4C0ZlU-MnaemmsSLILpR4d-h9x9eMrZTDT7abAOrb06tBy5j1jlALlulta6AXf9Gcx3afT0LUMFl46aFGeGv_cS8uOrxjRkCcxSA05mvPkLGPT-NbeIoBli5Wg&cid=CAASEuRoZ9nZL5YXau16rESr2k5xKg&rfl=1%2Chttps%253A%252F%252Fwww.thestar.com.my%252Flifestyle%240

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9db8a678d1681c1c4a3f15e1769c3f54d96f126db4a7b00cea65127c820a7763

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6f3ae07be95ae97387d8b294da3b5285.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 03:54:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1434
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3140
x-xss-protection: 0
server: cafe
etag: 17163059639670574047
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 01 Dec 2021 03:54:21 GMT

GET
H2 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20211111/r20110914/ Frame 1A67 24 KB
9 KB 268ms
7ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211111/r20110914/abg_lite.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f93d6aac2996165254aceb217fd491b77cb5da8667b7bc90ba9f47242c98b91a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6f3ae07be95ae97387d8b294da3b5285.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 03:41:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2202
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9475
x-xss-protection: 0
server: cafe
etag: 15988442915344899701
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 01 Dec 2021 03:41:33 GMT

GET
H2 200 11.1.358.js Show response
script.crazyegg.com/pages/versioned/common-scripts/ 69 KB
22 KB 33ms
33ms Script
text/javascript 2606:4700::6813:9308
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/versioned/common-scripts/11.1.358.js
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0012/7021.js?454756
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 262fd74571b20241b0506bdb49bccddce8305437ce67b136556cca4694bc2a58

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 17 Nov 2021 04:18:15 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 01 Nov 2021 19:35:50 GMT
server: cloudflare
age: 571546
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000
accept-ranges: bytes
cf-ray: 6af6276e9c084c2c-AMS
content-length: 22857

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame F1D6
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIqAfn1gVcpq7Odv9b6ovyw&google_cver=1

43 B
1014 B

40ms
28ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIqAfn1gVcpq7Odv9b6ovyw&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMX_6gIQ4KTvAhjT1byfATAB&v=APEucNUjZIkJwV0hYRIbF1gqxJxYLcVfz1rtUyi1_BYWSvfjsNhKqMOjc3rlrmD-FIBa8NhHIEGECPxJlgfMX1tDK0fMFkydmSNsW537fr9MqVGB9UYzu_ESQMH5mMwWBLesCjKVKwjy_2C9wGnU_7-E7G2lkm7N2QSuZriNx7BQOPyjtGmqujk
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 17 Nov 2021 04:18:15 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 17 Nov 2021 04:18:15 GMT

Redirect headers

pragma: no-cache
date: Wed, 17 Nov 2021 04:18:15 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIqAfn1gVcpq7Odv9b6ovyw&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame F1D6
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YZSCh8wdfFakTfYb34ZaCQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIqAfn1gVcpq7Odv9b6ovyw&google_cver=1

43 B
894 B

13ms
13ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIqAfn1gVcpq7Odv9b6ovyw&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMX_6gIQ4KTvAhjT1byfATAB&v=APEucNUjZIkJwV0hYRIbF1gqxJxYLcVfz1rtUyi1_BYWSvfjsNhKqMOjc3rlrmD-FIBa8NhHIEGECPxJlgfMX1tDK0fMFkydmSNsW537fr9MqVGB9UYzu_ESQMH5mMwWBLesCjKVKwjy_2C9wGnU_7-E7G2lkm7N2QSuZriNx7BQOPyjtGmqujk
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 17 Nov 2021 04:18:15 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 17 Nov 2021 04:18:15 GMT

Redirect headers

pragma: no-cache
date: Wed, 17 Nov 2021 04:18:15 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIqAfn1gVcpq7Odv9b6ovyw&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame F1D6
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEPRiWz9KvsOigOhRWy2kmnA&google_cver=1

43 B
1006 B

12ms
12ms

Image
image/gif

185.33.221.52
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEPRiWz9KvsOigOhRWy2kmnA&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMX_6gIQ4KTvAhjT1byfATAB&v=APEucNUjZIkJwV0hYRIbF1gqxJxYLcVfz1rtUyi1_BYWSvfjsNhKqMOjc3rlrmD-FIBa8NhHIEGECPxJlgfMX1tDK0fMFkydmSNsW537fr9MqVGB9UYzu_ESQMH5mMwWBLesCjKVKwjy_2C9wGnU_7-E7G2lkm7N2QSuZriNx7BQOPyjtGmqujk

Protocol

HTTP/1.1

Server

185.33.221.52 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

725.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 17 Nov 2021 04:18:15 GMT
X-Proxy-Origin: 136.243.198.83; 136.243.198.83; 725.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: d992bcc2-f59e-47db-820f-ec4fd84e65ac
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 17 Nov 2021 04:18:15 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEPRiWz9KvsOigOhRWy2kmnA&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F1D6
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Njk4Njc3NzQxMDM3NzYxMzQ4Nw%3D%3D

170 B
188 B

16ms
15ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Njk4Njc3NzQxMDM3NzYxMzQ4Nw%3D%3D

Requested by

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 Nov 2021 04:18:15 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 17 Nov 2021 04:18:15 GMT
X-Proxy-Origin: 136.243.198.83; 136.243.198.83; 725.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 503c5bb6-af46-47ab-820b-91c49658ebf7
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Njk4Njc3NzQxMDM3NzYxMzQ4Nw%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 9F31 363 B
273 B 18ms
16ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CK_PCBDdhLiuAhiMgZO7ATAB&v=APEucNX3u5m1Dgo4bJKPEOcA93SMoPmX2VHosBh4nAiwFVueHhuFeatDTHARuDT0eYdCLsZS8kLsVrWiVAz2RkEfPShAxUT-SBASDwPkr2UdvvPgee_4z0Nl091NR_vNYzHLAd68U5BCPkFLBIQobsYA_BNlV5hODuH3nGCboWwfHA99mBeja7U

Requested by

Host: 6f3ae07be95ae97387d8b294da3b5285.safeframe.googlesyndication.com
URL: https://6f3ae07be95ae97387d8b294da3b5285.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6edfad1d5d6275fc7ade68ffb1f07d480fdbb39579fa359bc9c7ea1d4649fce9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://6f3ae07be95ae97387d8b294da3b5285.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Wed, 17 Nov 2021 04:18:15 GMT
server: cafe
cache-control: private
content-length: 206
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame A30E 25 KB
15 KB 36ms
34ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DCEefgCbjui2aB6gSLXXmtTWduKtBT7KzZ1JLtxR4j-OgIEQcWAJ57mpE61HeXxF3ejpdhoXhFdQOkZTrwnP9btr_Ndr0YjmbpPvzpRjiCnQSC4OA8V5P0bmVyBgro_KiEkdhqQ_RQisdPOpSy2KsD9LxpOQ&cry=1&dbm_d=AKAmf-BSagvqayo2Pxq7NIWnC-L6xtogtbd2i6YN7KDjw-vUGfDCUA6IBPwsgSzzHj1jj066_TdK4VEH0vkACFOqR1PAc9y9HbFCsqKT-65FEl6419EdhGvVTgQYd8mbBBfj5Tl58u5yUoHEHOAC20ppLAanG_xfM6fszVFWQ_6e8dLQ81dcvnLVW_IQ1qBBQH9GQOEZxaGxv0egY2oLZaQOjht6BukHTtTqxwqmfLBhPY52H7eiSxcN1aYHHpUYzFN0vgJGp-J9jsGKNtz2EbfSl30tZk0hZSHy1BoH0PODZWTh2S0eCotJc0mj_wHPpo--pjX2h1VlGjpRvj8hm7hGovehhRPu7Qp7f8ackkgsejOxcZegzqoqTwvdmrcegOBhIKwmahtf9oHhxMLLArsUVU35lfOsQpjceSihJZ9_lAUTTffoqcBfQ-O1TQUAWiKIlliu4QmPDNCBrmif1Otqv6vqU4P1zzXSVclDQx4D6iYgPfeZKXDLNaZALyW4a_vHqZeQJWgXDevKIctQyEJcfhbsxnzn2kddh65ymhQYmYGF_VDUVQmOfgvRSQtB7FWaL06f0BVbLPvnwzDBNRASCy4cSjf8kcSlFxHGYTnkwKeNd2pb-6Stz_HEdM-6qH_GboUd7DJbNKA6Ml1-YuM0hg7uqkndqV0o2Jr2uayxMW3_EELRNMY6MI4SQyyYRk53S0vXQGc_CN9AOhiO8PgVRc2dB1uWNBRYOBAw5ex7mD8WZ4UClfCR-nZHeBnN4M_2A6NEk1F6Pe7CeRsj3ChoCxzZW_jH_FvuopXKCo32yqJYQxLeBmmv5r4E2ulWuMy0-Hj66Lf7pS3JwVFMBHgwnEjSDMwC1_lpxmARUP_BvuGsvXLmQFiUhxhWyFcaVOSjhOg_TdEXR_GiLgTzQgKyq0qT76UIVn6SQyxT7SklifChuTdAIytoJUm2H9J2txzJ0JCo7FSbDqEWlXCMm6jHwgRaGa3xTZ_RUhif3jjvrM36cZ330bviqIXzyVigOpx1wFaB_fW7MHb3hP9oQ5ycx4Edr_yTcg4_hPNIUYeTfBXsIIvd33LS9nlXCr5J3yjG5gxpczRIcFTNGfv6k81KB-cnFMgwDigiJikvpQEQn5r5X1aaXgOcKLFTyhh-NfuMO-S3Oj7MY2crK--YQ1qLTP-rnz1_L_Uap-_3a2L0AUAh3N_Blq__GvDb4b_Mfo9tG_QyxqSRwRIx8PU_2Ari5mVtgofDxTq21zEsSOigsIAUrTz2NOsD17IAd3VuKeO2ZFKN9PVUuDFSc32r0Fu6N_9RfGYL1K2fWlLHpqISY85dDzAJXcdlrMBhsNOz3CSdeOAOkt8axvzAveWh2bo6_Gy23p_dGT3KFnw1D78Qd6Fo0PIEr_bPYWEPb8331knhK8Sm08FEsXcUI7kfzEr4BOsQ3ePRGeYjMhaeWsKeu-Df_lICMJrMaQdnvddvNCfLNoQ503vTEweBpjH48EK9w_eXayRHMu6tLyLvz7K_JX7iEEq9_q9FaRBfDlRO_8CK0H8CipTNQKG43VfMtHsXy0intCgKur7Z-jEHbb2bNpLS1jM7dHSyQQGHcGFe1hPZ8H1Zm3XpnRxrJeX-Vb7kc7aoojiF4LBc-jiDRj8xKm1VDoVA4CjSQ316vzV5b-MFF6JO1bANE8RrnBtokVBsLT5j96NoqXaBf7c5WHryWboo_e0_qf9TDoqpWfv3dK4CSP6Xpr23xGrV_flXV8ew09unaQSwJ1E3QuBqYbWfBu10DFJPJBDfk3HqBSRORH_xBt8XXQ3JP5rXd2nYV_pfW-qS5OrHxQQBRJS622R1sRjbXBIcqb7CE67ePAQbyeIKGzUPp8lR86mOKG4YyUEgN5fyczFyUwFD1L96ZQcLOlkcsrF8dSuVTfrGQslwBrF_qm4lcAzpLDjc9n2uWdmBFQosMACjv2chYdPzSMYJATw7rkJLD0jnhHubBA642m_AsKvbp--JS5SBwCQTgvGbqyDTyaaC6oTJE1oqtFA0LPIzJ_q5GXUXvcTRySQCueDxWBVQOx2aiQ3QsLQrJ4bQHv30sfx3neckuonctBp72D7_B86tt2Q3JMrGJ3kC3BMDRP8vKc1yz1tsX6lEL3T89S4i4KInFp6AQNJMqMsF_CGPESW5uVzJpiMwtRXzWj0kis5pYSPBjrWlKf-fyBJpYY3Nx7wdpMCh9MOZ-QXXc1bATltdBQ-YY26HDo_NrdIV3bJ8H3GR_okvqbKVAWnQtRxORWIWttZyGan-iG3QtAvCXWNhUNQ3HB_KTqHZJq_rYN_MCOcts0p5c4DWvUd8Q-TBUdh7VrxcYB4qSItC6Swr9Ac8WttlRZsEan1jVOv9qJtml3ZgkW6EvTpfcye4awvKMYx_HygkbwiVPKMnsoqhTyPU-2_Kji0K3gYDp8IKBFVWi6tSaWXRzT9seNQ-jLYW_IkmjETfI_wz3GYVFZC0X-TcM7j1djEFHVWbzSs0uVR0SoxBpq9ncRP4El7_uRBc8onwO6sxyV4OQZFtuF6ZqzA0kX1-I9N12SYpCuGtTNjDAdgB3IseEjC-tDliaY58ScVdCLOf_YyYBK0iHVQABE44-CZyrzY8TYqa_7SY8MSXIkXSBtTUsthDsfdzBffbB4CckaSRiz9b8dlgHm3ygi_8Wwq_wxB2mLIj_IXYrY0lBT-xw1C4hkMPsbEuETb5f2RnNPNNMF0LlwInuU1RAWsq2rirYokQrU2FI0chD2Y6QqdFLAh8w9ZO8tcQX31OFevIOI6p6PoXyiCmaSmRk9597TBxvrRWKAFF2tMSmwHHSCZ-F89UX9KkbdUkYEX7_X1wO7VzAW1HROnBjTKc80LZqGNAWbg3eb2VBubbDjkpGifMeBiGXBMaXBp1xVQL9XEqgDt44Dad-W9lH5B6_Tt4VWu9AIqr0KKw42OwXFI62pogL-OQBrxbbuphXjUDUFfyu9th3tlmSd7TRbtpvAoaN1804u7gQtanCZjSRQUGe0f1L3gyZwus-ZCtIDJycnKDWQ&cid=CAASEuRoauTfR6SAMhT5qEuby66t6Q&rfl=1%2Chttps%253A%252F%252Fwww.thestar.com.my%252Flifestyle%240

Requested by

Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

554e57e0838a96c4ba5b65c9b80604446edd37cbd1fbd1c52066ea9f10849518

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6f3ae07be95ae97387d8b294da3b5285.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 Nov 2021 04:18:15 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14779
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame A30E 42 B
107 B 296ms
40ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-C7f5Y5S4TeJMaDZlOMSXryP6yef32SQG53l-6ES5sEZhAyhFwYub_b5VrfUrIJmX93nY-bJz1t97kJQ6N_xpowEuMl9R7fEsXKpQu6p4xJPRzAVC0

Requested by

Host: 6f3ae07be95ae97387d8b294da3b5285.safeframe.googlesyndication.com
URL: https://6f3ae07be95ae97387d8b294da3b5285.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6f3ae07be95ae97387d8b294da3b5285.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 Nov 2021 04:18:15 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dcmads.js Show response
www.googletagservices.com/dcm/ Frame A30E 9 KB
5 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/dcmads.js

Requested by

Host: 6f3ae07be95ae97387d8b294da3b5285.safeframe.googlesyndication.com
URL: https://6f3ae07be95ae97387d8b294da3b5285.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ba8e38c6c85b0384447b0174b6e16c72c56acbd084c40db40abedf89036f080c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6f3ae07be95ae97387d8b294da3b5285.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 03:26:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3120
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4451
x-xss-protection: 0
last-modified: Thu, 21 Oct 2021 15:55:37 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Wed, 17 Nov 2021 04:26:15 GMT

GET
H2 200 skeleton.js Show response
pixel.adsafeprotected.com/rjss/st/873995/58542367/ Frame A30E 46 KB
13 KB 144ms
59ms Script
application/javascript 52.50.243.239
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/rjss/st/873995/58542367/skeleton.js
Requested by: Host: 6f3ae07be95ae97387d8b294da3b5285.safeframe.googlesyndication.com
URL: https://6f3ae07be95ae97387d8b294da3b5285.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.50.243.239 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-50-243-239.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 0dabbb4784d068df2f38881f0d5720cd448506f10e8c6a44febf47ce8374ab8c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6f3ae07be95ae97387d8b294da3b5285.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 Nov 2021 04:18:15 GMT
content-encoding: gzip
x-server-name: app13.ie.303net.net
content-type: application/javascript;charset=utf-8
access-control-allow-origin: pixel.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame A30E 2 KB
1 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/window_focus_fy2019.js

Requested by

Host: 6f3ae07be95ae97387d8b294da3b5285.safeframe.googlesyndication.com
URL: https://6f3ae07be95ae97387d8b294da3b5285.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6f3ae07be95ae97387d8b294da3b5285.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 04:05:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 765
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 01 Dec 2021 04:05:30 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A30E 119 KB
36 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 6f3ae07be95ae97387d8b294da3b5285.safeframe.googlesyndication.com
URL: https://6f3ae07be95ae97387d8b294da3b5285.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6f3ae07be95ae97387d8b294da3b5285.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 04:18:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37119
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1636547677202025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 17 Nov 2021 04:18:15 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame A30E 15 KB
6 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 6f3ae07be95ae97387d8b294da3b5285.safeframe.googlesyndication.com
URL: https://6f3ae07be95ae97387d8b294da3b5285.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e7907336273196ef7b66c3c9377e5958d4c7e9691de3e67dca3a803138344a00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6f3ae07be95ae97387d8b294da3b5285.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 04:13:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 269
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6415
x-xss-protection: 0
server: cafe
etag: 16810888504096353422
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 01 Dec 2021 04:13:46 GMT

GET
H2 200 PoweredbySMG.png
cdn.thestar.com.my/Themes/img/ 969 B
1 KB 12ms
12ms Image
image/png 13.224.96.73
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.thestar.com.my/Themes/img/PoweredbySMG.png
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-73.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c1b1771d4d20dc6c84d8528e89c9bc735839e33083196c95cdc94fe6accb9cdc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: 6D_linq7xzrHnQ6OvqY3z5jUwx0KJN0e
via: 1.1 5e318b3ea3fa81a8c20898c2f8c40e7c.cloudfront.net (CloudFront)
etag: "3c0f549d7db345b0b035ec2d7fa24807"
last-modified: Thu, 01 Oct 2020 02:15:06 GMT
server: AmazonS3
age: 2981
x-amz-meta-cb-modifiedtime: Fri, 24 Jan 2020 03:30:24 GMT
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=604800
date: Wed, 17 Nov 2021 03:28:46 GMT
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-length: 969
x-amz-cf-id: KL8sN7_u0S7_5We4UuZFvKr5q4xdHkFjghIqLi_BPVnAZgelz7lLng==

GET
H2 200 formats.js Show response
ad.lkqd.net/vpaid/ Frame 0344 118 KB
35 KB 38ms
10ms Script
application/javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.lkqd.net/vpaid/formats.js
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: 7cfe458faed6fe5c3094bd51f1f10174604be983739ade9d828b0aad190043e5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 04:18:15 GMT
content-encoding: gzip
last-modified: Fri, 11 Dec 2020 00:09:23 GMT
etag: "286704660baa2c113268f28385080796"
x-hw: 1637122695.cds143.fr8.hn,1637122695.cds289.fr8.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1209600
accept-ranges: bytes
content-length: 35765

GET
H2 200 formats.js Show response
ad.lkqd.net/vpaid/ Frame 15F4 118 KB
35 KB 35ms
16ms Script
application/javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.lkqd.net/vpaid/formats.js
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: 7cfe458faed6fe5c3094bd51f1f10174604be983739ade9d828b0aad190043e5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 04:18:15 GMT
content-encoding: gzip
last-modified: Fri, 11 Dec 2020 00:09:23 GMT
etag: "286704660baa2c113268f28385080796"
x-hw: 1637122695.cds143.fr8.hn,1637122695.cds289.fr8.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1209600
accept-ranges: bytes
content-length: 35765

GET
H2

200

cookie Show response
a.vidoomy.com/api/rtbserver/ Frame 6245
Redirect Chain

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=120&redir=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fcookie%3Fi%3DCEN%26uid%3D%7BuserId%7D
https://a.vidoomy.com/api/rtbserver/cookie?i=CEN&uid=no-consent

43 B
290 B

53ms
7ms

Document
image/gif

3.68.1.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://a.vidoomy.com/api/rtbserver/cookie?i=CEN&uid=no-consent
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.68.1.119 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-68-1-119.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle

Response headers

date: Wed, 17 Nov 2021 04:18:15 GMT
content-type: image/gif
content-length: 43
content-encoding: none
vary: Origin

Redirect headers

cache-control: max-age=0,no-cache,no-store
pragma: no-cache
expires: Tue, 11 Oct 1977 12:34:56 GMT
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location: https://a.vidoomy.com/api/rtbserver/cookie?i=CEN&uid=no-consent
content-length: 0
date: Wed, 17 Nov 2021 04:18:15 GMT
server: AC1.1

GET
H2

200

sync
odr.mookie1.com/t/v2/
Redirect Chain

https://x.bidswitch.net/sync?ssp=vidoomy&user_id=883388795.275462120254379.712536965
https://x.bidswitch.net/ul_cb/sync?ssp=vidoomy&user_id=883388795.275462120254379.712536965
https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=2957a701-4ad8-4a38-8ac5-5a03cc9cc255&ssp=vidoomy&gdpr=&gdpr_consent=

43 B
324 B

42ms
15ms

Image
image/gif

34.98.67.61
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=2957a701-4ad8-4a38-8ac5-5a03cc9cc255&ssp=vidoomy&gdpr=&gdpr_consent=
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle
Protocol: H2
Server: 34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 61.67.98.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 Nov 2021 04:18:15 GMT
via: 1.1 google
server: Apache
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif;charset=UTF-8
alt-svc: clear
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: //odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=2957a701-4ad8-4a38-8ac5-5a03cc9cc255&ssp=vidoomy&gdpr=&gdpr_consent=
Date: Wed, 17 Nov 2021 04:18:15 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK auto-user-sync
ads.stickyadstv.com/ 43 B
598 B 96ms
15ms Image
image/gif 2.18.234.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.stickyadstv.com/auto-user-sync
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-233.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 17 Nov 2021 04:18:15 GMT
Server: nginx
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 43
x-sticky-vk: 1637122695263053-515
Expires: Wed, 17 Nov 2021 04:18:15 GMT

GET
H2 200 bundle.js Show response
assets.ubembed.com/universalscript/releases/v0.179.1/ 173 KB
47 KB 75ms
11ms Script
application/javascript 13.224.96.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.ubembed.com/universalscript/releases/v0.179.1/bundle.js
Requested by: Host: 52a360d4000447a08efd7617080680a9.js.ubembed.com
URL: https://52a360d4000447a08efd7617080680a9.js.ubembed.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-106.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b1ccb8141195307117c737c7f49f99de131fb55290a5f4c1431cc74ca93119dc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 16:54:54 GMT
content-encoding: gzip
last-modified: Fri, 30 Jul 2021 19:19:04 GMT
server: AmazonS3
age: 9113002
etag: W/"4d21402425377bf4a0f3a4f7ab8db2ad"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 8c175d0adc08dac3750e9201b76886e8.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: sJSrvaE1d0UIW6btlqFIoBSNjDZwT9y1VYvSkU4X5cnAuejAHsy48A==

POST
H2 204 collect
analytics.google.com/g/ 0
349 B 36ms
13ms Ping
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-3HWDM68GV8&gtm=2oeba1&_p=1391293907&sr=1600x1200&_gaz=1&ul=en-us&cid=763206404.1637122692&_s=1&dl=https%3A%2F%2Fwww.thestar.com.my%2Flifestyle&dt=Malaysia%20Lifestyle%20Feature%20Stories%20%7C%20The%20Star&sid=1637122695&sct=1&seg=0&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3HWDM68GV8&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.thestar.com.my/lifestyle
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 17 Nov 2021 04:18:15 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.thestar.com.my
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
349 B 45ms
15ms Ping
text/plain 2a00:1450:400c:c06::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-3HWDM68GV8&cid=763206404.1637122692&gtm=2oeba1&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3HWDM68GV8&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c06::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.thestar.com.my/lifestyle
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 17 Nov 2021 04:18:15 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.thestar.com.my
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 39ms
18ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-3HWDM68GV8&cid=763206404.1637122692&gtm=2oeba1&aip=1&z=1395442884

Requested by

Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 Nov 2021 04:18:15 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 skeleton.gif
static.adsafeprotected.com/ 43 B
481 B 67ms
12ms Image
image/gif 2600:9000:2190:bc00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.adsafeprotected.com/skeleton.gif
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:bc00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: iiN8XkcmZQdDIQeKkzAiegPwcD.5WPja
via: 1.1 d4ab4520827d99650a0d233539c37425.cloudfront.net (CloudFront)
etag: "45cf913e5d9d3c9b2058033056d3dd23"
age: 1302096
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 43
last-modified: Mon, 17 Aug 2020 23:55:15 GMT
server: AmazonS3
date: Tue, 02 Nov 2021 02:36:39 GMT
content-type: image/gif
cache-control: max-age=315360000
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
x-amz-cf-id: ynUax7axwMbzSBewQHCv21w_WI7tbcdsrPAK6wR9poEgRilo9PKVxw==

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 612A 0
0 29ms
29ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsusNe3N8DijLa-EVYxDIn_8HUFgO27SwqIL_X2c6zARm-EG3yor7LJA7YwhVOrYYj8-U88q0n4o8vQ5Hjd8-kotighykWEeQHvifCJk88TotBd0PtXJRP1Yrp_QG4Jbv9_78Db27EQAP7_iC2ukSqolVgT2YttFxJuTy8yYqBSFOL6OCiW7v4_TMGAQMS2yINoPJY1xMctMMVhIQ3ex88AWqU_tQ4rxdgBjiZMN1s8R2t4mV_1pMqPFbiqy-A-t1dnkjspNH0rSNhxge3nYfk7Pji1Ry3Alon4i8IBCanviNjoiXR8x6suY29b3BPk-lBgdYGY76-ACBYkU7QawkIcNXARUGEc35yj3auRjV6uuUNpTtqXut60mkmFi4-pDwLM0TFGpfIpq_V7Vx5voF6YUK54Qn3vVCY0ECRyphQqlnNb-xw&sig=Cg0ArKJSzJr0uLKgV2iOEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 17 Nov 2021 04:18:15 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Wed, 17 Nov 2021 04:18:15 GMT

GET
H2 200 2207123949525156 Show response
connect.facebook.net/signals/config/ 306 KB
87 KB 7ms
7ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/2207123949525156?v=2.9.48&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

66d178ce32402ac9400e4a35fb89806d6ddec78907011cee45ed8bf263882a01

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 89280
x-xss-protection: 0
pragma: public
x-fb-debug: qSzJzYf5AsPnOTvv3ejN10+y+OnD+CeAl7JDcNAH4LqA4nuI0EKiuI+BquJ83lBw8nPTE+JdhOxCSpdqgT82HQ==
x-fb-trip-id: 917726464
x-frame-options: DENY
date: Wed, 17 Nov 2021 04:18:15 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK rep.gif
comcluster.cxense.com/Repo/ Frame 6F18 43 B
468 B 10ms
4ms Image
image/gif 116.202.80.167
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://comcluster.cxense.com/Repo/rep.gif?ver=1&typ=pgv&rnd=kw30kx1c65klkn72&sid=1145278932220698298&loc=https%3A%2F%2Fwww.thestar.com.my%2Flifestyle&new=0&arf=0&ltm=1637122691136&ref=&tzo=0&res=1600x1200&dpr=1&col=24&bln=en-US&chs=UTF-8&cks=kw30l05kk5ua6eie&ckp=kw30kx2e2p7uqcar&glb=&wsz=1600x1200&cst=3o4jh9zrffcqzrojv9rye3c11
Requested by: Host: cdn.cxense.com
URL: https://cdn.cxense.com/sp1.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 116.202.80.167 Osterhofen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.167.80.202.116.clients.your-server.de
Software: Jetty(9.4.28.v20200408) /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.cxense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 04:18:15 GMT
server: Jetty(9.4.28.v20200408)
p3p: policyref="http://www.cxense.com/w3c/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 43
content-type: image/gif

GET
H2 200 js Show response
www.google-analytics.com/gtm/ 91 KB
36 KB 16ms
15ms Script
application/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/js?id=GTM-P83PVZM&cid=763206404.1637122692

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c3ca5a9a576de3df2029797914e31045cc4c02038392c20774cd583218b099ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 04:18:15 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36180
x-xss-protection: 0
expires: Wed, 17 Nov 2021 04:18:15 GMT

GET
H3

200

sd
us-u.openx.net/w/1.0/ Frame 9E5E
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEGs_TEO4Xu6xrYIIa8vtHQM&google_cver=1

43 B
61 B

24ms
16ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEGs_TEO4Xu6xrYIIa8vtHQM&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQ4p3QAhj52_-5ATAB&v=APEucNU4p3HS-Sz3KitzQbIgane2Z9xhSWEFM4-yBP2z93tHBsqVFhkbCOaei6Z_9yLIah3CqPdw8F0jm3qzo8m_MZvpqwQQqBYM7_briPBnbXyaMRROJM3drrOb7Xpc-rqQa3w41bC6iYuSy_xbHbjoZnsgOPxnK1cKfC6QStiezM1AjSIGSZw
Protocol: H3
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.218.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 Nov 2021 04:18:15 GMT
via: 1.1 google
server: OXGW/16.218.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 17 Nov 2021 04:18:15 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEGs_TEO4Xu6xrYIIa8vtHQM&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9E5E
Redirect Chain

https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
https://us-u.openx.net/w/1.0/cm?cc=1&id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NWQ4ZGU4MTgtOGFiYy0yOTk1LWRmNDYtNWI1MjU1ZTA0NWUz

170 B
188 B

31ms
31ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NWQ4ZGU4MTgtOGFiYy0yOTk1LWRmNDYtNWI1MjU1ZTA0NWUz

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQ4p3QAhj52_-5ATAB&v=APEucNU4p3HS-Sz3KitzQbIgane2Z9xhSWEFM4-yBP2z93tHBsqVFhkbCOaei6Z_9yLIah3CqPdw8F0jm3qzo8m_MZvpqwQQqBYM7_briPBnbXyaMRROJM3drrOb7Xpc-rqQa3w41bC6iYuSy_xbHbjoZnsgOPxnK1cKfC6QStiezM1AjSIGSZw

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 Nov 2021 04:18:15 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 17 Nov 2021 04:18:15 GMT
content-encoding: gzip
server: OXGW/16.218.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NWQ4ZGU4MTgtOGFiYy0yOTk1LWRmNDYtNWI1MjU1ZTA0NWUz
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
via: 1.1 google

GET
H2

200

um
sync.teads.tv/ Frame 9E5E
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
https://sync.teads.tv/um?eid=3&uid=CAESEANrNqzKR9Ikwh3XLljLC6E&google_cver=1

23 B
172 B

33ms
32ms

Image
image/gif

104.111.242.245
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=CAESEANrNqzKR9Ikwh3XLljLC6E&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQ4p3QAhj52_-5ATAB&v=APEucNU4p3HS-Sz3KitzQbIgane2Z9xhSWEFM4-yBP2z93tHBsqVFhkbCOaei6Z_9yLIah3CqPdw8F0jm3qzo8m_MZvpqwQQqBYM7_briPBnbXyaMRROJM3drrOb7Xpc-rqQa3w41bC6iYuSy_xbHbjoZnsgOPxnK1cKfC6QStiezM1AjSIGSZw
Protocol: H2
Server: 104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-242-245.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.6 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 Nov 2021 04:18:15 GMT
cache-control: max-age=0, no-cache, no-store
expires: Wed, 17 Nov 2021 04:18:15 GMT
server: akka-http/10.2.6
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Wed, 17 Nov 2021 04:18:15 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://sync.teads.tv/um?eid=3&uid=CAESEANrNqzKR9Ikwh3XLljLC6E&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 281
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 um
sync.teads.tv/ Frame 9E5E 23 B
172 B 74ms
34ms Image
image/gif 104.111.242.245
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQ4p3QAhj52_-5ATAB&v=APEucNU4p3HS-Sz3KitzQbIgane2Z9xhSWEFM4-yBP2z93tHBsqVFhkbCOaei6Z_9yLIah3CqPdw8F0jm3qzo8m_MZvpqwQQqBYM7_briPBnbXyaMRROJM3drrOb7Xpc-rqQa3w41bC6iYuSy_xbHbjoZnsgOPxnK1cKfC6QStiezM1AjSIGSZw
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-242-245.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.6 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 Nov 2021 04:18:15 GMT
cache-control: max-age=0, no-cache, no-store
expires: Wed, 17 Nov 2021 04:18:15 GMT
server: akka-http/10.2.6
content-length: 23
content-type: image/gif

GET
H2 200 express_html_inpage_rendering_lib_200_275.js Show response
s0.2mdn.net/879366/ Frame 0D87 106 KB
37 KB 308ms
7ms Script
text/javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js

Requested by

Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6f3ae07be95ae97387d8b294da3b5285.safeframe.googlesyndication.com/
Origin: https://6f3ae07be95ae97387d8b294da3b5285.safeframe.googlesyndication.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 16 Nov 2021 14:48:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 48562
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37892
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:44:52 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 17 Nov 2021 14:48:53 GMT

GET
H2 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20211111/r20110914/elements/html/ Frame 0D87 8 KB
3 KB 126ms
14ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211111/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B6T3ntvY9BAt0RvrX0pc1bBOy0pV2ZR6DmzexPlEW7MZ3zc89830iX7DH6ICHSCRo-oYDpJgb5sTPgBvTo7HhlMvTMWIZwj_qh_dNBvpCLjHD6_M0QVWi_0u9fARTNpyObITthgGrlrjGCD49coLNMc1MU2Q&dbm_d=AKAmf-ArD0Q-Gaz-6EsceSNGLxz1ntYkoU3LVEcS7oYXkHctXQkABxALsR6-u6hwWDbrD45Q-fgI8hqbKFkWvIrLAQdrHdLr1Q0yJhJAuJf1T65WJ1M0M7pYx4L1NktF2Lmu1-zQlmjAAYZTDp7Nl4Etas2s6vqeX_ZEb008e4LUeBvej-o6Q_hHbfhGQxMJ8XZbpck4xJZcK72w34gZaebWAvw378K5YqnHdwGb1QltH33EddXO9zzI4rzzxIjxsD_trc5qmZFUqsjbdC6D0WY2OW2PaMpQYUwLbbWFQLspFarSGM-UsKfdBAW7l6ZrN1ybhFnMklIuwWSDf-GZLpmOxNCjDwmfuzG9KLRYsEiOwgVldTsD9o55cYWf3Vh480Kbc6iL1yBQ36ysymQwa6t1wUBb3CFa2HFN-TQZJRtzt9yS_5FMEksF9m06qTDE6b_3h60hZ3YVCXXXgiWcKYa07hbyuDMgbS40GfYTcxzfXDxO50aiVlRdyPwWf9q2EX7jbcOKum3emn9kLOkSsWGgX_srKq-J7sdiLnCVaYE3tgJQLsjPW7gulxS_wHcBBV0FqUc5xBiELt-y9bf48COjLd_TtfxU9iEoJQ0KAR_YlJB0CLycowbClqdnN5EYtJyxk4fuvcOCN9vMn3JmJLuR0UFxY-OXYs8llR_q9szQ_yMGIC7qxQwzUGfHZPYPtRmDa-3woPDNl3GJho9d98hSfX4Grzn0tCmZEcKy3aJXt13bPrMUWGPS__eHzsbHbBLj1vOYLWTATyKCwvIzE9rz86OSYMaYv2r8C65yL0UvaO9LsqkFbF1blMza79dHoCW0drgv8B_IvEAPEpkSw1fQ4q_VvVzEMFYlh4ADCRavTdsYjaEqp30mzWnZhCmilV-DLxdLA7GzwvXJf4rU_0P9UUxWbwIJBDdwG59D6Z-OpuTA9mn5u4UsgWIoFsWR_7sI5TuC0TqYph912lVolnc2MnWytK4qiHgJ-_KBvF-5NOCn_oYn306SILFX9y60Q4kEt-Gm0RVa0q4F3xi7nGMcVmXFvOOb8oCZl6QC-47smuEbujftCTClpeKukqSxbXGLDF4KyqY6CQx-WV-48VGKNCMH__dDJEj0OgN975FoJ2o9to7sbcqk4ZTiuDZzl_LuD_K0FtqYgUmyNGXSHHJ0qabEpsosO5kdBbRWZasNUPC3-qR-jYUDYie9dBBVpE9VWb1JWTSJQ1rve6VCaMbDQrv5pGNpY_s8xoYAOMP1r5PLAwdivGvHZEXSr4e5UKYQ9Yi2abMX9QpyInjbBQlWK7LWopjv48VcpDhI77v3Cnm5oyPBwdNVyhjklOeLX3T08NEfdx3p73hUSNQRHKwMkUFGtbRnMKgNQ4pcWeHqFL9cqm_MAIdjzAIkh7bnhNvQ4qZeGHegWDB6zEPQ5ABLd4XOslz8GwCxZAfxwGvZfukJdJboBl6UrFSTEunj1KQWJ-_khr9ZG7EURIh66i-Me4Uddthna5hPpGHYu7EU7C2UhKJ0oiGKvGAhZWi44r8ScxY5U68AHJDZuVKo0NIMinpkIseIscvmkcPUIl6pmIQ6aBZKu55CAE-8owCHgxDahB_tef0kRP190-WpJ9BzjwbndoNO6k9ZOXeUngcO7qLJq6NpfLWUrH_xWdCzg0_UNBmE1gAO_nP2DM0V5P9AZV-nSiuZkFUCwi-Ac8PvazZ_Dh-l1FtTTrWa1wNgUlSmdYgv6q0cLCzdB-YURdCu4fpNKcqIr72Q43rViJUZyG7-oNXzW72zltL3EkOrOnBxO07bImcyONNULn5b3eGqvssL5vXHk1ErFbkjtPg2muoXt7nUR0tCwDwvuw8kUhK00FkjtXWihayWZ4ZyV1IYO0ZZQ-gXglCy3Hw_HLK-FSckf1YagoS9yI9SdeJx_fi-LtgiLgnS40YcPEtg8TbI0mRrKq6sx0AyTIcp9eMTzKhfpkpfljR6vv9uuPjwSwdSOTe_aDLgNyc52NPo34RJln_nH9bUewzCJv58ld_HtAs9knLzI730u0Zc7ZNOLU8kVVrmGGD3UhqXjOUI8CEn8a_yjF-mVUn57lbZPEdtgpfR1K_CCBA67F0yuy6YJzqBJ2QApjz1WK_Urz9s3s2RQd4SaenAWsnNSnxH-X3Lt_JhMlDsoCXWeWWe_7wDBr53Q3Bc8ShxpHTCGh2dEEomVA8j2ptI0oTij9EcGvWEWBFMjI9_qlk058rmq8YSZz7-ba7wwwYV0-IxCB1WRrgmnNmFK2vkVcT99Wt7N_lZAAHDEctND2_7Zvdga84YJ1_3gVjQsKPjO5urHqpMyLby7iZGzR77wVDVQ-_ryFwSEkV-MQ7gWjydI0UXUmhemMk6UQ9Wwm-eOJCR7tx7ye7OfiOBFXHThDl9b09QwLJN_TCi7CbZlqwvIoGW-3DKvnBlsHSHMwJiI8kFJEgxXlemZU7zgq6IfHEcLTujelFMRbMqpEFLJBBHEUkffc4s3D77Y94Uqkqv7KUPCLy0T5l-RaO2PTZZyI3I_RF4yT_10AL8m0gdWP_YHiP9PvupQtO6MmOQjNYj9e2bam75N63ZTcxzeRaGcG1n4o2L4R-1VLFmLnvBudnisu-mUMEteb_YCPzqUnPYRLaJoGFgE6lpScahPdkhkRIisPDsqmoELhVYltQ8zp4JfvxQ-owJICZpT68b-FpkGjoHlLeA9MUomVv5VaBj6r8LRaROD1dHhYPYNGaK5b_jPTg424fYyzhbAM9Mu_59Kb9nTUrK2qqAb8N3ai4Qi3QlVkTrhOD5az4-5fNe3QQO2xRbRIWoGpj2-MfIOiHkD6KhzltJko5sg9N-tgUyFn8SDoSRrOybaP9I44bsZ1p-eI0P7AUKAkH8Wxa-iBmJHu1mfp0FV185P0geW6uLgTmS5i7HMBoyA3mP63M1rt5C75aUXSFJ4UqP0-6lbZiKxFdFAaZwO3QMrptAWKq__o9SVgrNHHz2TksSEtBxlmE&cid=CAASEuRohLrwuqmlBE6alK1NSUDNrA&rfl=1%2Chttps%253A%252F%252Fwww.thestar.com.my%252Flifestyle%240

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9db8a678d1681c1c4a3f15e1769c3f54d96f126db4a7b00cea65127c820a7763

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6f3ae07be95ae97387d8b294da3b5285.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 03:54:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1434
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3140
x-xss-protection: 0
server: cafe
etag: 17163059639670574047
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 01 Dec 2021 03:54:21 GMT

GET
H2 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20211111/r20110914/ Frame 0D87 24 KB
9 KB 118ms
8ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211111/r20110914/abg_lite.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f93d6aac2996165254aceb217fd491b77cb5da8667b7bc90ba9f47242c98b91a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6f3ae07be95ae97387d8b294da3b5285.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 03:41:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2202
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9475
x-xss-protection: 0
server: cafe
etag: 15988442915344899701
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 01 Dec 2021 03:41:33 GMT

GET
H2 200 html_inpage_rendering_lib_200_275.js Show response
s0.2mdn.net/879366/ Frame 5D3C 169 KB
59 KB 301ms
9ms Script
text/javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_275.js

Requested by

Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e30f3479d6ce52ce1c83c50e5568a4a7c1080c3214b23aacbc9d21efdd52f95a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6f3ae07be95ae97387d8b294da3b5285.safeframe.googlesyndication.com/
Origin: https://6f3ae07be95ae97387d8b294da3b5285.safeframe.googlesyndication.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 16 Nov 2021 05:32:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 81974
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 60173
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:44:51 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 17 Nov 2021 05:32:01 GMT

GET
H2 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20211111/r20110914/elements/html/ Frame 5D3C 8 KB
3 KB 116ms
14ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211111/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Cl2zTusyJMuiMW2hu50sAxK963VHd36FGxT2AqVu56M4O4awuXfkSU0_LDE-EUVlEud8LP5r7m6qBrjGUjdZ_Flr9O_wIecIxHlr7gF66wGl3VwPVsp7waHbB4ZBp15E60y-NgQQBcJfqWuvo_yWrU7QI9yg&dbm_d=AKAmf-CC3vSdNTSd03S7OPJWkSzCtSxzMOzqpmcRERMuGo9Tilf3pZvIUCUKEpj237V-uuNceYjMJ38s-2qlGsSarOOwiCRT3ksR3Za-g77CGD2iUqrocHGjrR7pSXhj1GU8SpD6pY0d7j9_NMiz3By5O3k8UFjsA83YXmKmXC5ZtqRW2jedRQDgB5KgFyTyqUo2fmd234xVwGGJCCiFl82kqKWWabMw09Z2EB6144bAiWphzb2g5jQYtWqC6K_Hwa6JD8FwrMBc1jI5aG_fDidAbQVKkzCFlcbPaZVYZDm_p9n5nquR_4NWN5PunY8mJWVDlAC9-2R40jlpU4EglOaK3Gf2a_gR-h0y7KKKotwM6THzFx-QWD0RQoivp9JJ0zGuXXvt2z3RljhRaRvQ_lPaHjdxnHGdBItJmGTIkwIbgkoTMe7gTsBy5EoRdWrK2EUYc6q9fj_czneR6XZdddJgnOqQsguNy8Vb101ekTJ8M3r9N-ip-6AIqXy1C98ZUBiKH0-1QnyetQ2824c68Pe1ASeeUnzRrSZRyNt2IL9NqPzV3OpwIooru9EMeaoMxG5mqIjkjHQORTXIDNZb_tHo6hmBz05uE-gRApkl8MRCZm25E18V4n7Tym1YIdC94QL7OIjHCYxCzq8gk74eRPeU5bHKy3hTw7EnCeP9ZCfpkn6JjZjmxW4HgejOwAsNsgm1peKlN647F85lhpTWZkPjCvnhqQy-n2x6XqJqqt2heWbJridqvbSX8P8kpviRlUJMlq1JWtvepiWKAkf8nCwtG2DCg1pJRPFXA0St8lw85Zps9Xq_6V2cBI0ZsOinim85HdgeSmypdzDs51v2MfLpo8dycL-ze_rGRuku__Il7XT5sYERxZtbElSoKVWVXcbUp1-2nAx1zv8dpYx4pjMTECOs2OxOtYeEbfZrCt9BJVdhzkJKfZh-rs8mgbMG8kzEZpMfFqYxkiShlvquxXtAnythwQ1O-Y4PaT9jjSgpolNN6UghwOKuNURQU57csCKviWFo7gD05QX3FUT6A0Vwc2Bj1EqCQiMtcj4Cauvz12aEr4fOpR52Tx20X7SHU7Zw9RFyL8r-O0fe5_wOBpVxHMjDqKm6Ydk8ZaxmiyrG0NFIbpLcVIZnCHzmRst773UPtiscK2m4DLNV37_fD9XSyId034s9Jx8r0dPeGLHi5p19giY0QrEkcU0kL8bZltarEWSi75uc_NSXPuap1nj-GLSQpl5Z0C_K-PXack7vu9b49E-uN-B2DyTg-Z9W5_rDv3hSPAb0LdK3T_NW_U2NEh86AMAylz0LWWx3pAjU55fhvHbf0wGEDtVmC7JlXq2pf4tgQjehesxxvkp8mTIQpLojkZjttu9P3qIKbQuSybsnlGs57tthTN04vvQfvunanQzPY2GtcKnAnC90l-PkX6kDcTGcY_GYIrbnf2R51zJ-qovtm6okm_S7VeMt_nLNR1JRrbVoFik6ey96_S-fOUSteCqisw6I0vfhRKPyqnNsIqxB0j5pQ4LUv3lclED7mE1sMq-5HXgX0GkrZw26UjrFUcoE1UVinqUgFpDLmd-xW0rrD2KyTuUtIb6Nlst2eMkkhaDbKjNy3kCQ1x1DYT3AOYUbiREm_2NpUKsPRjBz3Zu0q3OaH8PjUtx95SIWm6vZB73q1I6sOouw8d_6YDEvAXkUDRFSbIZAyRu4u-ipcGToWp3tdrKx9t_cT-ubQHqRaGNZRw502HQJ9aIBFnM6G79tib1ouc7wwn30pGZt3BjvGQZ7LpX5XVVi3aMSlERqYnCpDQnMpGwUqV2YMjVgrj1eGFPXWxZ4ZzscXW9G7w5IoBOPZtoFrG3wYcrLmY9nveuYxzuX8g9uUziYLQ-xKG-zaUIRGt5j2Ktzlr4JxC8QWYEEGWcREmFmHVMKgF87B5v1R89ay-uxTzhLUozCVXHrJ8VhbCHkUVMowAk_MeGT4Sur0_L8pEEw_Vb8UyyWgPuWFo00b6F7J3OMtGtnFTrXNovmyCFeU_t5ryY59PIChiz_YWpfROVksAVhF7TaIH6M5X3_oWPwGfU1hppE7XedxYjHf70PahBAheNaxDJMBbZdADuVxQUYFH5JTlsLz3sYiEC7CIF3K0q2wisda0IaUb0-2afl4h6UbbBZYUdZWPS0TvjPraRGNGMSwZqjgksXQzd2Te6-Wn9ljCTvSKoXthOnoUFw3jx-HxZYzB4jM1DqAoBxyTcFbmxlzxtZbRzhgulCjrAb_CoXNxhCmu4VhxMaN5kMK1VXhrEXY0sbHk0EI2Z-vOECOR8pBDie8fjfUqia4XXz8temhHqCFfzi2kd686RbotDx_AB55QLrvx7ciTu6UWaBV1e4UYfP3KPhh9APxFgIGnu4vSx7mmmRYU12uUHOQ9hoc8ufBlhFqJ1_dkjdjL3hacomkhmv8JURGVmb0UPKHBNymknQ8fQAhFr6c-MV4zBefjJHDWbzuJfXh4dYdjALPtikxjavp8YvgvEeoMycNtvt60kPTvb1cqX-yFgN-Op9sT6LnZOfZMAmKemGDMRnJsPCfJbIHeUQlvyXbY55Rp_NRLJ3iCTUpaQ40DXTT3mLHhuvnbLG757aomZUSkuPW7kjR0j4K8g2sdvyzFFs8uFsu8_oRkJ2fNVxQm1xu4s-5h6Q7M608rCCNBqHURWEKJW8i8OHdA3Sm7xzHG53DoCspDjU1oV6_p46ZRt82QCPTqpHv40q8WEscfxOae1IMBp8YncGkD_urDrvgJNCNQdgdbS1Bfi-jvxjkzVMQ7-IMeC-McSajbMlOcrzH8Qt8965dDZ3fmvMSMZTTiIdgGt0K6Ii-SxH-cdRA_xFOnUlXBpfD13DuBETtECMmhJqZXAo6vYF0oUjpV4Ldo4x9ylfPAAUSM5glntPK_D_IAQOezW38cqtybQpvll0S0e3akWIjIc4z2AOTFnirSQkXPa905aM5c2doFn_4s5OjRdf6faSovetdvcbnuZZT3nTKdI3iQ0N61XB09RTkKWN2GURL4P2ehRPpw&cid=CAASEuRo6vBGGDGeqbF1_LQcoArtLQ&rfl=1%2Chttps%253A%252F%252Fwww.thestar.com.my%252Flifestyle%240

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9db8a678d1681c1c4a3f15e1769c3f54d96f126db4a7b00cea65127c820a7763

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6f3ae07be95ae97387d8b294da3b5285.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 03:54:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1434
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3140
x-xss-protection: 0
server: cafe
etag: 17163059639670574047
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 01 Dec 2021 03:54:21 GMT

GET
H2 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20211111/r20110914/ Frame 5D3C 24 KB
9 KB 104ms
6ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211111/r20110914/abg_lite.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f93d6aac2996165254aceb217fd491b77cb5da8667b7bc90ba9f47242c98b91a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6f3ae07be95ae97387d8b294da3b5285.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 03:41:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2202
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9475
x-xss-protection: 0
server: cafe
etag: 15988442915344899701
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 01 Dec 2021 03:41:33 GMT

GET
H/1.1

200

partner
sync.search.spotxchange.com/ Frame 51F2
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEKLsWoJvYC8FGNk0jwYW5n4&google_cver=1

43 B
549 B

36ms
23ms

Image
image/gif

185.94.180.125
SPOTX-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEKLsWoJvYC8FGNk0jwYW5n4&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CImz_L0CEMatq_ACGNO9k7gBMAE&v=APEucNW1ua9aZ4gfZgeylLGgR0rM-MH6-bBReNud0-xwN-HRdprsnxkgYwJben4B_YNMP0PervJzt6-foQ78P3wzJZnxSE2TyCy5FkVA3eRb-FaB_5apYLwzoRuF1OXGnpZu00G1SFLiR86_iNt09PpiXh5Hy1T0LhPjG_w6wmLz3qR-wN8cEkM
Protocol: HTTP/1.1
Server: 185.94.180.125 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Wed, 17 Nov 2021 04:18:15 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 123
Connection: keep-alive
Content-Length: 43

Redirect headers

pragma: no-cache
date: Wed, 17 Nov 2021 04:18:15 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEKLsWoJvYC8FGNk0jwYW5n4&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 306
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 51F2
Redirect Chain

https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID
https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=NjJhNGIyNGYtNDc1ZC0xMWVjLWI2MDYtMTc0ZGViMWUwNTA2

170 B
188 B

17ms
16ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=NjJhNGIyNGYtNDc1ZC0xMWVjLWI2MDYtMTc0ZGViMWUwNTA2

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CImz_L0CEMatq_ACGNO9k7gBMAE&v=APEucNW1ua9aZ4gfZgeylLGgR0rM-MH6-bBReNud0-xwN-HRdprsnxkgYwJben4B_YNMP0PervJzt6-foQ78P3wzJZnxSE2TyCy5FkVA3eRb-FaB_5apYLwzoRuF1OXGnpZu00G1SFLiR86_iNt09PpiXh5Hy1T0LhPjG_w6wmLz3qR-wN8cEkM

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 Nov 2021 04:18:15 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Wed, 17 Nov 2021 04:18:15 GMT
Server: nginx
Location: https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=NjJhNGIyNGYtNDc1ZC0xMWVjLWI2MDYtMTc0ZGViMWUwNTA2
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 38
Connection: keep-alive
Content-Length: 0

GET
H2 204 v1
ads.yahoo.com/cms/ Frame 51F2 0
445 B 34ms
7ms Image
text/plain 2a00:1288:80:800::7001
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.yahoo.com/cms/v1?esig=1~b04e41039133c73fafd60e0ed8cb49a70ecfb061&nwid=10000483131&sigv=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:800::7001 Frankfurt am Main, Germany, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 04:18:15 GMT
cache-control: no-store
x-content-type-options: nosniff
server: ATS
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block

GET
H2 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20211111/r20110914/ Frame A30E 24 KB
9 KB 105ms
12ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211111/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DCEefgCbjui2aB6gSLXXmtTWduKtBT7KzZ1JLtxR4j-OgIEQcWAJ57mpE61HeXxF3ejpdhoXhFdQOkZTrwnP9btr_Ndr0YjmbpPvzpRjiCnQSC4OA8V5P0bmVyBgro_KiEkdhqQ_RQisdPOpSy2KsD9LxpOQ&cry=1&dbm_d=AKAmf-BSagvqayo2Pxq7NIWnC-L6xtogtbd2i6YN7KDjw-vUGfDCUA6IBPwsgSzzHj1jj066_TdK4VEH0vkACFOqR1PAc9y9HbFCsqKT-65FEl6419EdhGvVTgQYd8mbBBfj5Tl58u5yUoHEHOAC20ppLAanG_xfM6fszVFWQ_6e8dLQ81dcvnLVW_IQ1qBBQH9GQOEZxaGxv0egY2oLZaQOjht6BukHTtTqxwqmfLBhPY52H7eiSxcN1aYHHpUYzFN0vgJGp-J9jsGKNtz2EbfSl30tZk0hZSHy1BoH0PODZWTh2S0eCotJc0mj_wHPpo--pjX2h1VlGjpRvj8hm7hGovehhRPu7Qp7f8ackkgsejOxcZegzqoqTwvdmrcegOBhIKwmahtf9oHhxMLLArsUVU35lfOsQpjceSihJZ9_lAUTTffoqcBfQ-O1TQUAWiKIlliu4QmPDNCBrmif1Otqv6vqU4P1zzXSVclDQx4D6iYgPfeZKXDLNaZALyW4a_vHqZeQJWgXDevKIctQyEJcfhbsxnzn2kddh65ymhQYmYGF_VDUVQmOfgvRSQtB7FWaL06f0BVbLPvnwzDBNRASCy4cSjf8kcSlFxHGYTnkwKeNd2pb-6Stz_HEdM-6qH_GboUd7DJbNKA6Ml1-YuM0hg7uqkndqV0o2Jr2uayxMW3_EELRNMY6MI4SQyyYRk53S0vXQGc_CN9AOhiO8PgVRc2dB1uWNBRYOBAw5ex7mD8WZ4UClfCR-nZHeBnN4M_2A6NEk1F6Pe7CeRsj3ChoCxzZW_jH_FvuopXKCo32yqJYQxLeBmmv5r4E2ulWuMy0-Hj66Lf7pS3JwVFMBHgwnEjSDMwC1_lpxmARUP_BvuGsvXLmQFiUhxhWyFcaVOSjhOg_TdEXR_GiLgTzQgKyq0qT76UIVn6SQyxT7SklifChuTdAIytoJUm2H9J2txzJ0JCo7FSbDqEWlXCMm6jHwgRaGa3xTZ_RUhif3jjvrM36cZ330bviqIXzyVigOpx1wFaB_fW7MHb3hP9oQ5ycx4Edr_yTcg4_hPNIUYeTfBXsIIvd33LS9nlXCr5J3yjG5gxpczRIcFTNGfv6k81KB-cnFMgwDigiJikvpQEQn5r5X1aaXgOcKLFTyhh-NfuMO-S3Oj7MY2crK--YQ1qLTP-rnz1_L_Uap-_3a2L0AUAh3N_Blq__GvDb4b_Mfo9tG_QyxqSRwRIx8PU_2Ari5mVtgofDxTq21zEsSOigsIAUrTz2NOsD17IAd3VuKeO2ZFKN9PVUuDFSc32r0Fu6N_9RfGYL1K2fWlLHpqISY85dDzAJXcdlrMBhsNOz3CSdeOAOkt8axvzAveWh2bo6_Gy23p_dGT3KFnw1D78Qd6Fo0PIEr_bPYWEPb8331knhK8Sm08FEsXcUI7kfzEr4BOsQ3ePRGeYjMhaeWsKeu-Df_lICMJrMaQdnvddvNCfLNoQ503vTEweBpjH48EK9w_eXayRHMu6tLyLvz7K_JX7iEEq9_q9FaRBfDlRO_8CK0H8CipTNQKG43VfMtHsXy0intCgKur7Z-jEHbb2bNpLS1jM7dHSyQQGHcGFe1hPZ8H1Zm3XpnRxrJeX-Vb7kc7aoojiF4LBc-jiDRj8xKm1VDoVA4CjSQ316vzV5b-MFF6JO1bANE8RrnBtokVBsLT5j96NoqXaBf7c5WHryWboo_e0_qf9TDoqpWfv3dK4CSP6Xpr23xGrV_flXV8ew09unaQSwJ1E3QuBqYbWfBu10DFJPJBDfk3HqBSRORH_xBt8XXQ3JP5rXd2nYV_pfW-qS5OrHxQQBRJS622R1sRjbXBIcqb7CE67ePAQbyeIKGzUPp8lR86mOKG4YyUEgN5fyczFyUwFD1L96ZQcLOlkcsrF8dSuVTfrGQslwBrF_qm4lcAzpLDjc9n2uWdmBFQosMACjv2chYdPzSMYJATw7rkJLD0jnhHubBA642m_AsKvbp--JS5SBwCQTgvGbqyDTyaaC6oTJE1oqtFA0LPIzJ_q5GXUXvcTRySQCueDxWBVQOx2aiQ3QsLQrJ4bQHv30sfx3neckuonctBp72D7_B86tt2Q3JMrGJ3kC3BMDRP8vKc1yz1tsX6lEL3T89S4i4KInFp6AQNJMqMsF_CGPESW5uVzJpiMwtRXzWj0kis5pYSPBjrWlKf-fyBJpYY3Nx7wdpMCh9MOZ-QXXc1bATltdBQ-YY26HDo_NrdIV3bJ8H3GR_okvqbKVAWnQtRxORWIWttZyGan-iG3QtAvCXWNhUNQ3HB_KTqHZJq_rYN_MCOcts0p5c4DWvUd8Q-TBUdh7VrxcYB4qSItC6Swr9Ac8WttlRZsEan1jVOv9qJtml3ZgkW6EvTpfcye4awvKMYx_HygkbwiVPKMnsoqhTyPU-2_Kji0K3gYDp8IKBFVWi6tSaWXRzT9seNQ-jLYW_IkmjETfI_wz3GYVFZC0X-TcM7j1djEFHVWbzSs0uVR0SoxBpq9ncRP4El7_uRBc8onwO6sxyV4OQZFtuF6ZqzA0kX1-I9N12SYpCuGtTNjDAdgB3IseEjC-tDliaY58ScVdCLOf_YyYBK0iHVQABE44-CZyrzY8TYqa_7SY8MSXIkXSBtTUsthDsfdzBffbB4CckaSRiz9b8dlgHm3ygi_8Wwq_wxB2mLIj_IXYrY0lBT-xw1C4hkMPsbEuETb5f2RnNPNNMF0LlwInuU1RAWsq2rirYokQrU2FI0chD2Y6QqdFLAh8w9ZO8tcQX31OFevIOI6p6PoXyiCmaSmRk9597TBxvrRWKAFF2tMSmwHHSCZ-F89UX9KkbdUkYEX7_X1wO7VzAW1HROnBjTKc80LZqGNAWbg3eb2VBubbDjkpGifMeBiGXBMaXBp1xVQL9XEqgDt44Dad-W9lH5B6_Tt4VWu9AIqr0KKw42OwXFI62pogL-OQBrxbbuphXjUDUFfyu9th3tlmSd7TRbtpvAoaN1804u7gQtanCZjSRQUGe0f1L3gyZwus-ZCtIDJycnKDWQ&cid=CAASEuRoauTfR6SAMhT5qEuby66t6Q&rfl=1%2Chttps%253A%252F%252Fwww.thestar.com.my%252Flifestyle%240

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f93d6aac2996165254aceb217fd491b77cb5da8667b7bc90ba9f47242c98b91a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6f3ae07be95ae97387d8b294da3b5285.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 03:41:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2202
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9475
x-xss-protection: 0
server: cafe
etag: 15988442915344899701
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 01 Dec 2021 03:41:33 GMT

GET
H2 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame A30E 41 KB
15 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6f3ae07be95ae97387d8b294da3b5285.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 09:47:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 239437
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Mon, 14 Nov 2022 09:47:38 GMT

GET
H2 200 dispatch Show response
twa.netcoresmartech.com/ 7 B
94 B 417ms
138ms XHR
text/plain 13.235.142.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://twa.netcoresmartech.com/dispatch?user_key=ADGMOT35CHFLVDHBJNIG50K968P0V61ULQ6VTDV1B4AH6RHKPIVG&customer_key=&uuid=bf33be35-8cbb-4143-9647-231f8205d00c&siteid=1ea761fa10f93f18df46ddc3b4f7b01a&browser=chrome&sid=1637122695603&visit=new&pts=0&sts=0&url=https%3A%2F%2Fwww.thestar.com.my%2Flifestyle&tx=1637122695603&ptx=null&purl=null&npv=0&title=Malaysia%20Lifestyle%20Feature%20Stories%20%7C%20The%20Star&usertimings=1637122695609&web_activity=1
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.235.142.106 Mumbai, India, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-235-142-106.ap-south-1.compute.amazonaws.com
Software: awselb/2.0 /
Resource Hash: c88a0b907419a70c27ab7c1f8e5fb54441a4d9c3567e4c928fa7b2091194aecf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 17 Nov 2021 04:18:15 GMT
server: awselb/2.0
content-length: 7
content-type: text/plain

GET
H2 200 ADGMOT35CHFLVDHBJNIG50K968P0V61ULQ6VTDV1B4AH6RHKPIVG.js Show response
cdndc.netcoresmartech.com/webactivity/ 9 KB
1 KB 23ms
7ms Script
application/javascript 2a02:26f0:1700:16::b856:fbc4
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdndc.netcoresmartech.com/webactivity/ADGMOT35CHFLVDHBJNIG50K968P0V61ULQ6VTDV1B4AH6RHKPIVG.js
Requested by: Host: cdnt.netcoresmartech.com
URL: https://cdnt.netcoresmartech.com/smartech_v4.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:1700:16::b856:fbc4 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 989a0a7fffb57d7b6fc3ad769430bf10bcd2c9da71763f305dbeee48afb7b205

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 04:18:15 GMT
content-encoding: gzip
last-modified: Tue, 09 Nov 2021 02:21:54 GMT
server: AmazonS3
x-amz-request-id: 2F9KXD59096EVNR8
etag: "5b049508b67cfb9eda6c3791899c8bd1"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-cache
server-timing: cdn-cache; desc=HIT, edge; dur=1
accept-ranges: bytes
content-length: 948
x-amz-id-2: fG4u6rtc1THll5QQFtLiwmwjx0Foh+LbQBMCoJA6se7fp5oIU0qe482mI9mQ9INKLy0KmGAmt0w=
expires: Wed, 17 Nov 2021 04:18:15 GMT

GET
H2 200 wnconfig Show response
wdc.netcoresmartech.com/ 544 B
478 B 404ms
126ms XHR
application/json 13.127.55.210
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://wdc.netcoresmartech.com/wnconfig?clientkey=ADGMOT35CHFLVDHBJNIG50K968P0V61ULQ6VTDV1B4AH6RHKPIVG&siteid=1ea761fa10f93f18df46ddc3b4f7b01a&type=null
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.127.55.210 Mumbai, India, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-127-55-210.ap-south-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 544e5ac961fd1b7442ec34016f6b66fae244fdbad6da779bb0e4a3b2387866d5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 17 Nov 2021 04:18:15 GMT
content-encoding: gzip
server: nginx
content-type: application/json

GET
H2 200 df Show response
twa.netcoresmartech.com/ 57 B
150 B 410ms
135ms XHR
application/json 13.235.142.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://twa.netcoresmartech.com/df?user_key=ADGMOT35CHFLVDHBJNIG50K968P0V61ULQ6VTDV1B4AH6RHKPIVG
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.235.142.106 Mumbai, India, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-235-142-106.ap-south-1.compute.amazonaws.com
Software: awselb/2.0 /
Resource Hash: 9f878be7310ae8c9cb0334970d5a3ae14b0b4418374b8e73316756fc6abd1feb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 17 Nov 2021 04:18:15 GMT
server: awselb/2.0
content-length: 57
content-type: application/json

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 4328 0
0 30ms
30ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssCWIbvrrLpHFUBOYC5RJHawsVbg_nvVVjEfCq0j8QkH8susaGKoE-1oPwv2zPm8XjYMhLNEULIhbTDhzc1C7Lzs36pzS4O0Oqh9rX6rbVB3nrnIG8kPI2Kx5ceVYiFeB_S6ad1hVr0Ds60f_Quv8Lc5eAXlzYmOYYZtcqWvmZEApA11XSKPK8VRKpawNp6FGwg_VG-q3spbXiLxXNFMxxyz_QFMh3LRAekq6MUC1dGdHdofMpWgXu62oYp2f5L5RHnJq7DgTJFvuhomp7m9HXNjgwvkjsbbERYz_BqemjTbIc0Rk3DW0K0eIGj8Di0aCwPvy-MIjJkfw&sig=Cg0ArKJSzPw01Pn0qlnXEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 17 Nov 2021 04:18:15 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Wed, 17 Nov 2021 04:18:15 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame D53F 0
0 29ms
29ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuEhywu3mRdPWxBwSQJHn6EEBwOUznB7ouhTRMmQjMZnci17wz-BE5Uy8ZRmnhrE3FU24y_L2OqZSNKJ30MGuZEdI_2gGha4hOx9M7kevJtwFwQQG_2go1MRuBDRdLIywvNd-yoOz9cPXc0OpLpzB12PXG-UFxWoOl1xYX1AvXRlevCt3u_o49YZs7EfDK1sAiw5TOeCcweM2vLISXUO5Qn1nB-GrBH8XIQHTQ5Y4Cka8z1EUh0njyJDK96wamif-_qArjY1cDDhn9vp8bxmv4vrUpK8fqT6t_9UbpZWrZUFNXjpSzKWMvYNSYVuzfEOt5RZRiaWgN9Oc5jOZnt8eEOK1vqv1IqmAp8HFJvBsOCX48_kxhNsUbY&sai=AMfl-YTCXDkQJMBbyvKvcBtg_AapICg-2bTvcqbKNqmnri6tFp6cCgjDGCbAvxfiKzmah4AjrnIYeBRG_ZZj7b1KpyXRDmUf071te0ElQLvEzqby_MoOdFyJXemeU_ki7sQ&sig=Cg0ArKJSzPN2eEXQFSF1EAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 17 Nov 2021 04:18:15 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Wed, 17 Nov 2021 04:18:15 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame D53F 12 KB
10 KB 45ms
26ms XHR
application/json 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021111101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2720ddd9dd464edc7778de15f199775a58f40e8a843dd12cf6e87ee61f39be6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 17 Nov 2021 04:18:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9295
x-xss-protection: 0

GET
H/1.1 200
OK id Show response
id.cxense.com/public/user/ 117 B
706 B 7ms
2ms Script
text/javascript 116.202.80.167
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://id.cxense.com/public/user/id?json=%7B%22identities%22%3A%5B%7B%22type%22%3A%22ckp%22%2C%22id%22%3A%22kw30kx2e2p7uqcar%22%7D%2C%7B%22type%22%3A%22lst%22%2C%22id%22%3A%223o4jh9zrffcqzrojv9rye3c11%22%7D%2C%7B%22type%22%3A%22cst%22%2C%22id%22%3A%223o4jh9zrffcqzrojv9rye3c11%22%7D%5D%2C%22siteId%22%3A%221145278932220698298%22%2C%22location%22%3A%22https%3A%2F%2Fwww.thestar.com.my%2Flifestyle%22%7D&callback=cXJsonpCBkw30l0ilhsic7g4z

Requested by

Host: cdn.cxense.com
URL: https://cdn.cxense.com/cx.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

116.202.80.167 Osterhofen, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.167.80.202.116.clients.your-server.de

Software

Jetty(9.4.28.v20200408) /

Resource Hash

25803bba1f72a415b6d331bf0f67a1c1c8de52097f6238e79cb00dc3f9d68ca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 Nov 2021 04:18:15 GMT
x-content-type-options: nosniff
server: Jetty(9.4.28.v20200408)
p3p: policyref="http://www.cxense.com/w3c/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-store, no-cache, must-revalidate
content-type: text/javascript;charset=utf-8
content-length: 117
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2

204

sync
ups.analytics.yahoo.com/ups/55946/ Frame 9F31
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=adtech_dbm&google_cm&google_dbm&_origin=1
https://pixel.advertising.com/ups/55946/sync?uid=CAESENv4imaPvq-f_94mT6HMicY&_origin=1&google_cver=1
https://ups.analytics.yahoo.com/ups/55946/sync?uid=CAESENv4imaPvq-f_94mT6HMicY&_origin=1&google_cver=1&apid=UP62ce996b-475d-11ec-bfe8-02eceacfbc66

0
342 B

10ms
10ms

Image
text/plain

3.126.56.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/55946/sync?uid=CAESENv4imaPvq-f_94mT6HMicY&_origin=1&google_cver=1&apid=UP62ce996b-475d-11ec-bfe8-02eceacfbc66

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CK_PCBDdhLiuAhiMgZO7ATAB&v=APEucNX3u5m1Dgo4bJKPEOcA93SMoPmX2VHosBh4nAiwFVueHhuFeatDTHARuDT0eYdCLsZS8kLsVrWiVAz2RkEfPShAxUT-SBASDwPkr2UdvvPgee_4z0Nl091NR_vNYzHLAd68U5BCPkFLBIQobsYA_BNlV5hODuH3nGCboWwfHA99mBeja7U

Protocol

Server

3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.0.33 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 04:18:15 GMT
server: ATS/9.1.0.33
age: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location: https://ups.analytics.yahoo.com/ups/55946/sync?uid=CAESENv4imaPvq-f_94mT6HMicY&_origin=1&google_cver=1&apid=UP62ce996b-475d-11ec-bfe8-02eceacfbc66
date: Wed, 17 Nov 2021 04:18:15 GMT
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9F31
Redirect Chain

https://pixel.advertising.com/ups/55946/sync?_origin=1&redir=true
https://pixel.advertising.com/ups/55946/sync?_origin=1&redir=true&verify=true
https://ups.analytics.yahoo.com/ups/55946/sync?_origin=1&redir=true&apid=UP62ce996b-475d-11ec-bfe8-02eceacfbc66
https://cm.g.doubleclick.net/pixel?google_nid=adtech_dbm&google_hm=VVA2MmNlOTk2Yi00NzVkLTExZWMtYmZlOC0wMmVjZWFjZmJjNjY%3D

170 B
188 B

15ms
15ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=adtech_dbm&google_hm=VVA2MmNlOTk2Yi00NzVkLTExZWMtYmZlOC0wMmVjZWFjZmJjNjY%3D

Requested by

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 Nov 2021 04:18:15 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=adtech_dbm&google_hm=VVA2MmNlOTk2Yi00NzVkLTExZWMtYmZlOC0wMmVjZWFjZmJjNjY%3D
date: Wed, 17 Nov 2021 04:18:15 GMT
server: ATS/9.1.0.33
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9F31
Redirect Chain

https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true
https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS1tS0FxcW45RTJ1RWJBNVJwc2cyVldZZl9YMG1uS3NzQn5B

170 B
188 B

16ms
16ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS1tS0FxcW45RTJ1RWJBNVJwc2cyVldZZl9YMG1uS3NzQn5B

Requested by

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 Nov 2021 04:18:15 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS1tS0FxcW45RTJ1RWJBNVJwc2cyVldZZl9YMG1uS3NzQn5B
date: Wed, 17 Nov 2021 04:18:15 GMT
server: ATS/9.1.0.33
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 TV3.png
cdn.thestar.com.my/Components/TVGuide/images/ 7 KB
7 KB 791ms
790ms Image
image/png 13.224.96.73
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.thestar.com.my/Components/TVGuide/images/TV3.png
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-73.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 042728b773152a62ed3ed8d5202d604a1e62f67a9d76ec8d7c89943e8769a4b3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 5e318b3ea3fa81a8c20898c2f8c40e7c.cloudfront.net (CloudFront)
etag: "0742d96721e43ad0648023688596b70e"
last-modified: Mon, 09 Dec 2019 02:21:33 GMT
server: AmazonS3
x-amz-cf-pop: ZRH50-C1
x-amz-meta-cb-modifiedtime: Wed, 08 Mar 2017 08:09:44 GMT
x-cache: RefreshHit from cloudfront
content-type: image/png
cache-control: max-age=604800
date: Wed, 17 Nov 2021 04:18:17 GMT
accept-ranges: bytes
content-length: 7201
x-amz-cf-id: vLNp6vbq67449F9pncNg64erjnQOJIy3I_Y_dxuxhVskG03WtDMJWw==

GET
H2 200 NTV7.png
cdn.thestar.com.my/Components/TVGuide/images/ 10 KB
10 KB 765ms
763ms Image
image/png 13.224.96.73
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.thestar.com.my/Components/TVGuide/images/NTV7.png
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-73.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6c7472e2354eccc1d9e860d637ebf8791174989402a8ecd41f46f90a951939b0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 5e318b3ea3fa81a8c20898c2f8c40e7c.cloudfront.net (CloudFront)
etag: "7dc4888b405acdb191c47b0976a9be80"
last-modified: Mon, 09 Dec 2019 02:20:50 GMT
server: AmazonS3
x-amz-cf-pop: ZRH50-C1
x-amz-meta-cb-modifiedtime: Wed, 08 Mar 2017 08:09:50 GMT
x-cache: RefreshHit from cloudfront
content-type: image/png
cache-control: max-age=604800
date: Wed, 17 Nov 2021 04:18:17 GMT
accept-ranges: bytes
content-length: 9730
x-amz-cf-id: KhKV_GuOCsSC6Dfe_caNXxwMHTUFujENqXI8PcVsBupzlanNeYsyFQ==

GET
H2 200 8TV.png
cdn.thestar.com.my/Components/TVGuide/images/ 8 KB
8 KB 757ms
756ms Image
image/png 13.224.96.73
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.thestar.com.my/Components/TVGuide/images/8TV.png
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-73.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9bbf7e8e5a8c4faad06d203234481e0e8e7c2836a789ce4194e2f0f9e17fa46f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 5e318b3ea3fa81a8c20898c2f8c40e7c.cloudfront.net (CloudFront)
etag: "23c1eb5f6f5c3888c274547b75d8bf33"
last-modified: Mon, 09 Dec 2019 02:20:08 GMT
server: AmazonS3
x-amz-cf-pop: ZRH50-C1
x-amz-meta-cb-modifiedtime: Wed, 08 Mar 2017 08:09:55 GMT
x-cache: RefreshHit from cloudfront
content-type: image/png
cache-control: max-age=604800
date: Wed, 17 Nov 2021 04:18:17 GMT
accept-ranges: bytes
content-length: 8056
x-amz-cf-id: -e4eWqJlWrTdSSuaDfbowxyvLxT5tlnGaG1Dz4_wcflvlKSPQ30KkQ==

GET
H2 200 9TV.png
cdn.thestar.com.my/Components/TVGuide/images/ 6 KB
6 KB 756ms
754ms Image
image/png 13.224.96.73
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.thestar.com.my/Components/TVGuide/images/9TV.png
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-73.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f3a2add0d57a32b28e0b68de5f0a99a556c55613b3b306b16cf4f6e8e763644d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 5e318b3ea3fa81a8c20898c2f8c40e7c.cloudfront.net (CloudFront)
etag: "3effb40c52c007619616cd7562fdadc2"
last-modified: Mon, 09 Dec 2019 02:20:20 GMT
server: AmazonS3
x-amz-cf-pop: ZRH50-C1
x-amz-meta-cb-modifiedtime: Wed, 08 Mar 2017 08:10:03 GMT
x-cache: RefreshHit from cloudfront
content-type: image/png
cache-control: max-age=604800
date: Wed, 17 Nov 2021 04:18:17 GMT
accept-ranges: bytes
content-length: 5812
x-amz-cf-id: 5mmVX05EIQ9jWOrH2aP4q6NaCfjxd4hw0ovVjsqh0hduY3xJ79AdrQ==

GET
H2 200 index.html Show response
s0.2mdn.net/9951322/1615304082096/ Frame 32B6 92 KB
23 KB 28ms
7ms Document
text/html 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/9951322/1615304082096/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

908d7bf8304239c4e5a374b77cbf74a331b1c23ffcdf44a63fe1131cb00a1f0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://6f3ae07be95ae97387d8b294da3b5285.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-length: 23309
date: Wed, 17 Nov 2021 03:17:01 GMT
expires: Thu, 18 Nov 2021 03:17:01 GMT
last-modified: Tue, 09 Mar 2021 15:34:42 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
age: 3674
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 1A67 0
571 B 67ms
32ms Ping
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu1WaZb0EBitKkB9ibpPpx9Gts0TgHl42qi2gW2nmjzI-1jEiO69k-Pch2QfEp19kSxIU5yf8RKUAUiHCZ2ukAlNdrVm_pvHCcRT-Hff5k5x1D3APk25Jnj8BKpWEU_hg41GINdLiuFqcFoBhMyzYaU9ewDLh_YXF7aa90HlRhWwIS1n9DXPhi2c800szd50PkG7G2TysxPdCUv0Hv1QZM7lL3I_CNmHKX2WBZIbB2izxIWTsKWAe_cjL61_mdTY7LyWHBPIumFCZ9XeGxfVtjQd_G-VJT9-rYLmNndnbwP333UKCuqijjXTWDdfAJ0esKfBfwgdF27-0ALHVgfCjoiMSp-9K9l3m-YjhqFri-UAd3XkyRqkarZ7k_dHCp0HvvmHCs60xWRsOEIE_oj3Fxv1SvGbxhDzJWSQB6cvq6442RuR-59N3wkGxHmwRSN_kzZq5GuzvbOblsHlRG-45jW_71hiHAPd6vGNI-skuYlBIpPYWPQOZGVdOaDUIoF0sdLOpb_C5mTPaEiUMa2HMi3R9WNuKI2BfjKjitPJff6rkjua-GGD7qN7DI8cbSEqbpsZBB1OgvOjIzY6HWU0j_DGkhby0KSRuktCug4r-HgzVSLTA29s22MzizdlsGpscO-GqKhE099-hjfS6rTp5qyE_oOxBC2ojTlyEWINwKkG7VQTWX2wt1sycTdWO0b0B8RyGKuAidTLuQJlWoPYf5ySIOj4F0q5lErTTPU4ZaTEVHXsHWtibJRYS3dDzoF100wmrTVV9aT5Ec9xxzGQRCtxs74U9eQYu48zhxuSx0XPvQ6jiGysNAPYbj8IUCxOKi2ULxFEcA9FLhyUrvWp8Kur1dqo4KFTESGjYJ84-kMILbPJHYhiopKbYFvPm_aYxplA_hko4yJquilqMkQs1h6Vl8zcM0OOFSFMYC5UDGxe6flwkprVYMKXnEwA8W65eULZmU-us45olNpBZdY6lK1fC2ZZ7diUiOxzBvZHMUi6WogE9Hdp5P8tM2pkvbOD2HSqDNbDAf5drjBQ7G-0TmhbU7uYQma7e2ycj56SODiCwmaXcDXZF7GHj31C8N3wdDxsDmB5NPCil2WMw3qItXTycclXuet68M4jafGgncy7aloMU3v2PtlGU6kKPM9UiQ8mhZpwUaIn_gahVC_xFDUlZ_xF45ttlJVEGZixrch2HB6GG3zisL5PZy3z3lM4dc9Peq96JQ&sai=AMfl-YRpnP7FT8wQ3UU9PZi3jVXg5wAhTHmCixlAht8HdbNidtTxBG-EjABkxdOP2cg3-_crhqIfNh-YRT3r_30596Lu8IhTai5Rtc2g6AzB5bCvc_DMKtP46ukpECdxiYrL3L20RHL2dDnIUrLcwXb1BOKUtpfPYQ&sig=Cg0ArKJSzN6Iu7CdtbjUEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=248&cbvp=1&cstd=246&cisv=r20211111.18935&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=

Requested by

Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6f3ae07be95ae97387d8b294da3b5285.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Wed, 17 Nov 2021 04:18:15 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 usync.html Show response
ad.lkqd.net/cookie-sync/ Frame B1BB 5 KB
2 KB 13ms
10ms Document
text/html 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.lkqd.net/cookie-sync/usync.html
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: b6ff02c733394664dbb2178c88a0d8ab1292602aaad412e44ee83c3ab7943faf

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Wed, 17 Nov 2021 04:18:15 GMT
content-encoding: gzip
content-length: 1909
content-type: text/html
last-modified: Tue, 26 Oct 2021 15:08:45 GMT
accept-ranges: bytes
etag: "10c6626c1705141142b0302e29b3bd0e"
cache-control: public, max-age=1209600
x-hw: 1637122695.cds143.fr8.hn,1637122695.cds288.fr8.c
access-control-allow-origin: *

GET
H2 200 ad Show response
v.lkqd.net/ Frame 0344 2 KB
2 KB 296ms
91ms XHR
application/xml 146.20.128.202
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://v.lkqd.net/ad?pid=430&sid=1108034&formats=true&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=http%3A%2F%2Fwww.thestar.com.my%2F&dnt=0&c1=&c2=0&c3=1.0%2C1!vidoomy.com%2C56965%2C1%2C&c5=11272&c6=56965&rnd=99431652&m=
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.202 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: 51d55ed62d7cd89bc8b4835ab935e96d72f56c6334e5758ec51446bfee8aa715

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 04:18:15 GMT
content-encoding: gzip
server: nginx
content-type: application/xml; charset=UTF-8
access-control-allow-origin: https://www.thestar.com.my
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 1366

GET
H2 200 usync.html Show response
ad.lkqd.net/cookie-sync/ Frame 5DDE 5 KB
2 KB 10ms
10ms Document
text/html 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.lkqd.net/cookie-sync/usync.html
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: b6ff02c733394664dbb2178c88a0d8ab1292602aaad412e44ee83c3ab7943faf

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Wed, 17 Nov 2021 04:18:15 GMT
content-encoding: gzip
content-length: 1909
content-type: text/html
last-modified: Tue, 26 Oct 2021 15:08:45 GMT
accept-ranges: bytes
etag: "10c6626c1705141142b0302e29b3bd0e"
cache-control: public, max-age=1209600
x-hw: 1637122695.cds143.fr8.hn,1637122695.cds288.fr8.c
access-control-allow-origin: *

GET
H2 200 ad Show response
v.lkqd.net/ Frame 15F4 180 B
356 B 489ms
297ms XHR
application/xml 146.20.128.202
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://v.lkqd.net/ad?pid=430&sid=1108035&formats=true&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=http%3A%2F%2Fwww.thestar.com.my%2F&dnt=0&c1=&c2=0&c3=1.0%2C1!vidoomy.com%2C56965%2C1%2C&c5=11272&c6=56965&rnd=21811933&m=
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.202 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: 45fa735c6df15f15a1293a9cb3125033408874bf284280e8bcac23f95ad8feac

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 04:18:16 GMT
content-encoding: gzip
server: nginx
content-type: application/xml; charset=UTF-8
access-control-allow-origin: https://www.thestar.com.my
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 150

GET
H2 200 7021.json Show response
script.crazyegg.com/pages/sampling-data-scripts/0012/ Frame 2FED 684 B
372 B 23ms
22ms XHR
application/json 2606:4700::6813:9308
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/sampling-data-scripts/0012/7021.json?t=454756
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/11.1.358.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8154cfa5cc42950d00fea81ce2d0e2326de18f558f7a8fab90c858ba35802fc4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 04:18:15 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 101652
ce-version: 11.1.358
content-length: 278
timing-allow-origin: *
last-modified: Tue, 16 Nov 2021 00:04:02 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: CE-Version
cache-control: public, max-age=300, s-maxage=1209600
accept-ranges: bytes
cf-ray: 6af627706b220b78-AMS

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame D53F 17 KB
6 KB 18ms
17ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 04:18:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Wed, 17 Nov 2021 04:18:15 GMT

GET
H2 200 cxense_data.json Show response
cdn.thestar.com.my/Content/Data/ 8 KB
5 KB 726ms
725ms XHR
application/json 13.224.96.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.thestar.com.my/Content/Data/cxense_data.json
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-73.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6c2cfec355323bf0e97b26d88609cd23484a311392a94a8a7305dea86ef0200f

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.thestar.com.my/lifestyle
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: FOIJ1z3Fv5hK_7WqsPBmXmDTrZVesoAJ
content-encoding: gzip
etag: W/"94eae61871675a30a5b38bb53bca450d"
x-amz-cf-pop: ZRH50-C1
x-cache: RefreshHit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Wed, 17 Nov 2021 03:53:39 GMT
server: AmazonS3
date: Wed, 17 Nov 2021 04:18:17 GMT
vary: Origin
access-control-allow-methods: GET, PUT, POST, HEAD
content-type: application/json
via: 1.1 af287426c130b47dba79bf825f91ebbb.cloudfront.net (CloudFront)
cache-control: max-age=180
x-amz-cf-id: jjVTm86_kSeaaPoa_b1JwrG8e_toax5lnwzhPGC5S9v4-hDwGkysIw==

GET
H2 200 1133176620062218 Show response
connect.facebook.net/signals/config/ 305 KB
87 KB 8ms
7ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1133176620062218?v=2.9.48&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5bb268a80096e97da89415934ce9ea9807c6af557f7be12e40228ae9401cbe47

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 89230
x-xss-protection: 0
pragma: public
x-fb-debug: Vykmc1NVqu5qxm4Sw43PrMAcgZzss5hTM6MrC5zQIzo0thkJHc6LzMRLdT8uykk8g3cFeGrN5tw8T0m6KsNvyg==
x-fb-trip-id: 917726464
x-frame-options: DENY
date: Wed, 17 Nov 2021 04:18:15 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
251 B 7ms
6ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2207123949525156&ev=PageView&dl=https%3A%2F%2Fwww.thestar.com.my%2Flifestyle&rl=&if=false&ts=1637122695788&sw=1600&sh=1200&v=2.9.48&r=stable&a=tmgoogletagmanager&ec=0&o=30&fbp=fb.2.1637122695787.182521506&it=1637122695560&coo=false&rqm=GET

Requested by

Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 04:18:15 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 44
expires: Wed, 17 Nov 2021 04:18:15 GMT

GET
H2 200 healthcheck Show response
pagestates-tracking.crazyegg.com/ Frame 2FED 19 B
419 B 48ms
11ms XHR
binary/octet-stream 13.224.96.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pagestates-tracking.crazyegg.com/healthcheck
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/11.1.358.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-60.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 12 Oct 2021 06:41:36 GMT
via: 1.1 a70d280cd058ea89c08954ea0ad67199.cloudfront.net (CloudFront)
last-modified: Tue, 05 Oct 2021 13:53:30 GMT
server: AmazonS3
age: 3101800
etag: "d06f04fccf68d0b228a5923187ce1afd"
access-control-max-age: 31536000
access-control-allow-methods: GET, HEAD
content-type: binary/octet-stream
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-length: 19
x-amz-cf-id: 6wN0NPGuZ_8Y98PQAbZMOFw4-7MtqJ_prRYA5_lYJHeqCuKzdtgphw==

GET
H2 200 healthcheck Show response
assets-tracking.crazyegg.com/ Frame 2FED 19 B
418 B 47ms
11ms XHR
binary/octet-stream 13.224.96.82
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets-tracking.crazyegg.com/healthcheck
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/11.1.358.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-82.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 12 Oct 2021 06:41:36 GMT
via: 1.1 cd66c5a89ae3376f15c155e3b52a758d.cloudfront.net (CloudFront)
last-modified: Tue, 05 Oct 2021 13:53:30 GMT
server: AmazonS3
age: 3101800
etag: "d06f04fccf68d0b228a5923187ce1afd"
access-control-max-age: 31536000
access-control-allow-methods: GET, HEAD
content-type: binary/octet-stream
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-length: 19
x-amz-cf-id: dm-zdtm-RxW5Rag7Ipwpq5hoaUa-kZDbEU3P-7k8oEuPiH4BHKan2g==

GET
H2 200 tipped.css
cdn.thestar.com.my/Components/newsletter/css/ Frame 8EDA 581 B
936 B 23ms
22ms Stylesheet
text/css 13.224.96.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.thestar.com.my/Components/newsletter/css/tipped.css
Requested by: Host: sites.thestar.com.my
URL: https://sites.thestar.com.my/tsolnewsletter/default.aspx?s=lifestyle
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-73.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9e9f9260239e7601407be2529d13a0c4f672fdab1d9680e57ffd377c8efcc941

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sites.thestar.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 5e318b3ea3fa81a8c20898c2f8c40e7c.cloudfront.net (CloudFront)
last-modified: Tue, 07 Jan 2020 11:10:17 GMT
server: AmazonS3
x-amz-cf-pop: ZRH50-C1
etag: "b425225215a2ce666bd5af75bf7bc77d"
x-cache: Hit from cloudfront
content-type: text/css
cache-control: max-age=606000
date: Wed, 17 Nov 2021 04:18:15 GMT
accept-ranges: bytes
content-length: 581
x-amz-cf-id: d_wCdirbtk1PF9xsMwbgzugc-dODjzqOL-5kGx7dgd_87QHZL8MDug==

GET
H2 200 slim-20170925.css
cdn.thestar.com.my/Components/newsletter/css/ Frame 8EDA 5 KB
2 KB 21ms
20ms Stylesheet
text/css 13.224.96.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.thestar.com.my/Components/newsletter/css/slim-20170925.css
Requested by: Host: sites.thestar.com.my
URL: https://sites.thestar.com.my/tsolnewsletter/default.aspx?s=lifestyle
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-73.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1e9ded59cc03e891a5756f567c3ee075c826e1160eccdc0448dc1cb8628f4c1b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sites.thestar.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
last-modified: Tue, 07 Jan 2020 11:10:03 GMT
server: AmazonS3
x-amz-cf-pop: ZRH50-C1
etag: W/"3d8bae76f5b2ca3caccb47618f7a120e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
x-amz-storage-class: REDUCED_REDUNDANCY
cache-control: max-age=606000
date: Wed, 17 Nov 2021 04:18:15 GMT
x-amz-cf-id: 9RcLUlHS8tHcXDWqPgtZ35mkCASxYIqjZfWxuiMlKzlSDmhLg0ENfQ==
via: 1.1 5e318b3ea3fa81a8c20898c2f8c40e7c.cloudfront.net (CloudFront)

GET
H2 200 css
fonts.googleapis.com/ Frame 8EDA 2 KB
607 B 16ms
14ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Droid+Serif:400,700|Francois+One

Requested by

Host: sites.thestar.com.my
URL: https://sites.thestar.com.my/tsolnewsletter/default.aspx?s=lifestyle

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b18051f594fa289487e2cd1c499c689b16063577ff997f5848de10d2e2a783b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sites.thestar.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 17 Nov 2021 04:18:15 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 17 Nov 2021 04:18:15 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 17 Nov 2021 04:18:15 GMT

GET
H/1.1 200
OK bootstrap.min.css
sites.thestar.com.my/tsolnewsletter/css/ Frame 8EDA 156 KB
23 KB 330ms
329ms Stylesheet
text/css 13.228.188.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sites.thestar.com.my/tsolnewsletter/css/bootstrap.min.css
Requested by: Host: sites.thestar.com.my
URL: https://sites.thestar.com.my/tsolnewsletter/default.aspx?s=lifestyle
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 13.228.188.75 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-228-188-75.ap-southeast-1.compute.amazonaws.com
Software: Microsoft-IIS/8.0 /
Resource Hash: 2ff5b959fa9f6b4b1d04d20a37d706e90039176ab1e2a202994d9580baeebfd6

Request headers

Referer: https://sites.thestar.com.my/tsolnewsletter/default.aspx?s=lifestyle
Origin: https://sites.thestar.com.my
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Wed, 17 Nov 2021 04:19:21 GMT
Content-Encoding: gzip
Last-Modified: Mon, 03 Feb 2020 02:53:15 GMT
Server: Microsoft-IIS/8.0
Vary: Accept-Encoding
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 23664

GET
H/1.1 200
OK all.css
sites.thestar.com.my/tsolnewsletter/css/ Frame 8EDA 54 KB
12 KB 156ms
156ms Stylesheet
text/css 13.228.188.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sites.thestar.com.my/tsolnewsletter/css/all.css
Requested by: Host: sites.thestar.com.my
URL: https://sites.thestar.com.my/tsolnewsletter/default.aspx?s=lifestyle
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 13.228.188.75 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-228-188-75.ap-southeast-1.compute.amazonaws.com
Software: Microsoft-IIS/8.0 /
Resource Hash: 872d4c7764d5100ed92d4fc7eef2787e89996b62d7c0a740775e01057c1b8b26

Request headers

Referer: https://sites.thestar.com.my/tsolnewsletter/default.aspx?s=lifestyle
Origin: https://sites.thestar.com.my
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Wed, 17 Nov 2021 04:19:21 GMT
Content-Encoding: gzip
Last-Modified: Tue, 08 Dec 2020 02:01:27 GMT
Server: Microsoft-IIS/8.0
Vary: Accept-Encoding
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 12191

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.9.1/ Frame 8EDA 90 KB
32 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.9.1/jquery.min.js

Requested by

Host: sites.thestar.com.my
URL: https://sites.thestar.com.my/tsolnewsletter/default.aspx?s=lifestyle

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sites.thestar.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 01:45:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9141
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33018
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 17 Nov 2022 01:45:54 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 8EDA 6 KB
620 B 21ms
21ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:300,300i,400,400i,700,700i,900,900i&display=swap

Requested by

Host: sites.thestar.com.my
URL: https://sites.thestar.com.my/tsolnewsletter/default.aspx?s=lifestyle

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8f3638a07274186824d584038c798c850e3f3229223e79346461b1595db501c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sites.thestar.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 17 Nov 2021 04:11:29 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 17 Nov 2021 04:18:15 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 17 Nov 2021 04:18:15 GMT

GET
H2 200 logo-tsol-full-w2x.png
cdn.thestar.com.my/Widgets/newsletter/img/ Frame 8EDA 6 KB
6 KB 20ms
20ms Image
image/png 13.224.96.73
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.thestar.com.my/Widgets/newsletter/img/logo-tsol-full-w2x.png
Requested by: Host: sites.thestar.com.my
URL: https://sites.thestar.com.my/tsolnewsletter/default.aspx?s=lifestyle
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-73.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e55e5ef5602c39b965628384ccceb2438dac3f14477ed49290fa13a6b8af850d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sites.thestar.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: WVu4629G.8yIoVRJFl3iPzcEjXYNwUdZ
via: 1.1 5e318b3ea3fa81a8c20898c2f8c40e7c.cloudfront.net (CloudFront)
etag: "447fa8a1cb002f8d735fcfd902a7c641"
last-modified: Mon, 03 Aug 2020 09:17:33 GMT
server: AmazonS3
x-amz-cf-pop: ZRH50-C1
x-amz-meta-cb-modifiedtime: Mon, 03 Aug 2020 09:15:28 GMT
x-cache: Hit from cloudfront
content-type: image/png
date: Wed, 17 Nov 2021 04:18:16 GMT
accept-ranges: bytes
content-length: 6174
x-amz-cf-id: 7NZdCBaNDGYUonHSOHyDaDvaTeI1d0MGM-mbZw4paTEs-kDLERcURQ==

GET
H2 200 1368910.jpg
apicms.thestar.com.my/uploads/images/2021/11/15/thumbs/small/ 7 KB
8 KB 21ms
20ms Image
image/jpeg 13.224.96.50
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://apicms.thestar.com.my/uploads/images/2021/11/15/thumbs/small/1368910.jpg
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-50.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: dbb1c0326b4d9572acf36e40d9bc807e4ffe9de646b53a440d100dc25fec43ab

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 8455bcb2c0203b0c4ee93b610d75e69b.cloudfront.net (CloudFront)
last-modified: Mon, 15 Nov 2021 11:24:38 GMT
server: AmazonS3
x-amz-cf-pop: ZRH50-C1
etag: "905dc798a23ca257f8a62ab1d874196f"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age = 31536000
date: Wed, 17 Nov 2021 04:18:15 GMT
accept-ranges: bytes
content-length: 7552
x-amz-cf-id: CJEyzMl5uTaillWTbAvdH_3Dkqa7gAFXi7YRjxvxx_BmdxTJUxdqlQ==

GET
H2 200 1370197.jpeg
apicms.thestar.com.my/uploads/images/2021/11/16/thumbs/small/ 7 KB
8 KB 22ms
21ms Image
image/jpeg 13.224.96.50
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://apicms.thestar.com.my/uploads/images/2021/11/16/thumbs/small/1370197.jpeg
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-50.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 687552a59ba72afe775e03d15e7421b277a64e8969eb30892766b926a23c7666

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 8455bcb2c0203b0c4ee93b610d75e69b.cloudfront.net (CloudFront)
last-modified: Tue, 16 Nov 2021 11:42:10 GMT
server: AmazonS3
x-amz-cf-pop: ZRH50-C1
etag: "2945876304f11d2176ebdbcc8cb7cc71"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age = 31536000
date: Wed, 17 Nov 2021 04:18:15 GMT
accept-ranges: bytes
content-length: 7462
x-amz-cf-id: VTuZIw1b2M84q1ofF-kp8I7uaD7fOCR7Hw2RT2d3X2sOtm6iH0EucA==

GET
H2 200 1370015.jpg
apicms.thestar.com.my/uploads/images/2021/11/16/thumbs/small/ 9 KB
10 KB 794ms
793ms Image
image/jpeg 13.224.96.50
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://apicms.thestar.com.my/uploads/images/2021/11/16/thumbs/small/1370015.jpg
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-50.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 517466d53503e46b6e58d6d4bc22dcdf4898d460fc78b71a03550c8243580e56

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 8455bcb2c0203b0c4ee93b610d75e69b.cloudfront.net (CloudFront)
last-modified: Tue, 16 Nov 2021 09:36:24 GMT
server: AmazonS3
x-amz-cf-pop: ZRH50-C1
etag: "3a08673319bb47252a200dbd38830b1e"
x-cache: RefreshHit from cloudfront
content-type: image/jpeg
cache-control: max-age = 31536000
date: Wed, 17 Nov 2021 04:18:17 GMT
accept-ranges: bytes
content-length: 9551
x-amz-cf-id: MOLa2Jq0tvzljzinH2Rif0TwrLIYqrPy0o1K5EdUT83OZ5ouH4jXPg==

GET
H2 200 1368065.jpg
apicms.thestar.com.my/uploads/images/2021/11/15/thumbs/small/ 8 KB
8 KB 777ms
776ms Image
image/jpeg 13.224.96.50
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://apicms.thestar.com.my/uploads/images/2021/11/15/thumbs/small/1368065.jpg
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-50.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c610c3efbdd412fdfa342b544b70e40a5a9f923eca5a35523585732acec31e77

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 8455bcb2c0203b0c4ee93b610d75e69b.cloudfront.net (CloudFront)
last-modified: Sun, 14 Nov 2021 16:27:48 GMT
server: AmazonS3
x-amz-cf-pop: ZRH50-C1
etag: "581cce10fe4b5c673f9f922a7bb387a1"
x-cache: RefreshHit from cloudfront
content-type: image/jpeg
cache-control: max-age = 31536000
date: Wed, 17 Nov 2021 04:18:17 GMT
accept-ranges: bytes
content-length: 8029
x-amz-cf-id: NKUSqTIzugBU4Scq5MA1VT-9sU4ITooFkLIp3-4U4GqRVOUrQOyXOQ==

GET
H2 200 1365400.jpg
apicms.thestar.com.my/uploads/images/2021/11/12/thumbs/small/ 11 KB
12 KB 788ms
788ms Image
image/jpeg 13.224.96.50
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://apicms.thestar.com.my/uploads/images/2021/11/12/thumbs/small/1365400.jpg
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-50.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: eb3a99b35dd5a248dba1f06dd865e58bacd4423d84ef3de980ca2d088ecf8a61

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 04:18:17 GMT
via: 1.1 8455bcb2c0203b0c4ee93b610d75e69b.cloudfront.net (CloudFront)
last-modified: Fri, 12 Nov 2021 04:15:43 GMT
server: AmazonS3
x-amz-cf-pop: ZRH50-C1
etag: "9214105d3536ff2da8ae8ea1b8c3a645"
x-cache: Miss from cloudfront
x-amz-version-id: null
cache-control: max-age = 31536000
accept-ranges: bytes
content-type: image/jpeg
content-length: 11755
x-amz-cf-id: oDU9fl_yJXiQGnvHlrtIrErZgk3FJKb-6w1Q8KVgzQ3wDH2yatiotQ==

GET
H2 200 bootstrap.min.css
cdn.thestar.com.my/Themes/css/ Frame 0B24 119 KB
20 KB 12ms
11ms Stylesheet
text/css 13.224.96.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.thestar.com.my/Themes/css/bootstrap.min.css
Requested by: Host: sites.thestar.com.my
URL: https://sites.thestar.com.my/tsolnewsletter/subscription_footer.aspx
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-73.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cf6286ab735948b1b8687b6b442c55e262bc1d6ba79f781b8d7d23586f0606bf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sites.thestar.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: Ud66jYeCteNVhUEoIGU_tSliJ0c5oW8O
content-encoding: gzip
etag: W/"67d856a36edacea9564bd92310f7d792"
last-modified: Thu, 01 Oct 2020 02:17:09 GMT
server: AmazonS3
age: 1893
x-amz-meta-cb-modifiedtime: Thu, 12 Oct 2017 02:23:22 GMT
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 5e318b3ea3fa81a8c20898c2f8c40e7c.cloudfront.net (CloudFront)
cache-control: max-age=604800
date: Wed, 17 Nov 2021 03:55:17 GMT
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: bpJVfCGoOKgoNfUbu8cdb8pcFNZ2P1Stdfd2zQhNVO3KlJD4LoskmQ==

GET
BLOB 200
OK 51daa2e8-2e51-461e-b8bd-deaf24dd701c
https://www.thestar.com.my/ 53 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thestar.com.my/51daa2e8-2e51-461e-b8bd-deaf24dd701c
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 68c3532442a503d298666c3642cf13b54a841f302565ea0c8939771a9375497a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Length: 53
Content-Type: text/javascript

GET
H2 200 DcmEnabler_01_245.js Show response
s0.2mdn.net/879366/ Frame 32B6 28 KB
10 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/DcmEnabler_01_245.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9951322/1615304082096/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18c864956bf2492c5c86e79b0fec65f0ecbb4b02bfdcfe854b2c5501857fecdb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/9951322/1615304082096/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 16 Nov 2021 07:34:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 74609
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10285
x-xss-protection: 0
last-modified: Wed, 14 Oct 2020 19:32:53 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 17 Nov 2021 07:34:46 GMT

GET
H2 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 40EE 22 KB
8 KB 9ms
6ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://6f3ae07be95ae97387d8b294da3b5285.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
date: Wed, 17 Nov 2021 02:53:11 GMT
expires: Thu, 17 Nov 2022 02:53:11 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 5104
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 1A67 41 KB
15 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: 6f3ae07be95ae97387d8b294da3b5285.safeframe.googlesyndication.com
URL: https://6f3ae07be95ae97387d8b294da3b5285.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6f3ae07be95ae97387d8b294da3b5285.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 09:47:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 239437
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Mon, 14 Nov 2022 09:47:38 GMT

GET
H2 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 5EC0 1 KB
864 B 6ms
6ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 6f3ae07be95ae97387d8b294da3b5285.safeframe.googlesyndication.com
URL: https://6f3ae07be95ae97387d8b294da3b5285.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://6f3ae07be95ae97387d8b294da3b5285.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Tue, 16 Nov 2021 18:26:41 GMT
expires: Wed, 17 Nov 2021 18:26:41 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 35494
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 1A67 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5307a9b5aaafd63262fe0c6bb14717aa1dc53fbad1e401765e0f35d989d6f803

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
182 B 13ms
13ms XHR
text/plain 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1391293907&t=pageview&_s=1&dl=https%3A%2F%2Fwww.thestar.com.my%2Flifestyle&ul=en-us&de=UTF-8&dt=Malaysia%20Lifestyle%20Feature%20Stories%20%7C%20The%20Star&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aCDAAEADQAAAAC~&jid=645025961&gjid=1264387871&cid=763206404.1637122692&tid=UA-828580-1&_gid=414674019.1637122696&_r=1&gtm=2wgba1PVM4TH&cg1=Category&cg2=Lifestyle&cd6=WEB&cd7=Category&cd32=Lifestyle&cd50=0&cd1=763206404.1637122692&z=61929062

Requested by

Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.thestar.com.my/lifestyle
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 17 Nov 2021 04:18:15 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.thestar.com.my
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PVM4TH

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 4628
date: Wed, 17 Nov 2021 03:01:07 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Wed, 17 Nov 2021 05:01:07 GMT

GET
H2 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 0D87 41 KB
15 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: 6f3ae07be95ae97387d8b294da3b5285.safeframe.googlesyndication.com
URL: https://6f3ae07be95ae97387d8b294da3b5285.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6f3ae07be95ae97387d8b294da3b5285.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 09:47:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 239437
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Mon, 14 Nov 2022 09:47:38 GMT

GET
H2 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 7B7B 1 KB
783 B 6ms
6ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 6f3ae07be95ae97387d8b294da3b5285.safeframe.googlesyndication.com
URL: https://6f3ae07be95ae97387d8b294da3b5285.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://6f3ae07be95ae97387d8b294da3b5285.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Tue, 16 Nov 2021 18:26:41 GMT
expires: Wed, 17 Nov 2021 18:26:41 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 35494
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 0D87 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7fb3dec10ce5dbb5a0f06884d35f4fce3734583ff1ad804d17c3127c410cd530

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 5D3C 41 KB
15 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: 6f3ae07be95ae97387d8b294da3b5285.safeframe.googlesyndication.com
URL: https://6f3ae07be95ae97387d8b294da3b5285.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6f3ae07be95ae97387d8b294da3b5285.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 09:47:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 239437
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Mon, 14 Nov 2022 09:47:38 GMT

GET
H2 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 99E9 1 KB
783 B 6ms
6ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 6f3ae07be95ae97387d8b294da3b5285.safeframe.googlesyndication.com
URL: https://6f3ae07be95ae97387d8b294da3b5285.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://6f3ae07be95ae97387d8b294da3b5285.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Tue, 16 Nov 2021 18:26:41 GMT
expires: Wed, 17 Nov 2021 18:26:41 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 35494
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 5D3C 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 54014df892f405c636e447e11a522478ec7bda248e49cc4a5e6297b212ed8a59

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 impl_v81.js Show response
www.googletagservices.com/dcm/ Frame A30E 41 KB
17 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/impl_v81.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f3be6ad457ba5d4425f4d105688e9cf5a32595ff156bd290c8ccbe0e6ca3a68a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6f3ae07be95ae97387d8b294da3b5285.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 16 Nov 2021 07:42:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 74122
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17189
x-xss-protection: 0
last-modified: Mon, 18 Oct 2021 20:08:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 16 Nov 2022 07:42:53 GMT

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 6E5A 12 KB
0 7ms
6ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5029
date: Tue, 16 Nov 2021 21:59:16 GMT
expires: Wed, 16 Nov 2022 21:59:16 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 22739
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe
www.google.com/recaptcha/api2/ Frame EC98 783 B
0 16ms
15ms Document
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-zHeGumFwx2MSx27BEsGKsQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Wed, 17 Nov 2021 04:18:15 GMT
date: Wed, 17 Nov 2021 04:18:15 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-zHeGumFwx2MSx27BEsGKsQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
151 B 316ms
14ms XHR
text/plain 2a00:1450:400c:c06::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-828580-1&cid=763206404.1637122692&jid=645025961&gjid=1264387871&_gid=414674019.1637122696&_u=aCDAAEACQAAAAC~&z=659490452

Requested by

Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.thestar.com.my/lifestyle
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 17 Nov 2021 04:18:16 GMT
content-type: text/plain
access-control-allow-origin: https://www.thestar.com.my
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 095DFD83-A5A8-473F-8464-1AA80E57E65E.jpg
cdn.thestar.com.my/Components/Flyin/Thumbnails/ 157 KB
157 KB 24ms
23ms Image
image/jpeg 13.224.96.73
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.thestar.com.my/Components/Flyin/Thumbnails/095DFD83-A5A8-473F-8464-1AA80E57E65E.jpg
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-73.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5bf2f3b32c0f74c4d7abad22b908284cd898266d563ac1a425f960ae9c859e1f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: LOj78NrRA4_cGP4uIwe9KFbqiUPpj2dH
via: 1.1 5e318b3ea3fa81a8c20898c2f8c40e7c.cloudfront.net (CloudFront)
last-modified: Thu, 11 Nov 2021 11:38:41 GMT
server: AmazonS3
x-amz-cf-pop: ZRH50-C1
etag: "73eed9e961be4bd3672048f0800ead57"
x-cache: Hit from cloudfront
content-type: .jpg
date: Wed, 17 Nov 2021 04:18:16 GMT
accept-ranges: bytes
content-length: 160368
x-amz-cf-id: Pm4qYaVzWVWcO7H34UbStVUFyXo8wjECRy7y4EsMWoRYr0TvpFOwFQ==

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 287ms
87ms Preflight
text/plain 146.20.132.52
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.52 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.thestar.com.my
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Wed, 17 Nov 2021 04:18:16 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
access-control-allow-credentials: true
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
cache-control: max-age=300
access-control-max-age: 300
access-control-allow-origin: https://www.thestar.com.my

POST
H2 200 t Show response
t.lkqd.net/ Frame 31CD 0
166 B 274ms
90ms XHR
text/plain 146.20.132.52
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.52 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://www.thestar.com.my
date: Wed, 17 Nov 2021 04:18:16 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

GET
H2 200 vpaid.js Show response
ad.lkqd.net/vpaid/ Frame 0040 230 KB
61 KB 11ms
10ms Script
application/javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: 36ae762191d24727fbba21272ea14872bb7824188961282001d50e67f7b1881c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 04:18:16 GMT
content-encoding: gzip
last-modified: Tue, 02 Nov 2021 21:06:56 GMT
etag: "cca1f428155a1f13b17a4684f2c8ef1c"
x-hw: 1637122696.cds143.fr8.hn,1637122696.cds107.fr8.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1209600
accept-ranges: bytes
content-length: 62015

GET
H2 200 shopify_purchase_client_mapping.json Show response
cdnt.netcoresmartech.com/ 332 B
703 B 40ms
8ms XHR
application/json 2a02:26f0:1700:16::b856:fbc4
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdnt.netcoresmartech.com/shopify_purchase_client_mapping.json?
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:1700:16::b856:fbc4 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 54c332b1373fef56149775367df844b82963b8e229dce6fcabcd263f237af5be

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 04:18:16 GMT
last-modified: Wed, 20 Oct 2021 12:40:11 GMT
server: AmazonS3
x-amz-request-id: ZBB96JGV000PNN7Y
etag: "5972b37cdeb00efa57c03fbab5ee0d1f"
access-control-allow-methods: GET, POST, PUT
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=3451
server-timing: cdn-cache; desc=HIT, edge; dur=1
accept-ranges: bytes
content-length: 332
x-amz-id-2: O8a9NCM70brwcXTKYXOY9YnM6MaLFa9tniLRkVNqmWS5AeUq1/8Yibe4EoA6jMROBgetTY7OgfA=
expires: Wed, 17 Nov 2021 05:15:47 GMT

GET
H2 200 / Show response
js.boxx.ai/js_init/ 261 B
616 B 70ms
14ms Script
application/javascript 2600:9000:2190:0:9:a948:8e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.boxx.ai/js_init/?smartech=true&client_id=ADGMOT35CHFLVDHBJNIG50K968P0V61ULQ6VTDV1B4AH6RHKPIVG&host=www.thestar.com.my&asset=1ea761fa10f93f18df46ddc3b4f7b01a

Requested by

Host: cdnt.netcoresmartech.com
URL: https://cdnt.netcoresmartech.com/smartech_v4.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2190:0:9:a948:8e80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

0cc774c9edcfacef32f5d7401c7e74d7e601de7e6a977a0a8d0b1667341cc62d

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 16 Nov 2021 11:20:04 GMT
content-encoding: gzip
vary: Cookie,Accept-Encoding
age: 61092
x-cache: Hit from cloudfront
content-length: 177
last-modified: Tue, 16 Nov 2021 11:20:04 GMT
server: nginx/1.18.0
x-frame-options: SAMEORIGIN
content-language: en
via: 1.1 8c175d0adc08dac3750e9201b76886e8.cloudfront.net (CloudFront)
cache-control: public, must-revalidate, max-age=172800
x-amz-cf-pop: ZRH50-C1
content-type: application/javascript
x-amz-cf-id: Sd4lBHbfdB52GDtTbrWkwzk4tdIJfKdLO3K2pCJPHNnWazstia1nTQ==
expires: Thu, 18 Nov 2021 11:20:04 GMT

GET
H2 200 user_exists Show response
psegment.netcoresmartech.com/ 125 B
236 B 9299ms
9026ms Fetch
application/json 3.7.18.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://psegment.netcoresmartech.com/user_exists?c=ADGMOT35CHFLVDHBJNIG50K968P0V61ULQ6VTDV1B4AH6RHKPIVG&uuid=bf33be35-8cbb-4143-9647-231f8205d00c&s=true
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.7.18.15 Mumbai, India, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-7-18-15.ap-south-1.compute.amazonaws.com
Software: CRO SERVER /
Resource Hash: 5ae4871d35733c95e0f16d99f113b254a596e8630207a485eea16a9d7dfde240

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 17 Nov 2021 04:18:25 GMT
server: CRO SERVER
content-length: 125
content-type: application/json

GET
H2 200 ADGMOT35CHFLVDHBJNIG50K968P0V61ULQ6VTDV1B4AH6RHKPIVG_webp.js Show response
cdndc.netcoresmartech.com/webp/ 58 B
394 B 7ms
6ms Script
text/javascript 2a02:26f0:1700:16::b856:fbc4
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdndc.netcoresmartech.com/webp/ADGMOT35CHFLVDHBJNIG50K968P0V61ULQ6VTDV1B4AH6RHKPIVG_webp.js
Requested by: Host: cdnt.netcoresmartech.com
URL: https://cdnt.netcoresmartech.com/smartech_v4.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:1700:16::b856:fbc4 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9ade6964320289bb8e3ff358f771feaa8c5802b61ede8685d8678e11c0eacbf5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 04:18:16 GMT
last-modified: Thu, 25 Feb 2021 10:35:05 GMT
server: AmazonS3
x-amz-request-id: 9E6F3E604457808C
etag: "1d4003fd2edda3d62526374c76d3049d"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=523629
server-timing: cdn-cache; desc=HIT, edge; dur=1
accept-ranges: bytes
content-length: 58
x-amz-id-2: nmkTMl06oIzeXglm6K+Egj8190IdsuWZOOs6MEsn1vv2Ne88wIDQnzXv/xD1HczDD0GOV42MII8=
expires: Tue, 23 Nov 2021 05:45:25 GMT

GET
H2 200 ADGMOT35CHFLVDHBJNIG50K968P0V61ULQ6VTDV1B4AH6RHKPIVG.js Show response
cdndc.netcoresmartech.com/webactivity/ 9 KB
1 KB 8ms
8ms Script
application/javascript 2a02:26f0:1700:16::b856:fbc4
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdndc.netcoresmartech.com/webactivity/ADGMOT35CHFLVDHBJNIG50K968P0V61ULQ6VTDV1B4AH6RHKPIVG.js
Requested by: Host: cdnt.netcoresmartech.com
URL: https://cdnt.netcoresmartech.com/smartech_v4.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:1700:16::b856:fbc4 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 989a0a7fffb57d7b6fc3ad769430bf10bcd2c9da71763f305dbeee48afb7b205

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 04:18:16 GMT
content-encoding: gzip
last-modified: Tue, 09 Nov 2021 02:21:54 GMT
server: AmazonS3
x-amz-request-id: 2F9KXD59096EVNR8
etag: "5b049508b67cfb9eda6c3791899c8bd1"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-cache
server-timing: cdn-cache; desc=HIT, edge; dur=1
accept-ranges: bytes
content-length: 948
x-amz-id-2: fG4u6rtc1THll5QQFtLiwmwjx0Foh+LbQBMCoJA6se7fp5oIU0qe482mI9mQ9INKLy0KmGAmt0w=
expires: Wed, 17 Nov 2021 04:18:16 GMT

GET
H2 200 cs
cs.lkqd.net/ Frame B1BB 43 B
309 B 281ms
88ms Image
image/gif 146.20.128.38
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=55&redirect=https%3A%2F%2Fidsync.rlcdn.com%2F464986.gif%3Fpartner_uid%3D%24%24rawlkqduserid%24%24&r=if
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.38 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 04:18:16 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

GET
H2 200 cs
cs.lkqd.net/ Frame B1BB 43 B
308 B 282ms
89ms Image
image/gif 146.20.128.38
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=103&redirect=https%3A%2F%2Fevent.clientgear.com%2Fcookie%2Flkqd%3Fpartner%3Dlkqd%26cookieid%3D%24%24rawlkqduserid%24%24&r=if
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.38 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 04:18:16 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

GET
H2 200 cs
cs.lkqd.net/ Frame B1BB 43 B
308 B 283ms
90ms Image
image/gif 146.20.128.38
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=102&redirect=https%3A%2F%2Fcs.krushmedia.com%2Fcd607442bfdf172cfcec45014a5f4ece.gif%3Fpuid%3D%24%24rawlkqduserid%24%24%26redir%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D102%2526partnerUserId%253D%255BUID%255D&r=if
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.38 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 04:18:16 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

GET
H2 200 cs
cs.lkqd.net/ Frame B1BB 43 B
308 B 289ms
96ms Image
image/gif 146.20.128.38
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=99&redirect=https%3A%2F%2Fc.deployads.com%2Fcs%2FNXST%3Fb%3D%24%24rawlkqduserid%24%24&r=if
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.38 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 04:18:16 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

GET
H2

200

cs
cs.lkqd.net/ Frame B1BB
Redirect Chain

https://ad.turn.com/r/cs?pid=65
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3860057541173397272

43 B
308 B

89ms
88ms

Image
image/gif

146.20.128.38
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3860057541173397272
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Server: 146.20.128.38 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 04:18:16 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

Redirect headers

location: https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3860057541173397272
pragma: no-cache
date: Wed, 17 Nov 2021 04:18:15 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H2 200 2102948126432240 Show response
connect.facebook.net/signals/config/ 306 KB
87 KB 7ms
7ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/2102948126432240?v=2.9.48&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b7dbf05a4b421280b0827033b8a5a4852ddfcf19d6ac79948b3905086658a15d

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 89280
x-xss-protection: 0
pragma: public
x-fb-debug: CRAqWllFNZb3KvMaUc1tCF/qDB4b7alS55xJQhUdbq8r6VwRX4xfNbT4ovlUFFOCe+0IHlBrHCgiIVgtcueRCA==
x-fb-trip-id: 917726464
x-frame-options: DENY
date: Wed, 17 Nov 2021 04:18:16 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
147 B 6ms
6ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1133176620062218&ev=PageView&dl=https%3A%2F%2Fwww.thestar.com.my%2Flifestyle&rl=&if=false&ts=1637122696093&sw=1600&sh=1200&v=2.9.48&r=stable&a=tmgoogletagmanager&ec=0&o=30&fbp=fb.2.1637122695787.182521506&it=1637122695560&coo=false&rqm=GET

Requested by

Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 04:18:16 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 44
expires: Wed, 17 Nov 2021 04:18:16 GMT

GET
H2 200 clock Show response
tracking.crazyegg.com/ Frame 2FED 28 B
135 B 122ms
42ms XHR
text/plain 54.73.172.176
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tracking.crazyegg.com/clock?t=1637122696094
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/11.1.358.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.73.172.176 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-73-172-176.eu-west-1.compute.amazonaws.com
Software: awselb/2.0 /
Resource Hash: 638a75a4154495e5d037f94d600a318275e0334181ad66f7f3c7be2b05626e45

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 17 Nov 2021 04:18:16 GMT
cache-control: no-store
server: awselb/2.0
content-length: 28
content-type: text/plain

GET
H2 200 cs
cs.lkqd.net/ Frame 5DDE 43 B
308 B 276ms
90ms Image
image/gif 146.20.128.38
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=55&redirect=https%3A%2F%2Fidsync.rlcdn.com%2F464986.gif%3Fpartner_uid%3D%24%24rawlkqduserid%24%24&r=if
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.38 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 04:18:16 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

GET
H2 200 cs
cs.lkqd.net/ Frame 5DDE 43 B
308 B 275ms
90ms Image
image/gif 146.20.128.38
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=103&redirect=https%3A%2F%2Fevent.clientgear.com%2Fcookie%2Flkqd%3Fpartner%3Dlkqd%26cookieid%3D%24%24rawlkqduserid%24%24&r=if
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.38 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 04:18:16 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

GET
H2 200 cs
cs.lkqd.net/ Frame 5DDE 43 B
308 B 276ms
91ms Image
image/gif 146.20.128.38
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=102&redirect=https%3A%2F%2Fcs.krushmedia.com%2Fcd607442bfdf172cfcec45014a5f4ece.gif%3Fpuid%3D%24%24rawlkqduserid%24%24%26redir%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D102%2526partnerUserId%253D%255BUID%255D&r=if
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.38 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 04:18:16 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

GET
H2 200 cs
cs.lkqd.net/ Frame 5DDE 43 B
308 B 276ms
91ms Image
image/gif 146.20.128.38
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=99&redirect=https%3A%2F%2Fc.deployads.com%2Fcs%2FNXST%3Fb%3D%24%24rawlkqduserid%24%24&r=if
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.38 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 04:18:16 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

GET
H2

200

cs
cs.lkqd.net/ Frame 5DDE
Redirect Chain

https://ad.turn.com/r/cs?pid=65
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3787999947135469336

43 B
308 B

90ms
89ms

Image
image/gif

146.20.128.38
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3787999947135469336
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Server: 146.20.128.38 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 04:18:16 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

Redirect headers

location: https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3787999947135469336
pragma: no-cache
date: Wed, 17 Nov 2021 04:18:15 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H2 200 B26636099.319953119;dc_ver=81.235;sz=300x250;u_sd=1;dc_adk=943508953;ord=1tf1n8;click=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCg2znh4KUYfjsAvuU7_UP-Ziq2A2UxpTEZraB9O2J... Show response
ad.doubleclick.net/ddm/adj/N789069.3848558MATTERKIND2/ Frame A30E 43 KB
22 KB 71ms
35ms Script
text/javascript 142.250.74.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adj/N789069.3848558MATTERKIND2/B26636099.319953119;dc_ver=81.235;sz=300x250;u_sd=1;dc_adk=943508953;ord=1tf1n8;click=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCg2znh4KUYfjsAvuU7_UP-Ziq2A2UxpTEZraB9O2JD7CygOyQAhABIKWXgm5glYKAgMAHoAHoxPDRAcgBCakCGM9eXSeItj6oAwGqBPYBT9AGPvYlF1fPyYvkl22e1Ary_lOP_OezWUFxZqB1IuDUhhJKpWM6498HUQqKk6ObqoOOTgc4Y5sINpS_txDgPDWmQjYjpEGK2wNohlm5At1FpcTRWWQbu41vil-qsZ90JzuQMVRKuFoarVwk5XgTncVcpQFRnhZEu1l9b8jakvza1pnc-9HijAzYOfVCHRRXrlQxeXU0UFQ_UcfvJYxytdQ0QIGXRjz-FfLa0MgGgLaVuQgBS_DM1y2eYK7VGbyIRCm0qgyBIaw2VkKXnd4yKOnmuCfX3dp7hLBVWDUCy6S07ztVLxjHgc1Ams0B9mt0bqq-IG6mwASGhb2r3gPgBAOQBgGgBk2AB4C7j64CqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIDhgBAQARgdgAoDmAsByAsBgAwBsBO88qEN0BMA2BMN2BQB0BUBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASEuRoauTfR6SAMhT5qEuby66t6Q%26sig%3DAOD64_0OLjC8G8knZ8C2071VEMCS3l3fsg%26client%3Dca-pub-8292728281684217%26dbm_c%3DAKAmf-BodRxjbqgbXE708u5mCP7ex6A8ztdcnNnqC2v2qWGl4dpsviNSIOCRQpUbej-Xpxt4L5fIW15kq8tzGprp9Mq1EfHBmwtF4yhVg39wA_yMxOoS2CQ5qILTItbjGtWiBXIBVa-52WelTi2cTT8LTB4atCl5Tg%26cry%3D1%26dbm_d%3DAKAmf-DrRtH4V03iinCbCvx1MI4TP7RghYW0OoLYfpEbRWZABWsiNV9uLJDtYv9OG2As95tH0rKfrdwDtvoo809zx-cXZda3MQtK-mk8zc9hbTYJrX5N69CvFrJ8Eh84rl46B76xCYjqc0hR0rc3EZFacP5VQOppr1AlG7Evbf_56oBV69VIwC6DlkqVf0i5aib4yLSs_3QxjX5cD1WL3CtnZ7U8OemnFoch9ukioZHsm7JUJu90Ay7A9Rjk-KHadPAArtFXo650OkT-ArlF_Xcfdnh85hQkzh3npfEmvdkFMivbZOXJPzYIS8oIV171BPNUsPQ0IfQXpWrfPs7AHPWCYKlnVyHOyt7_HsjmdYAGSXkg7ZGUEIjDYHdjULtvnELLiftIP-tR1OgJaRLyL9WbKOM3nw4uH14q1NMBBW1BtScbcFHKaAdDHiCWqcIDH5kJx67jCkG1Hy3Oep1CDq-RMeRzZIfDtw%26adurl%3D;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2C%22%22%5D;dc_rfl=1,https%3A%2F%2Fwww.thestar.com.my%2Flifestyle$0;xdt=1;crlt=Kcu0glvevr;sttr=130;prcl=s

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v81.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f6.1e100.net

Software

cafe /

Resource Hash

b4a3fd45e8a656926590b046e460571c5c387982ae0e9c4c9f5a3047e8fc4c7c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6f3ae07be95ae97387d8b294da3b5285.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 Nov 2021 04:18:16 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22183
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 18ms
18ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.thestar.com.my

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 17 Nov 2021 04:18:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 15ms
15ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.thestar.com.my

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 17 Nov 2021 04:18:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 15 KB
9 KB 239ms
239ms XHR
text/plain 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=458646202015815&correlator=109666116013719&output=ldjh&impl=fifs&eid=44748552&vrg=2021111101&ptt=17&sc=1&sfv=1-0-38&ecs=20211117&iu_parts=21764785206%2CResponsive%2CResponsive_TSOL%2CResponsive_TSOL_Lifestyle%2CResponsive_TSOL_Lifestyle_BTF%2CResponsive_TSOL_Lifestyle_BTF_Rect&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2F5&prev_iu_szs=300x250&ris=1&rcs=1&eri=1&cust_params=CxSegments%3D%26smg-page%3DLifestyle&cookie=ID%3D6b175079070c0316%3AT%3D1637122691%3AS%3DALNI_MapJ0r0q-vPXLQi4JG-ehcNZ1FOXA&bc=31&abxe=1&lmt=1637122696&dt=1637122696112&dlt=1637122690123&idt=1037&frm=20&biw=1600&bih=1200&oid=2&adxs=1070&adys=3517&adks=1648517212&ucis=8&ifi=9&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.thestar.com.my%2Flifestyle&vis=1&dmc=8&scr_x=0&scr_y=0&psz=370x250&msz=370x250&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H8s1QsdRZ2xDngGt0hsQKUt-b_eprkbqydXBl3b0cHbvpFCv-d3G_fnAQ6isTKQ5ssIKy4Zmiy63jxypMPzDI6P7N8DaNIRoKDzWYfwu2MijA%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H8_DZVchv-TZ_4Cd-12-8NL2UNTaFSLLplhc7mzmZSL5u0fMe6X_IEzrGbyu7NMzmlc0CdUlcaKaw6STcO0VoW7rnFSFSAHBLCA5Crtyt5d&ga_vid=763206404.1637122692&ga_sid=1637122692&ga_hid=1391293907&ga_fc=true&fws=4&ohw=420&btvi=5&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

80fc559ea054094bcda338f81004f053cc128a8bf386513ad8c2818496545165

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 04:18:16 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8825
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.thestar.com.my
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 404 null
s0.2mdn.net/9951322/1615304082096/ Frame 32B6 43 B
150 B 7ms
7ms Image
image/gif 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9951322/1615304082096/null

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9951322/1615304082096/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/9951322/1615304082096/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 04:04:41 GMT
x-content-type-options: nosniff
server: sffe
age: 815
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=900
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
x-xss-protection: 0
expires: Wed, 17 Nov 2021 04:19:41 GMT

GET
H2 200 index.html Show response
s0.2mdn.net/sadbundle/5997682615482664064/ Frame BD8D 13 KB
4 KB 16ms
7ms Document
text/html 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/5997682615482664064/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ccc81dee5d4f08881ad21894ef2965958d181cc5df36cb1cd9bef83c6cbcd744

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://6f3ae07be95ae97387d8b294da3b5285.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
content-length: 3656
date: Thu, 11 Nov 2021 23:00:05 GMT
expires: Fri, 11 Nov 2022 23:00:05 GMT
last-modified: Wed, 03 Nov 2021 17:03:29 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
age: 451091
cache-control: public, max-age=31536000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 0D87 0
24 B 45ms
29ms Ping
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvuul4Vmtun055zbzCoLQXKUq0mEE4yU8huGKzTTNp8AzWaSi2fvq-FsKSXh-ycD5Kj3nZ4fvxvcyi05jCAeZt8B_43oU4wuH_vjQ6NrEC5n_OV-mmYFDXG-6P1fWEut3hPyV-ry8tZjhBR0QOH5OuSzEfVAJ6wI-vYudSF515CJmhFSgKDEPToO_FDk3Eg_zmdD-6MFSul0z3Hg76rWsiiHjbjl6dls_YzEO-Zz6FPzJV-ZQ4TOBMh65yZJDmIhV8ZjHPzvby6ByK1d-1lBIZxlOWqKFDGJCrBxZxK6o7gZZ9iimDLI85sm4D_GxySLl0UzKQnGCy9S-NbhkxXJ-gaZCgVdUX-EuFvzSVMoCghNKx9uU9EfsL3CCmPD0LROV9OddUZ9Hv955_Z49lYGFqnHA4VYSzc_LZ4yvqKFe65vT6TBEH5LUvAErMii71kRvUGaWg_3UKzbzjlsVDtskhVIRx5RN6LRgxANcBw5tcmVhira30QesG2nrvUy_PKx87cz_Xm4dIP88eYtVlHPmXmonP2AiKUa4perNQ7LUzyAYGPf4BoC09_WALnnir0qCnChSiH_tikwdqyUVI9vS5EwI9tpjPSyss2RUXp1JD3DWMcp1LBBMC8rTPkkkt3msFzLeLuTpxCYmCHlLpXDSfPApOWMEP5aIXhR68rAGdnTdJ3ACF6YW8CNL5e34Rx2HgAq76hM_2LRr4Y366x12fIACYuQdRqifc2hH-MzWy8UtZzgRfhTd6TPW9gozuvnn6-62XX4PplM_qAJ30xsUdMR6zLJ3aaRquAZ15OtQHIaTz50bp3ZPmpvrEzQgOPwuXY5u41130S8hbqqBscBsG5PHBYOwLpHG3idz12mA73Uw_lUyNpycZOkQW-pEhSj_bADvZPqaulk5lf2yeeZc27LG-rxMWPWGQVbKYM31af4baBHidSVgP4GgV8lqnZnKpEE5KhbFIaXIG_i8kp6Y5zh8qT_zFn6vCDYIh9-ZDBTwFD0ogDbBJG6btW2QaxwxjSIK4-F_-jIU8qNdq-8IhGaUjryTm61yI6BnI255h61hdCIOcT3OHg2Pn2MWUKY4cNty2twFgUsoJZyk-IzZyrYbEepO45_BSx5iYb_yFpBNdFU4TwTK1rrkDTRBusuDwTSvH84Ev7CgURD6SLB8JmYD9rRpMxADBz7hWxyx34AA&sai=AMfl-YTfxB3zKzXUL59L232jxUDkh1n-OAcWX2fctBAECjMei18hfzfKBL3mAULfn5ElSBrx5jWmrD7ujJxEpA60zFRMtRHgC0eguPmB_kOaObQ-E0G4NGDZuYMEVDvgR98k6EKm18PLdy4R50o6ncjppI3r7Zqbmw&sig=Cg0ArKJSzMXyxOUjXNpWEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=539&cbvp=1&cstd=538&cisv=r20211111.03911&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=

Requested by

Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6f3ae07be95ae97387d8b294da3b5285.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Wed, 17 Nov 2021 04:18:16 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 index.html Show response
s0.2mdn.net/ads/richmedia/studio/mu/templates/brand_awareness_blanket/responsive/V1/ Frame 1757 62 KB
17 KB 15ms
15ms Document
text/html 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/richmedia/studio/mu/templates/brand_awareness_blanket/responsive/V1/index.html?e=69&leftOffset=0&topOffset=0&c=XtQeBMMEM2&t=1&renderingType=2

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_275.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3085aac649fa0d732e9fd1e54e0ce46f115238e1c115a7f7ce9de4bc416ab551

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://6f3ae07be95ae97387d8b294da3b5285.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-richmedia-studio-eng"
report-to: {"group":"ads-richmedia-studio-eng","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-richmedia-studio-eng"}]}
timing-allow-origin: *
content-length: 16856
date: Wed, 17 Nov 2021 04:18:16 GMT
expires: Wed, 17 Nov 2021 05:08:16 GMT
cache-control: public, max-age=3000
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 5D3C 0
24 B 40ms
33ms Ping
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvUOzRwaht_ZME9XQiUl8lJs_HBJs7I3YnYsC82F-BM7csqtU8cJWmT8cBitzdCJQ1l5ij8MRd07uEQvqjaf8V0-ciNaPifARuSTFM_20fuY2JTaWgHazEt3vCS6dEz4NAFXGQGm5QlR2XR9BJSX7OW0E5cl8Czn-lANKIVPNwEx6hXGdL9Ryqpylp-CUpPBJU1DWQXx-DZFVZWIImxc0cpZXm8nqRV7Lt66cK9dbUT6DrPb9-OfGT4772stHZBqkoB75SNVKnrIsBv-5abEnrxrIs-VRx6b8B2vm2d7eKCIRGFO_kWyhTWBkprca_hgeSIrCg6GiL6cyWPgRaPxRuCas_gVT7Q7KeJS6JH7B3y_FpSTAQuWMkqojewNXcwBzDGTGr_Q84aXoFn5PV_zKmqgydIYcidUXhgCsgLRfFj5wmJ_4fdLb8RP7gbr4XguQ2XHg9mHtL6Ajco8o-rZUBZfRQRj8d5oqNVu7D3D5unnFjrLQc57voM0sEeIXX7Uo_i63dCsktWbkkQfDUsM1nNgGGxo05wbzcYTvFeX8Awv0Wnp5NpzodByT569V1dXy4wU2KBbqOMYsQ4RZ2C5rHABY5DkCaq1-Uvm-dfW9QnektEhMVX0KLqW0IIkmi2cOftmqUcvdDoaFzReyWaHeWbqTfGqno0tKfZqAxjb6OnyF1ael-n0zUPf_d1nzSe4DBx2P2_XQJ67Y4MSqyq10Iv2PCyrgiMaJLlEL-V2UaIHB7wcMwUjDTlXIELbmx9cdoyoWFTGTwAor8sCPHOEoZy1nmmk1o9YDGg4BC3tpRvUYI0FFz56aXKTjzr3bY3hvgHN3ZtTGi4fslDONK9djB98hdnm6NDlLkEFLzoywxrOAe3jrGJtPwL6PnzaStgW4Z_H8U2nzF_1RjpcI0jgcaEGh3zQ5qsQnn9qx8zxrIBP7WmHXMvQ7WosiTP_lCbNJbdlNEpsNiADjtdpfhC-AOgGAS0NbBzcE4RcBMxQ0YNXb_aZbW19gHwhAadXqySBn9edDCs12lD8Cf9aUor3bSwIk5s9pOpFzFjg-E9mT1g9_dLlErox9UBhD1RYpqwGFXgsurxrANJtKGDGQvKoZzmMO47N6Po7PvJRsS3JXfwPSpDxWdrMC-hfLlDLMoK76nwSnsSluk9aeS1cyTsC649MZHPYEW2F7qUmcwkjfM&sai=AMfl-YQIvOIerP_bErNX_hq8pds-OLZ1j5vt9mJGW0m04ivjUkkKkmpzEwDjmEDErw5gdcPtLDn61dOlPVuevVzknoEdN5sxmxPWFe6Yjux5RErjUtiBizfkmJ5ptxhMmyYVrrduhbBKFopOZsH014Je_VjZvvQiIA&sig=Cg0ArKJSzKXVCK20wHtyEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=543&cbvp=1&cstd=537&cisv=r20211111.00822&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=

Requested by

Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6f3ae07be95ae97387d8b294da3b5285.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Wed, 17 Nov 2021 04:18:16 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 5FDF 22 KB
8 KB 6ms
6ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://6f3ae07be95ae97387d8b294da3b5285.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
date: Wed, 17 Nov 2021 02:53:11 GMT
expires: Thu, 17 Nov 2022 02:53:11 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 5105
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 0528 22 KB
8 KB 6ms
6ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://6f3ae07be95ae97387d8b294da3b5285.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
date: Wed, 17 Nov 2021 02:53:11 GMT
expires: Thu, 17 Nov 2022 02:53:11 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 5105
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 713F 22 KB
8 KB 6ms
6ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://6f3ae07be95ae97387d8b294da3b5285.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
date: Wed, 17 Nov 2021 02:53:11 GMT
expires: Thu, 17 Nov 2022 02:53:11 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 5105
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET activeview
pagead2.googlesyndication.com/pcs/ Frame D53F 0
0

GET activeview
pagead2.googlesyndication.com/pcs/ Frame 4328 0
0

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 133 KB
36 KB 75ms
22ms Script
application/javascript 13.224.90.44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.90.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-90-44.zrh50.r.cloudfront.net
Software: Server /
Resource Hash: 973fe12f5130be123a73261e3956030b8a1c380f8cd8234e319b51bda6892898

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: okBBdl4mniljyIhAB_yWlERThSsUPvbQ
content-encoding: gzip
server: Server
x-amz-cf-pop: ZRH50-C1
x-amz-rid: 1AGA47FXQAED3D2JEJTK
etag: fc2e1be4d234471752ea2ebee7e63d1e
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 5e318b3ea3fa81a8c20898c2f8c40e7c.cloudfront.net (CloudFront)
cache-control: public, max-age=900
date: Wed, 17 Nov 2021 04:18:16 GMT
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: 0HzpfjqXFPxHMRx3OW05QgOMHnewzG5BhyuIQ42-PV7H-nSbqH7G0g==

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 1A67 0
23 B 18ms
18ms Ping
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu1WaZb0EBitKkB9ibpPpx9Gts0TgHl42qi2gW2nmjzI-1jEiO69k-Pch2QfEp19kSxIU5yf8RKUAUiHCZ2ukAlNdrVm_pvHCcRT-Hff5k5x1D3APk25Jnj8BKpWEU_hg41GINdLiuFqcFoBhMyzYaU9ewDLh_YXF7aa90HlRhWwIS1n9DXPhi2c800szd50PkG7G2TysxPdCUv0Hv1QZM7lL3I_CNmHKX2WBZIbB2izxIWTsKWAe_cjL61_mdTY7LyWHBPIumFCZ9XeGxfVtjQd_G-VJT9-rYLmNndnbwP333UKCuqijjXTWDdfAJ0esKfBfwgdF27-0ALHVgfCjoiMSp-9K9l3m-YjhqFri-UAd3XkyRqkarZ7k_dHCp0HvvmHCs60xWRsOEIE_oj3Fxv1SvGbxhDzJWSQB6cvq6442RuR-59N3wkGxHmwRSN_kzZq5GuzvbOblsHlRG-45jW_71hiHAPd6vGNI-skuYlBIpPYWPQOZGVdOaDUIoF0sdLOpb_C5mTPaEiUMa2HMi3R9WNuKI2BfjKjitPJff6rkjua-GGD7qN7DI8cbSEqbpsZBB1OgvOjIzY6HWU0j_DGkhby0KSRuktCug4r-HgzVSLTA29s22MzizdlsGpscO-GqKhE099-hjfS6rTp5qyE_oOxBC2ojTlyEWINwKkG7VQTWX2wt1sycTdWO0b0B8RyGKuAidTLuQJlWoPYf5ySIOj4F0q5lErTTPU4ZaTEVHXsHWtibJRYS3dDzoF100wmrTVV9aT5Ec9xxzGQRCtxs74U9eQYu48zhxuSx0XPvQ6jiGysNAPYbj8IUCxOKi2ULxFEcA9FLhyUrvWp8Kur1dqo4KFTESGjYJ84-kMILbPJHYhiopKbYFvPm_aYxplA_hko4yJquilqMkQs1h6Vl8zcM0OOFSFMYC5UDGxe6flwkprVYMKXnEwA8W65eULZmU-us45olNpBZdY6lK1fC2ZZ7diUiOxzBvZHMUi6WogE9Hdp5P8tM2pkvbOD2HSqDNbDAf5drjBQ7G-0TmhbU7uYQma7e2ycj56SODiCwmaXcDXZF7GHj31C8N3wdDxsDmB5NPCil2WMw3qItXTycclXuet68M4jafGgncy7aloMU3v2PtlGU6kKPM9UiQ8mhZpwUaIn_gahVC_xFDUlZ_xF45ttlJVEGZixrch2HB6GG3zisL5PZy3z3lM4dc9Peq96JQ&sai=AMfl-YRpnP7FT8wQ3UU9PZi3jVXg5wAhTHmCixlAht8HdbNidtTxBG-EjABkxdOP2cg3-_crhqIfNh-YRT3r_30596Lu8IhTai5Rtc2g6AzB5bCvc_DMKtP46ukpECdxiYrL3L20RHL2dDnIUrLcwXb1BOKUtpfPYQ&sig=Cg0ArKJSzN6Iu7CdtbjUEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=757&vt=11&dtpt=509&dett=3&cstd=246&cisv=r20211111.18935&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=

Requested by

Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6f3ae07be95ae97387d8b294da3b5285.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Wed, 17 Nov 2021 04:18:16 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 usync.html Show response
ad.lkqd.net/cookie-sync/ Frame B123 5 KB
2 KB 9ms
8ms Document
text/html 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.lkqd.net/cookie-sync/usync.html
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: b6ff02c733394664dbb2178c88a0d8ab1292602aaad412e44ee83c3ab7943faf

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Wed, 17 Nov 2021 04:18:16 GMT
content-encoding: gzip
content-length: 1909
content-type: text/html
last-modified: Tue, 26 Oct 2021 15:08:45 GMT
accept-ranges: bytes
etag: "10c6626c1705141142b0302e29b3bd0e"
cache-control: public, max-age=1209600
x-hw: 1637122696.cds143.fr8.hn,1637122696.cds288.fr8.c
access-control-allow-origin: *

POST
H2 200 ad Show response
v.lkqd.net/ Frame 0040 90 KB
6 KB 129ms
129ms XHR
application/json 146.20.128.202
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://v.lkqd.net/ad?pid=430&sid=1108034&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=http%3A%2F%2Fwww.thestar.com.my%2F&dnt=0&c1=&c2=0&c3=1.0%2C1!vidoomy.com%2C56965%2C1%2C&c5=11272&c6=56965&rnd=99431652&m=&rtv=1&thost=www.thestar.com.my
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.202 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: 9cd3e52cd17d30e626da87c027d8d85e7b22aa6be1cc9672575173610ae24902

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 17 Nov 2021 04:18:16 GMT
content-encoding: gzip
server: nginx
content-type: application/json
access-control-allow-origin: https://www.thestar.com.my
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 6080

OPTIONS
H2 200 ad
v.lkqd.net/ Frame 0
0 273ms
89ms Preflight 146.20.128.202
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://v.lkqd.net/ad?pid=430&sid=1108034&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=http%3A%2F%2Fwww.thestar.com.my%2F&dnt=0&c1=&c2=0&c3=1.0%2C1!vidoomy.com%2C56965%2C1%2C&c5=11272&c6=56965&rnd=99431652&m=&rtv=1&thost=www.thestar.com.my
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.202 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.thestar.com.my
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Wed, 17 Nov 2021 04:18:16 GMT
content-length: 0
access-control-allow-origin: https://www.thestar.com.my
access-control-max-age: 300
cache-control: max-age=300
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Content-Type
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-credentials: true

GET
DATA 200
OK truncated
/ 5 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 65cb5cd5882c666a22bf188d80f04fe01f56fbb3428e29d74aa24e3d9b1c783b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 Subscribe_now.png
s0.2mdn.net/9951322/1615304082096/ Frame 32B6 3 KB
3 KB 7ms
7ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9951322/1615304082096/Subscribe_now.png

Requested by

Host: 6f3ae07be95ae97387d8b294da3b5285.safeframe.googlesyndication.com
URL: https://6f3ae07be95ae97387d8b294da3b5285.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6f8e2288878a6e4cd289b6b80b34002f39d4fa524efadb1ff9c2b2d4655ce844

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/9951322/1615304082096/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 16 Nov 2021 20:14:55 GMT
x-content-type-options: nosniff
age: 29001
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2753
x-xss-protection: 0
last-modified: Tue, 09 Mar 2021 15:34:42 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 17 Nov 2021 20:14:55 GMT

GET
H2 200 EN970x250.png
s0.2mdn.net/9951322/1615304082096/ Frame 32B6 38 KB
38 KB 8ms
7ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9951322/1615304082096/EN970x250.png

Requested by

Host: 6f3ae07be95ae97387d8b294da3b5285.safeframe.googlesyndication.com
URL: https://6f3ae07be95ae97387d8b294da3b5285.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aa73e7abd67cd23730f89a4388a56331b70250762361a531b77dd73ef2d1c3cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/9951322/1615304082096/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 16 Nov 2021 06:52:13 GMT
x-content-type-options: nosniff
age: 77163
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39233
x-xss-protection: 0
last-modified: Tue, 09 Mar 2021 15:34:42 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 17 Nov 2021 06:52:13 GMT

GET
H2 200 texture1.jpg
s0.2mdn.net/9951322/1615304082096/ Frame 32B6 402 KB
402 KB 11ms
11ms Image
image/jpeg 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9951322/1615304082096/texture1.jpg

Requested by

Host: 6f3ae07be95ae97387d8b294da3b5285.safeframe.googlesyndication.com
URL: https://6f3ae07be95ae97387d8b294da3b5285.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

932187d3f40ae6f081b3e5072ed87021d62cf5dca6b9847ac0fe0bbcf6ab8ca2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/9951322/1615304082096/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 16 Nov 2021 06:33:33 GMT
x-content-type-options: nosniff
age: 78283
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 411633
x-xss-protection: 0
last-modified: Tue, 09 Mar 2021 15:34:42 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 17 Nov 2021 06:33:33 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5EC0
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESELPVy8rOtCMzjbs-N1364bs&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESELPVy8rOtCMzjbs-N1364bs&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=Z3R0cmpMT2cxTU5jb001&google_gid=CAESELPVy8rOtCMzjbs-N1364bs&google_cver=1&google_push=AYg5qPJwyAVlektimR6U5cXjonMwO25W_SGYxaWeHYY0axJ...

170 B
188 B

16ms
16ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=Z3R0cmpMT2cxTU5jb001&google_gid=CAESELPVy8rOtCMzjbs-N1364bs&google_cver=1&google_push=AYg5qPJwyAVlektimR6U5cXjonMwO25W_SGYxaWeHYY0axJHt6G5BFqarQT4ljY7fnW7oCqDGnTDTvJumJqoI8o9qUSrtbMtih63

Requested by

Host: 6f3ae07be95ae97387d8b294da3b5285.safeframe.googlesyndication.com
URL: https://6f3ae07be95ae97387d8b294da3b5285.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 Nov 2021 04:18:16 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 17 Nov 2021 04:18:15 GMT
Server: PingMatch/v2.0.30-691-gbabbd08#rel-ec2-master i-02cbf440f9d738c39@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security: max-age=2592000; includeSubDomains
P3P: policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=Z3R0cmpMT2cxTU5jb001&google_gid=CAESELPVy8rOtCMzjbs-N1364bs&google_cver=1&google_push=AYg5qPJwyAVlektimR6U5cXjonMwO25W_SGYxaWeHYY0axJHt6G5BFqarQT4ljY7fnW7oCqDGnTDTvJumJqoI8o9qUSrtbMtih63
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame 5EC0
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEKaQwa-KAKrsqoFA2nkDL-M&google_cver=1&google_push=AYg5qPIHEZoFNA3-XX3HQPVVBTDQgZAl873AfafFsBe-EdFU9jfGHMyVMssC5964Mm1qBxGzb105xZO_729ru9aD8h1C1lUP3jy0&...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEKaQwa-KAKrsqoFA2nkDL-M&google_cver=1&google_push=AYg5qPIHEZoFNA3-XX3HQPVVBTDQgZAl873AfafFsBe-EdFU9jfGHMyVMssC5964Mm1qBxGzb105xZO_729ru9aD8h1C1lUP3jy...

43 B
415 B

194ms
176ms

Image
image/gif

2606:4700::6812:d05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEKaQwa-KAKrsqoFA2nkDL-M&google_cver=1&google_push=AYg5qPIHEZoFNA3-XX3HQPVVBTDQgZAl873AfafFsBe-EdFU9jfGHMyVMssC5964Mm1qBxGzb105xZO_729ru9aD8h1C1lUP3jy0&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPIHEZoFNA3-XX3HQPVVBTDQgZAl873AfafFsBe-EdFU9jfGHMyVMssC5964Mm1qBxGzb105xZO_729ru9aD8h1C1lUP3jy0%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle
Protocol: H2
Server: 2606:4700::6812:d05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 Nov 2021 04:18:16 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 6af627753dde1eeb-AMS
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
content-type: image/gif; charset=utf-8
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 17 Nov 2021 04:18:16 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 104
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 6af62773db9d1eeb-AMS
p3p: CP="NOI DEVo TAIa OUR BUS"
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEKaQwa-KAKrsqoFA2nkDL-M&google_cver=1&google_push=AYg5qPIHEZoFNA3-XX3HQPVVBTDQgZAl873AfafFsBe-EdFU9jfGHMyVMssC5964Mm1qBxGzb105xZO_729ru9aD8h1C1lUP3jy0&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPIHEZoFNA3-XX3HQPVVBTDQgZAl873AfafFsBe-EdFU9jfGHMyVMssC5964Mm1qBxGzb105xZO_729ru9aD8h1C1lUP3jy0%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
cache-control: no-cache, private
content-type: text/html
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5EC0
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEDz5H506Qz-MPgE4u-AW1js&google_push=AYg5qPLeuss6BO9PLFmjO7CZwUayettLHXJ2ZXkPoKbkMgR59s4lvRFFsJ...

170 B
188 B

16ms
16ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEDz5H506Qz-MPgE4u-AW1js&google_push=AYg5qPLeuss6BO9PLFmjO7CZwUayettLHXJ2ZXkPoKbkMgR59s4lvRFFsJnC1GvgvbyVdlK7B8ivALUhZE2di5xLpAbneVRkETA

Requested by

Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 Nov 2021 04:18:16 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 17 Nov 2021 04:18:16 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1637122696.281568,VS0,VE195
x-served-by: cache-fra19165-FRA
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEDz5H506Qz-MPgE4u-AW1js&google_push=AYg5qPLeuss6BO9PLFmjO7CZwUayettLHXJ2ZXkPoKbkMgR59s4lvRFFsJnC1GvgvbyVdlK7B8ivALUhZE2di5xLpAbneVRkETA
cache-control: no-cache
accept-ranges: bytes
access-control-allow-origin: *
content-length: 0
x-cache-hits: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5EC0
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEByzGuGMaV3vbVZfmbdsvAQ&google_cver=1&google_push=AYg5qPK-LxzJZPxtsYF_XmuDM6_ez7fg9kYI1U1D5DF5p8TcjkVmQpZVeDw47SJi3Qn-Yn9bbWtAQl7rnDmvp5...
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzAzMTM4ODQzODg2MzQxMTM0Nw%3D%3D&google_push=AYg5qPK-LxzJZPxtsYF_XmuDM6_ez7fg9kYI1U1D5DF5p8TcjkVmQpZVeDw47SJi3Qn-Yn9bbWtAQl7rnDmvp5zDFU...

170 B
188 B

16ms
16ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzAzMTM4ODQzODg2MzQxMTM0Nw%3D%3D&google_push=AYg5qPK-LxzJZPxtsYF_XmuDM6_ez7fg9kYI1U1D5DF5p8TcjkVmQpZVeDw47SJi3Qn-Yn9bbWtAQl7rnDmvp5zDFUphDxa9jJqJ

Requested by

Host: 6f3ae07be95ae97387d8b294da3b5285.safeframe.googlesyndication.com
URL: https://6f3ae07be95ae97387d8b294da3b5285.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 Nov 2021 04:18:16 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzAzMTM4ODQzODg2MzQxMTM0Nw%3D%3D&google_push=AYg5qPK-LxzJZPxtsYF_XmuDM6_ez7fg9kYI1U1D5DF5p8TcjkVmQpZVeDw47SJi3Qn-Yn9bbWtAQl7rnDmvp5zDFUphDxa9jJqJ
Date: Wed, 17 Nov 2021 04:18:16 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5EC0
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEDthQkMK0Z3o868sOoyGaZ8&google_cver=1&google_push=AYg5qPKTdFWh1F6wDy60-Mogktb16e5YY2_8Yn6uU6NCxy_ntCl_KHqXZW3-kO-hvgaWlsjakRdKslsV2hxX1cBos7E0Z5f...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPKTdFWh1F6wDy60-Mogktb16e5YY2_8Yn6uU6NCxy_ntCl_KHqXZW3-kO-hvgaWlsjakRdKslsV2hxX1cBos7E0Z5fMZOY&google_hm=ODczMTIxNjg1NDgwOTQxMTI...

170 B
188 B

32ms
32ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPKTdFWh1F6wDy60-Mogktb16e5YY2_8Yn6uU6NCxy_ntCl_KHqXZW3-kO-hvgaWlsjakRdKslsV2hxX1cBos7E0Z5fMZOY&google_hm=ODczMTIxNjg1NDgwOTQxMTI2Ng%3D%3D

Requested by

Host: 6f3ae07be95ae97387d8b294da3b5285.safeframe.googlesyndication.com
URL: https://6f3ae07be95ae97387d8b294da3b5285.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 Nov 2021 04:18:16 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 17 Nov 2021 04:18:16 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPKTdFWh1F6wDy60-Mogktb16e5YY2_8Yn6uU6NCxy_ntCl_KHqXZW3-kO-hvgaWlsjakRdKslsV2hxX1cBos7E0Z5fMZOY&google_hm=ODczMTIxNjg1NDgwOTQxMTI2Ng%3D%3D
x-xss-protection: 1; mode=block
content-length: 0
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5EC0
Redirect Chain

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESENKAb9BaB5vGFJb5_sQLtzY&google_cver=1&google_push=AYg5qPJgEkGAKeua9PjreLZOTD7X0kgyVA5FmR-lFcO6qhOcUmOt69NHLLjECjun6pmdgMQQUxmuGswjLsaHpOXKNkp4DtsJO5bw
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&cmp_cs=&us_privacy=&sync=1&google_push=AYg5qPJgEkGAKeua9PjreLZOTD7X0kgyVA5FmR-lFcO6qhOcUmOt69NHLLjECjun6pmdgMQQUxmuGswjLsaHpOXKNkp4DtsJO5bw&goog...
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=OTU4NzE0MTM3NzgzMzk3NzMzNw%3D%3D&google_push=AYg5qPJgEkGAKeua9PjreLZOTD7X0kgyVA5FmR-lFcO6qhOcUmOt69NHLLjE...

170 B
188 B

16ms
16ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=OTU4NzE0MTM3NzgzMzk3NzMzNw%3D%3D&google_push=AYg5qPJgEkGAKeua9PjreLZOTD7X0kgyVA5FmR-lFcO6qhOcUmOt69NHLLjECjun6pmdgMQQUxmuGswjLsaHpOXKNkp4DtsJO5bw

Requested by

Host: 6f3ae07be95ae97387d8b294da3b5285.safeframe.googlesyndication.com
URL: https://6f3ae07be95ae97387d8b294da3b5285.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 Nov 2021 04:18:16 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=OTU4NzE0MTM3NzgzMzk3NzMzNw%3D%3D&google_push=AYg5qPJgEkGAKeua9PjreLZOTD7X0kgyVA5FmR-lFcO6qhOcUmOt69NHLLjECjun6pmdgMQQUxmuGswjLsaHpOXKNkp4DtsJO5bw
date: Wed, 17 Nov 2021 04:18:16 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 200 dot.gif
s0.2mdn.net/ Frame 5EC0 43 B
147 B 31ms
29ms Image
image/gif 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dot.gif?google_gid=CAESEHFDSKd4Q-EmNzGYeDs_UDQ&google_cver=1&google_push=AYg5qPIGbpCfo1UHG75mPrGi2wjNsJVQhKhgHpOXOEJgzei45ioD5ZYIhyVjVi-LVTtnKY8nldPQgPguXp4hV3jEl51A5msQ5j7YmA

Requested by

Host: 6f3ae07be95ae97387d8b294da3b5285.safeframe.googlesyndication.com
URL: https://6f3ae07be95ae97387d8b294da3b5285.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 04:18:16 GMT
x-content-type-options: nosniff
last-modified: Sun, 01 Feb 2009 08:00:00 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 18 Nov 2021 04:18:16 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 5EC0 0
12 B 17ms
16ms Image
text/html 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13J-zrux1gyB4qRcmByR3BFLpUFbz00fFrpSRPc2_uuOzycPW4uT-FHSJRE0GmrLc_L456BsFw

Requested by

Host: 6f3ae07be95ae97387d8b294da3b5285.safeframe.googlesyndication.com
URL: https://6f3ae07be95ae97387d8b294da3b5285.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 04:18:16 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 bg.jpg
s0.2mdn.net/sadbundle/5997682615482664064/img/ Frame BD8D 24 KB
24 KB 22ms
21ms Image
image/jpeg 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/5997682615482664064/img/bg.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5997682615482664064/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3aae7a5350992a2a5cc76a0447e626ebdff721e2480722467db3b670b048c2b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5997682615482664064/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 23:00:05 GMT
x-content-type-options: nosniff
age: 451091
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24247
x-xss-protection: 0
last-modified: Wed, 03 Nov 2021 17:03:29 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 11 Nov 2022 23:00:05 GMT

GET
H2 200 car2.png
s0.2mdn.net/sadbundle/5997682615482664064/img/ Frame BD8D 17 KB
17 KB 23ms
22ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/5997682615482664064/img/car2.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5997682615482664064/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0ebf866bb27bc99e2583a86df1489340fc401bcc75ce476d6cb2bb1fbd397df5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5997682615482664064/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 16 Nov 2021 10:58:43 GMT
x-content-type-options: nosniff
age: 62373
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17703
x-xss-protection: 0
last-modified: Wed, 03 Nov 2021 17:03:29 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 16 Nov 2022 10:58:43 GMT

GET
H2 200 car1.png
s0.2mdn.net/sadbundle/5997682615482664064/img/ Frame BD8D 17 KB
17 KB 11ms
9ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/5997682615482664064/img/car1.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5997682615482664064/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

abe4ceed0dcd5f8923178012f86cf387b9c0149bd8c8540719874f9f3640a11d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5997682615482664064/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 16 Nov 2021 23:27:00 GMT
x-content-type-options: nosniff
age: 17476
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17636
x-xss-protection: 0
last-modified: Wed, 03 Nov 2021 17:03:29 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 16 Nov 2022 23:27:00 GMT

GET
H2 200 car3.png
s0.2mdn.net/sadbundle/5997682615482664064/img/ Frame BD8D 12 KB
12 KB 10ms
8ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/5997682615482664064/img/car3.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5997682615482664064/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f266d588bdf98ad6b3e97a9eef91f64e91f54ab5516648f60a6a945012dd717a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5997682615482664064/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 16 Nov 2021 20:00:26 GMT
x-content-type-options: nosniff
age: 29870
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12452
x-xss-protection: 0
last-modified: Wed, 03 Nov 2021 17:03:29 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 16 Nov 2022 20:00:26 GMT

GET
H2 200 car4.png
s0.2mdn.net/sadbundle/5997682615482664064/img/ Frame BD8D 14 KB
14 KB 10ms
8ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/5997682615482664064/img/car4.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5997682615482664064/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8ea451065dca4377adb2ffaed78b5631fda3520af2593a63034011a2d890141f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5997682615482664064/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 23:00:05 GMT
x-content-type-options: nosniff
age: 451091
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14702
x-xss-protection: 0
last-modified: Wed, 03 Nov 2021 17:03:29 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 11 Nov 2022 23:00:05 GMT

GET
H2 200 img-lensflare-0.png
s0.2mdn.net/sadbundle/5997682615482664064/img/ Frame BD8D 4 KB
4 KB 13ms
11ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/5997682615482664064/img/img-lensflare-0.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5997682615482664064/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

feb49fae7fd245f703b2fbeb29c41f136a34ee8bccfa2cc7c8a5a6fbfa4439ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5997682615482664064/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 06:52:16 GMT
x-content-type-options: nosniff
age: 422760
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4352
x-xss-protection: 0
last-modified: Wed, 03 Nov 2021 17:03:29 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 12 Nov 2022 06:52:16 GMT

GET
H2 200 text1a.png
s0.2mdn.net/sadbundle/5997682615482664064/img/ Frame BD8D 3 KB
3 KB 13ms
11ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/5997682615482664064/img/text1a.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5997682615482664064/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8088f1d161a58af558862367e42cb9d6451ffb8bd973396ebed69da04d6188a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5997682615482664064/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 23:00:05 GMT
x-content-type-options: nosniff
age: 451091
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3023
x-xss-protection: 0
last-modified: Wed, 03 Nov 2021 17:03:29 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 11 Nov 2022 23:00:05 GMT

GET
H2 200 text1b.png
s0.2mdn.net/sadbundle/5997682615482664064/img/ Frame BD8D 3 KB
3 KB 14ms
12ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/5997682615482664064/img/text1b.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5997682615482664064/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b5a4ee93e1379a85fe56c16769e11eb203372c1a230a5150c7ae4f4f542147f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5997682615482664064/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 07:01:27 GMT
x-content-type-options: nosniff
age: 422209
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2584
x-xss-protection: 0
last-modified: Wed, 03 Nov 2021 17:03:29 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 12 Nov 2022 07:01:27 GMT

GET
H2 200 text1c.png
s0.2mdn.net/sadbundle/5997682615482664064/img/ Frame BD8D 4 KB
4 KB 13ms
11ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/5997682615482664064/img/text1c.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5997682615482664064/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

760144b690ee7570b72cf862a52ecf8678571ac6aecd431716c53a5e3f16d6dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5997682615482664064/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 07:00:40 GMT
x-content-type-options: nosniff
age: 422256
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3655
x-xss-protection: 0
last-modified: Wed, 03 Nov 2021 17:03:29 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 12 Nov 2022 07:00:40 GMT

GET
H2 200 stoerer.png
s0.2mdn.net/sadbundle/5997682615482664064/img/ Frame BD8D 3 KB
3 KB 12ms
10ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/5997682615482664064/img/stoerer.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5997682615482664064/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e3feb016374130f322d545f888f59bceb80667989dd11d9b5953f5cb1c04d1e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5997682615482664064/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 23:00:05 GMT
x-content-type-options: nosniff
age: 451091
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2655
x-xss-protection: 0
last-modified: Wed, 03 Nov 2021 17:03:29 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 11 Nov 2022 23:00:05 GMT

GET
H2 200 text2.png
s0.2mdn.net/sadbundle/5997682615482664064/img/ Frame BD8D 4 KB
4 KB 11ms
9ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/5997682615482664064/img/text2.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5997682615482664064/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f3e24ac0b49f099ddbb00e219447f8d4aa4cd7021f38bd4c94c77747dc58ed2b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5997682615482664064/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 23:00:05 GMT
x-content-type-options: nosniff
age: 451091
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3787
x-xss-protection: 0
last-modified: Wed, 03 Nov 2021 17:03:29 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 11 Nov 2022 23:00:05 GMT

GET
H2 200 text3.png
s0.2mdn.net/sadbundle/5997682615482664064/img/ Frame BD8D 4 KB
4 KB 12ms
10ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/5997682615482664064/img/text3.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5997682615482664064/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

79b628a883191c8130a3382f904e50f5d4210b2abaac6227162e6b1e07f6c593

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5997682615482664064/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 06:30:31 GMT
x-content-type-options: nosniff
age: 424065
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4233
x-xss-protection: 0
last-modified: Wed, 03 Nov 2021 17:03:29 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 12 Nov 2022 06:30:31 GMT

GET
H2 200 text4.png
s0.2mdn.net/sadbundle/5997682615482664064/img/ Frame BD8D 3 KB
3 KB 11ms
9ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/5997682615482664064/img/text4.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5997682615482664064/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5aa96b4944174c3a1689f08df1fb31143929e32189533ad9eeeccad574b0272a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5997682615482664064/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 06:36:35 GMT
x-content-type-options: nosniff
age: 423701
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3233
x-xss-protection: 0
last-modified: Wed, 03 Nov 2021 17:03:29 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 12 Nov 2022 06:36:35 GMT

GET
H2 200 text5.png
s0.2mdn.net/sadbundle/5997682615482664064/img/ Frame BD8D 3 KB
3 KB 12ms
10ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/5997682615482664064/img/text5.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5997682615482664064/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

32322986a3b686254b0bd0a35a1feff3886eee67ef8812baf9a7a0185df71a63

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5997682615482664064/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 16 Nov 2021 19:53:26 GMT
x-content-type-options: nosniff
age: 30290
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2963
x-xss-protection: 0
last-modified: Wed, 03 Nov 2021 17:03:29 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 16 Nov 2022 19:53:26 GMT

GET
H2 200 legal1.png
s0.2mdn.net/sadbundle/5997682615482664064/img/ Frame BD8D 11 KB
11 KB 14ms
13ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/5997682615482664064/img/legal1.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5997682615482664064/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

79a48ca4e0e9b49e2cdf02fb8e1af695c0bcf48508d96aac0a9c0be160f99749

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5997682615482664064/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 06:27:26 GMT
x-content-type-options: nosniff
age: 424250
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11631
x-xss-protection: 0
last-modified: Wed, 03 Nov 2021 17:03:29 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 12 Nov 2022 06:27:26 GMT

GET
H2 200 legal2.png
s0.2mdn.net/sadbundle/5997682615482664064/img/ Frame BD8D 14 KB
14 KB 15ms
14ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/5997682615482664064/img/legal2.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5997682615482664064/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

52b255c86ae6d99ee7e166fb426b5bd737bd64c166bd7655a6ca995311ebe6f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5997682615482664064/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 23:00:05 GMT
x-content-type-options: nosniff
age: 451091
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14104
x-xss-protection: 0
last-modified: Wed, 03 Nov 2021 17:03:29 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 11 Nov 2022 23:00:05 GMT

GET
H2 200 cta.png
s0.2mdn.net/sadbundle/5997682615482664064/img/ Frame BD8D 1 KB
1 KB 15ms
14ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/5997682615482664064/img/cta.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5997682615482664064/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

35f5317be05f3deea33576323a15392e6957c72eef269e0528d4ba4257f5bb70

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5997682615482664064/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 16 Nov 2021 11:04:03 GMT
x-content-type-options: nosniff
age: 62053
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1161
x-xss-protection: 0
last-modified: Wed, 03 Nov 2021 17:03:29 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 16 Nov 2022 11:04:03 GMT

GET
H2 200 cta_2.png
s0.2mdn.net/sadbundle/5997682615482664064/img/ Frame BD8D 1 KB
1 KB 15ms
14ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/5997682615482664064/img/cta_2.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5997682615482664064/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0880cbd683f04be47dce7fd7d756cea78d311a1a09f2dc9cf2d95bbd7f3cbef7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5997682615482664064/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 16 Nov 2021 20:16:55 GMT
x-content-type-options: nosniff
age: 28881
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1228
x-xss-protection: 0
last-modified: Wed, 03 Nov 2021 17:03:29 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 16 Nov 2022 20:16:55 GMT

GET
H2 200 logo.png
s0.2mdn.net/sadbundle/5997682615482664064/img/ Frame BD8D 2 KB
2 KB 13ms
12ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/5997682615482664064/img/logo.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5997682615482664064/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1323112ac126d2bc27da6f7e045a1f8d06a1dabaad2560ef8e8297cfc9379a2f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5997682615482664064/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 23:00:05 GMT
x-content-type-options: nosniff
age: 451091
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1756
x-xss-protection: 0
last-modified: Wed, 03 Nov 2021 17:03:29 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 11 Nov 2022 23:00:05 GMT

GET
H2 200 logo2.png
s0.2mdn.net/sadbundle/5997682615482664064/img/ Frame BD8D 2 KB
2 KB 14ms
13ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/5997682615482664064/img/logo2.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5997682615482664064/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fbbc45aee6c23f17d07220ede528f0216aaf05b2b6238d47038ab3f9f0a6b374

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5997682615482664064/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 23:00:05 GMT
x-content-type-options: nosniff
age: 451091
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1990
x-xss-protection: 0
last-modified: Wed, 03 Nov 2021 17:03:29 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 11 Nov 2022 23:00:05 GMT

GET
H2 200 tweenmax_1.19.0_643d6911392a3398cb1607993edabfa7_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame BD8D 109 KB
37 KB 17ms
15ms Script
text/javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/tweenmax_1.19.0_643d6911392a3398cb1607993edabfa7_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5997682615482664064/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

36c0ec05d79bd9d3164effc3eca0f1962cd6f82bb1f41cb212e080910be24153

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5997682615482664064/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 04:18:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37530
x-xss-protection: 0
last-modified: Tue, 06 Sep 2016 20:51:14 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 17 Nov 2021 04:18:16 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame 7B7B 70 B
265 B 98ms
31ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEI7w_St5kI3jafRARKJF4_I&google_cver=1&google_push=AYg5qPIo1gfZLcYplBm9YxkyWBRXRpQgxji7jlWvxjSxC3E78fGgXTBF4RnMsUIlc32gHrIQkZTACenLoETDMISxFq98fKD3Id-D9w
Requested by: Host: 6f3ae07be95ae97387d8b294da3b5285.safeframe.googlesyndication.com
URL: https://6f3ae07be95ae97387d8b294da3b5285.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 Nov 2021 04:18:16 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7B7B
Redirect Chain

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEHOt5m1SGWBe4rmYy7IEZRw&google_cver=1&google_push=AYg5qPLgo7TI22Jiiaqgo31wVt9cgKc4_7me0nmrvY2HOHwBcFGlsX35J7zxzBdzMogOn0W2wOwSugwHpul...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AYg5qPLgo7TI22Jiiaqgo31wVt9cgKc4_7me0nmrvY2HOHwBcFGlsX35J7zxzBdzMogOn0W2wOwSugwHpulHaxQ0eACXqjeSNeIc&google_hm=G-BErZI9SDC87sfsep6DSFM

170 B
188 B

16ms
16ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AYg5qPLgo7TI22Jiiaqgo31wVt9cgKc4_7me0nmrvY2HOHwBcFGlsX35J7zxzBdzMogOn0W2wOwSugwHpulHaxQ0eACXqjeSNeIc&google_hm=G-BErZI9SDC87sfsep6DSFM

Requested by

Host: 6f3ae07be95ae97387d8b294da3b5285.safeframe.googlesyndication.com
URL: https://6f3ae07be95ae97387d8b294da3b5285.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 Nov 2021 04:18:16 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 17 Nov 2021 04:18:15 GMT
via: 1.1 google
server: Apache-Coyote/1.1
status: 302
p3p: CP="NOI DSP COR NID CUR OUR NOR"
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AYg5qPLgo7TI22Jiiaqgo31wVt9cgKc4_7me0nmrvY2HOHwBcFGlsX35J7zxzBdzMogOn0W2wOwSugwHpulHaxQ0eACXqjeSNeIc&google_hm=G-BErZI9SDC87sfsep6DSFM
cache-control: no-cache, must-revalidate
content-type: text/html;charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7B7B
Redirect Chain

https://tracking.m6r.eu/sync/adxRedirect?gdprFallback=true&google_gid=&google_gid=CAESEB9CtzwHb_dLO9PTPDL88Yc&google_cver=1&google_push=AYg5qPIbwYN6CDDuRw-06ouuXKVtrTPBM5H3gCc7KlTx6Fqxz7ctf49We0NQg...
https://tracking.m6r.eu/sync/adxRedirect?gdprFallback=true&google_gid=&google_gid=CAESEB9CtzwHb_dLO9PTPDL88Yc&google_cver=1&google_push=AYg5qPIbwYN6CDDuRw-06ouuXKVtrTPBM5H3gCc7KlTx6Fqxz7ctf49We0NQg...
https://cm.g.doubleclick.net/pixel?google_nid=m6r&google_ula=158217889&google_hm=lwO2ty501NMrHQo3RozVmw&google_push=AYg5qPIbwYN6CDDuRw-06ouuXKVtrTPBM5H3gCc7KlTx6Fqxz7ctf49We0NQgoUV73tmKkiDfy7wxCflb...

170 B
188 B

16ms
15ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=m6r&google_ula=158217889&google_hm=lwO2ty501NMrHQo3RozVmw&google_push=AYg5qPIbwYN6CDDuRw-06ouuXKVtrTPBM5H3gCc7KlTx6Fqxz7ctf49We0NQgoUV73tmKkiDfy7wxCflbS-Fpq2UHe53-IjHYh_8LA

Requested by

Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 Nov 2021 04:18:16 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Wed, 17 Nov 2021 04:18:16 GMT
Server: nginx
Vary: Accept
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=m6r&google_ula=158217889&google_hm=lwO2ty501NMrHQo3RozVmw&google_push=AYg5qPIbwYN6CDDuRw-06ouuXKVtrTPBM5H3gCc7KlTx6Fqxz7ctf49We0NQgoUV73tmKkiDfy7wxCflbS-Fpq2UHe53-IjHYh_8LA
Connection: close
Content-Type: text/plain; charset=utf-8
Content-Length: 240

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7B7B
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEDthQkMK0Z3o868sOoyGaZ8&google_cver=1&google_push=AYg5qPIKz-UT_03-Sd9NDfYdhOItx-4A4mwTMdEHGldTWrR39IX_99UKJfJMRXKeLPjxM5uoOAw9l3Ad5TesNH6itsctwJc...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPIKz-UT_03-Sd9NDfYdhOItx-4A4mwTMdEHGldTWrR39IX_99UKJfJMRXKeLPjxM5uoOAw9l3Ad5TesNH6itsctwJcthQx8Yw&google_hm=ODczMTIxNjg1NDgwOTQx...

170 B
188 B

15ms
15ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPIKz-UT_03-Sd9NDfYdhOItx-4A4mwTMdEHGldTWrR39IX_99UKJfJMRXKeLPjxM5uoOAw9l3Ad5TesNH6itsctwJcthQx8Yw&google_hm=ODczMTIxNjg1NDgwOTQxMTI2Ng%3D%3D

Requested by

Host: 6f3ae07be95ae97387d8b294da3b5285.safeframe.googlesyndication.com
URL: https://6f3ae07be95ae97387d8b294da3b5285.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 Nov 2021 04:18:16 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 17 Nov 2021 04:18:16 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPIKz-UT_03-Sd9NDfYdhOItx-4A4mwTMdEHGldTWrR39IX_99UKJfJMRXKeLPjxM5uoOAw9l3Ad5TesNH6itsctwJcthQx8Yw&google_hm=ODczMTIxNjg1NDgwOTQxMTI2Ng%3D%3D
x-xss-protection: 1; mode=block
content-length: 0
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7B7B
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEBwyc5EKGZ1WfrKOUQFfslc&google_cver=1&google_push=AYg5qPLb_FEQjXxTxOPMVDPypPxmxr1iiJlgV7TOhyDH8eI0mCxQQrGS59piQSmRqG6rD46VHPV...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1czMEwxMFMtMTQtOUxQSA==&google_push=AYg5qPLb_FEQjXxTxOPMVDPypPxmxr1iiJlgV7TOhyDH8eI0mCxQQrGS59piQSmRqG6rD46VHPVhKsFJyOlC6ZZnS7J1F0PCivdGvw

170 B
188 B

15ms
15ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1czMEwxMFMtMTQtOUxQSA==&google_push=AYg5qPLb_FEQjXxTxOPMVDPypPxmxr1iiJlgV7TOhyDH8eI0mCxQQrGS59piQSmRqG6rD46VHPVhKsFJyOlC6ZZnS7J1F0PCivdGvw

Requested by

Host: 6f3ae07be95ae97387d8b294da3b5285.safeframe.googlesyndication.com
URL: https://6f3ae07be95ae97387d8b294da3b5285.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 Nov 2021 04:18:16 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1czMEwxMFMtMTQtOUxQSA==&google_push=AYg5qPLb_FEQjXxTxOPMVDPypPxmxr1iiJlgV7TOhyDH8eI0mCxQQrGS59piQSmRqG6rD46VHPVhKsFJyOlC6ZZnS7J1F0PCivdGvw
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: de8527bfa1ccfd6c1590da0d3b6cff52
Expires: 0

GET

pixel
cm.g.doubleclick.net/ Frame 7B7B
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEPTIBB9yhrid9dfSM8S67-c&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZSCh8wdfFakTfYb34ZaCQAABFsAAAIB&google_push=AYg5qPIvZFQUnNbLKCeKK8lonrYTYkHFJAiJHL6C3MjBGnlEc7Tuh4ZLEXQr677jvGSud7frWZuFdNHHmDD8Ps9x-C...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZSCh8wdfFakTfYb34ZaCQAABFsAAAIB&google_push=AYg5qPIvZFQUnNbLKCeKK8lonrYTYkHFJAiJHL6C3MjBGnlEc7Tuh4ZLEXQr677jvGSud7frWZuFdNHHmDD8Ps9x-C...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZSCh8wdfFakTfYb34ZaCQAABFsAAAIB&google_push=AYg5qPIvZFQUnNbLKCeKK8lonrYTYkHFJAiJHL6C3MjBGnlEc7Tuh4ZLEXQr677jvGSud7frWZuFdNHHmDD8Ps9x-C...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZSCh8wdfFakTfYb34ZaCQAABFsAAAIB&google_push=AYg5qPIvZFQUnNbLKCeKK8lonrYTYkHFJAiJHL6C3MjBGnlEc7Tuh4ZLEXQr677jvGSud7frWZuFdNHHmDD8Ps9x-C...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZSCh8wdfFakTfYb34ZaCQAABFsAAAIB&google_push=AYg5qPIvZFQUnNbLKCeKK8lonrYTYkHFJAiJHL6C3MjBGnlEc7Tuh4ZLEXQr677jvGSud7frWZuFdNHHmDD8Ps9x-C...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZSCh8wdfFakTfYb34ZaCQAABFsAAAIB&google_push=AYg5qPIvZFQUnNbLKCeKK8lonrYTYkHFJAiJHL6C3MjBGnlEc7Tuh4ZLEXQr677jvGSud7frWZuFdNHHmDD8Ps9x-C...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZSCh8wdfFakTfYb34ZaCQAABFsAAAIB&google_push=AYg5qPIvZFQUnNbLKCeKK8lonrYTYkHFJAiJHL6C3MjBGnlEc7Tuh4ZLEXQr677jvGSud7frWZuFdNHHmDD8Ps9x-C...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZSCh8wdfFakTfYb34ZaCQAABFsAAAIB&google_push=AYg5qPIvZFQUnNbLKCeKK8lonrYTYkHFJAiJHL6C3MjBGnlEc7Tuh4ZLEXQr677jvGSud7frWZuFdNHHmDD8Ps9x-C...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZSCh8wdfFakTfYb34ZaCQAABFsAAAIB&google_push=AYg5qPIvZFQUnNbLKCeKK8lonrYTYkHFJAiJHL6C3MjBGnlEc7Tuh4ZLEXQr677jvGSud7frWZuFdNHHmDD8Ps9x-C...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZSCh8wdfFakTfYb34ZaCQAABFsAAAIB&google_push=AYg5qPIvZFQUnNbLKCeKK8lonrYTYkHFJAiJHL6C3MjBGnlEc7Tuh4ZLEXQr677jvGSud7frWZuFdNHHmDD8Ps9x-C...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZSCh8wdfFakTfYb34ZaCQAABFsAAAIB&google_push=AYg5qPIvZFQUnNbLKCeKK8lonrYTYkHFJAiJHL6C3MjBGnlEc7Tuh4ZLEXQr677jvGSud7frWZuFdNHHmDD8Ps9x-C...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZSCh8wdfFakTfYb34ZaCQAABFsAAAIB&google_push=AYg5qPIvZFQUnNbLKCeKK8lonrYTYkHFJAiJHL6C3MjBGnlEc7Tuh4ZLEXQr677jvGSud7frWZuFdNHHmDD8Ps9x-C...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZSCh8wdfFakTfYb34ZaCQAABFsAAAIB&google_push=AYg5qPIvZFQUnNbLKCeKK8lonrYTYkHFJAiJHL6C3MjBGnlEc7Tuh4ZLEXQr677jvGSud7frWZuFdNHHmDD8Ps9x-C...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZSCh8wdfFakTfYb34ZaCQAABFsAAAIB&google_push=AYg5qPIvZFQUnNbLKCeKK8lonrYTYkHFJAiJHL6C3MjBGnlEc7Tuh4ZLEXQr677jvGSud7frWZuFdNHHmDD8Ps9x-C...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZSCh8wdfFakTfYb34ZaCQAABFsAAAIB&google_push=AYg5qPIvZFQUnNbLKCeKK8lonrYTYkHFJAiJHL6C3MjBGnlEc7Tuh4ZLEXQr677jvGSud7frWZuFdNHHmDD8Ps9x-C...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZSCh8wdfFakTfYb34ZaCQAABFsAAAIB&google_push=AYg5qPIvZFQUnNbLKCeKK8lonrYTYkHFJAiJHL6C3MjBGnlEc7Tuh4ZLEXQr677jvGSud7frWZuFdNHHmDD8Ps9x-C...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZSCh8wdfFakTfYb34ZaCQAABFsAAAIB&google_push=AYg5qPIvZFQUnNbLKCeKK8lonrYTYkHFJAiJHL6C3MjBGnlEc7Tuh4ZLEXQr677jvGSud7frWZuFdNHHmDD8Ps9x-C...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZSCh8wdfFakTfYb34ZaCQAABFsAAAIB&google_push=AYg5qPIvZFQUnNbLKCeKK8lonrYTYkHFJAiJHL6C3MjBGnlEc7Tuh4ZLEXQr677jvGSud7frWZuFdNHHmDD8Ps9x-C...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZSCh8wdfFakTfYb34ZaCQAABFsAAAIB&google_push=AYg5qPIvZFQUnNbLKCeKK8lonrYTYkHFJAiJHL6C3MjBGnlEc7Tuh4ZLEXQr677jvGSud7frWZuFdNHHmDD8Ps9x-C...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZSCh8wdfFakTfYb34ZaCQAABFsAAAIB&google_push=AYg5qPIvZFQUnNbLKCeKK8lonrYTYkHFJAiJHL6C3MjBGnlEc7Tuh4ZLEXQr677jvGSud7frWZuFdNHHmDD8Ps9x-C...

0
0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 7B7B 0
12 B 23ms
19ms Image
text/html 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KomXznEh-SZ8KkPGBjFo-R6VsGtHBTRx7Wu9INDCMbWqeQbqEUPiUmYZ_8OfGp8g

Requested by

Host: 6f3ae07be95ae97387d8b294da3b5285.safeframe.googlesyndication.com
URL: https://6f3ae07be95ae97387d8b294da3b5285.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 04:18:16 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame 99E9 70 B
264 B 95ms
32ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEI7w_St5kI3jafRARKJF4_I&google_cver=1&google_push=AYg5qPJ9nDlqn9_bfCugo6VyTdRVECIjWxSGeE1Uugpg0l0SrGEu-OTCth4-YKOnyi_O09LpK5MbI6SWoRaqZZxq0qT-lPqbDbDA
Requested by: Host: 6f3ae07be95ae97387d8b294da3b5285.safeframe.googlesyndication.com
URL: https://6f3ae07be95ae97387d8b294da3b5285.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 Nov 2021 04:18:16 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 99E9
Redirect Chain

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEHOt5m1SGWBe4rmYy7IEZRw&google_cver=1&google_push=AYg5qPJoRjen73upujMeQ4pBnVHzvvRddkPya4M-VWK-yeAdsZHjXaUHc730-xGIz4rz4hyNfMUjr4KkxhC...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AYg5qPJoRjen73upujMeQ4pBnVHzvvRddkPya4M-VWK-yeAdsZHjXaUHc730-xGIz4rz4hyNfMUjr4KkxhCBY6gY5YxAUAPc4F4&google_hm=iwR53D1ERz6EMSHLbIcggFM

170 B
188 B

17ms
17ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AYg5qPJoRjen73upujMeQ4pBnVHzvvRddkPya4M-VWK-yeAdsZHjXaUHc730-xGIz4rz4hyNfMUjr4KkxhCBY6gY5YxAUAPc4F4&google_hm=iwR53D1ERz6EMSHLbIcggFM

Requested by

Host: 6f3ae07be95ae97387d8b294da3b5285.safeframe.googlesyndication.com
URL: https://6f3ae07be95ae97387d8b294da3b5285.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 Nov 2021 04:18:16 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 17 Nov 2021 04:18:15 GMT
via: 1.1 google
server: Apache-Coyote/1.1
status: 302
p3p: CP="NOI DSP COR NID CUR OUR NOR"
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AYg5qPJoRjen73upujMeQ4pBnVHzvvRddkPya4M-VWK-yeAdsZHjXaUHc730-xGIz4rz4hyNfMUjr4KkxhCBY6gY5YxAUAPc4F4&google_hm=iwR53D1ERz6EMSHLbIcggFM
cache-control: no-cache, must-revalidate
content-type: text/html;charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 99E9
Redirect Chain

https://tracking.m6r.eu/sync/adxRedirect?gdprFallback=true&google_gid=&google_gid=CAESEB9CtzwHb_dLO9PTPDL88Yc&google_cver=1&google_push=AYg5qPKZd6V5mm_kLyy7CAHwcFDZZ-waj5tFVOqXSxHkyBy-ivsFQsQjpcZBI...
https://tracking.m6r.eu/sync/adxRedirect?gdprFallback=true&google_gid=&google_gid=CAESEB9CtzwHb_dLO9PTPDL88Yc&google_cver=1&google_push=AYg5qPKZd6V5mm_kLyy7CAHwcFDZZ-waj5tFVOqXSxHkyBy-ivsFQsQjpcZBI...
https://cm.g.doubleclick.net/pixel?google_nid=m6r&google_ula=158217889&google_hm=kRwNBDIiLonDnUBWg4B1FA&google_push=AYg5qPKZd6V5mm_kLyy7CAHwcFDZZ-waj5tFVOqXSxHkyBy-ivsFQsQjpcZBIJJFpO0cB_9OBrvXZVKYv...

170 B
188 B

17ms
17ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=m6r&google_ula=158217889&google_hm=kRwNBDIiLonDnUBWg4B1FA&google_push=AYg5qPKZd6V5mm_kLyy7CAHwcFDZZ-waj5tFVOqXSxHkyBy-ivsFQsQjpcZBIJJFpO0cB_9OBrvXZVKYvO1hc-0XtHgO6x5c1UtH

Requested by

Host: 6f3ae07be95ae97387d8b294da3b5285.safeframe.googlesyndication.com
URL: https://6f3ae07be95ae97387d8b294da3b5285.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 Nov 2021 04:18:16 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Wed, 17 Nov 2021 04:18:16 GMT
Server: nginx
Vary: Accept
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=m6r&google_ula=158217889&google_hm=kRwNBDIiLonDnUBWg4B1FA&google_push=AYg5qPKZd6V5mm_kLyy7CAHwcFDZZ-waj5tFVOqXSxHkyBy-ivsFQsQjpcZBIJJFpO0cB_9OBrvXZVKYvO1hc-0XtHgO6x5c1UtH
Connection: close
Content-Type: text/plain; charset=utf-8
Content-Length: 238

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 99E9
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEDthQkMK0Z3o868sOoyGaZ8&google_cver=1&google_push=AYg5qPJ0zdk8DBPDnWYFwrgBFp4dJ0_DD2nUVjQem79YGaxd2h6ERcoBtEGYPq91yILT91jWpmaawoOkro9iG5EJPOzjDAd...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPJ0zdk8DBPDnWYFwrgBFp4dJ0_DD2nUVjQem79YGaxd2h6ERcoBtEGYPq91yILT91jWpmaawoOkro9iG5EJPOzjDAdANVc8&google_hm=ODczMTIxNjg1NDgwOTQxMT...

170 B
188 B

32ms
31ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPJ0zdk8DBPDnWYFwrgBFp4dJ0_DD2nUVjQem79YGaxd2h6ERcoBtEGYPq91yILT91jWpmaawoOkro9iG5EJPOzjDAdANVc8&google_hm=ODczMTIxNjg1NDgwOTQxMTI2Ng%3D%3D

Requested by

Host: 6f3ae07be95ae97387d8b294da3b5285.safeframe.googlesyndication.com
URL: https://6f3ae07be95ae97387d8b294da3b5285.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 Nov 2021 04:18:16 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 17 Nov 2021 04:18:16 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPJ0zdk8DBPDnWYFwrgBFp4dJ0_DD2nUVjQem79YGaxd2h6ERcoBtEGYPq91yILT91jWpmaawoOkro9iG5EJPOzjDAdANVc8&google_hm=ODczMTIxNjg1NDgwOTQxMTI2Ng%3D%3D
x-xss-protection: 1; mode=block
content-length: 0
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 99E9
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEBwyc5EKGZ1WfrKOUQFfslc&google_cver=1&google_push=AYg5qPLU5O4evsD6yE-EOMZIGLVuLa_E-WhGgzmSTngWG8g9TDG3dVCNwZlhKFgMEEnx28t_VGp...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1czMEwxMFMtMVYtQlVKWQ==&google_push=AYg5qPLU5O4evsD6yE-EOMZIGLVuLa_E-WhGgzmSTngWG8g9TDG3dVCNwZlhKFgMEEnx28t_VGp2sAepZwURFb7AdFkPXpYdr_k

170 B
188 B

17ms
16ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1czMEwxMFMtMVYtQlVKWQ==&google_push=AYg5qPLU5O4evsD6yE-EOMZIGLVuLa_E-WhGgzmSTngWG8g9TDG3dVCNwZlhKFgMEEnx28t_VGp2sAepZwURFb7AdFkPXpYdr_k

Requested by

Host: 6f3ae07be95ae97387d8b294da3b5285.safeframe.googlesyndication.com
URL: https://6f3ae07be95ae97387d8b294da3b5285.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 Nov 2021 04:18:16 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1czMEwxMFMtMVYtQlVKWQ==&google_push=AYg5qPLU5O4evsD6yE-EOMZIGLVuLa_E-WhGgzmSTngWG8g9TDG3dVCNwZlhKFgMEEnx28t_VGp2sAepZwURFb7AdFkPXpYdr_k
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: de8527bfa1ccfd6c1590da0d3b6cff52
Expires: 0

GET

pixel
cm.g.doubleclick.net/ Frame 99E9
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEPTIBB9yhrid9dfSM8S67-c&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZSCh8wdfFakTfYb34ZaCQAABFsAAAIB&google_gid=CAESEPTIBB9yhrid9dfSM8S67-c&google_push=AYg5qPLE3wufIVoC_6_fcElCcZNolTs7Vo91H2jy58sgrAefajh...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZSCh8wdfFakTfYb34ZaCQAABFsAAAIB&google_gid=CAESEPTIBB9yhrid9dfSM8S67-c&google_push=AYg5qPLE3wufIVoC_6_fcElCcZNolTs7Vo91H2jy58sgrAefajh...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZSCh8wdfFakTfYb34ZaCQAABFsAAAIB&google_gid=CAESEPTIBB9yhrid9dfSM8S67-c&google_push=AYg5qPLE3wufIVoC_6_fcElCcZNolTs7Vo91H2jy58sgrAefajh...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZSCh8wdfFakTfYb34ZaCQAABFsAAAIB&google_gid=CAESEPTIBB9yhrid9dfSM8S67-c&google_push=AYg5qPLE3wufIVoC_6_fcElCcZNolTs7Vo91H2jy58sgrAefajh...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZSCh8wdfFakTfYb34ZaCQAABFsAAAIB&google_gid=CAESEPTIBB9yhrid9dfSM8S67-c&google_push=AYg5qPLE3wufIVoC_6_fcElCcZNolTs7Vo91H2jy58sgrAefajh...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZSCh8wdfFakTfYb34ZaCQAABFsAAAIB&google_gid=CAESEPTIBB9yhrid9dfSM8S67-c&google_push=AYg5qPLE3wufIVoC_6_fcElCcZNolTs7Vo91H2jy58sgrAefajh...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZSCh8wdfFakTfYb34ZaCQAABFsAAAIB&google_gid=CAESEPTIBB9yhrid9dfSM8S67-c&google_push=AYg5qPLE3wufIVoC_6_fcElCcZNolTs7Vo91H2jy58sgrAefajh...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZSCh8wdfFakTfYb34ZaCQAABFsAAAIB&google_gid=CAESEPTIBB9yhrid9dfSM8S67-c&google_push=AYg5qPLE3wufIVoC_6_fcElCcZNolTs7Vo91H2jy58sgrAefajh...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZSCh8wdfFakTfYb34ZaCQAABFsAAAIB&google_gid=CAESEPTIBB9yhrid9dfSM8S67-c&google_push=AYg5qPLE3wufIVoC_6_fcElCcZNolTs7Vo91H2jy58sgrAefajh...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZSCh8wdfFakTfYb34ZaCQAABFsAAAIB&google_gid=CAESEPTIBB9yhrid9dfSM8S67-c&google_push=AYg5qPLE3wufIVoC_6_fcElCcZNolTs7Vo91H2jy58sgrAefajh...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZSCh8wdfFakTfYb34ZaCQAABFsAAAIB&google_gid=CAESEPTIBB9yhrid9dfSM8S67-c&google_push=AYg5qPLE3wufIVoC_6_fcElCcZNolTs7Vo91H2jy58sgrAefajh...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZSCh8wdfFakTfYb34ZaCQAABFsAAAIB&google_gid=CAESEPTIBB9yhrid9dfSM8S67-c&google_push=AYg5qPLE3wufIVoC_6_fcElCcZNolTs7Vo91H2jy58sgrAefajh...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZSCh8wdfFakTfYb34ZaCQAABFsAAAIB&google_gid=CAESEPTIBB9yhrid9dfSM8S67-c&google_push=AYg5qPLE3wufIVoC_6_fcElCcZNolTs7Vo91H2jy58sgrAefajh...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZSCh8wdfFakTfYb34ZaCQAABFsAAAIB&google_gid=CAESEPTIBB9yhrid9dfSM8S67-c&google_push=AYg5qPLE3wufIVoC_6_fcElCcZNolTs7Vo91H2jy58sgrAefajh...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZSCh8wdfFakTfYb34ZaCQAABFsAAAIB&google_gid=CAESEPTIBB9yhrid9dfSM8S67-c&google_push=AYg5qPLE3wufIVoC_6_fcElCcZNolTs7Vo91H2jy58sgrAefajh...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZSCh8wdfFakTfYb34ZaCQAABFsAAAIB&google_gid=CAESEPTIBB9yhrid9dfSM8S67-c&google_push=AYg5qPLE3wufIVoC_6_fcElCcZNolTs7Vo91H2jy58sgrAefajh...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZSCh8wdfFakTfYb34ZaCQAABFsAAAIB&google_gid=CAESEPTIBB9yhrid9dfSM8S67-c&google_push=AYg5qPLE3wufIVoC_6_fcElCcZNolTs7Vo91H2jy58sgrAefajh...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZSCh8wdfFakTfYb34ZaCQAABFsAAAIB&google_gid=CAESEPTIBB9yhrid9dfSM8S67-c&google_push=AYg5qPLE3wufIVoC_6_fcElCcZNolTs7Vo91H2jy58sgrAefajh...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZSCh8wdfFakTfYb34ZaCQAABFsAAAIB&google_gid=CAESEPTIBB9yhrid9dfSM8S67-c&google_push=AYg5qPLE3wufIVoC_6_fcElCcZNolTs7Vo91H2jy58sgrAefajh...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZSCh8wdfFakTfYb34ZaCQAABFsAAAIB&google_gid=CAESEPTIBB9yhrid9dfSM8S67-c&google_push=AYg5qPLE3wufIVoC_6_fcElCcZNolTs7Vo91H2jy58sgrAefajh...

0
0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 99E9 0
12 B 19ms
17ms Image
text/html 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KuLfquZ7OAEqWrUuXZgXJl3LfNwo2ExabmiFeIP6sMPp7ANAjbUQ7EbzU6r1zRFQ

Requested by

Host: 6f3ae07be95ae97387d8b294da3b5285.safeframe.googlesyndication.com
URL: https://6f3ae07be95ae97387d8b294da3b5285.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 04:18:16 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20211111/r20110914/elements/html/ Frame A30E 8 KB
3 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211111/r20110914/elements/html/omrhp.js

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N789069.3848558MATTERKIND2/B26636099.319953119;dc_ver=81.235;sz=300x250;u_sd=1;dc_adk=943508953;ord=1tf1n8;click=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCg2znh4KUYfjsAvuU7_UP-Ziq2A2UxpTEZraB9O2JD7CygOyQAhABIKWXgm5glYKAgMAHoAHoxPDRAcgBCakCGM9eXSeItj6oAwGqBPYBT9AGPvYlF1fPyYvkl22e1Ary_lOP_OezWUFxZqB1IuDUhhJKpWM6498HUQqKk6ObqoOOTgc4Y5sINpS_txDgPDWmQjYjpEGK2wNohlm5At1FpcTRWWQbu41vil-qsZ90JzuQMVRKuFoarVwk5XgTncVcpQFRnhZEu1l9b8jakvza1pnc-9HijAzYOfVCHRRXrlQxeXU0UFQ_UcfvJYxytdQ0QIGXRjz-FfLa0MgGgLaVuQgBS_DM1y2eYK7VGbyIRCm0qgyBIaw2VkKXnd4yKOnmuCfX3dp7hLBVWDUCy6S07ztVLxjHgc1Ams0B9mt0bqq-IG6mwASGhb2r3gPgBAOQBgGgBk2AB4C7j64CqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIDhgBAQARgdgAoDmAsByAsBgAwBsBO88qEN0BMA2BMN2BQB0BUBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASEuRoauTfR6SAMhT5qEuby66t6Q%26sig%3DAOD64_0OLjC8G8knZ8C2071VEMCS3l3fsg%26client%3Dca-pub-8292728281684217%26dbm_c%3DAKAmf-BodRxjbqgbXE708u5mCP7ex6A8ztdcnNnqC2v2qWGl4dpsviNSIOCRQpUbej-Xpxt4L5fIW15kq8tzGprp9Mq1EfHBmwtF4yhVg39wA_yMxOoS2CQ5qILTItbjGtWiBXIBVa-52WelTi2cTT8LTB4atCl5Tg%26cry%3D1%26dbm_d%3DAKAmf-DrRtH4V03iinCbCvx1MI4TP7RghYW0OoLYfpEbRWZABWsiNV9uLJDtYv9OG2As95tH0rKfrdwDtvoo809zx-cXZda3MQtK-mk8zc9hbTYJrX5N69CvFrJ8Eh84rl46B76xCYjqc0hR0rc3EZFacP5VQOppr1AlG7Evbf_56oBV69VIwC6DlkqVf0i5aib4yLSs_3QxjX5cD1WL3CtnZ7U8OemnFoch9ukioZHsm7JUJu90Ay7A9Rjk-KHadPAArtFXo650OkT-ArlF_Xcfdnh85hQkzh3npfEmvdkFMivbZOXJPzYIS8oIV171BPNUsPQ0IfQXpWrfPs7AHPWCYKlnVyHOyt7_HsjmdYAGSXkg7ZGUEIjDYHdjULtvnELLiftIP-tR1OgJaRLyL9WbKOM3nw4uH14q1NMBBW1BtScbcFHKaAdDHiCWqcIDH5kJx67jCkG1Hy3Oep1CDq-RMeRzZIfDtw%26adurl%3D;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2C%22%22%5D;dc_rfl=1,https%3A%2F%2Fwww.thestar.com.my%2Flifestyle$0;xdt=1;crlt=Kcu0glvevr;sttr=130;prcl=s

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9db8a678d1681c1c4a3f15e1769c3f54d96f126db4a7b00cea65127c820a7763

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6f3ae07be95ae97387d8b294da3b5285.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 03:54:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1435
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3140
x-xss-protection: 0
server: cafe
etag: 17163059639670574047
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 01 Dec 2021 03:54:21 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame A30E 0
23 B 19ms
18ms Ping
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsveCDCddWfpbWzqeD4Zr9vnjZZHcB0UJN830wyLzSSvMh_XmUUvCvMv3Rw0-V6r7u-8k9bmtnCXE77PW4Kt6oXMgjceMW5QCd9lV8YMK4VbBsn7avurWrPrbBuH2T1j1gZqaFxG5Ol5oRDZ1l5DlWo1EsLQj0w&sig=Cg0ArKJSzNehR0Or8G1gEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20211111.44014&adurl=

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6f3ae07be95ae97387d8b294da3b5285.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Wed, 17 Nov 2021 04:18:16 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 VIP-WE-TEASER-2021-Display-300x250_1_.jpg
s0.2mdn.net/8344798/ Frame A30E 41 KB
41 KB 19ms
19ms Image
image/jpeg 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/8344798/VIP-WE-TEASER-2021-Display-300x250_1_.jpg

Requested by

Host: 6f3ae07be95ae97387d8b294da3b5285.safeframe.googlesyndication.com
URL: https://6f3ae07be95ae97387d8b294da3b5285.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c1f5fad82f0929232a39e5d5d89e70a7df4bf04baa542068792ea48375146ca7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6f3ae07be95ae97387d8b294da3b5285.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 16 Nov 2021 22:35:15 GMT
x-content-type-options: nosniff
age: 20581
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42351
x-xss-protection: 0
last-modified: Fri, 12 Nov 2021 10:57:07 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 17 Nov 2021 22:35:15 GMT

GET main.gr.19.8.267.js
static.adsafeprotected.com/ Frame A30E 0
0

GET
H2 200 cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame A905 1 KB
0 6ms
6ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 6f3ae07be95ae97387d8b294da3b5285.safeframe.googlesyndication.com
URL: https://6f3ae07be95ae97387d8b294da3b5285.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://6f3ae07be95ae97387d8b294da3b5285.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Tue, 16 Nov 2021 18:26:41 GMT
expires: Wed, 17 Nov 2021 18:26:41 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 35495
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame A30E 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a2af54b567058f22878c40bcfc25d325cf490300e5ff356fa483f25084855706

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 css
fonts.googleapis.com/ Frame 1757 2 KB
633 B 21ms
20ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/mu/templates/brand_awareness_blanket/responsive/V1/index.html?e=69&leftOffset=0&topOffset=0&c=XtQeBMMEM2&t=1&renderingType=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7888a75eac5f8b9dc4c448f10e8dc9030fcae612cb236f1a9e9700d56ae6ef34

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 17 Nov 2021 03:55:25 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 17 Nov 2021 04:18:16 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 17 Nov 2021 04:18:16 GMT

GET
H2 200 gwd_webcomponents_min.js Show response
www.gstatic.com/external_hosted/gwd_webcomponents/ Frame 1757 17 KB
6 KB 36ms
14ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/external_hosted/gwd_webcomponents/gwd_webcomponents_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/mu/templates/brand_awareness_blanket/responsive/V1/index.html?e=69&leftOffset=0&topOffset=0&c=XtQeBMMEM2&t=1&renderingType=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

124c07b4e8796fd121878e84b052e054d9bf8d1049180a88667ba9e9f2083daf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 04:18:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5622
x-xss-protection: 0
last-modified: Thu, 03 Oct 2019 10:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=0
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 17 Nov 2021 04:18:16 GMT

GET
H2 200 Enabler_01_238.js Show response
s0.2mdn.net/879366/ Frame 1757 106 KB
36 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_238.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/mu/templates/brand_awareness_blanket/responsive/V1/index.html?e=69&leftOffset=0&topOffset=0&c=XtQeBMMEM2&t=1&renderingType=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

80c7fe7749a6e8c85fa6473e7bbba5c5dc6ffe20a86036de26d91bd4b9a4e8d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/ads/richmedia/studio/mu/templates/brand_awareness_blanket/responsive/V1/index.html?e=69&leftOffset=0&topOffset=0&c=XtQeBMMEM2&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 16 Nov 2021 23:31:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 17202
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36751
x-xss-protection: 0
last-modified: Tue, 11 Jun 2019 21:21:52 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 17 Nov 2021 23:31:34 GMT

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 89ms
88ms Preflight
text/plain 146.20.132.52
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.52 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.thestar.com.my
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Wed, 17 Nov 2021 04:18:16 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
access-control-allow-credentials: true
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
cache-control: max-age=300
access-control-max-age: 300
access-control-allow-origin: https://www.thestar.com.my

POST
H2 200 t Show response
t.lkqd.net/ Frame 59D9 0
167 B 262ms
90ms XHR
text/plain 146.20.132.52
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.52 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://www.thestar.com.my
date: Wed, 17 Nov 2021 04:18:16 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

GET
H2 200 W74_wbIuhH6bObXj0uCjode8PwiBrxgOKnAqo6ShAmY.js
pagead2.googlesyndication.com/bg/ Frame 40EE 35 KB
0 6ms
6ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/W74_wbIuhH6bObXj0uCjode8PwiBrxgOKnAqo6ShAmY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 16 Nov 2021 14:30:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49674
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13296
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 11:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 16 Nov 2022 14:30:22 GMT

GET
H2 200 Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 0625 0
0 6ms
6ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://6f3ae07be95ae97387d8b294da3b5285.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
date: Wed, 17 Nov 2021 02:53:11 GMT
expires: Thu, 17 Nov 2022 02:53:11 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 5105
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 /
www.facebook.com/tr/ 44 B
101 B 6ms
6ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2102948126432240&ev=PageView&dl=https%3A%2F%2Fwww.thestar.com.my%2Flifestyle&rl=&if=false&ts=1637122696348&sw=1600&sh=1200&v=2.9.48&r=stable&ec=0&o=30&fbp=fb.2.1637122695787.182521506&it=1637122695560&coo=false&rqm=GET

Requested by

Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 04:18:16 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 44
expires: Wed, 17 Nov 2021 04:18:16 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
101 B 6ms
6ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2207123949525156&ev=Microdata&dl=https%3A%2F%2Fwww.thestar.com.my%2Flifestyle&rl=&if=false&ts=1637122696352&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Malaysia%20Lifestyle%20Feature%20Stories%20%7C%20The%20Star%22%2C%22meta%3Adescription%22%3A%22Malaysia%20lifestyle%20stories.%20Provides%20feature%20articles%2C%20guidelines%20and%20tips%20on%20art%2C%20fashion%2C%20travel%2C%20parenting%2C%20food%2C%20health%20and%20environment.%22%7D&cd[OpenGraph]=%7B%22og%3Adescription%22%3A%22Malaysia%20lifestyle%20stories.%20Provides%20feature%20articles%2C%20guidelines%20and%20tips%20on%20art%2C%20fashion%2C%20travel%2C%20parenting%2C%20food%2C%20health%20and%20environment.%22%2C%22og%3Atitle%22%3A%22Malaysia%20Lifestyle%20Feature%20Stories%20%7C%20The%20Star%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fcdn.thestar.com.my%2FThemes%2Fimg%2FnewTsol_logo_socmedia.png%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fwww.thestar.com.my%2Flifestyle%22%2C%22og%3Atype%22%3A%22website%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22WebPage%22%2C%22headline%22%3A%22Malaysia%20Lifestyle%20Feature%20Stories%20%7C%20The%20Star%22%2C%22articleSection%22%3A%22lifestyle%22%2C%22creator%22%3A%22The%20Star%20Online%22%2C%22thumbnailUrl%22%3A%22https%3A%2F%2Fcdn.thestar.com.my%2FThemes%2Fimg%2FnewTsol_logo_socmedia.png%22%2C%22dateCreated%22%3A%222019-07-29T14%3A48%3A52Z%22%2C%22url%22%3A%22http%3A%2F%2Fwww.thestar.com.my%2Flifestyle%22%2C%22keywords%22%3A%5B%22%22%5D%7D%5D&sw=1600&sh=1200&v=2.9.48&r=stable&a=tmgoogletagmanager&ec=1&o=30&fbp=fb.2.1637122695787.182521506&it=1637122695560&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 04:18:16 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 44
expires: Wed, 17 Nov 2021 04:18:16 GMT

GET
H2 200 HealthFitness_sidebar.png
cdn.thestar.com.my/Widgets/newsletter/img/ Frame 8EDA 231 KB
232 KB 770ms
770ms Image
image/png 13.224.96.73
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.thestar.com.my/Widgets/newsletter/img/HealthFitness_sidebar.png
Requested by: Host: sites.thestar.com.my
URL: https://sites.thestar.com.my/tsolnewsletter/default.aspx?s=lifestyle
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-73.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 102b5cf7bc2670e2dafdaebb0a359ef581924f2df58b50a0794047d2ba4c5ee5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sites.thestar.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: S7E4VtjXhSgsNzoXmf2aNPMUQmNjRlxJ
via: 1.1 5e318b3ea3fa81a8c20898c2f8c40e7c.cloudfront.net (CloudFront)
etag: "5a5e752e364ef140f952d10f4d68fe2e"
last-modified: Mon, 06 Jul 2020 07:06:26 GMT
server: AmazonS3
x-amz-cf-pop: ZRH50-C1
x-amz-meta-cb-modifiedtime: Wed, 29 Apr 2020 18:33:08 GMT
x-cache: RefreshHit from cloudfront
content-type: image/png
date: Wed, 17 Nov 2021 04:18:18 GMT
accept-ranges: bytes
content-length: 236648
x-amz-cf-id: x-bkDxD0cWTK_8LkbewW9zHq5gsazqdaSQL-FpTnIn9FXr0juWwn2A==

GET
H2 200 S6u9w4BMUTPHh50XSwiPGQ.woff2
fonts.gstatic.com/s/lato/v20/ Frame 8EDA 22 KB
22 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v20/S6u9w4BMUTPHh50XSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,300i,400,400i,700,700i,900,900i&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d4243c8e973ec0cfc707904891ae4e3efc03dbc8923acb9755f9a35c92269a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://sites.thestar.com.my
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 16 Nov 2021 08:02:57 GMT
x-content-type-options: nosniff
age: 72919
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22572
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:18:56 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 16 Nov 2022 08:02:57 GMT

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v20/ Frame 8EDA 23 KB
23 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v20/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,300i,400,400i,700,700i,900,900i&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://sites.thestar.com.my
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 15 Nov 2021 21:26:28 GMT
x-content-type-options: nosniff
age: 111108
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23484
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:19:01 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Tue, 15 Nov 2022 21:26:28 GMT

GET
DATA 200
OK truncated
/ Frame 32B6 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
293 B 19ms
17ms Image
image/gif 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-828580-1&cid=763206404.1637122692&jid=645025961&_u=aCDAAEACQAAAAC~&z=372718068

Requested by

Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 Nov 2021 04:18:16 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 318ms
17ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-828580-1&cid=763206404.1637122692&jid=645025961&_u=aCDAAEACQAAAAC~&z=372718068

Requested by

Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 Nov 2021 04:18:16 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST view
googleads4.g.doubleclick.net/pcs/ Frame A30E 0
0

GET activeview
pagead2.googlesyndication.com/pcs/ Frame A30E 0
0

GET
H2 200 container.html Show response
6f3ae07be95ae97387d8b294da3b5285.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 209D 6 KB
3 KB 7ms
6ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://6f3ae07be95ae97387d8b294da3b5285.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Wed, 17 Nov 2021 04:18:11 GMT
expires: Thu, 17 Nov 2022 04:18:11 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 5
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 Subscribe_now.png
s0.2mdn.net/9951322/1615304082096/ Frame 32B6 3 KB
3 KB 6ms
6ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9951322/1615304082096/Subscribe_now.png

Requested by

Host: 6f3ae07be95ae97387d8b294da3b5285.safeframe.googlesyndication.com
URL: https://6f3ae07be95ae97387d8b294da3b5285.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6f8e2288878a6e4cd289b6b80b34002f39d4fa524efadb1ff9c2b2d4655ce844

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/9951322/1615304082096/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 16 Nov 2021 20:14:55 GMT
x-content-type-options: nosniff
age: 29001
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2753
x-xss-protection: 0
last-modified: Tue, 09 Mar 2021 15:34:42 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 17 Nov 2021 20:14:55 GMT

GET
H2 204 config Show response
c.amazon-adsystem.com/cdn/prod/ 0
312 B 20ms
19ms XHR
text/plain 13.224.90.44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.thestar.com.my%2Flifestyle&pubid=cd6cddc5-4dca-4d77-9a65-8b894400e772
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.90.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-90-44.zrh50.r.cloudfront.net
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 00:59:43 GMT
via: 1.1 5e318b3ea3fa81a8c20898c2f8c40e7c.cloudfront.net (CloudFront)
server: Server
age: 11913
x-cache: Hit from cloudfront
access-control-allow-origin: https://www.thestar.com.my
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: KF03MPyTvsgLFFHFIDyDibtIMV7T_6GzYB92d9GLCD8tD-k9K7l0mA==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 37ms
13ms XHR
application/javascript 13.224.90.44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.90.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-90-44.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: gYbY2ORQY5Qmsyt0ob0SiGH6tjIhuo4B
content-encoding: gzip
etag: W/"a4d296427fc806b21335359e398c025c"
age: 5097
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Tue, 09 Nov 2021 22:55:20 GMT
server: AmazonS3
date: Wed, 17 Nov 2021 03:03:02 GMT
vary: Origin
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 4e0fd86f7afa735e772d6f7fe5e91f5b.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: tRuW4Npol67TYqe7pVlBm5kqCDJFuEIBRgmOl0a_WUOzhWDP3i-Xdg==

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 0D87 0
23 B 19ms
18ms Ping
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvuul4Vmtun055zbzCoLQXKUq0mEE4yU8huGKzTTNp8AzWaSi2fvq-FsKSXh-ycD5Kj3nZ4fvxvcyi05jCAeZt8B_43oU4wuH_vjQ6NrEC5n_OV-mmYFDXG-6P1fWEut3hPyV-ry8tZjhBR0QOH5OuSzEfVAJ6wI-vYudSF515CJmhFSgKDEPToO_FDk3Eg_zmdD-6MFSul0z3Hg76rWsiiHjbjl6dls_YzEO-Zz6FPzJV-ZQ4TOBMh65yZJDmIhV8ZjHPzvby6ByK1d-1lBIZxlOWqKFDGJCrBxZxK6o7gZZ9iimDLI85sm4D_GxySLl0UzKQnGCy9S-NbhkxXJ-gaZCgVdUX-EuFvzSVMoCghNKx9uU9EfsL3CCmPD0LROV9OddUZ9Hv955_Z49lYGFqnHA4VYSzc_LZ4yvqKFe65vT6TBEH5LUvAErMii71kRvUGaWg_3UKzbzjlsVDtskhVIRx5RN6LRgxANcBw5tcmVhira30QesG2nrvUy_PKx87cz_Xm4dIP88eYtVlHPmXmonP2AiKUa4perNQ7LUzyAYGPf4BoC09_WALnnir0qCnChSiH_tikwdqyUVI9vS5EwI9tpjPSyss2RUXp1JD3DWMcp1LBBMC8rTPkkkt3msFzLeLuTpxCYmCHlLpXDSfPApOWMEP5aIXhR68rAGdnTdJ3ACF6YW8CNL5e34Rx2HgAq76hM_2LRr4Y366x12fIACYuQdRqifc2hH-MzWy8UtZzgRfhTd6TPW9gozuvnn6-62XX4PplM_qAJ30xsUdMR6zLJ3aaRquAZ15OtQHIaTz50bp3ZPmpvrEzQgOPwuXY5u41130S8hbqqBscBsG5PHBYOwLpHG3idz12mA73Uw_lUyNpycZOkQW-pEhSj_bADvZPqaulk5lf2yeeZc27LG-rxMWPWGQVbKYM31af4baBHidSVgP4GgV8lqnZnKpEE5KhbFIaXIG_i8kp6Y5zh8qT_zFn6vCDYIh9-ZDBTwFD0ogDbBJG6btW2QaxwxjSIK4-F_-jIU8qNdq-8IhGaUjryTm61yI6BnI255h61hdCIOcT3OHg2Pn2MWUKY4cNty2twFgUsoJZyk-IzZyrYbEepO45_BSx5iYb_yFpBNdFU4TwTK1rrkDTRBusuDwTSvH84Ev7CgURD6SLB8JmYD9rRpMxADBz7hWxyx34AA&sai=AMfl-YTfxB3zKzXUL59L232jxUDkh1n-OAcWX2fctBAECjMei18hfzfKBL3mAULfn5ElSBrx5jWmrD7ujJxEpA60zFRMtRHgC0eguPmB_kOaObQ-E0G4NGDZuYMEVDvgR98k6EKm18PLdy4R50o6ncjppI3r7Zqbmw&sig=Cg0ArKJSzMXyxOUjXNpWEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=882&vt=11&dtpt=343&dett=3&cstd=538&cisv=r20211111.03911&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=

Requested by

Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6f3ae07be95ae97387d8b294da3b5285.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Wed, 17 Nov 2021 04:18:16 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

POST
H2 200 t Show response
t.lkqd.net/ Frame 74BA 0
166 B 90ms
89ms XHR
text/plain 146.20.132.52
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.52 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://www.thestar.com.my
date: Wed, 17 Nov 2021 04:18:16 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 89ms
89ms Preflight
text/plain 146.20.132.52
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.52 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.thestar.com.my
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Wed, 17 Nov 2021 04:18:16 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
access-control-allow-credentials: true
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
cache-control: max-age=300
access-control-max-age: 300
access-control-allow-origin: https://www.thestar.com.my

GET
H2 200 W74_wbIuhH6bObXj0uCjode8PwiBrxgOKnAqo6ShAmY.js Show response
pagead2.googlesyndication.com/bg/ Frame 5FDF 35 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/W74_wbIuhH6bObXj0uCjode8PwiBrxgOKnAqo6ShAmY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5bbe3fc1b22e847e9b39b5e3d2e0a3a1d7bc3f0881af180e2a702aa3a4a10266

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 16 Nov 2021 14:30:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49674
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13296
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 11:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 16 Nov 2022 14:30:22 GMT

GET
H2 200 W74_wbIuhH6bObXj0uCjode8PwiBrxgOKnAqo6ShAmY.js Show response
pagead2.googlesyndication.com/bg/ Frame 0528 35 KB
13 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/W74_wbIuhH6bObXj0uCjode8PwiBrxgOKnAqo6ShAmY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5bbe3fc1b22e847e9b39b5e3d2e0a3a1d7bc3f0881af180e2a702aa3a4a10266

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 16 Nov 2021 14:30:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49674
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13296
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 11:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 16 Nov 2022 14:30:22 GMT

GET
H2 200 W74_wbIuhH6bObXj0uCjode8PwiBrxgOKnAqo6ShAmY.js Show response
pagead2.googlesyndication.com/bg/ Frame 713F 35 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/W74_wbIuhH6bObXj0uCjode8PwiBrxgOKnAqo6ShAmY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5bbe3fc1b22e847e9b39b5e3d2e0a3a1d7bc3f0881af180e2a702aa3a4a10266

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 16 Nov 2021 14:30:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49674
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13296
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 11:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 16 Nov 2022 14:30:22 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 1757 15 KB
15 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://s0.2mdn.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 13:39:48 GMT
x-content-type-options: nosniff
age: 398308
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:19 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 12 Nov 2022 13:39:48 GMT

GET
H2 200 cs
cs.lkqd.net/ Frame B123 43 B
308 B 89ms
88ms Image
image/gif 146.20.128.38
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=55&redirect=https%3A%2F%2Fidsync.rlcdn.com%2F464986.gif%3Fpartner_uid%3D%24%24rawlkqduserid%24%24&r=if
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.38 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 04:18:16 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

GET
H2 200 cs
cs.lkqd.net/ Frame B123 43 B
308 B 90ms
89ms Image
image/gif 146.20.128.38
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=103&redirect=https%3A%2F%2Fevent.clientgear.com%2Fcookie%2Flkqd%3Fpartner%3Dlkqd%26cookieid%3D%24%24rawlkqduserid%24%24&r=if
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.38 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 04:18:16 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

GET
H2 200 cs
cs.lkqd.net/ Frame B123 43 B
308 B 90ms
89ms Image
image/gif 146.20.128.38
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=102&redirect=https%3A%2F%2Fcs.krushmedia.com%2Fcd607442bfdf172cfcec45014a5f4ece.gif%3Fpuid%3D%24%24rawlkqduserid%24%24%26redir%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D102%2526partnerUserId%253D%255BUID%255D&r=if
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.38 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 04:18:16 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

GET
H2 200 cs
cs.lkqd.net/ Frame B123 43 B
308 B 92ms
91ms Image
image/gif 146.20.128.38
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=99&redirect=https%3A%2F%2Fc.deployads.com%2Fcs%2FNXST%3Fb%3D%24%24rawlkqduserid%24%24&r=if
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.38 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 04:18:16 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

GET
H2

200

cs
cs.lkqd.net/ Frame B123
Redirect Chain

https://ad.turn.com/r/cs?pid=65
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3787999947135469336

43 B
308 B

89ms
89ms

Image
image/gif

146.20.128.38
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3787999947135469336
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Server: 146.20.128.38 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 04:18:16 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

Redirect headers

location: https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3787999947135469336
pragma: no-cache
date: Wed, 17 Nov 2021 04:18:15 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET user_exists
psegment.netcoresmartech.com/ 0
0

GET
H2 200 684749.json Show response
cdn.thestar.com.my/Content/Text/short-with-headline/ 2 KB
3 KB 757ms
757ms Script
application/json 13.224.96.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.thestar.com.my/Content/Text/short-with-headline/684749.json?callback=jsonCallback684749&_=1637122690251
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.1.1/jquery.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-73.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b57d6b1a23453bf8e1f8a4905cfd80328aafc63a4289d6bec6b3ef2dc18784cf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 04:18:18 GMT
via: 1.1 5e318b3ea3fa81a8c20898c2f8c40e7c.cloudfront.net (CloudFront)
last-modified: Tue, 16 Nov 2021 22:54:14 GMT
server: AmazonS3
x-amz-cf-pop: ZRH50-C1
etag: "578ca99baf0426b3d1d82cd2b4bc12ce"
x-cache: Miss from cloudfront
x-amz-version-id: O4nDkgRUdilE8aZ6c7SpTnRanVFE5irP
cache-control: max-age=180
accept-ranges: bytes
content-type: application/json
content-length: 2337
x-amz-cf-id: IQcoLwy5J-fbIqGIMHIDYAMDhzhwGfbH4w9drTKsyw6WsRmwE6kV4A==

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 5D3C 0
23 B 19ms
19ms Ping
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvUOzRwaht_ZME9XQiUl8lJs_HBJs7I3YnYsC82F-BM7csqtU8cJWmT8cBitzdCJQ1l5ij8MRd07uEQvqjaf8V0-ciNaPifARuSTFM_20fuY2JTaWgHazEt3vCS6dEz4NAFXGQGm5QlR2XR9BJSX7OW0E5cl8Czn-lANKIVPNwEx6hXGdL9Ryqpylp-CUpPBJU1DWQXx-DZFVZWIImxc0cpZXm8nqRV7Lt66cK9dbUT6DrPb9-OfGT4772stHZBqkoB75SNVKnrIsBv-5abEnrxrIs-VRx6b8B2vm2d7eKCIRGFO_kWyhTWBkprca_hgeSIrCg6GiL6cyWPgRaPxRuCas_gVT7Q7KeJS6JH7B3y_FpSTAQuWMkqojewNXcwBzDGTGr_Q84aXoFn5PV_zKmqgydIYcidUXhgCsgLRfFj5wmJ_4fdLb8RP7gbr4XguQ2XHg9mHtL6Ajco8o-rZUBZfRQRj8d5oqNVu7D3D5unnFjrLQc57voM0sEeIXX7Uo_i63dCsktWbkkQfDUsM1nNgGGxo05wbzcYTvFeX8Awv0Wnp5NpzodByT569V1dXy4wU2KBbqOMYsQ4RZ2C5rHABY5DkCaq1-Uvm-dfW9QnektEhMVX0KLqW0IIkmi2cOftmqUcvdDoaFzReyWaHeWbqTfGqno0tKfZqAxjb6OnyF1ael-n0zUPf_d1nzSe4DBx2P2_XQJ67Y4MSqyq10Iv2PCyrgiMaJLlEL-V2UaIHB7wcMwUjDTlXIELbmx9cdoyoWFTGTwAor8sCPHOEoZy1nmmk1o9YDGg4BC3tpRvUYI0FFz56aXKTjzr3bY3hvgHN3ZtTGi4fslDONK9djB98hdnm6NDlLkEFLzoywxrOAe3jrGJtPwL6PnzaStgW4Z_H8U2nzF_1RjpcI0jgcaEGh3zQ5qsQnn9qx8zxrIBP7WmHXMvQ7WosiTP_lCbNJbdlNEpsNiADjtdpfhC-AOgGAS0NbBzcE4RcBMxQ0YNXb_aZbW19gHwhAadXqySBn9edDCs12lD8Cf9aUor3bSwIk5s9pOpFzFjg-E9mT1g9_dLlErox9UBhD1RYpqwGFXgsurxrANJtKGDGQvKoZzmMO47N6Po7PvJRsS3JXfwPSpDxWdrMC-hfLlDLMoK76nwSnsSluk9aeS1cyTsC649MZHPYEW2F7qUmcwkjfM&sai=AMfl-YQIvOIerP_bErNX_hq8pds-OLZ1j5vt9mJGW0m04ivjUkkKkmpzEwDjmEDErw5gdcPtLDn61dOlPVuevVzknoEdN5sxmxPWFe6Yjux5RErjUtiBizfkmJ5ptxhMmyYVrrduhbBKFopOZsH014Je_VjZvvQiIA&sig=Cg0ArKJSzKXVCK20wHtyEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=974&vt=11&dtpt=431&dett=3&cstd=537&cisv=r20211111.00822&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=

Requested by

Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6f3ae07be95ae97387d8b294da3b5285.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Wed, 17 Nov 2021 04:18:16 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame F28B 398 B
326 B 18ms
16ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARiQ5uioATAB&v=APEucNWc2ysegWIGpRoxbxmtSefVkcxtbKur6oeJDgE661AgY9PDJhihpIj3paFJO5r1UBOthmD6wj-AEDtv2Wv-cOsLzTHZ7deod1E4P7iOxRjWI9cWX9EQS5sdMnp8Ku1LHKw2Ddk5VkyOuBTDt_mo3JfhWaVnny5OxUrIrpiOsMC1vq47jCQ

Requested by

Host: 6f3ae07be95ae97387d8b294da3b5285.safeframe.googlesyndication.com
URL: https://6f3ae07be95ae97387d8b294da3b5285.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dc00d2dc19a9dd32d5f89ec3d68bfed90dd775a5fa638855b7fe00d6415f379b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://6f3ae07be95ae97387d8b294da3b5285.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Wed, 17 Nov 2021 04:18:16 GMT
server: cafe
cache-control: private
content-length: 258
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 209D 78 KB
31 KB 50ms
48ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B7AKCKLcZaDjmjlesNyTErrCf8d0Bo8HaQeaEtyBaSM22HMhgXboUzRWHbrj124XEw4wnythETM2NLKywFkfezxB7cp9PfqLRMX5SGy2XEeEFf5GXGJV1PI7clcvOcdZaTvohQW-S9CfRS9LMZ9mGI-FR8fw&dbm_d=AKAmf-AcLQVTph6NjTWm7JJWD9E6PqK9M4JwGMpxniiXPMaDgR13ZV4oF3dEHzDSO2lYOFzXlUhaaAyGZzoxk-6r-9aionp6vLpoFdyl__dZE-ZWVM3ceHf8OKbRR2KTcvecw4ULQaYpN7wskePlb01tn8FGQZu1_TfX252KRjg3Xq1C8dirolJG_PZsC5BFNfZW_zNUI4en8DCEjqEU9svQ9uGUKhBPEHPe0ebIJPzXv0DlTBGgbGwpk8CRMuls5JT3NY-6rGv7pza52Ipk-C3D1eOZpNWp3vg_8LxUk-3p_qbpp8F2GP_cCp3nmncOh1sfQC_NQhsv_dQCEYBg6Uz5dKD6kQzWwolp6nwTFW_bcN-ENJVEkWAJBeHF5UlyApAxIXJGwfWGjrMKg19gg0bpI-1uIRHkcWHDKVnR_CqqAjxK8Da9BAkCQFruClsZWsaaQP_Kwr9hC_K1fM9L6-jY-ZZ3bsMqTx_et9Np5S0CUsGckDYI01jZh0oLeXqP10ueW4btSLOL2l4JBhrNlvRFqD7Q2UTyZsTlGjGE83QErIXzTejQTC1dKpXKIeFAb5fUcGvtK8HyXcsCJ3BnZyNk_9I5LfO8F9ejYUzE3Tm5hP2oAFcWD1gl9tE64gUBjlgpL1czSEj34bUvupWiysIjFiXxq03IXqSFsGgpoAStv8O7S_g1tqEa4pLGDQ97p3VDbiskqojb_RKUWykG90KKGCMI1xmzIU5uJDkcRfiTq3UL62brloqiH3CFdEOGalQKtUEVN073Kl4TZnxnDq0iZHbykNX4-P1hkUgTJqoVCDsPSn2o8LXP2bVwM3IUMlJYSpdKqNPK_NefqCz9K7PsD_yVsVRH0JR0Q-MePir4z07_EZLZsXa2AOBjLHnxpj_UFH55EOu_E5mjEANcbzYTmszWUVzLXF23vZabftfKYPnZ9wmh4ak7lDKjAD-JnBoA95BsNKJj2rs1Q-KWeFSA9IAqa7vhM1EUm55F38eLD95ufSknCHLDdVMZKvIsLl_CKVRYVB_W7f7dQdlt1-n6EEe0xJsmfdjxBDtkB2ZFaryaUdksgfRQeOINxrJ2K8AEQAOb0MM24o03b-qybdz_sQAJLNI-T1wOB-E7RSjC2eTBuIyJjBuAuAlx9pL0YWYJcBGybZKd6P983lKsAZ_WT-XdZZIourTr1GB0HteOwbQq7gl6XKdUFe4BHa1EGc9om0sdX_QtUJbYbHz5kjPrPUscg5zuT6LqfC7cRRyMujURFwvpmt02JMHHH-u3xgBnxGq7hH1Dv6N9KTYHzELj2GaS8B9ErTW8LyIOrgMAorvIzICZW-DKEnpm4fF3bC8P23uGjt0kRlHhTp6I57-QDydMSXAcKDCAtDHGK17Va3bG0ZW0Wz4dtk__hpYEk2GPS0fkQL470M2exJ73Uj2vhEkBPn8DRiO1ls72W_LihdKLY5rvEu8BLtbDtQNUVo0dTU3vDYRztbMrY1f45Ayc2DlyAbS5n2ej5JS2bfVm0xLLZ74MsGNzfxm3I5wvJ43dzamQlg6k_kESkBqpLqfoC7UuyG_K7-Ysrht0jEYQKIv6Cn7JpxAtHAQZ-qiy6oLHmowEXzOJvwMME62WLtnl7-fDvd9eNALl8lu0WgxLv1omWt5IjJAveZL-OXTO94eims-aJvWYgCg82vHewWfUKJce4Bi4BfkYgd_yLkVGqlHuamc12i9EsftJbbv3y2riHE4okk6oV9MKC-uvQYBNP_2tM9SwBoh3ddu_oPu7KmB7x_wiklFpFYyWdUO1fhkD3ddHooLsCTfKbqXnSXFnqy07HmwUSj3t234AgFZL9uSb90IPQomHc0IrPQdfx7wx7vItlZrh-DiVCPfEOOokSu9W_-PCPc-FdQJ-01c9DWfHbHMf3A0hW8_Q9z6qZhaY_CRz6B8KM9gDH1-wDeStMpRtyJdmio_8t4Igf3oimdCpB1bUym34swh6_2LcDvJ04XAgKVjhStY4xbrRLPwON6FLIhxLxWKQ9oJ7l7Ia_omzkdyyEo4gKhf20Yj4eDhokz9nE9WvrUCDTuuYF6KshqNyN0wOg2HHDr9t4g1aAkOZaDbgJOAFJi7EMFgfuQnFen34olaKYUnKLdShHhxSXibt5NAKpBv02vynPWNkd-mJxeFEANreW54N-QujbM9jSSzwyJkr_KEZZ8vS1Qg_ToUL8blleKY4pFI-_k9YTOvS4JVx9I9CnTwD40a4j9ziPPorBv29DP62n6eQcjDWrtMJdKzVK8_0WP_mJVz5Rm7PY_M72x6_iH0FJ_TrOGe6crVu6ULHOOMnMYcoAoUK9Jhe27e97Xn-YenhBnAJyO_HaWU4sk-ve3Q7rIzZBn880AEmA_XySJRvYYxAjnSk8o0QGfI-J4R4HUyp3US_bam34jNA3J7oRx9g4BBDuqcc7bjPPFcVF7NBlMsnyphCo707JwprE2F7-5-QBIYVCuQU8-xYGdT3kOsV4xxjkbFnBRSVW1CbcbaF7P-X-YukOES8tB7anLnvmdS3V1B-KTdzOz0ZgjsW_6I77G_y8I25jdmwEutF3feYTk-gxzU-0HwtM7v6WaRm9NvfZpo-78WRxhNlpSLKKe77YZUoWWkflwUy_zcWzox-yqhSbeB5ZqZMkdAX6ukYFZOOyQHROruNjwIxq3sdbGYbXyBHXMIXD_xxWGP-D6vDK8wuu-GRQMP1cbIX5Rng7ZC5D0YMQM2SqOazWPY15Jjtlq714maHquJWckhh4JsRoRqmw_UNTGTHko2kOP8L4BlvfGMSQPHG45Ku8YrKeBN_MDuHTY579-7T1wuxelU5gDySkT6py1k8liozgrIQoJiC9oeqONb5Ubv281HPuGVNc2vfgPtd5Pdtl5k23JFkYJvJho_XCV0K29ksDRZq_J6Ul_guh7IGuhXyLBNik5wTpkIf6Ny-R6CDMfPY8zVBnBbyLhdKf66gLcUJWSiqpwYVKYkYZfMASp5nJ8HmenT-Cfly7iLWPUXgTwFg&cid=CAASEuRokILeymVzoKB2AkeyPcl2fw&rfl=1%2Chttps%253A%252F%252Fwww.thestar.com.my%252Flifestyle%240

Requested by

Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

560fe6c9877bd6b212f360b509d9c5b60aba9de45ace3c66f9d40edf01eb0ae0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6f3ae07be95ae97387d8b294da3b5285.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 Nov 2021 04:18:16 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31669
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 209D 42 B
107 B 40ms
39ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AqQdHmOYGFYTjl3FpDZcyuMPL34MokV80KIfUe6yFgSQqt2QN0qVMIYptzDs3KfQyygazAQpJsaEIkuvHkFqoWP0fLc9D0nvr5kiLJoBSpDrjGLRs

Requested by

Host: 6f3ae07be95ae97387d8b294da3b5285.safeframe.googlesyndication.com
URL: https://6f3ae07be95ae97387d8b294da3b5285.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6f3ae07be95ae97387d8b294da3b5285.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 Nov 2021 04:18:16 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame 209D 2 KB
1 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/window_focus_fy2019.js

Requested by

Host: 6f3ae07be95ae97387d8b294da3b5285.safeframe.googlesyndication.com
URL: https://6f3ae07be95ae97387d8b294da3b5285.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6f3ae07be95ae97387d8b294da3b5285.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 04:05:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 766
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 01 Dec 2021 04:05:30 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 209D 119 KB
36 KB 288ms
286ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 6f3ae07be95ae97387d8b294da3b5285.safeframe.googlesyndication.com
URL: https://6f3ae07be95ae97387d8b294da3b5285.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6f3ae07be95ae97387d8b294da3b5285.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 04:18:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37119
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1636547677202025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 17 Nov 2021 04:18:16 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame 209D 15 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 6f3ae07be95ae97387d8b294da3b5285.safeframe.googlesyndication.com
URL: https://6f3ae07be95ae97387d8b294da3b5285.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e7907336273196ef7b66c3c9377e5958d4c7e9691de3e67dca3a803138344a00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6f3ae07be95ae97387d8b294da3b5285.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 04:13:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 270
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6415
x-xss-protection: 0
server: cafe
etag: 16810888504096353422
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 01 Dec 2021 04:13:46 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 209D 0
0 14ms
14ms Image
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRzibf6dcGLcWn2uTEshyOEXcGllTGCKOXB9VoTJXoKPQre67j0-jG96Ed8SYveG5_x4C9S16PsMSGu8zXRZCdYnwqArw
Requested by: Host: 6f3ae07be95ae97387d8b294da3b5285.safeframe.googlesyndication.com
URL: https://6f3ae07be95ae97387d8b294da3b5285.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6f3ae07be95ae97387d8b294da3b5285.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

GET
H2

200

/
www.facebook.com/tr/
Redirect Chain

https://www.facebook.com/tr/?id=1133176620062218&ev=Microdata&dl=https%3A%2F%2Fwww.thestar.com.my%2Flifestyle&rl=&if=false&ts=1637122696631&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Malaysi...
https://www.facebook.com/tr/?a=tmgoogletagmanager&cd[DataLayer]=%5B%5D&cd[JSON-LD]=%5B%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22WebPage%22%2C%22headline%22%3A%22Malay...

44 B
101 B

7ms
6ms

Image
image/gif

2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?a=tmgoogletagmanager&cd[DataLayer]=%5B%5D&cd[JSON-LD]=%5B%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22WebPage%22%2C%22headline%22%3A%22Malaysia%20Lifestyle%20Feature%20Stories%20%7C%20The%20Star%22%2C%22articleSection%22%3A%22lifestyle%22%2C%22creator%22%3A%22The%20Star%20Online%22%2C%22thumbnailUrl%22%3A%22https%3A%2F%2Fcdn.thestar.com.my%2FThemes%2Fimg%2FnewTsol_logo_socmedia.png%22%2C%22dateCreated%22%3A%222019-07-29T14%3A48%3A52Z%22%2C%22url%22%3A%22http%3A%2F%2Fwww.thestar.com.my%2Flifestyle%22%2C%22keywords%22%3A%5B%22%22%5D%7D%5D&cd[Meta]=%7B%22title%22%3A%22Malaysia%20Lifestyle%20Feature%20Stories%20%7C%20The%20Star%22%2C%22meta%3Adescription%22%3A%22Malaysia%20lifestyle%20stories.%20Provides%20feature%20articles%2C%20guidelines%20and%20tips%20on%20art%2C%20fashion%2C%20travel%2C%20parenting%2C%20food%2C%20health%20and%20environment.%22%7D&cd[OpenGraph]=%7B%22og%3Adescription%22%3A%22Malaysia%20lifestyle%20stories.%20Provides%20feature%20articles%2C%20guidelines%20and%20tips%20on%20art%2C%20fashion%2C%20travel%2C%20parenting%2C%20food%2C%20health%20and%20environment.%22%2C%22og%3Atitle%22%3A%22Malaysia%20Lifestyle%20Feature%20Stories%20%7C%20The%20Star%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fcdn.thestar.com.my%2FThemes%2Fimg%2FnewTsol_logo_socmedia.png%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fwww.thestar.com.my%2Flifestyle%22%2C%22og%3Atype%22%3A%22website%22%7D&cd[Schema.org]=%5B%5D&coo=false&dl=https%3A%2F%2Fwww.thestar.com.my%2Flifestyle&ec=1&es=automatic&ev=Microdata&fbp=fb.2.1637122695787.182521506&id=1133176620062218&if=false&it=1637122695560&o=30&r=stable&redirect=0&rl=&rqm=GET&sh=1200&sw=1600&tm=3&ts=1637122696631&v=2.9.48

Requested by

Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle

Protocol

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 04:18:16 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 44
expires: Wed, 17 Nov 2021 04:18:16 GMT

Redirect headers

pragma: no-cache
date: Wed, 17 Nov 2021 04:18:16 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/plain
location: /tr/?a=tmgoogletagmanager&cd[DataLayer]=%5B%5D&cd[JSON-LD]=%5B%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22WebPage%22%2C%22headline%22%3A%22Malaysia%20Lifestyle%20Feature%20Stories%20%7C%20The%20Star%22%2C%22articleSection%22%3A%22lifestyle%22%2C%22creator%22%3A%22The%20Star%20Online%22%2C%22thumbnailUrl%22%3A%22https%3A%2F%2Fcdn.thestar.com.my%2FThemes%2Fimg%2FnewTsol_logo_socmedia.png%22%2C%22dateCreated%22%3A%222019-07-29T14%3A48%3A52Z%22%2C%22url%22%3A%22http%3A%2F%2Fwww.thestar.com.my%2Flifestyle%22%2C%22keywords%22%3A%5B%22%22%5D%7D%5D&cd[Meta]=%7B%22title%22%3A%22Malaysia%20Lifestyle%20Feature%20Stories%20%7C%20The%20Star%22%2C%22meta%3Adescription%22%3A%22Malaysia%20lifestyle%20stories.%20Provides%20feature%20articles%2C%20guidelines%20and%20tips%20on%20art%2C%20fashion%2C%20travel%2C%20parenting%2C%20food%2C%20health%20and%20environment.%22%7D&cd[OpenGraph]=%7B%22og%3Adescription%22%3A%22Malaysia%20lifestyle%20stories.%20Provides%20feature%20articles%2C%20guidelines%20and%20tips%20on%20art%2C%20fashion%2C%20travel%2C%20parenting%2C%20food%2C%20health%20and%20environment.%22%2C%22og%3Atitle%22%3A%22Malaysia%20Lifestyle%20Feature%20Stories%20%7C%20The%20Star%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fcdn.thestar.com.my%2FThemes%2Fimg%2FnewTsol_logo_socmedia.png%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fwww.thestar.com.my%2Flifestyle%22%2C%22og%3Atype%22%3A%22website%22%7D&cd[Schema.org]=%5B%5D&coo=false&dl=https%3A%2F%2Fwww.thestar.com.my%2Flifestyle&ec=1&es=automatic&ev=Microdata&fbp=fb.2.1637122695787.182521506&id=1133176620062218&if=false&it=1637122695560&o=30&r=stable&redirect=0&rl=&rqm=GET&sh=1200&sw=1600&tm=3&ts=1637122696631&v=2.9.48
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 0
expires: 0

GET
H2 200 prod_studio_01_238_configurablemodule.js Show response
s0.2mdn.net/879366/ Frame 1757 31 KB
11 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/prod_studio_01_238_configurablemodule.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_238.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf9a6d2d58d42b5239d8c9405c627d9c995f11eb4e2807be1f4f142028dd5f9f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/ads/richmedia/studio/mu/templates/brand_awareness_blanket/responsive/V1/index.html?e=69&leftOffset=0&topOffset=0&c=XtQeBMMEM2&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 16 Nov 2021 06:29:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 78549
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10829
x-xss-protection: 0
last-modified: Tue, 11 Jun 2019 21:21:50 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 17 Nov 2021 06:29:07 GMT

GET
H2 200 html_inpage_rendering_lib_200_275.js Show response
s0.2mdn.net/879366/ Frame 209D 169 KB
59 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_275.js

Requested by

Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e30f3479d6ce52ce1c83c50e5568a4a7c1080c3214b23aacbc9d21efdd52f95a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6f3ae07be95ae97387d8b294da3b5285.safeframe.googlesyndication.com/
Origin: https://6f3ae07be95ae97387d8b294da3b5285.safeframe.googlesyndication.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 16 Nov 2021 05:32:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 81975
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 60173
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:44:51 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 17 Nov 2021 05:32:01 GMT

GET
H2 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20211111/r20110914/elements/html/ Frame 209D 8 KB
3 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211111/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B7AKCKLcZaDjmjlesNyTErrCf8d0Bo8HaQeaEtyBaSM22HMhgXboUzRWHbrj124XEw4wnythETM2NLKywFkfezxB7cp9PfqLRMX5SGy2XEeEFf5GXGJV1PI7clcvOcdZaTvohQW-S9CfRS9LMZ9mGI-FR8fw&dbm_d=AKAmf-AcLQVTph6NjTWm7JJWD9E6PqK9M4JwGMpxniiXPMaDgR13ZV4oF3dEHzDSO2lYOFzXlUhaaAyGZzoxk-6r-9aionp6vLpoFdyl__dZE-ZWVM3ceHf8OKbRR2KTcvecw4ULQaYpN7wskePlb01tn8FGQZu1_TfX252KRjg3Xq1C8dirolJG_PZsC5BFNfZW_zNUI4en8DCEjqEU9svQ9uGUKhBPEHPe0ebIJPzXv0DlTBGgbGwpk8CRMuls5JT3NY-6rGv7pza52Ipk-C3D1eOZpNWp3vg_8LxUk-3p_qbpp8F2GP_cCp3nmncOh1sfQC_NQhsv_dQCEYBg6Uz5dKD6kQzWwolp6nwTFW_bcN-ENJVEkWAJBeHF5UlyApAxIXJGwfWGjrMKg19gg0bpI-1uIRHkcWHDKVnR_CqqAjxK8Da9BAkCQFruClsZWsaaQP_Kwr9hC_K1fM9L6-jY-ZZ3bsMqTx_et9Np5S0CUsGckDYI01jZh0oLeXqP10ueW4btSLOL2l4JBhrNlvRFqD7Q2UTyZsTlGjGE83QErIXzTejQTC1dKpXKIeFAb5fUcGvtK8HyXcsCJ3BnZyNk_9I5LfO8F9ejYUzE3Tm5hP2oAFcWD1gl9tE64gUBjlgpL1czSEj34bUvupWiysIjFiXxq03IXqSFsGgpoAStv8O7S_g1tqEa4pLGDQ97p3VDbiskqojb_RKUWykG90KKGCMI1xmzIU5uJDkcRfiTq3UL62brloqiH3CFdEOGalQKtUEVN073Kl4TZnxnDq0iZHbykNX4-P1hkUgTJqoVCDsPSn2o8LXP2bVwM3IUMlJYSpdKqNPK_NefqCz9K7PsD_yVsVRH0JR0Q-MePir4z07_EZLZsXa2AOBjLHnxpj_UFH55EOu_E5mjEANcbzYTmszWUVzLXF23vZabftfKYPnZ9wmh4ak7lDKjAD-JnBoA95BsNKJj2rs1Q-KWeFSA9IAqa7vhM1EUm55F38eLD95ufSknCHLDdVMZKvIsLl_CKVRYVB_W7f7dQdlt1-n6EEe0xJsmfdjxBDtkB2ZFaryaUdksgfRQeOINxrJ2K8AEQAOb0MM24o03b-qybdz_sQAJLNI-T1wOB-E7RSjC2eTBuIyJjBuAuAlx9pL0YWYJcBGybZKd6P983lKsAZ_WT-XdZZIourTr1GB0HteOwbQq7gl6XKdUFe4BHa1EGc9om0sdX_QtUJbYbHz5kjPrPUscg5zuT6LqfC7cRRyMujURFwvpmt02JMHHH-u3xgBnxGq7hH1Dv6N9KTYHzELj2GaS8B9ErTW8LyIOrgMAorvIzICZW-DKEnpm4fF3bC8P23uGjt0kRlHhTp6I57-QDydMSXAcKDCAtDHGK17Va3bG0ZW0Wz4dtk__hpYEk2GPS0fkQL470M2exJ73Uj2vhEkBPn8DRiO1ls72W_LihdKLY5rvEu8BLtbDtQNUVo0dTU3vDYRztbMrY1f45Ayc2DlyAbS5n2ej5JS2bfVm0xLLZ74MsGNzfxm3I5wvJ43dzamQlg6k_kESkBqpLqfoC7UuyG_K7-Ysrht0jEYQKIv6Cn7JpxAtHAQZ-qiy6oLHmowEXzOJvwMME62WLtnl7-fDvd9eNALl8lu0WgxLv1omWt5IjJAveZL-OXTO94eims-aJvWYgCg82vHewWfUKJce4Bi4BfkYgd_yLkVGqlHuamc12i9EsftJbbv3y2riHE4okk6oV9MKC-uvQYBNP_2tM9SwBoh3ddu_oPu7KmB7x_wiklFpFYyWdUO1fhkD3ddHooLsCTfKbqXnSXFnqy07HmwUSj3t234AgFZL9uSb90IPQomHc0IrPQdfx7wx7vItlZrh-DiVCPfEOOokSu9W_-PCPc-FdQJ-01c9DWfHbHMf3A0hW8_Q9z6qZhaY_CRz6B8KM9gDH1-wDeStMpRtyJdmio_8t4Igf3oimdCpB1bUym34swh6_2LcDvJ04XAgKVjhStY4xbrRLPwON6FLIhxLxWKQ9oJ7l7Ia_omzkdyyEo4gKhf20Yj4eDhokz9nE9WvrUCDTuuYF6KshqNyN0wOg2HHDr9t4g1aAkOZaDbgJOAFJi7EMFgfuQnFen34olaKYUnKLdShHhxSXibt5NAKpBv02vynPWNkd-mJxeFEANreW54N-QujbM9jSSzwyJkr_KEZZ8vS1Qg_ToUL8blleKY4pFI-_k9YTOvS4JVx9I9CnTwD40a4j9ziPPorBv29DP62n6eQcjDWrtMJdKzVK8_0WP_mJVz5Rm7PY_M72x6_iH0FJ_TrOGe6crVu6ULHOOMnMYcoAoUK9Jhe27e97Xn-YenhBnAJyO_HaWU4sk-ve3Q7rIzZBn880AEmA_XySJRvYYxAjnSk8o0QGfI-J4R4HUyp3US_bam34jNA3J7oRx9g4BBDuqcc7bjPPFcVF7NBlMsnyphCo707JwprE2F7-5-QBIYVCuQU8-xYGdT3kOsV4xxjkbFnBRSVW1CbcbaF7P-X-YukOES8tB7anLnvmdS3V1B-KTdzOz0ZgjsW_6I77G_y8I25jdmwEutF3feYTk-gxzU-0HwtM7v6WaRm9NvfZpo-78WRxhNlpSLKKe77YZUoWWkflwUy_zcWzox-yqhSbeB5ZqZMkdAX6ukYFZOOyQHROruNjwIxq3sdbGYbXyBHXMIXD_xxWGP-D6vDK8wuu-GRQMP1cbIX5Rng7ZC5D0YMQM2SqOazWPY15Jjtlq714maHquJWckhh4JsRoRqmw_UNTGTHko2kOP8L4BlvfGMSQPHG45Ku8YrKeBN_MDuHTY579-7T1wuxelU5gDySkT6py1k8liozgrIQoJiC9oeqONb5Ubv281HPuGVNc2vfgPtd5Pdtl5k23JFkYJvJho_XCV0K29ksDRZq_J6Ul_guh7IGuhXyLBNik5wTpkIf6Ny-R6CDMfPY8zVBnBbyLhdKf66gLcUJWSiqpwYVKYkYZfMASp5nJ8HmenT-Cfly7iLWPUXgTwFg&cid=CAASEuRokILeymVzoKB2AkeyPcl2fw&rfl=1%2Chttps%253A%252F%252Fwww.thestar.com.my%252Flifestyle%240

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9db8a678d1681c1c4a3f15e1769c3f54d96f126db4a7b00cea65127c820a7763

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6f3ae07be95ae97387d8b294da3b5285.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 03:54:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1435
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3140
x-xss-protection: 0
server: cafe
etag: 17163059639670574047
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 01 Dec 2021 03:54:21 GMT

GET
H2 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20211111/r20110914/ Frame 209D 24 KB
9 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211111/r20110914/abg_lite.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f93d6aac2996165254aceb217fd491b77cb5da8667b7bc90ba9f47242c98b91a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6f3ae07be95ae97387d8b294da3b5285.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 03:41:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2203
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9475
x-xss-protection: 0
server: cafe
etag: 15988442915344899701
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 01 Dec 2021 03:41:33 GMT

GET
H/1.1

200
OK

/
rtb-csync.smartadserver.com/redir/ Frame F28B
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=smartrtb_dbm&google_cm&google_dbm
https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEPFdG19D7m2N4MQUQuYagZM&google_cver=1

43 B
163 B

39ms
16ms

Image
image/gif

185.86.138.143
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEPFdG19D7m2N4MQUQuYagZM&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARiQ5uioATAB&v=APEucNWc2ysegWIGpRoxbxmtSefVkcxtbKur6oeJDgE661AgY9PDJhihpIj3paFJO5r1UBOthmD6wj-AEDtv2Wv-cOsLzTHZ7deod1E4P7iOxRjWI9cWX9EQS5sdMnp8Ku1LHKw2Ddk5VkyOuBTDt_mo3JfhWaVnny5OxUrIrpiOsMC1vq47jCQ
Protocol: HTTP/1.1
Server: 185.86.138.143 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 04:18:16 GMT
transfer-encoding: chunked
content-type: image/gif

Redirect headers

pragma: no-cache
date: Wed, 17 Nov 2021 04:18:16 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEPFdG19D7m2N4MQUQuYagZM&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 316
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK /
rtb-csync.smartadserver.com/redir/ Frame F28B 43 B
163 B 68ms
16ms Image
image/gif 185.86.138.143
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=GOOGLE_HOSTED_PI&redirurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsmartrtb_dbm%26google_cm%26google_hm%3DSMART_USER_ID_B64
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARiQ5uioATAB&v=APEucNWc2ysegWIGpRoxbxmtSefVkcxtbKur6oeJDgE661AgY9PDJhihpIj3paFJO5r1UBOthmD6wj-AEDtv2Wv-cOsLzTHZ7deod1E4P7iOxRjWI9cWX9EQS5sdMnp8Ku1LHKw2Ddk5VkyOuBTDt_mo3JfhWaVnny5OxUrIrpiOsMC1vq47jCQ
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.143 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 04:18:16 GMT
transfer-encoding: chunked
content-type: image/gif

GET
H2 200 query Show response
global.cloud.netacuity.com/webservice/ 571 B
445 B 140ms
31ms XHR
application/json 52.49.172.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://global.cloud.netacuity.com/webservice/query?u=04842bc1-ecc8-4db1-aeec-6a7708559ff2&json=true
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.49.172.98 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-49-172-98.eu-west-1.compute.amazonaws.com
Software: Apache/2.4.46 (Amazon) OpenSSL/1.0.2k-fips /
Resource Hash: 56fce0708ff84dbbcf0a8730598dbbe5841c5af1ec838a532edaf742b6252d2e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 17 Nov 2021 04:18:16 GMT
content-encoding: gzip
server: Apache/2.4.46 (Amazon) OpenSSL/1.0.2k-fips
content-length: 265
vary: Accept-Encoding
content-type: application/json;charset=UTF-8

GET
H2 200 / Show response
adx.adform.net/adx/ Frame 612A 65 B
651 B 77ms
20ms XHR
text/xml 37.157.6.242
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/?mid=970530&t=2&url=http%3A%2F%2Fwww.thestar.com.my%2F

Requested by

Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.242 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

94e4cb19c22e935d07b372642b91d6ef04fa8a8c61aed1bc5b17a5e79cdb6a54

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 04:18:16 GMT
content-encoding: gzip
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 173
pragma: no-cache
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: text/xml; charset=utf-8
access-control-allow-origin: https://www.thestar.com.my
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H2 200 tag Show response
4cywq-eqnre.ads.tremorhub.com/ad/ Frame 612A 119 B
458 B 547ms
319ms XHR
text/xml 2600:1f18:612b:4264:c589:eae1:ee6a:30d1
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://4cywq-eqnre.ads.tremorhub.com/ad/tag?adCode=4cywq-7ivfu&playerWidth=400&playerHeight=225&srcPageUrl=http%3A%2F%2Fwww.thestar.com.my%2F&schain=1.0%2C1%21vidoomy.com%2C56965%2C1%2C23762748692868655571128283996%2C%2C
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4264:c589:eae1:ee6a:30d1 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: 5616a6e1823b43919f7d1a33817cccfa1d9f30c9f10f2deb00d9c3671f91d5f0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 Nov 2021 04:18:17 GMT
content-encoding: gzip
server: Apache-Coyote/1.1
vary: accept-encoding
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
access-control-allow-origin: https://www.thestar.com.my
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-tremorvideo-status: NO_AD
content-type: text/xml;charset=UTF-8

GET
H/1.1

200
OK

88k_nHSg_6XSp1263gyM+iSSVC+nZNMH Show response
ads-eu.v.ssp.yahoo.com/a/h/ Frame 612A
Redirect Chain

https://ads.adaptv.advertising.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=756437901&gdpr=0&gdpr_consent=&pageUrl=http%3A%2F%2Fwww.thestar.com.my%2F&eov=eov&pi.width=400&pi.height=225&pi.viewable=1...
https://ads-eu.v.ssp.yahoo.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=756437901&gdpr=0&gdpr_consent=&pageUrl=http%3A%2F%2Fwww.thestar.com.my%2F&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scp...

249 B
528 B

463ms
423ms

XHR
text/xml

18.156.58.231
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads-eu.v.ssp.yahoo.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=756437901&gdpr=0&gdpr_consent=&pageUrl=http%3A%2F%2Fwww.thestar.com.my%2F&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=56965&hp=1&a.y_rid=d5f3399c-5ee4-4e14-a32a-494390a59231&a.is_yahoo=3&redirect_y=dHM9MTYzNzEyMjY5Njc3OS43MDY1NDM6YXBpZD1VUDYyY2U5OTZiLTQ3NWQtMTFlYy1iZmU4LTAyZWNlYWNmYmM2NjpyZXF1ZXN0X2lkPWQ1ZjMzOTljLTVlZTQtNGUxNC1hMzJhLTQ5NDM5MGE1OTIzMQ==
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle
Protocol: HTTP/1.1
Server: 18.156.58.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-58-231.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: 6c138576e7381d3ab0aa7b511adc3a7cbb7fe3a3d33768bad05577f5dfc60cad

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
Date: Wed, 17 Nov 2021 04:18:17 GMT
content-encoding: gzip
server: ATS/9.1.0.33
Age: 1
content-type: text/xml
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 192
expires: 0

Redirect headers

strict-transport-security: max-age=31536000
server: adaptv/1.0
access-control-allow-origin: https://www.thestar.com.my
content-type: text/plain
location: https://ads-eu.v.ssp.yahoo.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=756437901&gdpr=0&gdpr_consent=&pageUrl=http%3A%2F%2Fwww.thestar.com.my%2F&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=56965&hp=1&a.y_rid=d5f3399c-5ee4-4e14-a32a-494390a59231&a.is_yahoo=3&redirect_y=dHM9MTYzNzEyMjY5Njc3OS43MDY1NDM6YXBpZD1VUDYyY2U5OTZiLTQ3NWQtMTFlYy1iZmU4LTAyZWNlYWNmYmM2NjpyZXF1ZXN0X2lkPWQ1ZjMzOTljLTVlZTQtNGUxNC1hMzJhLTQ5NDM5MGE1OTIzMQ==
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 0

GET
H2 200 tag Show response
4cywq-eqnre.ads.tremorhub.com/ad/ Frame 612A 119 B
468 B 429ms
202ms XHR
text/xml 2600:1f18:612b:4264:c589:eae1:ee6a:30d1
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://4cywq-eqnre.ads.tremorhub.com/ad/tag?adCode=4cywq-7ivfu&playerWidth=400&playerHeight=225&srcPageUrl=http%3A%2F%2Fwww.thestar.com.my%2F&schain=1.0%2C1%21vidoomy.com%2C56965%2C1%2C23762748692868655571726364054%2C%2C
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4264:c589:eae1:ee6a:30d1 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: 5616a6e1823b43919f7d1a33817cccfa1d9f30c9f10f2deb00d9c3671f91d5f0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 Nov 2021 04:18:17 GMT
content-encoding: gzip
server: Apache-Coyote/1.1
vary: accept-encoding
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
access-control-allow-origin: https://www.thestar.com.my
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-tremorvideo-status: NO_AD
content-type: text/xml;charset=UTF-8

GET
H/1.1

200
OK

88k_nHSg_6XSp1263gyM+iSSVC+nZNMH Show response
ads-eu.v.ssp.yahoo.com/a/h/ Frame 612A
Redirect Chain

https://ads.adaptv.advertising.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=1800723623&gdpr=0&gdpr_consent=&pageUrl=http%3A%2F%2Fwww.thestar.com.my%2F&eov=eov&pi.width=400&pi.height=225&pi.viewable=...
https://ads-eu.v.ssp.yahoo.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=1800723623&gdpr=0&gdpr_consent=&pageUrl=http%3A%2F%2Fwww.thestar.com.my%2F&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&sc...

249 B
528 B

460ms
421ms

XHR
text/xml

18.156.58.231
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads-eu.v.ssp.yahoo.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=1800723623&gdpr=0&gdpr_consent=&pageUrl=http%3A%2F%2Fwww.thestar.com.my%2F&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=56965&hp=1&a.y_rid=be8219c6-a071-4e0e-be40-0f143a0ed9ea&a.is_yahoo=3&redirect_y=dHM9MTYzNzEyMjY5Njc4MC4zMTgxMTU6YXBpZD1VUDYyY2U5OTZiLTQ3NWQtMTFlYy1iZmU4LTAyZWNlYWNmYmM2NjpyZXF1ZXN0X2lkPWJlODIxOWM2LWEwNzEtNGUwZS1iZTQwLTBmMTQzYTBlZDllYQ==
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle
Protocol: HTTP/1.1
Server: 18.156.58.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-58-231.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: 6c138576e7381d3ab0aa7b511adc3a7cbb7fe3a3d33768bad05577f5dfc60cad

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
Date: Wed, 17 Nov 2021 04:18:17 GMT
content-encoding: gzip
server: ATS/9.1.0.33
Age: 1
content-type: text/xml
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 192
expires: 0

Redirect headers

strict-transport-security: max-age=31536000
server: adaptv/1.0
access-control-allow-origin: https://www.thestar.com.my
content-type: text/plain
location: https://ads-eu.v.ssp.yahoo.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=1800723623&gdpr=0&gdpr_consent=&pageUrl=http%3A%2F%2Fwww.thestar.com.my%2F&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=56965&hp=1&a.y_rid=be8219c6-a071-4e0e-be40-0f143a0ed9ea&a.is_yahoo=3&redirect_y=dHM9MTYzNzEyMjY5Njc4MC4zMTgxMTU6YXBpZD1VUDYyY2U5OTZiLTQ3NWQtMTFlYy1iZmU4LTAyZWNlYWNmYmM2NjpyZXF1ZXN0X2lkPWJlODIxOWM2LWEwNzEtNGUwZS1iZTQwLTBmMTQzYTBlZDllYQ==
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 0

GET
H2 200 / Show response
adx.adform.net/adx/ Frame 612A 65 B
650 B 75ms
21ms XHR
text/xml 37.157.6.242
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/?mid=970530&url=http%3A%2F%2Fwww.thestar.com.my%2F&t=2

Requested by

Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.242 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

94e4cb19c22e935d07b372642b91d6ef04fa8a8c61aed1bc5b17a5e79cdb6a54

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 04:18:16 GMT
content-encoding: gzip
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 173
pragma: no-cache
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: text/xml; charset=utf-8
access-control-allow-origin: https://www.thestar.com.my
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H/1.1

200
OK

88k_nHSg_6XSp1263gyM+rBJnqbGxDqsAEHMK88FGSM= Show response
ads-eu.v.ssp.yahoo.com/a/h/ Frame 612A
Redirect Chain

https://ads.adaptv.advertising.com/a/h/88k_nHSg_6XSp1263gyM+rBJnqbGxDqsAEHMK88FGSM=?cb=983730991&gdpr=0&gdpr_consent=&pet=preroll&pageUrl=http%3A%2F%2Fwww.thestar.com.my%2F&eov=eov&pi.width=400&pi....
https://ads-eu.v.ssp.yahoo.com/a/h/88k_nHSg_6XSp1263gyM+rBJnqbGxDqsAEHMK88FGSM=?cb=983730991&gdpr=0&gdpr_consent=&pet=preroll&pageUrl=http%3A%2F%2Fwww.thestar.com.my%2F&eov=eov&pi.width=400&pi.heig...

249 B
528 B

448ms
409ms

XHR
text/xml

18.156.58.231
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads-eu.v.ssp.yahoo.com/a/h/88k_nHSg_6XSp1263gyM+rBJnqbGxDqsAEHMK88FGSM=?cb=983730991&gdpr=0&gdpr_consent=&pet=preroll&pageUrl=http%3A%2F%2Fwww.thestar.com.my%2F&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=56965&hp=1&a.y_rid=6024c815-272e-4019-b751-740871aab99b&a.is_yahoo=3&redirect_y=dHM9MTYzNzEyMjY5Njc4MC41ODQ0NzM6YXBpZD1VUDYyY2U5OTZiLTQ3NWQtMTFlYy1iZmU4LTAyZWNlYWNmYmM2NjpyZXF1ZXN0X2lkPTYwMjRjODE1LTI3MmUtNDAxOS1iNzUxLTc0MDg3MWFhYjk5Yg==
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle
Protocol: HTTP/1.1
Server: 18.156.58.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-58-231.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: 6c138576e7381d3ab0aa7b511adc3a7cbb7fe3a3d33768bad05577f5dfc60cad

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
Date: Wed, 17 Nov 2021 04:18:17 GMT
content-encoding: gzip
server: ATS/9.1.0.33
Age: 1
content-type: text/xml
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 192
expires: 0

Redirect headers

strict-transport-security: max-age=31536000
server: adaptv/1.0
access-control-allow-origin: https://www.thestar.com.my
content-type: text/plain
location: https://ads-eu.v.ssp.yahoo.com/a/h/88k_nHSg_6XSp1263gyM+rBJnqbGxDqsAEHMK88FGSM=?cb=983730991&gdpr=0&gdpr_consent=&pet=preroll&pageUrl=http%3A%2F%2Fwww.thestar.com.my%2F&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=56965&hp=1&a.y_rid=6024c815-272e-4019-b751-740871aab99b&a.is_yahoo=3&redirect_y=dHM9MTYzNzEyMjY5Njc4MC41ODQ0NzM6YXBpZD1VUDYyY2U5OTZiLTQ3NWQtMTFlYy1iZmU4LTAyZWNlYWNmYmM2NjpyZXF1ZXN0X2lkPTYwMjRjODE1LTI3MmUtNDAxOS1iNzUxLTc0MDg3MWFhYjk5Yg==
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHxk7bKbXb_mQ= Show response
ads-eu.v.ssp.yahoo.com/a/h/ Frame 612A
Redirect Chain

https://ads.adaptv.advertising.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHxk7bKbXb_mQ=?cb=608979966&gdpr=0&gdpr_consent=&pet=preroll&pageUrl=http%3A%2F%2Fwww.thestar.com.my%2F&eov=eov&pi.width=400&pi....
https://ads-eu.v.ssp.yahoo.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHxk7bKbXb_mQ=?cb=608979966&gdpr=0&gdpr_consent=&pet=preroll&pageUrl=http%3A%2F%2Fwww.thestar.com.my%2F&eov=eov&pi.width=400&pi.heig...

249 B
528 B

459ms
419ms

XHR
text/xml

18.156.58.231
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads-eu.v.ssp.yahoo.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHxk7bKbXb_mQ=?cb=608979966&gdpr=0&gdpr_consent=&pet=preroll&pageUrl=http%3A%2F%2Fwww.thestar.com.my%2F&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=56965&hp=1&a.y_rid=217b0a95-faa0-4624-a29e-5481e7787a6e&a.is_yahoo=3&redirect_y=dHM9MTYzNzEyMjY5Njc4MC43MzU4NDA6YXBpZD1VUDYyY2U5OTZiLTQ3NWQtMTFlYy1iZmU4LTAyZWNlYWNmYmM2NjpyZXF1ZXN0X2lkPTIxN2IwYTk1LWZhYTAtNDYyNC1hMjllLTU0ODFlNzc4N2E2ZQ==
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle
Protocol: HTTP/1.1
Server: 18.156.58.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-58-231.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: 6c138576e7381d3ab0aa7b511adc3a7cbb7fe3a3d33768bad05577f5dfc60cad

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
Date: Wed, 17 Nov 2021 04:18:17 GMT
content-encoding: gzip
server: ATS/9.1.0.33
Age: 1
content-type: text/xml
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 192
expires: 0

Redirect headers

strict-transport-security: max-age=31536000
server: adaptv/1.0
access-control-allow-origin: https://www.thestar.com.my
content-type: text/plain
location: https://ads-eu.v.ssp.yahoo.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHxk7bKbXb_mQ=?cb=608979966&gdpr=0&gdpr_consent=&pet=preroll&pageUrl=http%3A%2F%2Fwww.thestar.com.my%2F&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=56965&hp=1&a.y_rid=217b0a95-faa0-4624-a29e-5481e7787a6e&a.is_yahoo=3&redirect_y=dHM9MTYzNzEyMjY5Njc4MC43MzU4NDA6YXBpZD1VUDYyY2U5OTZiLTQ3NWQtMTFlYy1iZmU4LTAyZWNlYWNmYmM2NjpyZXF1ZXN0X2lkPTIxN2IwYTk1LWZhYTAtNDYyNC1hMjllLTU0ODFlNzc4N2E2ZQ==
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHZZQf70KjSEs= Show response
ads-eu.v.ssp.yahoo.com/a/h/ Frame 612A
Redirect Chain

https://ads.adaptv.advertising.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHZZQf70KjSEs=?cb=58812099&gdpr=0&gdpr_consent=&pet=preroll&pageUrl=http%3A%2F%2Fwww.thestar.com.my%2F&eov=eov&pi.width=400&pi.h...
https://ads-eu.v.ssp.yahoo.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHZZQf70KjSEs=?cb=58812099&gdpr=0&gdpr_consent=&pet=preroll&pageUrl=http%3A%2F%2Fwww.thestar.com.my%2F&eov=eov&pi.width=400&pi.heigh...

249 B
528 B

462ms
422ms

XHR
text/xml

18.156.58.231
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads-eu.v.ssp.yahoo.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHZZQf70KjSEs=?cb=58812099&gdpr=0&gdpr_consent=&pet=preroll&pageUrl=http%3A%2F%2Fwww.thestar.com.my%2F&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=56965&hp=1&a.y_rid=9f9771d4-8089-47b2-8c05-05b0934ac32a&a.is_yahoo=3&redirect_y=dHM9MTYzNzEyMjY5Njc4MS4wMzU2NDU6YXBpZD1VUDYyY2U5OTZiLTQ3NWQtMTFlYy1iZmU4LTAyZWNlYWNmYmM2NjpyZXF1ZXN0X2lkPTlmOTc3MWQ0LTgwODktNDdiMi04YzA1LTA1YjA5MzRhYzMyYQ==
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle
Protocol: HTTP/1.1
Server: 18.156.58.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-58-231.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: 6c138576e7381d3ab0aa7b511adc3a7cbb7fe3a3d33768bad05577f5dfc60cad

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
Date: Wed, 17 Nov 2021 04:18:17 GMT
content-encoding: gzip
server: ATS/9.1.0.33
Age: 1
content-type: text/xml
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 192
expires: 0

Redirect headers

strict-transport-security: max-age=31536000
server: adaptv/1.0
access-control-allow-origin: https://www.thestar.com.my
content-type: text/plain
location: https://ads-eu.v.ssp.yahoo.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHZZQf70KjSEs=?cb=58812099&gdpr=0&gdpr_consent=&pet=preroll&pageUrl=http%3A%2F%2Fwww.thestar.com.my%2F&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=56965&hp=1&a.y_rid=9f9771d4-8089-47b2-8c05-05b0934ac32a&a.is_yahoo=3&redirect_y=dHM9MTYzNzEyMjY5Njc4MS4wMzU2NDU6YXBpZD1VUDYyY2U5OTZiLTQ3NWQtMTFlYy1iZmU4LTAyZWNlYWNmYmM2NjpyZXF1ZXN0X2lkPTlmOTc3MWQ0LTgwODktNDdiMi04YzA1LTA1YjA5MzRhYzMyYQ==
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 0

GET
H2 200 300x250.html Show response
s0.2mdn.net/ads/richmedia/studio/pv2/61693943/20210611043737613/ Frame 3EE0 45 KB
11 KB 16ms
16ms Document
text/html 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/61693943/20210611043737613/300x250.html?e=69&leftOffset=0&topOffset=0&c=bPeYJD4jAw&t=1&renderingType=2

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_275.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

412d8604e875bfb9a506887717836ddcaa5ea44b99f5c4eb22258a33108cfc72

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://6f3ae07be95ae97387d8b294da3b5285.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
content-length: 10744
date: Wed, 17 Nov 2021 04:18:16 GMT
expires: Thu, 18 Nov 2021 04:18:16 GMT
cache-control: public, max-age=86400
last-modified: Fri, 11 Jun 2021 11:37:37 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 209D 0
24 B 33ms
33ms Ping
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssN8Hzb0z2Xu1734vdXyJUyomSZ8-8uhxp-L_9hdsN3y7xc42_m1J2aYWMHOi2MH7Gcs2dbNrIUlVXs_hbgDYoj6ARlWftvLlT4P4IkE3rVW0Pfum9pcTqidjAxfzxQStmjM4Ii7W8QcsKIrpOJxYH7Gr68NezsdnYNCAoCkWYYB4gV0uW_MD6QiwJ5vCncIMXtQlV_hc5ZyljHkFpPkYmNyyiZt3AQjpp5FEAIwg5wUeC5eI3gD6K7v-rxwlhgdLApxjq1JDk3_2EDVkkAPLnfnOW27njRQigm49r6Wbn0nnGNPLSl_cEk-IcNigciiWKB5lh6sXJSbhkpJp4ImP8V8qAubq2OhDTSVwFUIVjvaz8qAjbNw8gkIRjJFiAIV1NT_-QfjO2bTkbt0EAktu16c1Evl4dvv-SlhX1FGSxoy2bieNWLQEdcc8TiBX113S00bAndhWJKkHIpp4jGMjQAHDqk9_gyna42aaOfTakLr8A4tRYBVgsJUoozmnP6dY_yPo7oPShooLNzO4AIVv9ITiZxVi4T9Msc7812BP51ZKGTyq0QidKnTqL3I8XTlfGrRcCWo8Ch9zt3DplAaceiQkdRBv8T-xfDVxX7bQ0Sn7nF5aIBM2WmzSQ9deaT-Kcti0lTiBGrDZP2NKXFXfd3fv1OhuQsYSDcxyNAeyQK2e6oQbSUEZCoWSaepYaq_hYN8kU6BF5djbyTw89DsH_6PY5coYAf5rh_tJJ7DT6o50eFYGHqQxTbBv8vHiLdPnoyqeVJXQiLf7-2zzj7CvDU8MbxfUw9_MEKR9L0PehBBHSiNfT_Sy1d33AbpxUPDXFOKJ3bpUiAiCE1cts-BOBaDSDWuYk35M2GrNgb2Oku7y6_d9L2Tvz-TBKPHOB4T9mxbxn8IvBkhy0LzU9yfBITNmXfhStSg04L4a089PMPxxlAtYg7G0ulA64w_iMlVi8rgahwGOZlW-BiSIgwcjY26xB192zEWz_X-qAJQtZmFrJFPcal1rpE70AfKlBJ7SrSfQKKcRQbh1siRvnPZwnkFSql2O3gE3bWVYkhZvGY6QSwC12dNEAJxuxj7-Woi9180HRXpSPFbL4aGzlU6NOxEOFSM2w8CvN2pJGoEoU7_s906B-Vy3oq6Q6gdlmWUU305uwignqdFj7Tjrbdxzr_T4J6ShfYUvjJ_vHAfJoKsdTUgzAsnIx4YFOEJUwXM3WISQATJzM&sai=AMfl-YS0NzvV6f6znRi5dz74X0Ad4g7ZkvOd1R6R4sknxGSnNs2HN4TzYv-O3z2hRLrvNEqXXZbewNoG3gyx1wM3JIKhFtBZ90t-f2meJHuyJetDbR2fIH08T5EQjq-gVM49AEkC8d705zA-O_t7G0SFXOQFid3BVw&sig=Cg0ArKJSzJAMjvPHpZ2zEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=94&cbvp=1&cstd=91&cisv=r20211111.09677&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=

Requested by

Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6f3ae07be95ae97387d8b294da3b5285.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Wed, 17 Nov 2021 04:18:16 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
DATA 200
OK truncated
/ Frame 1757 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 1611056991849575636
s0.2mdn.net/simgad/ Frame 1757 602 KB
602 KB 9ms
8ms Image
image/jpeg 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/1611056991849575636

Requested by

Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

44d81ee8d5b0dd420b8bcf3d06ec944fff9e3404dbe16180bac9b27930efbd15

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/ads/richmedia/studio/mu/templates/brand_awareness_blanket/responsive/V1/index.html?e=69&leftOffset=0&topOffset=0&c=XtQeBMMEM2&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 22:51:12 GMT
x-content-type-options: nosniff
age: 451624
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 616213
x-xss-protection: 0
last-modified: Wed, 20 Oct 2021 07:44:30 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 11 Nov 2022 22:51:12 GMT

GET
H2 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 209D 41 KB
15 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: 6f3ae07be95ae97387d8b294da3b5285.safeframe.googlesyndication.com
URL: https://6f3ae07be95ae97387d8b294da3b5285.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6f3ae07be95ae97387d8b294da3b5285.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 09:47:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 239438
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Mon, 14 Nov 2022 09:47:38 GMT

GET
H2 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 89AC 1 KB
783 B 6ms
6ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 6f3ae07be95ae97387d8b294da3b5285.safeframe.googlesyndication.com
URL: https://6f3ae07be95ae97387d8b294da3b5285.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://6f3ae07be95ae97387d8b294da3b5285.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Tue, 16 Nov 2021 18:26:41 GMT
expires: Wed, 17 Nov 2021 18:26:41 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 35495
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 a.js Show response
p.adlooxtracking.com/gpt/ 8 KB
4 KB 29ms
7ms Script
application/javascript 34.107.231.31
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://p.adlooxtracking.com/gpt/a.js

Requested by

Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.107.231.31 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

31.231.107.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

9a59c5e5bf506c979d9baf8521375edc46c510007ea428f877717bdf90a81528

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 04:17:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sun, 11 Jul 2021 15:29:14 GMT
server: nginx
age: 20
etag: W/"91f36cb612bb5287d05f3c7044927cbe"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 google
cache-control: public, max-age=3600
timing-allow-origin: *
alt-svc: clear
content-length: 3532

GET
H/1.1 200
OK prebid-custom.js Show response
rtbpass-us.andbeyond.media/ 469 KB
147 KB 588ms
9ms Script
text/javascript 69.16.175.42
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://rtbpass-us.andbeyond.media/prebid-custom.js
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 69.16.175.42 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS: hwcdn.net
Software: AmazonS3 /
Resource Hash: 1a4595aed4bc342915f74bff218b806462c917e81030adfbfd369192c3bab6b1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Wed, 17 Nov 2021 04:18:17 GMT
Content-Encoding: gzip
Last-Modified: Sat, 13 Nov 2021 05:23:29 GMT
Server: AmazonS3
x-amz-request-id: 0EEBDQR23G2W7C8X
ETag: "88acb57444ae38dc00eb74309ae5529b"
X-HW: 1637122696.dop220.fr8.t,1637122697.cds143.fr8.shn,1637122697.dop220.fr8.t,1637122697.cds224.fr8.c
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=31194901
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 149738
x-amz-id-2: KxAG0YY5NkJ7zT8jNppflH6rQ/j0Drn/dFERZN2bIFoBoT9OBsyP3ZahQTClUEyAiKacmIJisVA=

GET
H2 200 /
www.facebook.com/tr/ 44 B
101 B 6ms
6ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2102948126432240&ev=Microdata&dl=https%3A%2F%2Fwww.thestar.com.my%2Flifestyle&rl=&if=false&ts=1637122696867&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Malaysia%20Lifestyle%20Feature%20Stories%20%7C%20The%20Star%22%2C%22meta%3Adescription%22%3A%22Malaysia%20lifestyle%20stories.%20Provides%20feature%20articles%2C%20guidelines%20and%20tips%20on%20art%2C%20fashion%2C%20travel%2C%20parenting%2C%20food%2C%20health%20and%20environment.%22%7D&cd[OpenGraph]=%7B%22og%3Adescription%22%3A%22Malaysia%20lifestyle%20stories.%20Provides%20feature%20articles%2C%20guidelines%20and%20tips%20on%20art%2C%20fashion%2C%20travel%2C%20parenting%2C%20food%2C%20health%20and%20environment.%22%2C%22og%3Atitle%22%3A%22Malaysia%20Lifestyle%20Feature%20Stories%20%7C%20The%20Star%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fcdn.thestar.com.my%2FThemes%2Fimg%2FnewTsol_logo_socmedia.png%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fwww.thestar.com.my%2Flifestyle%22%2C%22og%3Atype%22%3A%22website%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22WebPage%22%2C%22headline%22%3A%22Malaysia%20Lifestyle%20Feature%20Stories%20%7C%20The%20Star%22%2C%22articleSection%22%3A%22lifestyle%22%2C%22creator%22%3A%22The%20Star%20Online%22%2C%22thumbnailUrl%22%3A%22https%3A%2F%2Fcdn.thestar.com.my%2FThemes%2Fimg%2FnewTsol_logo_socmedia.png%22%2C%22dateCreated%22%3A%222019-07-29T14%3A48%3A52Z%22%2C%22url%22%3A%22http%3A%2F%2Fwww.thestar.com.my%2Flifestyle%22%2C%22keywords%22%3A%5B%22%22%5D%7D%5D&sw=1600&sh=1200&v=2.9.48&r=stable&ec=1&o=30&fbp=fb.2.1637122695787.182521506&it=1637122695560&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 04:18:16 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 44
expires: Wed, 17 Nov 2021 04:18:16 GMT

GET
H2 200 Enabler_01_245.js Show response
s0.2mdn.net/879366/ Frame 3EE0 110 KB
38 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_245.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61693943/20210611043737613/300x250.html?e=69&leftOffset=0&topOffset=0&c=bPeYJD4jAw&t=1&renderingType=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4642568b405b3750fb18df621889e27def95e8162c1cdd256a21b319c9a4e24b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61693943/20210611043737613/300x250.html?e=69&leftOffset=0&topOffset=0&c=bPeYJD4jAw&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 16 Nov 2021 05:32:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 81975
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38568
x-xss-protection: 0
last-modified: Wed, 14 Oct 2020 19:32:54 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 17 Nov 2021 05:32:01 GMT

GET
H2 200 gsap_3.5.1_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 3EE0 60 KB
24 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.5.1_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61693943/20210611043737613/300x250.html?e=69&leftOffset=0&topOffset=0&c=bPeYJD4jAw&t=1&renderingType=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61693943/20210611043737613/300x250.html?e=69&leftOffset=0&topOffset=0&c=bPeYJD4jAw&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 04:18:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24155
x-xss-protection: 0
last-modified: Mon, 31 Aug 2020 21:23:17 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 17 Nov 2021 04:18:16 GMT

GET
DATA 200
OK truncated
/ Frame 209D 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 11eddc400a1e9f0709e9d7fdc797de0559c056cbbc33933d8d5826ed82da4b3c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame DA08 22 KB
8 KB 6ms
6ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://6f3ae07be95ae97387d8b294da3b5285.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
date: Wed, 17 Nov 2021 02:53:11 GMT
expires: Thu, 17 Nov 2022 02:53:11 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 5105
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 209D 0
23 B 23ms
23ms Ping
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssN8Hzb0z2Xu1734vdXyJUyomSZ8-8uhxp-L_9hdsN3y7xc42_m1J2aYWMHOi2MH7Gcs2dbNrIUlVXs_hbgDYoj6ARlWftvLlT4P4IkE3rVW0Pfum9pcTqidjAxfzxQStmjM4Ii7W8QcsKIrpOJxYH7Gr68NezsdnYNCAoCkWYYB4gV0uW_MD6QiwJ5vCncIMXtQlV_hc5ZyljHkFpPkYmNyyiZt3AQjpp5FEAIwg5wUeC5eI3gD6K7v-rxwlhgdLApxjq1JDk3_2EDVkkAPLnfnOW27njRQigm49r6Wbn0nnGNPLSl_cEk-IcNigciiWKB5lh6sXJSbhkpJp4ImP8V8qAubq2OhDTSVwFUIVjvaz8qAjbNw8gkIRjJFiAIV1NT_-QfjO2bTkbt0EAktu16c1Evl4dvv-SlhX1FGSxoy2bieNWLQEdcc8TiBX113S00bAndhWJKkHIpp4jGMjQAHDqk9_gyna42aaOfTakLr8A4tRYBVgsJUoozmnP6dY_yPo7oPShooLNzO4AIVv9ITiZxVi4T9Msc7812BP51ZKGTyq0QidKnTqL3I8XTlfGrRcCWo8Ch9zt3DplAaceiQkdRBv8T-xfDVxX7bQ0Sn7nF5aIBM2WmzSQ9deaT-Kcti0lTiBGrDZP2NKXFXfd3fv1OhuQsYSDcxyNAeyQK2e6oQbSUEZCoWSaepYaq_hYN8kU6BF5djbyTw89DsH_6PY5coYAf5rh_tJJ7DT6o50eFYGHqQxTbBv8vHiLdPnoyqeVJXQiLf7-2zzj7CvDU8MbxfUw9_MEKR9L0PehBBHSiNfT_Sy1d33AbpxUPDXFOKJ3bpUiAiCE1cts-BOBaDSDWuYk35M2GrNgb2Oku7y6_d9L2Tvz-TBKPHOB4T9mxbxn8IvBkhy0LzU9yfBITNmXfhStSg04L4a089PMPxxlAtYg7G0ulA64w_iMlVi8rgahwGOZlW-BiSIgwcjY26xB192zEWz_X-qAJQtZmFrJFPcal1rpE70AfKlBJ7SrSfQKKcRQbh1siRvnPZwnkFSql2O3gE3bWVYkhZvGY6QSwC12dNEAJxuxj7-Woi9180HRXpSPFbL4aGzlU6NOxEOFSM2w8CvN2pJGoEoU7_s906B-Vy3oq6Q6gdlmWUU305uwignqdFj7Tjrbdxzr_T4J6ShfYUvjJ_vHAfJoKsdTUgzAsnIx4YFOEJUwXM3WISQATJzM&sai=AMfl-YS0NzvV6f6znRi5dz74X0Ad4g7ZkvOd1R6R4sknxGSnNs2HN4TzYv-O3z2hRLrvNEqXXZbewNoG3gyx1wM3JIKhFtBZ90t-f2meJHuyJetDbR2fIH08T5EQjq-gVM49AEkC8d705zA-O_t7G0SFXOQFid3BVw&sig=Cg0ArKJSzJAMjvPHpZ2zEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=283&vt=11&dtpt=189&dett=3&cstd=91&cisv=r20211111.09677&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=

Requested by

Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6f3ae07be95ae97387d8b294da3b5285.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Wed, 17 Nov 2021 04:18:16 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 1611056991849575636
s0.2mdn.net/simgad/ Frame 1757 602 KB
602 KB 6ms
6ms Image
image/jpeg 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/1611056991849575636

Requested by

Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

44d81ee8d5b0dd420b8bcf3d06ec944fff9e3404dbe16180bac9b27930efbd15

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/ads/richmedia/studio/mu/templates/brand_awareness_blanket/responsive/V1/index.html?e=69&leftOffset=0&topOffset=0&c=XtQeBMMEM2&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 22:51:12 GMT
x-content-type-options: nosniff
age: 451624
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 616213
x-xss-protection: 0
last-modified: Wed, 20 Oct 2021 07:44:30 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 11 Nov 2022 22:51:12 GMT

GET
H2 200 dpixel
cms.quantserve.com/ Frame 89AC 35 B
463 B 29ms
9ms Image
image/gif 2620:116:800d:21:5a23:9c4e:e774:96c1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEHYXyOi1ZRYohSc76GGzfAE&google_cver=1&google_push=AYg5qPKrCRrN4uzC_IBiT_mp6NZPuuibAQNnXv52o7qdC4z6Y_VXMJWQawxKGTozX2dEXLd5qJ4mff8XU_m5k1hlfweKdy5F3oDoXA

Requested by

Host: 6f3ae07be95ae97387d8b294da3b5285.safeframe.googlesyndication.com
URL: https://6f3ae07be95ae97387d8b294da3b5285.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:5a23:9c4e:e774:96c1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 Nov 2021 04:18:17 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 89AC
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESELPVy8rOtCMzjbs-N1364bs&google_cve...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=Z3R0cmpMT2cxTU5jb001&google_gid=CAESELPVy8rOtCMzjbs-N1364bs&google_cver=1&google_push=AYg5qPIRKPLJPbGarA9UrBzP6lSFCSuuI6QKbBRx0KSjB_v...

170 B
188 B

16ms
15ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=Z3R0cmpMT2cxTU5jb001&google_gid=CAESELPVy8rOtCMzjbs-N1364bs&google_cver=1&google_push=AYg5qPIRKPLJPbGarA9UrBzP6lSFCSuuI6QKbBRx0KSjB_v48e97E_GFeQ0O9k9VY7QI9CU116O1L5LmiBozbmtIz0Lnw1Aw9Utiyg

Requested by

Host: 6f3ae07be95ae97387d8b294da3b5285.safeframe.googlesyndication.com
URL: https://6f3ae07be95ae97387d8b294da3b5285.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 Nov 2021 04:18:17 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 17 Nov 2021 04:18:16 GMT
Server: PingMatch/v2.0.30-691-gbabbd08#rel-ec2-master i-02cbf440f9d738c39@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security: max-age=2592000; includeSubDomains
P3P: policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=Z3R0cmpMT2cxTU5jb001&google_gid=CAESELPVy8rOtCMzjbs-N1364bs&google_cver=1&google_push=AYg5qPIRKPLJPbGarA9UrBzP6lSFCSuuI6QKbBRx0KSjB_v48e97E_GFeQ0O9k9VY7QI9CU116O1L5LmiBozbmtIz0Lnw1Aw9Utiyg
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 89AC
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEOXJhzubQW1qDVwNydvmuh8&google_cver=1&google_push=AYg5qPJxKxID2iLog7JBCTEH4dKUd8QJw99p8o3Bbds2VlC5G3yZs2yrIEn546LY7L4kAAB3WMnF46Lu_2RUk3f5...
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AYg5qPJxKxID2iLog7JBCTEH4dKUd8QJw99p8o3Bbds2VlC5G3yZs2yrIEn546LY7L4kAAB3WMnF46Lu_2RUk3f5HbyW4svzg6zC

170 B
188 B

16ms
16ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AYg5qPJxKxID2iLog7JBCTEH4dKUd8QJw99p8o3Bbds2VlC5G3yZs2yrIEn546LY7L4kAAB3WMnF46Lu_2RUk3f5HbyW4svzg6zC

Requested by

Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 Nov 2021 04:18:17 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Wed, 17 Nov 2021 04:18:17 GMT
Server: MT3 4103 f8fad19 master zrh-pixel-x27 config:1.0.0
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AYg5qPJxKxID2iLog7JBCTEH4dKUd8QJw99p8o3Bbds2VlC5G3yZs2yrIEn546LY7L4kAAB3WMnF46Lu_2RUk3f5HbyW4svzg6zC
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Wed, 17 Nov 2021 04:18:16 GMT

GET
H2 204 pixelSync
pixel-sync.sitescout.com/dmp/ Frame 89AC 0
191 B 25ms
24ms Image
text/plain 66.155.71.149
COGECO-PEER1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESEB1vcz2fOMUbyahHMNg0Vd0&google_cver=1&google_push=AYg5qPJ7gMwc_GDot7IUz_5SwKYoXJ-M-S-GCLvQ6cRLxnqV62VwRuV6TvZIGAjIn8-OQQR9YibnR2CQaPD5R7iUbufNBNQuJOqd-A
Requested by: Host: 6f3ae07be95ae97387d8b294da3b5285.safeframe.googlesyndication.com
URL: https://6f3ae07be95ae97387d8b294da3b5285.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 66.155.71.149 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software: AC1.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 Nov 2021 04:18:16 GMT
cache-control: max-age=0,no-cache,no-store
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 89AC
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEDthQkMK0Z3o868sOoyGaZ8&google_cver=1&google_push=AYg5qPI2msSIoH20lQcGyiNa_loeedmFOQCXZnvqxl1RqDTvyGmRSVVN1puKPZ8wSp95bWV09iKFihpFMHNhUsTQyU5uKJw...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPI2msSIoH20lQcGyiNa_loeedmFOQCXZnvqxl1RqDTvyGmRSVVN1puKPZ8wSp95bWV09iKFihpFMHNhUsTQyU5uKJwzF8ZT&google_hm=ODczMTIxNjg1NDgwOTQxMT...

170 B
188 B

16ms
15ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPI2msSIoH20lQcGyiNa_loeedmFOQCXZnvqxl1RqDTvyGmRSVVN1puKPZ8wSp95bWV09iKFihpFMHNhUsTQyU5uKJwzF8ZT&google_hm=ODczMTIxNjg1NDgwOTQxMTI2Ng%3D%3D

Requested by

Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 Nov 2021 04:18:17 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 17 Nov 2021 04:18:17 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPI2msSIoH20lQcGyiNa_loeedmFOQCXZnvqxl1RqDTvyGmRSVVN1puKPZ8wSp95bWV09iKFihpFMHNhUsTQyU5uKJwzF8ZT&google_hm=ODczMTIxNjg1NDgwOTQxMTI2Ng%3D%3D
x-xss-protection: 1; mode=block
content-length: 0
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 89AC
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESELSJpmW1jMC7NJKfsCHeeHk&google_cver=1&google_push=AYg5qPLAJD60cigHgOx8Wd4C5caqRR_jze2GJGUqJuQIRxrl8zuHll2y9JlNS6gTJap6tmajN9CTbTG0...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESELSJpmW1jMC7NJKfsCHeeHk&google_cver=1&google_push=AYg5qPLAJD60cigHgOx8Wd4C5caqRR_jze2GJGUqJuQIRxrl8zuHll2y9JlNS6gTJap6tmajN9C...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzQ0NDkwOTM0NDY5OTA3MTExMw&google_push=AYg5qPLAJD60cigHgOx8Wd4C5caqRR_jze2GJGUqJuQIRxrl8zuHll2y9JlNS6gTJap6tmajN9CTbT...

170 B
188 B

15ms
15ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzQ0NDkwOTM0NDY5OTA3MTExMw&google_push=AYg5qPLAJD60cigHgOx8Wd4C5caqRR_jze2GJGUqJuQIRxrl8zuHll2y9JlNS6gTJap6tmajN9CTbTG0YE9OrzIxOH89c97H-4rwaA

Requested by

Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 Nov 2021 04:18:17 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 17 Nov 2021 04:18:17 GMT
server: nginx
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzQ0NDkwOTM0NDY5OTA3MTExMw&google_push=AYg5qPLAJD60cigHgOx8Wd4C5caqRR_jze2GJGUqJuQIRxrl8zuHll2y9JlNS6gTJap6tmajN9CTbTG0YE9OrzIxOH89c97H-4rwaA
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET

pixel
cm.g.doubleclick.net/ Frame 89AC
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEPTIBB9yhrid9dfSM8S67-c&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZSCh8wdfFakTfYb34ZaCQAABFsAAAIB&google_gid=CAESEPTIBB9yhrid9dfSM8S67-c&google_push=AYg5qPKWbYb0BbwZB2knkm7c1ZXXRqDJP4A7IZev5NzWT6D7kB_...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZSCh8wdfFakTfYb34ZaCQAABFsAAAIB&google_gid=CAESEPTIBB9yhrid9dfSM8S67-c&google_push=AYg5qPKWbYb0BbwZB2knkm7c1ZXXRqDJP4A7IZev5NzWT6D7kB_...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZSCh8wdfFakTfYb34ZaCQAABFsAAAIB&google_gid=CAESEPTIBB9yhrid9dfSM8S67-c&google_push=AYg5qPKWbYb0BbwZB2knkm7c1ZXXRqDJP4A7IZev5NzWT6D7kB_...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZSCh8wdfFakTfYb34ZaCQAABFsAAAIB&google_gid=CAESEPTIBB9yhrid9dfSM8S67-c&google_push=AYg5qPKWbYb0BbwZB2knkm7c1ZXXRqDJP4A7IZev5NzWT6D7kB_...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZSCh8wdfFakTfYb34ZaCQAABFsAAAIB&google_gid=CAESEPTIBB9yhrid9dfSM8S67-c&google_push=AYg5qPKWbYb0BbwZB2knkm7c1ZXXRqDJP4A7IZev5NzWT6D7kB_...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZSCh8wdfFakTfYb34ZaCQAABFsAAAIB&google_gid=CAESEPTIBB9yhrid9dfSM8S67-c&google_push=AYg5qPKWbYb0BbwZB2knkm7c1ZXXRqDJP4A7IZev5NzWT6D7kB_...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZSCh8wdfFakTfYb34ZaCQAABFsAAAIB&google_gid=CAESEPTIBB9yhrid9dfSM8S67-c&google_push=AYg5qPKWbYb0BbwZB2knkm7c1ZXXRqDJP4A7IZev5NzWT6D7kB_...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZSCh8wdfFakTfYb34ZaCQAABFsAAAIB&google_gid=CAESEPTIBB9yhrid9dfSM8S67-c&google_push=AYg5qPKWbYb0BbwZB2knkm7c1ZXXRqDJP4A7IZev5NzWT6D7kB_...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZSCh8wdfFakTfYb34ZaCQAABFsAAAIB&google_gid=CAESEPTIBB9yhrid9dfSM8S67-c&google_push=AYg5qPKWbYb0BbwZB2knkm7c1ZXXRqDJP4A7IZev5NzWT6D7kB_...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZSCh8wdfFakTfYb34ZaCQAABFsAAAIB&google_gid=CAESEPTIBB9yhrid9dfSM8S67-c&google_push=AYg5qPKWbYb0BbwZB2knkm7c1ZXXRqDJP4A7IZev5NzWT6D7kB_...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZSCh8wdfFakTfYb34ZaCQAABFsAAAIB&google_gid=CAESEPTIBB9yhrid9dfSM8S67-c&google_push=AYg5qPKWbYb0BbwZB2knkm7c1ZXXRqDJP4A7IZev5NzWT6D7kB_...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZSCh8wdfFakTfYb34ZaCQAABFsAAAIB&google_gid=CAESEPTIBB9yhrid9dfSM8S67-c&google_push=AYg5qPKWbYb0BbwZB2knkm7c1ZXXRqDJP4A7IZev5NzWT6D7kB_...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZSCh8wdfFakTfYb34ZaCQAABFsAAAIB&google_gid=CAESEPTIBB9yhrid9dfSM8S67-c&google_push=AYg5qPKWbYb0BbwZB2knkm7c1ZXXRqDJP4A7IZev5NzWT6D7kB_...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZSCh8wdfFakTfYb34ZaCQAABFsAAAIB&google_gid=CAESEPTIBB9yhrid9dfSM8S67-c&google_push=AYg5qPKWbYb0BbwZB2knkm7c1ZXXRqDJP4A7IZev5NzWT6D7kB_...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZSCh8wdfFakTfYb34ZaCQAABFsAAAIB&google_gid=CAESEPTIBB9yhrid9dfSM8S67-c&google_push=AYg5qPKWbYb0BbwZB2knkm7c1ZXXRqDJP4A7IZev5NzWT6D7kB_...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZSCh8wdfFakTfYb34ZaCQAABFsAAAIB&google_gid=CAESEPTIBB9yhrid9dfSM8S67-c&google_push=AYg5qPKWbYb0BbwZB2knkm7c1ZXXRqDJP4A7IZev5NzWT6D7kB_...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZSCh8wdfFakTfYb34ZaCQAABFsAAAIB&google_gid=CAESEPTIBB9yhrid9dfSM8S67-c&google_push=AYg5qPKWbYb0BbwZB2knkm7c1ZXXRqDJP4A7IZev5NzWT6D7kB_...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZSCh8wdfFakTfYb34ZaCQAABFsAAAIB&google_gid=CAESEPTIBB9yhrid9dfSM8S67-c&google_push=AYg5qPKWbYb0BbwZB2knkm7c1ZXXRqDJP4A7IZev5NzWT6D7kB_...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZSCh8wdfFakTfYb34ZaCQAABFsAAAIB&google_gid=CAESEPTIBB9yhrid9dfSM8S67-c&google_push=AYg5qPKWbYb0BbwZB2knkm7c1ZXXRqDJP4A7IZev5NzWT6D7kB_...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZSCh8wdfFakTfYb34ZaCQAABFsAAAIB&google_gid=CAESEPTIBB9yhrid9dfSM8S67-c&google_push=AYg5qPKWbYb0BbwZB2knkm7c1ZXXRqDJP4A7IZev5NzWT6D7kB_...

0
0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 89AC 0
12 B 17ms
17ms Image
text/html 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JeYRzgco63sSztNUWZ6yqnl1AOZZon6nFIteZX-lxSvrgoX2f_mpEaMfp_lu9FZ4SvZ-UB

Requested by

Host: 6f3ae07be95ae97387d8b294da3b5285.safeframe.googlesyndication.com
URL: https://6f3ae07be95ae97387d8b294da3b5285.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 04:18:16 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 1A67 42 B
108 B 28ms
28ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssOy84-dPQVoH4zevRye0yRywN8S0WhM_5VNV4xxV0TBp1dPT2gA6hNWs9q0mG7hsbW7dOUA9GAbpz3Pi6QiMUYMED8NUIMevfTZYKqvSVzbrRiEVz2fA&sai=AMfl-YRe8NwjSV7KnKJSE5CS2tkzpzpZqEq3H3w8h0yYcpS-FDggFqPTAK3FVrUbMBqD_D6EAA8OugGU6AWZoiHzz1hgeUwJ4VLBmcm-89Z4nOLElCo2TfBETx-5DJY&sig=Cg0ArKJSzKhLF23QXl3QEAE&cid=CAASEuRoZ9nZL5YXau16rESr2k5xKg&id=lidar2&mcvt=1011&p=167,315,417,1285&mtos=1011,1011,1011,1011,1011&tos=1011,0,0,0,0&v=20211110&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=1041811136&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1637122694836&rpt=1088&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6f3ae07be95ae97387d8b294da3b5285.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 Nov 2021 04:18:17 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 5D3C 42 B
108 B 33ms
32ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssarVPvkEvrmG_i7KjMtBU8VmnFYXB5tjqNvHXzJxPl9IZGeRX6BgHmjo0X1wXhof5rYspKV17vlfwW-ZfTpa1heGUJKpwnMdqx2X7V8QXwdDNiwE35EA&sai=AMfl-YTVqsTKcbgRq0bNIK5PHeQt448xc5XoaC5mZQj3A2vhP4viBg1aMbfj6BvaGcnCCoL_xjtQPPmF1VMGMgKw9cS7AwE3853rzuZurAk8iaAMgjsuNLdOv8hSHJI&sig=Cg0ArKJSzOr0JCBq3ztbEAE&cid=CAASEuRo6vBGGDGeqbF1_LQcoArtLQ&id=lidar2&mcvt=1012&p=1030,1070,1280,1370&mtos=0,0,1012,1012,1012&tos=0,0,1012,0,0&v=20211110&bin=7&avms=nio&bs=0,0&mc=0.68&if=1&app=0&itpl=20&adk=3227237424&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1637122695248&rpt=722&isd=0&lsd=0&met=ce&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6f3ae07be95ae97387d8b294da3b5285.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 Nov 2021 04:18:17 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5FDF 0
58 B 42ms
42ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BQJ-Nh4KUYefTEZeu7gPPwbDoDgAAAAA4AeAEAg&bg=!rK-lr-vNAAZQLpa_UC47ACkAdvg8WhECnG40E51kHtfmje6Cr-S4nqsai-a-FmebGbU2qj9jRgvUswIAAAFYUgAAACloAQcKAHAt_D7y8e4NqD3aPRXbYLBI1eZnzwpiFkVY9IEtIUvoehLT4SVAS7AzlP0tneJ0xn7zQmY5Euo_DDhvsXBJqi9sDcdLOtuxUiztqd0kVDHmKkcF6WekzfG8HQgjlWBWD4oYEKDh2PUlftI5OcKMktAumQMV4Vp6XjfZtiyyMn2bt1MlSGC0r8jmdArnPFxD98BhKxsw4u8EC2b_L2qYzRNpMfbdr1u7b6w6ZjYEG1lbJZ3skRw94ffaTFnYcaflUICl4E0oHEiX1RRJnnxkhl6or2uUKo7Dh4Qs9ag1iiCKJDNYeXD6FwBe--4qaufTuO-vDXdaizAzweLlMWz7vFBc17mdAqCbjJ19aZuFRwAp5_UTS6Ah_82XNC5hrhlDgoMrN5Sp8PSv-ItGu_f3gofe5xOR89B3mAEBTURObQQ2WmZ0LPrqvU4XJY7uPSM7B0W8fDy-1TTFOAEjxz-eQpgzbcKY4BVfmSAvsUbGjGPbhahLUxqcVvqQxcGvMTiXQLavydc7uOPKN9XjW24l2CdhrLe6d9IkgqgmaLZItnsZ7YQ2xc-GQA8Md_8nWVoD6hNWxgzBCg5S2T2cLqLBcNu9WML5gg2StOGoa8l3UuY-lXKcJtnLKxOXRC3xCBveMHWfwTN1HtG4dM1OMIVvCE1ZR375eOnh1IIN-8rJtjGJojpRYTiWr-wLZBpsOXi5UGhs_XLdauNRoFLTNd6uuOoG0t6IM_40PFHIO0CrijDO2DBKNRT-meRuGjMRvH8lZ4W-2vcPUz5BjmpsPgyX-TpH-0JqLxKO0NFU67PLaM04RhgFxQrDEKN_rO0Is3i9FrNyzTn5anzdYBrm7gW21CFBQYvxd9FO9Ew9u_ePZTh0qBkQ5-6A4U-M8uwWJUmOanALmsvFBxYipjZO91Vp_0EftFyUeXMU-1v7RnRdkEyQDPHaZFafF2-3cLmr8IqewLVW0YquyIZ-Vbswha4CjBatDSm8ttEmTcYCOBel1SN4THbcDqwQ_HqBJ5Kt2UaRJgAQUO2GP8f74897BoYv8wqpx2m3DLB1fCsk9LZcsFtklm4IeoobmsUlYpRBqrKJFqQy8ABLrAPbQprwbgW9HMev4NHYC6mBoY4eHmB85ZJRrHRtNNWgFpei8irPVbD4T69qCUZqkmJlWqmGvnknrjXRUHPAhh5_BM8-7WTLUZT-zXrJkj-TWwlO

Requested by

Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 Nov 2021 04:18:17 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0528 0
56 B 45ms
45ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BeZXWh4KUYdzfGI2U3gOC0b3YCgAAAAA4AeAEAg&bg=!FxSlFFDNAAZQLpa_UC47ACkAdvg8Wowey1oiB_NmpCw1IHUoSeVFr6pKnG6kdptsu0gwRqUGwSvNtQIAAAFOUgAAACtoAQcKABfjb9DJe2y4UER_7sCrEE2DQRcCc97ZlpkDJVGQ6_CBpR0wcxoLWN4_hUS3JvLctxzmLrsvEJLwQgY_BSy6BTsgr1PNwyn4YlIbAnhaYCYP8INPsQB8XncvOV7p3qdvqUmXsV3djG080uhJSXeDfCHi4l1EulEwHAh63TyAM2n5r4G57o9M4UAhMyrrzqUyQX3-cbYTz0gSErvcLR8YPuedlRFz58R2OYnOWBEeUv1xE5Bd2Eo_5TQymOJinVpMcYliCg-5GH5tk35CsTLf-UuBrhsNu94AUlOpEfwq9wcrZ1oSrtVzdRSSw-BocVSkyQYHNz-bmgVLWXzp26HU9mWW9djn7yYKcELXMddFYlrHS0_9d3DTaSivNQbIYoJ57MUV69015g3x_IlrIpuVhc5z35vHGD8Hv695ebRIpaXzKSMqkXun7zfAJQXsKezV2Xt6J6C_-ntvkXCqpqzx3r91RZHQRgV9e5br7a2VgGntOPYDlxgnWaynHKaww8BdwtUwZK_CoYriYhJnazGkEGpwOgG9kAiphCu-RgWz53jQs-isr8RFmEfdK1fjJ71X_LtyFioBgkK5rfeuH-a7VhVFeD18bIJdaiqwNAi0hWeooV8rbG6ngvZBUBMspdlU1J-x0l--WdPpe0IvvOD4lEowfyotEtFohmHFk7ImXOgEsf0_Z0_iX8nQSMPzW79nk0amF3r-YlU1ZxkMSJvMhWma1HXttokdD4XP-VIfD0ALYAcZ7jI93qIWaqStp6ziYDXouOymeNlYyU9Fy6pOzI-b-4m6oQOXophTqnYu2Z5bTtcJlGO7Wd4k1oyrCE85iaDweMrSnxbTKisiwBMdvU8FoKhQhnSQLkogh-DYunYjedCOYRZhGTol0gHRa9ZvyrDxJuIMAz-ln5WtYZ2QoclyYPe100TsWpNFzTR0YtGJgAWBPR5WnFLXqqiweGAzqH-P6SKLgIWN90CsWJ1LgAT-sBr-FYNGNLogoZ2XeTdGiqC1GJRI2qMdteG-jjmu5kGQ7effXkSAZ-DFpXrmmfxCLovuC2j8daJevYnWF7i_CK5unDy1qD8kjbBK3cy7c5pc3cHyndUi2X1NsQKNN3Y

Requested by

Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 Nov 2021 04:18:17 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 W74_wbIuhH6bObXj0uCjode8PwiBrxgOKnAqo6ShAmY.js Show response
pagead2.googlesyndication.com/bg/ Frame DA08 35 KB
13 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/W74_wbIuhH6bObXj0uCjode8PwiBrxgOKnAqo6ShAmY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5bbe3fc1b22e847e9b39b5e3d2e0a3a1d7bc3f0881af180e2a702aa3a4a10266

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 16 Nov 2021 14:30:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49675
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13296
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 11:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 16 Nov 2022 14:30:22 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 713F 0
56 B 41ms
41ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BmVSQh4KUYeO3GYik3gO9_43YCgAAAAA4AeAEAg&bg=!1Nel15PNAAZQLpa_UC47ACkAdvg8WpHK8XhltXtCDGn5WXWFy_j7uYVBe-Ec2C9zPG9swONIW8B8XQIAAAFwUgAAABloAQcKACupJDe2n8mJWVQe8tFgfxAyfJPJDyqTeYtJl4C-4gsQCvNWyVYce69jQeakmQMEXpVyqAa_9Kg5-ULOIyDDw6VQ1u2DwzT6aYfmlt1A4s2W5GLMsOUJTk5FcOt0-jMm4PwQ6xfrU4HEkZ4so40vFjh6gXeYi6c7FTEcqDtlXfLNBdqW26wWoS8KvxlIrUl_14BWUBCZ7APygRXFUfu5AKoJhqB3s8QhS4kq-pw-Pl9aG9G5cVuKIE1txQmxBswMWRX_hd85x8pthLT7k7t-DBRrt7txFpkjRsbiGZYIgU9lEU6n6jtRBBRxz9iW8CQOicOSw_U3mjKYvH8zWElQ8DJq5ni58hRnSGf-ArrB1Eg8i9cobd0hQSlnJqznZxgR754e1k19jHORVEH9KnztYAN0Uamn88raQBk4xvU7CMbfndWvT9J3g5IohtP-Sc0qK1ijiNv9UxhZBeACQSBOWMRc5DZ4jd-DuaqNGpZpJZJj3GODctPC0MNxJVBOg9HZiCVa8iJq9H_pyGFtbPe__oIVeyUQaKH71Vs7UjlxtHnKc4y8YSXnWv9oG7rO5QuURv3w-tgTAtozAeunyUIQ3Cybd9ru-4Adc48EeNUZOj1xUpmmAVH3TxkdDNCpyP7dviNRMwUVj3WwzWEGddyxWORn_H1LDL0oS-VrM9Jyjs9v30y5JZ7jKRjD82z3VfhViQK5AZPvDd4Uv7Ieo8B4_k-GuSAeaPDK1UrMcOp-a6bW4XowVFid8__zAndAkGxNLBvBk8UlyKlB2NX7jhphaa-oxa4WXPs1Blpo-qWkX-YtaPlciBeY99ZcwuW7-w7azdp_DT9rhTqyN1aj4Y5p_mel1nNtGcW-V-foCARCfTpZX8ShkX-v6Tulsib31sgL7rvTZ_wBdpbRPHAX7TZxlnQI1eNzywi2H9GYI-HpQMhNdJRs6rpOM1wWMXMm8wpDtBXTht7dViEdqW-DXhqbvkM1OGkuKtZHL5chINpbcJkfbtGBIjcO79_bnALdprkJD9iyw1wVQQ_x8M4nHA1w4tgEk66TeAZCv46v9JxgUkRfLofb17V_h1sN4gjTU7Jp7N4BHg

Requested by

Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 Nov 2021 04:18:17 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 3EE0 7 KB
5 KB 18ms
17ms XHR
application/json 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_245&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_245.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

32a44bcb5bce62f0754974e046774ae5d16f2f4941815d27ff22a3069de50b10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 17 Nov 2021 04:18:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5228
x-xss-protection: 0

GET
H2 200 60005582_20210429075320170_300x250_LOOK-01.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame 3EE0 36 KB
36 KB 8ms
7ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20210429075320170_300x250_LOOK-01.png

Requested by

Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fc490f4a3f06bde89d5e556d80fd4ee4d34df14400fe59398f85d87e63551681

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61693943/20210611043737613/300x250.html?e=69&leftOffset=0&topOffset=0&c=bPeYJD4jAw&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 03:05:10 GMT
x-content-type-options: nosniff
age: 4387
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36944
x-xss-protection: 0
last-modified: Thu, 29 Apr 2021 14:53:20 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 18 Nov 2021 03:05:10 GMT

GET
H2 200 60005582_20210429075323292_300x250_LOOK-02.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame 3EE0 35 KB
35 KB 8ms
7ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20210429075323292_300x250_LOOK-02.png

Requested by

Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5911b0a1a559ff70fee33f0cad7808735b38140022faccbdbb0d7e11a2f9cccb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61693943/20210611043737613/300x250.html?e=69&leftOffset=0&topOffset=0&c=bPeYJD4jAw&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 16 Nov 2021 11:18:59 GMT
x-content-type-options: nosniff
age: 61158
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36064
x-xss-protection: 0
last-modified: Thu, 29 Apr 2021 14:53:23 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 17 Nov 2021 11:18:59 GMT

GET
H/1.1 200
OK postview.gif
portal.o2online.de/nws/img/ Frame 3EE0 43 B
609 B 34ms
8ms Image
image/gif 82.113.101.132
TDDE-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portal.o2online.de/nws/img/postview.gif?partnerId=O2_DSP_TRA_HAV_14112_PV&mediacode=25667676_4307561_303197282_146020386_-0&ref=25667676_4307561_303197282_146020386_-0
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 82.113.101.132 Offenbach, Germany, ASN6805 (TDDE-ASN1, DE),
Reverse DNS: portal.o2online.de
Software: Apache /
Resource Hash: e46eb58f99814c32c849b97a268129ddb14ca88e9070964ee75a2cd987c66839

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Wed, 17 Nov 2021 04:18:17 GMT
Last-Modified: Wed, 26 Aug 2020 10:11:24 GMT
Server: Apache
ETag: "2b-5adc50abeeb00"
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Connection: close
Accept-Ranges: bytes
Content-Type: image/gif
Content-Length: 43

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 3EE0 17 KB
6 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_245.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 04:18:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Wed, 17 Nov 2021 04:18:17 GMT

GET
H2 200 W74_wbIuhH6bObXj0uCjode8PwiBrxgOKnAqo6ShAmY.js Show response
pagead2.googlesyndication.com/bg/ Frame 5412 35 KB
13 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/W74_wbIuhH6bObXj0uCjode8PwiBrxgOKnAqo6ShAmY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5bbe3fc1b22e847e9b39b5e3d2e0a3a1d7bc3f0881af180e2a702aa3a4a10266

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 16 Nov 2021 14:30:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49675
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13296
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 11:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 16 Nov 2022 14:30:22 GMT

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 89ms
88ms Preflight
text/plain 146.20.132.52
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.52 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.thestar.com.my
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Wed, 17 Nov 2021 04:18:17 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
access-control-allow-credentials: true
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
cache-control: max-age=300
access-control-max-age: 300
access-control-allow-origin: https://www.thestar.com.my

POST
H2 200 t Show response
t.lkqd.net/ Frame 74BA 0
166 B 103ms
103ms XHR
text/plain 146.20.132.52
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.52 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://www.thestar.com.my
date: Wed, 17 Nov 2021 04:18:17 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 89ms
89ms Preflight
text/plain 146.20.132.52
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.52 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.thestar.com.my
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Wed, 17 Nov 2021 04:18:17 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
access-control-allow-credentials: true
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
cache-control: max-age=300
access-control-max-age: 300
access-control-allow-origin: https://www.thestar.com.my

POST
H2 200 t Show response
t.lkqd.net/ Frame 74BA 0
166 B 95ms
94ms XHR
text/plain 146.20.132.52
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.52 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://www.thestar.com.my
date: Wed, 17 Nov 2021 04:18:17 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

GET
H2 200 ad.js Show response
ad.lkqd.net/vpaid/ Frame 96F3 8 KB
2 KB 10ms
10ms Script
application/javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.lkqd.net/vpaid/ad.js
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: 4a85bbd945d370b499409eeca2ac0a1ca75110c514373441b77a8ec397c4d7db

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 04:18:17 GMT
content-encoding: gzip
last-modified: Fri, 20 Dec 2019 22:17:27 GMT
etag: "b701f7cb2e7466f01798a9e3c2203ca5"
x-hw: 1637122697.cds143.fr8.hn,1637122697.cds258.fr8.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1209600
accept-ranges: bytes
content-length: 2049

GET
DATA 200
OK truncated
/ 35 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame DA08 0
56 B 42ms
41ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BIWftiIKUYcz-I7HC7_UPvau_sAUAAAAAOAHgBAI&bg=!nZ6lntrNAAZQLpa_UC47ACkAdvg8WiDdNNnQF9ZLksOd_9DxwyAFzPzVf5xq2L12gIg3Xy8CAPpnOgIAAAC9UgAAABdoAQeZAwe3GYsWcFdqF41jG-xKi04jBR9yrgnJLOIwos_qPD2hWdCvzIjYkdRoHN9eIeP_nX0deuEHkVEJbbTniQ_ttrzze9n7OVP6-0DZP9S9_yCi3w1_3uQAyiZ04wpYtm3aOBTUNDFLJQgNYv4cCU4BWmdwlg-a6Fkl7LmBtb7LVRXHXE5v6O525Vw_nQIMNHG2RxOsNxl0z2auZLsGcQLFyZCRxVphQdlyKjErnil0kDdw4PKvST_91hlc7gQsb0Jd8gz33yk4zhgEszB7PA6QKWfI0YrMeYnx8cI8vMxQ2nkefy_RvlV6s1BjrDksqc2pGDlujAe3W6dROeERKcMvmsToefC00jXEzsxntHXG4sybIY9g-GC08JYhe-lDWdFlRJaJCytO38xoSwNaJ6zP2qa1sE-0iCSBO1dX4rMeam1mf5pR0o3VxgZ1HlyANrQnFF9S7vGX4KZcx5tget12Hddi4ZuV8RDh35bl0WKhLSleWVs710AVcAQPhdZJ3sonjCqBKtMGCYxPV7GyPb6wTjtWlXcFDT1ILUJWWsw7n-w5CCNWPIWw7fUsC0TO7hIRAWcljPTIsPnu9B7RuYEaCj0f37sxlutQbhzThlBgSL5aiqftbRjODzl3jZLti63i8E_kq7kUxkm25jS9DAefXvEXFRru3Qtpx0kJ4mqBIc32RIVXChnd6xNaDkHZCbbQGoh3t9fpk1Pw4T8tIdUsroOPzTNAgGKdiSiG4pW5Kx54Fb3qiP-dLqw2Vo08rmR5ii-w2QxYKkLStKy8x8lhTmEp3jDFNtfWSb9whUxKnqtt8fGiUvpznyp3QhhgBDu2x6j0v5e2t_c2y5eaNMN7yT9scSlW-jR9OcPLP-Z0dShjXu0Gg82yYOGDtjHsA07zocTzpLAPvctFSj3VFBZW1Y_KTEoe6A957D50k7L8bwaVbJr51wfrizElbAeKKLW0p_9JQCDnnrgZoLzNeGtSE3wo24N-RIIYJCeAwjmFfVJSCjJrj7-_rfcFwL0Fz74Q989c1oYQpWGk

Requested by

Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 Nov 2021 04:18:17 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 206 136C90C067B5E3BDCD3620EAF82E5839_0x0_19.mp4
creative.lkqd.net/430/video/ 2 MB
2 MB 44ms
11ms Media
video/mp4 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://creative.lkqd.net/430/video/136C90C067B5E3BDCD3620EAF82E5839_0x0_19.mp4
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: 67603c946150833247a74eb079b95d0a2e90bb5727a54af9598d1ac85f141893

Request headers

Referer: https://www.thestar.com.my/lifestyle
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Range: bytes=0-

Response headers

date: Wed, 17 Nov 2021 04:18:17 GMT
last-modified: Wed, 03 Nov 2021 16:48:48 GMT
access-control-allow-origin: *
etag: "ce3d61c298d18e297573c4f78f41eb9b"
x-hw: 1637122697.cds133.fr8.hn,1637122697.cds149.fr8.c
content-type: video/mp4
Content-Range: bytes 0-1903029/1903030
cache-control: public, max-age=1209600
accept-ranges: bytes
Content-Length: 1903030

GET
H2 206 684749_v1.mp3
cdn.thestar.com.my/Content/Audio/short-with-headline/ 64 KB
0 21ms
21ms Media
audio/mpeg 13.224.96.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.thestar.com.my/Content/Audio/short-with-headline/684749_v1.mp3
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-73.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://www.thestar.com.my/lifestyle
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Range: bytes=0-

Response headers

x-amz-version-id: Lj19r0OjHUKQFX7SfPSWudVfkdJ87rN4
via: 1.1 5e318b3ea3fa81a8c20898c2f8c40e7c.cloudfront.net (CloudFront)
last-modified: Tue, 16 Nov 2021 22:54:14 GMT
server: AmazonS3
x-amz-cf-pop: ZRH50-C1
etag: "724b5db977581282cf37fb5e690612a3"
x-cache: Hit from cloudfront
content-type: audio/mpeg
Content-Range: bytes 0-289183/289184
cache-control: max-age=180
date: Wed, 17 Nov 2021 04:18:17 GMT
accept-ranges: bytes
Content-Length: 289184
x-amz-cf-id: aWREiV5vXN4yI3UAn5zl_m-f6Xyn92zzmwxo_4bEb2TzRNE_4Oe3qQ==

GET
H2 200 684749.json Show response
cdn.thestar.com.my/Content/Text/short-with-headline/ 2 KB
3 KB 795ms
795ms Script
application/json 13.224.96.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.thestar.com.my/Content/Text/short-with-headline/684749.json?callback=jsonCallback684749&_=1637122690252
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.1.1/jquery.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-73.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b57d6b1a23453bf8e1f8a4905cfd80328aafc63a4289d6bec6b3ef2dc18784cf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 04:18:19 GMT
via: 1.1 5e318b3ea3fa81a8c20898c2f8c40e7c.cloudfront.net (CloudFront)
last-modified: Tue, 16 Nov 2021 22:54:14 GMT
server: AmazonS3
x-amz-cf-pop: ZRH50-C1
etag: "578ca99baf0426b3d1d82cd2b4bc12ce"
x-cache: Miss from cloudfront
x-amz-version-id: O4nDkgRUdilE8aZ6c7SpTnRanVFE5irP
cache-control: max-age=180
accept-ranges: bytes
content-type: application/json
content-length: 2337
x-amz-cf-id: WzXGsN8dVc6-VWv550B7CldqiPwPU9L7KX7QKUCiu7jAFjSuH5iJsA==

GET
H2 200 Subscribe_now.png
s0.2mdn.net/9951322/1615304082096/ Frame 32B6 3 KB
3 KB 11ms
9ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9951322/1615304082096/Subscribe_now.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9951322/1615304082096/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6f8e2288878a6e4cd289b6b80b34002f39d4fa524efadb1ff9c2b2d4655ce844

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/9951322/1615304082096/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 16 Nov 2021 20:14:55 GMT
x-content-type-options: nosniff
age: 29002
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2753
x-xss-protection: 0
last-modified: Tue, 09 Mar 2021 15:34:42 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 17 Nov 2021 20:14:55 GMT

GET
H2 200 EN970x250.png
s0.2mdn.net/9951322/1615304082096/ Frame 32B6 38 KB
38 KB 11ms
9ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9951322/1615304082096/EN970x250.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9951322/1615304082096/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aa73e7abd67cd23730f89a4388a56331b70250762361a531b77dd73ef2d1c3cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/9951322/1615304082096/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 16 Nov 2021 06:52:13 GMT
x-content-type-options: nosniff
age: 77164
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39233
x-xss-protection: 0
last-modified: Tue, 09 Mar 2021 15:34:42 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 17 Nov 2021 06:52:13 GMT

GET
H2 200 texture2.jpg
s0.2mdn.net/9951322/1615304082096/ Frame 32B6 569 KB
570 KB 12ms
12ms Image
image/jpeg 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9951322/1615304082096/texture2.jpg

Requested by

Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ed76cf364a8b426885319013ab0cf58b99ee6be549ef1cbc03577999885e69f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/9951322/1615304082096/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 16 Nov 2021 13:43:27 GMT
x-content-type-options: nosniff
age: 52490
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 583014
x-xss-protection: 0
last-modified: Tue, 09 Mar 2021 15:34:42 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 17 Nov 2021 13:43:27 GMT

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 94ms
93ms Preflight
text/plain 146.20.132.52
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.52 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.thestar.com.my
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Wed, 17 Nov 2021 04:18:17 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
access-control-allow-credentials: true
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
cache-control: max-age=300
access-control-max-age: 300
access-control-allow-origin: https://www.thestar.com.my

POST
H2 200 t Show response
t.lkqd.net/ Frame 74BA 0
166 B 93ms
93ms XHR
text/plain 146.20.132.52
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.52 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://www.thestar.com.my
date: Wed, 17 Nov 2021 04:18:17 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

GET
H2 204 pixel.jpg
server-204.lkqd.net/ Frame 0040 0
101 B 519ms
89ms Image
text/plain 74.205.28.1
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://server-204.lkqd.net/pixel.jpg?adSource=

Requested by

Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.205.28.1 , United States, ASN27357 (RACKSPACE, US),

Reverse DNS

Software

nginx/1.21.0 / Express

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 04:18:17 GMT
server: nginx/1.21.0
x-powered-by: Express
strict-transport-security: max-age=2592000; preload

GET
H2 200 p
sb.scorecardresearch.com/ Frame 0040 64 B
444 B 33ms
32ms Image
image/gif 13.224.96.7
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/p?C1=1&C2=23229166&C3=platform&C5=01&C7=http://www.thestar.com.my/
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-7.zrh50.r.cloudfront.net
Software: /
Resource Hash: 831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 04:18:17 GMT
via: 1.1 8455bcb2c0203b0c4ee93b610d75e69b.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH50-C1
etag: W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache: Miss from cloudfront
content-type: image/gif; charset=utf-8
content-length: 64
x-amz-cf-id: fhgXDRzmbYs-uZCkbf-eQP00kwe7aOXktxrkg-ENVfQ6bnw12F_A2w==

GET
H2 200 p
sb.scorecardresearch.com/ Frame 0040 64 B
444 B 33ms
33ms Image
image/gif 13.224.96.7
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/p?c1=2&c2=23229166&c3=platform&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=1637122696&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_st_ct=va&ns_st_cl=20000&ns_st_pt=0&ns_ts=1637122696
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-7.zrh50.r.cloudfront.net
Software: /
Resource Hash: 831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 04:18:17 GMT
via: 1.1 8455bcb2c0203b0c4ee93b610d75e69b.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH50-C1
etag: W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache: Miss from cloudfront
content-type: image/gif; charset=utf-8
content-length: 64
x-amz-cf-id: z4nidJjKFWXTtTkTwNahY9fqBl9u2QO0OZtYzTmrAX1eDcdtepfNBA==

GET
DATA 200
OK truncated
/ 477 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f9a8536bd32bcd9ecba5f08463ea344cfbcf4a2e0c1af51ce14089dcd4dbac51

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 Subscribe_now.png
s0.2mdn.net/9951322/1615304082096/ Frame 32B6 3 KB
3 KB 17ms
17ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9951322/1615304082096/Subscribe_now.png

Requested by

Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6f8e2288878a6e4cd289b6b80b34002f39d4fa524efadb1ff9c2b2d4655ce844

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/9951322/1615304082096/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 16 Nov 2021 20:14:55 GMT
x-content-type-options: nosniff
age: 29002
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2753
x-xss-protection: 0
last-modified: Tue, 09 Mar 2021 15:34:42 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 17 Nov 2021 20:14:55 GMT

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 89ms
88ms Preflight
text/plain 146.20.132.52
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.52 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.thestar.com.my
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Wed, 17 Nov 2021 04:18:17 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
access-control-allow-credentials: true
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
cache-control: max-age=300
access-control-max-age: 300
access-control-allow-origin: https://www.thestar.com.my

POST
H2 200 t Show response
t.lkqd.net/ Frame 74BA 0
166 B 90ms
89ms XHR
text/plain 146.20.132.52
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.52 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://www.thestar.com.my
date: Wed, 17 Nov 2021 04:18:17 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

GET
H2 200 wrapper.html Show response
wrappers.geoedge.be/ 3 KB
3 KB 67ms
14ms XHR
text/html 2600:9000:2190:4c00:2:d490:4d80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://wrappers.geoedge.be/wrapper.html
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:4c00:2:d490:4d80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8265c5aec9ae3882691303cec1b6993e75b12e8071fe6710826f7fc6b5cbccdb

Request headers

Referer: https://www.thestar.com.my/lifestyle
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

x-amz-version-id: gVDFxbxIIKkKTV40SMjG._OTMed_.wGK
via: 1.1 af287426c130b47dba79bf825f91ebbb.cloudfront.net (CloudFront)
last-modified: Mon, 12 Apr 2021 12:46:04 GMT
server: AmazonS3
age: 4576
etag: "4a6c546fe449447f2a620613c0655458"
access-control-allow-methods: GET
content-type: text/html
access-control-allow-origin: *
date: Wed, 17 Nov 2021 03:02:02 GMT
x-cache: Hit from cloudfront
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-length: 3121
x-amz-cf-id: SeeDERfq3npx9pvqS4MuoToI8PY4x8WXjvP8ITxxpZqse7hx3CnD1g==

GET
H2 200 grumi.js Show response
rumcdn.geoedge.be/e6a81302-2eca-46b7-8e3a-9fc5c5bcd84c/ 229 KB
74 KB 63ms
14ms Script
text/javascript 2600:9000:2190:8400:4:b37b:9440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rumcdn.geoedge.be/e6a81302-2eca-46b7-8e3a-9fc5c5bcd84c/grumi.js
Requested by: Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid-custom.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:8400:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bf981053815c0df7570a8e1a23d1f439060810e4a9f202186eb5177270b3eb9d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 04:03:45 GMT
content-encoding: br
last-modified: Wed, 17 Nov 2021 03:59:28 GMT
server: AmazonS3
age: 873
etag: W/"499166b29217f781820c680a5bcb4348"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: 8QgohHfc1xG4eAwcUNwnp1hi.wXnaK89
via: 1.1 c07945b00aad28e34fbfebb3d3907061.cloudfront.net (CloudFront)
cache-control: public,max-age=1800,stale-while-revalidate=3600,immutable,must-revalidate
x-amz-cf-pop: ZRH50-C1
content-type: text/javascript
x-amz-cf-id: tq3SAxHi996B0hDVBffyro0kCqxl6jYCtuEraoHn1hrarxwsq8KrOw==

POST
H2 200 t Show response
t.lkqd.net/ Frame 74BA 0
166 B 90ms
89ms XHR
text/plain 146.20.132.52
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.52 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://www.thestar.com.my
date: Wed, 17 Nov 2021 04:18:17 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 90ms
90ms Preflight
text/plain 146.20.132.52
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.52 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.thestar.com.my
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Wed, 17 Nov 2021 04:18:17 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
access-control-allow-credentials: true
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
cache-control: max-age=300
access-control-max-age: 300
access-control-allow-origin: https://www.thestar.com.my

GET
H2 206 684749_v1.mp3
cdn.thestar.com.my/Content/Audio/short-with-headline/ 98 KB
0 13ms
13ms Media
audio/mpeg 13.224.96.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.thestar.com.my/Content/Audio/short-with-headline/684749_v1.mp3
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-73.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://www.thestar.com.my/lifestyle
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Range: bytes=0-

Response headers

x-amz-version-id: Lj19r0OjHUKQFX7SfPSWudVfkdJ87rN4
via: 1.1 5e318b3ea3fa81a8c20898c2f8c40e7c.cloudfront.net (CloudFront)
last-modified: Tue, 16 Nov 2021 22:54:14 GMT
server: AmazonS3
age: 20
etag: "724b5db977581282cf37fb5e690612a3"
x-cache: Hit from cloudfront
content-type: audio/mpeg
Content-Range: bytes 0-289183/289184
cache-control: max-age=180
date: Wed, 17 Nov 2021 04:18:17 GMT
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
Content-Length: 289184
x-amz-cf-id: tESf-SQSkWzix8UhYhzI0uQYEuOqGg0GfpqYXlEMCasd2Al4gMxEVw==

GET
H2 200 684746.json Show response
cdn.thestar.com.my/Content/Text/short-with-headline/ 2 KB
3 KB 753ms
752ms Script
application/json 13.224.96.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.thestar.com.my/Content/Text/short-with-headline/684746.json?callback=jsonCallback684746&_=1637122690253
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.1.1/jquery.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-73.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 60629b54ab9326a759b575073fd8c7d934fcb539dd74a2432ad8d47c70ae2dac

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 04:18:19 GMT
via: 1.1 5e318b3ea3fa81a8c20898c2f8c40e7c.cloudfront.net (CloudFront)
last-modified: Tue, 16 Nov 2021 22:54:16 GMT
server: AmazonS3
x-amz-cf-pop: ZRH50-C1
etag: "99c83771ed3fa388754c64b8466b4fdd"
x-cache: Miss from cloudfront
x-amz-version-id: AhnxiFllCUI0oC9eRdEMUkL21SjbPAJI
cache-control: max-age=180
accept-ranges: bytes
content-type: application/json
content-length: 2383
x-amz-cf-id: kdBJc8bQNL0wzq81ZhDDC07XZSj7SRFGPg4PLit0fvZ_pV-yTMlYXQ==

GET
H2 200 Subscribe_now.png
s0.2mdn.net/9951322/1615304082096/ Frame 32B6 3 KB
3 KB 7ms
6ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9951322/1615304082096/Subscribe_now.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9951322/1615304082096/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6f8e2288878a6e4cd289b6b80b34002f39d4fa524efadb1ff9c2b2d4655ce844

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/9951322/1615304082096/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 16 Nov 2021 20:14:55 GMT
x-content-type-options: nosniff
age: 29003
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2753
x-xss-protection: 0
last-modified: Tue, 09 Mar 2021 15:34:42 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 17 Nov 2021 20:14:55 GMT

GET
H2 200 EN970x250.png
s0.2mdn.net/9951322/1615304082096/ Frame 32B6 38 KB
38 KB 8ms
7ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9951322/1615304082096/EN970x250.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9951322/1615304082096/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aa73e7abd67cd23730f89a4388a56331b70250762361a531b77dd73ef2d1c3cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/9951322/1615304082096/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 16 Nov 2021 06:52:13 GMT
x-content-type-options: nosniff
age: 77165
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39233
x-xss-protection: 0
last-modified: Tue, 09 Mar 2021 15:34:42 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 17 Nov 2021 06:52:13 GMT

GET
H2 200 texture3.jpg
s0.2mdn.net/9951322/1615304082096/ Frame 32B6 458 KB
458 KB 8ms
8ms Image
image/jpeg 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9951322/1615304082096/texture3.jpg

Requested by

Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b28ea763936241b5164a9ed02ef8fc8e4ddc968b446c8bb8a80a58d3bcc9bb67

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/9951322/1615304082096/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 16 Nov 2021 13:51:01 GMT
x-content-type-options: nosniff
age: 52037
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 468522
x-xss-protection: 0
last-modified: Tue, 09 Mar 2021 15:34:42 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 17 Nov 2021 13:51:01 GMT

GET
H2 200 Subscribe_now.png
s0.2mdn.net/9951322/1615304082096/ Frame 32B6 3 KB
3 KB 6ms
6ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9951322/1615304082096/Subscribe_now.png

Requested by

Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6f8e2288878a6e4cd289b6b80b34002f39d4fa524efadb1ff9c2b2d4655ce844

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/9951322/1615304082096/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 16 Nov 2021 20:14:55 GMT
x-content-type-options: nosniff
age: 29003
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2753
x-xss-protection: 0
last-modified: Tue, 09 Mar 2021 15:34:42 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 17 Nov 2021 20:14:55 GMT

GET
H2 206 684746_v1.mp3
cdn.thestar.com.my/Content/Audio/short-with-headline/ 64 KB
0 21ms
20ms Media
audio/mpeg 13.224.96.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.thestar.com.my/Content/Audio/short-with-headline/684746_v1.mp3
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-73.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://www.thestar.com.my/lifestyle
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Range: bytes=0-

Response headers

x-amz-version-id: Msnm5DQJwB6M.oa5lJznYV1u4VEU34iG
via: 1.1 5e318b3ea3fa81a8c20898c2f8c40e7c.cloudfront.net (CloudFront)
last-modified: Tue, 16 Nov 2021 22:54:16 GMT
server: AmazonS3
x-amz-cf-pop: ZRH50-C1
etag: "147aa07b582969fad386ca221564bf8d"
x-cache: Hit from cloudfront
content-type: audio/mpeg
Content-Range: bytes 0-295615/295616
cache-control: max-age=180
date: Wed, 17 Nov 2021 04:18:18 GMT
accept-ranges: bytes
Content-Length: 295616
x-amz-cf-id: 2Do6HzLcpS9Qlyv2QZRf-rGB0Qtjps419AbkUUsVjcpqkzNw5mS-YQ==

GET
H2 200 684744.json Show response
cdn.thestar.com.my/Content/Text/short-with-headline/ 2 KB
2 KB 766ms
766ms Script
application/json 13.224.96.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.thestar.com.my/Content/Text/short-with-headline/684744.json?callback=jsonCallback684744&_=1637122690254
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.1.1/jquery.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-73.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 905f7b349fac81ac3394df2283404297195961b9807183c56cd7b86baaebd62c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 04:18:20 GMT
via: 1.1 5e318b3ea3fa81a8c20898c2f8c40e7c.cloudfront.net (CloudFront)
last-modified: Tue, 16 Nov 2021 20:24:06 GMT
server: AmazonS3
x-amz-cf-pop: ZRH50-C1
etag: "b4924b3092a5d64f1035304f2cc69505"
x-cache: Miss from cloudfront
x-amz-version-id: sZTSZWYFcXdXGcr4KwzOb9TuyypdVRMq
cache-control: max-age=180
accept-ranges: bytes
content-type: application/json
content-length: 2129
x-amz-cf-id: wg0CsWyxlMXveiOXtqgzuGLKDs917ZHUN1MrM8B15cbxRQf76QNtaQ==

GET
H2 206 684744_v1.mp3
cdn.thestar.com.my/Content/Audio/short-with-headline/ 64 KB
0 21ms
21ms Media
audio/mpeg 13.224.96.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.thestar.com.my/Content/Audio/short-with-headline/684744_v1.mp3
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-73.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://www.thestar.com.my/lifestyle
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Range: bytes=0-

Response headers

x-amz-version-id: 7rk3cEJlM7FtSYJ8nwdj8rTk2iiWkFGT
via: 1.1 5e318b3ea3fa81a8c20898c2f8c40e7c.cloudfront.net (CloudFront)
last-modified: Tue, 16 Nov 2021 20:24:06 GMT
server: AmazonS3
x-amz-cf-pop: ZRH50-C1
etag: "3bb0fd5c3dd21463b4b48bef42d56132"
x-cache: Hit from cloudfront
content-type: audio/mpeg
Content-Range: bytes 0-233695/233696
cache-control: max-age=180
date: Wed, 17 Nov 2021 04:18:19 GMT
accept-ranges: bytes
Content-Length: 233696
x-amz-cf-id: neFijxsAa7as2bgKzsbTYaEpVH7XQTAyIR-AXNJu2AqrJjROhX8O6w==

GET
H2 200 684739.json Show response
cdn.thestar.com.my/Content/Text/short-with-headline/ 2 KB
3 KB 768ms
768ms Script
application/json 13.224.96.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.thestar.com.my/Content/Text/short-with-headline/684739.json?callback=jsonCallback684739&_=1637122690255
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.1.1/jquery.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-73.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 960560cfa615cdb50f84db0c43162eab364802808b996650ce62c348983fd06a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 04:18:21 GMT
via: 1.1 5e318b3ea3fa81a8c20898c2f8c40e7c.cloudfront.net (CloudFront)
last-modified: Tue, 16 Nov 2021 19:54:12 GMT
server: AmazonS3
x-amz-cf-pop: ZRH50-C1
etag: "595fbc3eb56fd110ce0375636cd0efbc"
x-cache: Miss from cloudfront
x-amz-version-id: q45BDjhu5oBahWz4JOC3ZEOO.xRh9QWG
cache-control: max-age=180
accept-ranges: bytes
content-type: application/json
content-length: 2309
x-amz-cf-id: Y3dShVKio5qSUrxKt0APkX95yaOI-P32WXEpEPAEzQ_5km7q98DKuw==

POST
H2 200 t Show response
t.lkqd.net/ Frame 74BA 0
166 B 90ms
89ms XHR
text/plain 146.20.132.52
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.52 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://www.thestar.com.my
date: Wed, 17 Nov 2021 04:18:19 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 89ms
89ms Preflight
text/plain 146.20.132.52
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.52 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.thestar.com.my
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Wed, 17 Nov 2021 04:18:19 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
access-control-allow-credentials: true
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
cache-control: max-age=300
access-control-max-age: 300
access-control-allow-origin: https://www.thestar.com.my

POST
H2 204 collect
analytics.google.com/g/ 0
54 B 315ms
13ms Ping
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-3HWDM68GV8&gtm=2oeba1&_p=1391293907&sr=1600x1200&ul=en-us&cid=763206404.1637122692&_s=2&dl=https%3A%2F%2Fwww.thestar.com.my%2Flifestyle&dt=Malaysia%20Lifestyle%20Feature%20Stories%20%7C%20The%20Star&sid=1637122695&sct=1&seg=1&en=page_view&_et=2&ep.meta_page_type=Category&ep.meta_page_category=Lifestyle
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3HWDM68GV8&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.thestar.com.my/lifestyle
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 17 Nov 2021 04:18:20 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.thestar.com.my
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 206 684739_v1.mp3
cdn.thestar.com.my/Content/Audio/short-with-headline/ 64 KB
0 21ms
20ms Media
audio/mpeg 13.224.96.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.thestar.com.my/Content/Audio/short-with-headline/684739_v1.mp3
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-73.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://www.thestar.com.my/lifestyle
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Range: bytes=0-

Response headers

x-amz-version-id: rjJJA1uYekJWNjf6SKjkeyQ8KZ9zXQXW
via: 1.1 5e318b3ea3fa81a8c20898c2f8c40e7c.cloudfront.net (CloudFront)
last-modified: Tue, 16 Nov 2021 19:54:11 GMT
server: AmazonS3
x-amz-cf-pop: ZRH50-C1
etag: "6e5cc235333a397d111fdf74202e6518"
x-cache: Hit from cloudfront
content-type: audio/mpeg
Content-Range: bytes 0-284767/284768
cache-control: max-age=180
date: Wed, 17 Nov 2021 04:18:20 GMT
accept-ranges: bytes
Content-Length: 284768
x-amz-cf-id: OxH0GJoEk1cQcSbdbYHNLghWWqCUXnnotjFjdd67q07-IuWiqfs-pg==

GET
H2 200 684734.json Show response
cdn.thestar.com.my/Content/Text/short-with-headline/ 2 KB
3 KB 765ms
765ms Script
application/json 13.224.96.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.thestar.com.my/Content/Text/short-with-headline/684734.json?callback=jsonCallback684734&_=1637122690256
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.1.1/jquery.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-73.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 613c86f56c73f4877141deb6754b6eab835c30c91d5e5251cfe4848fe66fd0bc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 04:18:22 GMT
via: 1.1 5e318b3ea3fa81a8c20898c2f8c40e7c.cloudfront.net (CloudFront)
last-modified: Tue, 16 Nov 2021 18:24:17 GMT
server: AmazonS3
x-amz-cf-pop: ZRH50-C1
etag: "45cdb9ebd0988a0c77db25c5f31b2859"
x-cache: Miss from cloudfront
x-amz-version-id: 2sBov16eW5eyn9QBcakQynfnheUvfq.n
cache-control: max-age=180
accept-ranges: bytes
content-type: application/json
content-length: 2284
x-amz-cf-id: Bp1QTa5TNKwLSahs3nOObBQWroUVBuHUnT96fOM3YsmkN-ZzYrSQLA==

POST
H2 200 v2jkpOb6Bsmdmgz8k4gkb0k6FheRL_a6X8SQxdRzCtXjLOy4JntS-WDF498yl191sfY6Q3D6e Show response
handyfireman.com/ 216 B
615 B 52ms
18ms Fetch
application/json 35.190.74.49
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://handyfireman.com/v2jkpOb6Bsmdmgz8k4gkb0k6FheRL_a6X8SQxdRzCtXjLOy4JntS-WDF498yl191sfY6Q3D6e

Requested by

Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.74.49 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

49.74.190.35.bc.googleusercontent.com

Software

Resource Hash

621cf75e17642ce3823bcf62edaa78f0f46cd24c2d063ed9a3e002c1063b591d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Referer: https://www.thestar.com.my/lifestyle
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=15724800; preload
x-datacenter: gce-europe-west1
date: Wed, 17 Nov 2021 04:18:21 GMT
vary: Accept-Encoding, Origin
access-control-allow-methods: POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.thestar.com.my
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-hostname: 94ecd830
timing-allow-origin: *
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
content-length: 216
expires: Wed, 17 Nov 2021 04:18:20 GMT

POST
H2 200 v2gwgWUGERx7h-hZJzDa5kzs0n0dR9MNcKtfAsS-8mASwWUYUDLGRvDZ7XuLOngkxtZAXDSD2 Show response
handyfireman.com/ 3 B
36 B 34ms
34ms Fetch
application/json 35.190.74.49
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://handyfireman.com/v2gwgWUGERx7h-hZJzDa5kzs0n0dR9MNcKtfAsS-8mASwWUYUDLGRvDZ7XuLOngkxtZAXDSD2

Requested by

Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.74.49 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

49.74.190.35.bc.googleusercontent.com

Software

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Referer: https://www.thestar.com.my/lifestyle
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=15724800; preload
x-datacenter: gce-europe-west1
date: Wed, 17 Nov 2021 04:18:21 GMT
vary: Accept-Encoding, Origin
access-control-allow-methods: POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.thestar.com.my
access-control-allow-credentials: true
x-hostname: 94ecd830
timing-allow-origin: *
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
content-length: 3

GET
H2 206 684734_v1.mp3
cdn.thestar.com.my/Content/Audio/short-with-headline/ 64 KB
0 22ms
22ms Media
audio/mpeg 13.224.96.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.thestar.com.my/Content/Audio/short-with-headline/684734_v1.mp3
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-73.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://www.thestar.com.my/lifestyle
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Range: bytes=0-

Response headers

x-amz-version-id: iH8w0WgkvUOHwZRlY3NEybYmPAdEQNdX
via: 1.1 5e318b3ea3fa81a8c20898c2f8c40e7c.cloudfront.net (CloudFront)
last-modified: Tue, 16 Nov 2021 18:24:17 GMT
server: AmazonS3
x-amz-cf-pop: ZRH50-C1
etag: "89b0662d33333c22491777613ffc3f27"
x-cache: Hit from cloudfront
content-type: audio/mpeg
Content-Range: bytes 0-272383/272384
cache-control: max-age=180
date: Wed, 17 Nov 2021 04:18:21 GMT
accept-ranges: bytes
Content-Length: 272384
x-amz-cf-id: wOXGX0NxTqvTaax7S6Nk7HSb_HfbdbqYQIcCtY6lH-lAQ5qQ8xY7vQ==

GET
H2 200 684733.json Show response
cdn.thestar.com.my/Content/Text/short-with-headline/ 2 KB
3 KB 774ms
774ms Script
application/json 13.224.96.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.thestar.com.my/Content/Text/short-with-headline/684733.json?callback=jsonCallback684733&_=1637122690257
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.1.1/jquery.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-73.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2cd9a4d1f6fa9f7497b0c1833603f2273e4073ea7181a154e8b8845dce402c0e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thestar.com.my/lifestyle
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 04:18:23 GMT
via: 1.1 5e318b3ea3fa81a8c20898c2f8c40e7c.cloudfront.net (CloudFront)
last-modified: Tue, 16 Nov 2021 18:24:19 GMT
server: AmazonS3
x-amz-cf-pop: ZRH50-C1
etag: "bf50377cf9359c3fc55d1b4727baeb3a"
x-cache: Miss from cloudfront
x-amz-version-id: Aggcp2RScghkJRUIQhJBHItoJYPVxTOF
cache-control: max-age=180
accept-ranges: bytes
content-type: application/json
content-length: 2299
x-amz-cf-id: diFCyzzFyhAMg6OQlhMSc58sQF6JTG59tayMDb4vTLkQfhihDhfUYw==

GET
H2 206 684733_v1.mp3
cdn.thestar.com.my/Content/Audio/short-with-headline/ 64 KB
0 23ms
23ms Media
audio/mpeg 13.224.96.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.thestar.com.my/Content/Audio/short-with-headline/684733_v1.mp3
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-73.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://www.thestar.com.my/lifestyle
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Range: bytes=0-

Response headers

x-amz-version-id: wfMOaF4NeMvwibj0vFoxq8VaQ38d6NMq
via: 1.1 5e318b3ea3fa81a8c20898c2f8c40e7c.cloudfront.net (CloudFront)
last-modified: Tue, 16 Nov 2021 18:24:19 GMT
server: AmazonS3
x-amz-cf-pop: ZRH50-C1
etag: "b0b19462ee4b13ffffcc8c6ff6099cec"
x-cache: Hit from cloudfront
content-type: audio/mpeg
Content-Range: bytes 0-289279/289280
cache-control: max-age=180
date: Wed, 17 Nov 2021 04:18:22 GMT
accept-ranges: bytes
Content-Length: 289280
x-amz-cf-id: Ww_bUia25eU51J2MdD5Xgs4xBu7dp6EC46r73ItENv8e_1-Xz1Yd3Q==

GET
H2 206 intro.mp3
cdn.thestar.com.my/Content/Audio/ 19 KB
19 KB 787ms
786ms Media
audio/mpeg 13.224.96.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.thestar.com.my/Content/Audio/intro.mp3
Requested by: Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-73.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3fa6d6c37bb979aca4502d51aa0e9069eddf13bf0856c8b270867978c3059445

Request headers

Referer: https://www.thestar.com.my/lifestyle
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Range: bytes=0-

Response headers

x-amz-version-id: qk_X17xg8RlYm04Aa_do1OviOLSUEzlt
via: 1.1 5e318b3ea3fa81a8c20898c2f8c40e7c.cloudfront.net (CloudFront)
last-modified: Wed, 17 Nov 2021 02:53:52 GMT
server: AmazonS3
x-amz-cf-pop: ZRH50-C1
etag: "eaafdc842ca7782a604e9275cf942c54"
x-cache: RefreshHit from cloudfront
content-type: audio/mpeg
Content-Range: bytes 0-19519/19520
cache-control: max-age=180
date: Wed, 17 Nov 2021 04:18:23 GMT
accept-ranges: bytes
Content-Length: 19520
x-amz-cf-id: V_Z4I_pawAQQfnJ00vgGw1PHLPPHVdVtYOG6iGzSoj5POMlLUrh2Og==

POST
H2 200 t Show response
t.lkqd.net/ Frame 74BA 0
166 B 91ms
91ms XHR
text/plain 146.20.132.52
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.52 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://www.thestar.com.my
date: Wed, 17 Nov 2021 04:18:22 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 89ms
89ms Preflight
text/plain 146.20.132.52
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.52 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.thestar.com.my
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Wed, 17 Nov 2021 04:18:22 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
access-control-allow-credentials: true
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
cache-control: max-age=300
access-control-max-age: 300
access-control-allow-origin: https://www.thestar.com.my

GET
H2 200 dc_oe=ChMIp7PTpcWe9AIVF5d7Ch3PIAztEAAYACCchKVGQhMIvZD4o8We9AIVm4L9Bx10OQ0N;met=1;&timestamp=1637122706471;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame 1A67 42 B
107 B 94ms
44ms Image
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIp7PTpcWe9AIVF5d7Ch3PIAztEAAYACCchKVGQhMIvZD4o8We9AIVm4L9Bx10OQ0N;met=1;&timestamp=1637122706471;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;

Requested by

Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6f3ae07be95ae97387d8b294da3b5285.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 Nov 2021 04:18:26 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_oe=ChMInL_apcWe9AIVDYp3Ch2CaA-rEAAYACDl1dVMQhMIxaLCpcWe9AIVo1TlCh2d_gED;met=1;&timestamp=1637122706471;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame 0D87 42 B
494 B 92ms
42ms Image
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMInL_apcWe9AIVDYp3Ch2CaA-rEAAYACDl1dVMQhMIxaLCpcWe9AIVo1TlCh2d_gED;met=1;&timestamp=1637122706471;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;

Requested by

Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6f3ae07be95ae97387d8b294da3b5285.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 Nov 2021 04:18:26 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 dc_oe=ChMIo5fbpcWe9AIVCJJ3Ch29fwOrEAAYACCZ4Z5MQhMImYPCpcWe9AIVqcC7CB3GGgDP;met=1;&timestamp=1637122706716;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame 5D3C 42 B
63 B 63ms
43ms Image
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIo5fbpcWe9AIVCJJ3Ch29fwOrEAAYACCZ4Z5MQhMImYPCpcWe9AIVqcC7CB3GGgDP;met=1;&timestamp=1637122706716;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;

Requested by

Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6f3ae07be95ae97387d8b294da3b5285.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 Nov 2021 04:18:26 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 dc_oe=ChMIzOKipsWe9AIVMeG7CB291Q9WEAAYACCisNBFQhMI1uaHpsWe9AIV4sq7CB3oxwcQ;met=1;&timestamp=1637122707048;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame 209D 42 B
63 B 42ms
42ms Image
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIzOKipsWe9AIVMeG7CB291Q9WEAAYACCisNBFQhMI1uaHpsWe9AIV4sq7CB3oxwcQ;met=1;&timestamp=1637122707048;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;

Requested by

Host: www.thestar.com.my
URL: https://www.thestar.com.my/lifestyle

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6f3ae07be95ae97387d8b294da3b5285.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 Nov 2021 04:18:27 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 t Show response
t.lkqd.net/ Frame 74BA 0
166 B 90ms
90ms XHR
text/plain 146.20.132.52
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.52 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://www.thestar.com.my
date: Wed, 17 Nov 2021 04:18:27 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 89ms
89ms Preflight
text/plain 146.20.132.52
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.52 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.thestar.com.my
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Wed, 17 Nov 2021 04:18:27 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
access-control-allow-credentials: true
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
cache-control: max-age=300
access-control-max-age: 300
access-control-allow-origin: https://www.thestar.com.my

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: s7.addthis.com
URL: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Domain: dtm-drcn.platform.hicloud.com
URL: https://dtm-drcn.platform.hicloud.com/download/web/dtm.js?id=DTM-0a04ac057b0b120e817b0be7b3d42a84

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss-OiVIqXh-m3Uu1mcl9fj-bavI0dPQEsRovnuxqPr-yFZgUOoXuFwkg-4HPM-F8QC71pCwIpuzaXBvdQ4hw4LzbbmlcMNLB9HzQFPVRN1URvYcVVfI&sig=Cg0ArKJSzA90Bee-DBU8EAE&id=lidartos&mcvt=0&p=0,0,0,0&mtos=0,0,0,0,0&tos=0,0,0,0,0&v=20211110&bin=7&avms=nio&bs=1600,1200&mc=0&app=0&itpl=19&adk=1690029205&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=3&r=u&rst=1637122691678&rpt=3964&isd=0&lsd=0&ec=0&met=ce&wmsd=0

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvYIOBEKrkiXFuKzz_TYzEQZx0fr9tOAmxu8fdbwNJsklhp2-W6xDaqY-StxVeZYzgQYAVjCcsl_uAq6fIaz0Nn431JPSsfMjSGyytzMyhUQXRXq8yh&sig=Cg0ArKJSzHcfI9WolVmtEAE&id=lidartos&mcvt=0&p=0,0,0,0&mtos=0,0,0,0,0&tos=0,0,0,0,0&v=20211110&bin=7&avms=nio&bs=1600,1200&mc=0&app=0&itpl=19&adk=3377693787&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=3&r=u&rst=1637122695196&rpt=445&isd=0&lsd=0&ec=0&met=ce&wmsd=0

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZSCh8wdfFakTfYb34ZaCQAABFsAAAIB&google_push=AYg5qPIvZFQUnNbLKCeKK8lonrYTYkHFJAiJHL6C3MjBGnlEc7Tuh4ZLEXQr677jvGSud7frWZuFdNHHmDD8Ps9x-CSF76ww2-escA&google_gid=CAESEPTIBB9yhrid9dfSM8S67-c&google_cver=1

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZSCh8wdfFakTfYb34ZaCQAABFsAAAIB&google_gid=CAESEPTIBB9yhrid9dfSM8S67-c&google_push=AYg5qPLE3wufIVoC_6_fcElCcZNolTs7Vo91H2jy58sgrAefajhp2-kqTDLfVK61MI48S46xnWFSh4_wa01QCjTK3XD5hTlY54Us&google_cver=1

Domain: static.adsafeprotected.com
URL: https://static.adsafeprotected.com/main.gr.19.8.267.js

Domain: googleads4.g.doubleclick.net
URL: https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsveCDCddWfpbWzqeD4Zr9vnjZZHcB0UJN830wyLzSSvMh_XmUUvCvMv3Rw0-V6r7u-8k9bmtnCXE77PW4Kt6oXMgjceMW5QCd9lV8YMK4VbBsn7avurWrPrbBuH2T1j1gZqaFxG5Ol5oRDZ1l5DlWo1EsLQj0w&sig=Cg0ArKJSzNehR0Or8G1gEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=152&vt=11&dtpt=151&dett=2&cstd=0&cisv=r20211111.44014&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst4e_p9_yyWdDBystK9SI9Yil2rIFP4bw9eaA3coCGHJwWv0pnAH_VtTsA7GlN77aceW5kGRJScs6ThDZb7lSnGwG1Th9fls8LXj-5rEM-pfcCLfu-4Lw&sai=AMfl-YTdwosmqL-CAhhlWpw0EwvAdS9IYBwgSLGVZWLjrABF-eZuI1i-2FHKsqtzSF7dw4bYDK_s1k9XCtOj0EWPXQptXdXtUEx3CeyjCmmXidJDmu1faATJv7Mhu3g&sig=Cg0ArKJSzMTiWK8M3F9IEAE&cid=CAASEuRoauTfR6SAMhT5qEuby66t6Q&id=lidartos&mcvt=0&p=0,0,0,0&mtos=0,0,0,0,0&tos=0,0,0,0,0&v=20211110&bin=7&avms=nio&bs=0,0&mc=0&if=1&app=0&itpl=20&adk=1648517212&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=3&r=u&rst=1637122695260&rpt=1146&ec=0&met=mue&wmsd=0

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvvr6c2o_sAw1lsfzT_jzvoAqCTsmH8DjEDAF-tB13pnooZCpz3Fiz--KivWylqPw3DzLNCDr4_6h4-oq5ROifwYUY9jdY273U&sig=Cg0ArKJSzPTqVmWROhPVEAE&id=lidartos&mcvt=0&p=0,0,0,0&mtos=0,0,0,0,0&tos=0,0,0,0,0&v=20211110&bin=7&avms=nio&bs=0,0&mc=0&if=1&app=0&itpl=32&adk=943508953&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=3&r=u&rst=1637122695260&rpt=1148&ec=0&wmsd=0

Domain: psegment.netcoresmartech.com
URL: https://psegment.netcoresmartech.com/user_exists?c=ADGMOT35CHFLVDHBJNIG50K968P0V61ULQ6VTDV1B4AH6RHKPIVG&uuid=bf33be35-8cbb-4143-9647-231f8205d00c&s=true

Domain: psegment.netcoresmartech.com
URL: https://psegment.netcoresmartech.com/user_exists?c=ADGMOT35CHFLVDHBJNIG50K968P0V61ULQ6VTDV1B4AH6RHKPIVG&uuid=bf33be35-8cbb-4143-9647-231f8205d00c&s=true

Domain: psegment.netcoresmartech.com
URL: https://psegment.netcoresmartech.com/user_exists?c=ADGMOT35CHFLVDHBJNIG50K968P0V61ULQ6VTDV1B4AH6RHKPIVG&uuid=bf33be35-8cbb-4143-9647-231f8205d00c&s=true

Domain: psegment.netcoresmartech.com
URL: https://psegment.netcoresmartech.com/user_exists?c=ADGMOT35CHFLVDHBJNIG50K968P0V61ULQ6VTDV1B4AH6RHKPIVG&uuid=bf33be35-8cbb-4143-9647-231f8205d00c&s=true

Domain: psegment.netcoresmartech.com
URL: https://psegment.netcoresmartech.com/user_exists?c=ADGMOT35CHFLVDHBJNIG50K968P0V61ULQ6VTDV1B4AH6RHKPIVG&uuid=bf33be35-8cbb-4143-9647-231f8205d00c&s=true

Domain: psegment.netcoresmartech.com
URL: https://psegment.netcoresmartech.com/user_exists?c=ADGMOT35CHFLVDHBJNIG50K968P0V61ULQ6VTDV1B4AH6RHKPIVG&uuid=bf33be35-8cbb-4143-9647-231f8205d00c&s=true

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZSCh8wdfFakTfYb34ZaCQAABFsAAAIB&google_gid=CAESEPTIBB9yhrid9dfSM8S67-c&google_push=AYg5qPKWbYb0BbwZB2knkm7c1ZXXRqDJP4A7IZev5NzWT6D7kB_8nFXvTk5ttCsu1sYIotoZzYjLmrIIcA1zWTvbT6zFyeLuhK6ibA&google_cver=1

Verdicts & Comments Add Verdict or Comment

574 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

65 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.thestar.com.my/	1970-01-20 07:30:58	Name: cX_P Value: kw30kx2e2p7uqcar
www.thestar.com.my/	1970-01-19 22:45:22	Name: outbrain_cid_fetch Value: true
.doubleclick.net/	1970-01-20 08:06:58	Name: IDE Value: AHWqTUnYHgtPbsa4b6xC-m6qUrjmEq9XMXE38ADqFo_rpFKYYRo-HHE_2O0Vx-u7iXY
www.thestar.com.my/	1970-01-19 22:45:29	Name: the_star_session Value: eyJpdiI6ImpzaUhQRVpTeVZFNzhaMmZBRDJVbGc9PSIsInZhbHVlIjoiZHR0UGx3SmhmR1JUMUttOXFMNHZXK0hWbng1K1ZaYjdWOUo3ZjV5SGdwb1FHeVwvTXFhM3ZYQWJQd3FscWhySUQiLCJtYWMiOiI0MDU5ZmRmYzY5OTRiYjczYmEzZWI1MDFjYTljM2NmYmIyMDVjYjU0YTNhYTM0MWY2NTcwMDY2ZGQ1MGFlMjcyIn0%3D
.thestar.com.my/	1970-01-20 08:06:58	Name: __gads Value: ID=6b175079070c0316:T=1637122691:S=ALNI_MapJ0r0q-vPXLQi4JG-ehcNZ1FOXA
www.thestar.com.my/	1970-01-20 08:14:10	Name: __atuvc Value: 1%7C46
www.thestar.com.my/	1970-01-19 22:45:24	Name: __atuvs Value: 61948282b8d5ba5f000
.thestar.com.my/	1969-12-31 23:59:59	Name: cX_S Value: kw30l05kk5ua6eie
.scorecardresearch.com/	1970-01-20 16:02:10	Name: UID Value: 1JTAFFENEQCIKVJKQC2PDYg1637122695
.addthis.com/	1970-01-20 08:14:10	Name: uvc Value: 1%7C46
.cxense.com/	1970-01-19 22:46:49	Name: cX_T Value: kw30l0bbjbccawba
.spotxchange.com/	1970-01-20 07:31:02	Name: audience Value: 62a4b24f-475d-11ec-b606-174deb1e0506
.casalemedia.com/	1970-01-20 07:30:58	Name: CMID Value: YZSCh8wdfFakTfYb34ZaCQAA
.casalemedia.com/	1970-01-20 00:54:58	Name: CMPS Value: 5235
.adnxs.com/	1970-01-20 00:54:58	Name: uuid2 Value: 6986777410377613487
.thestar.com.my/	1970-01-20 16:16:34	Name: _ga_3HWDM68GV8 Value: GS1.1.1637122695.1.1.1637122695.60
.bidswitch.net/	1970-01-20 07:30:58	Name: tuuid Value: 2957a701-4ad8-4a38-8ac5-5a03cc9cc255
.bidswitch.net/	1970-01-20 07:30:58	Name: c Value: 1637122695
.bidswitch.net/	1970-01-20 07:30:58	Name: tuuid_lu Value: 1637122695
.addthis.com/	1970-01-20 08:14:10	Name: loc Value: MDAwMDBFVURFSEUyMzAxMTg4MzAwMzAwMDBDSA==
.thestar.com.my/	1970-01-20 16:16:34	Name: _ga Value: GA1.3.763206404.1637122692
.thestar.com.my/	1970-01-19 22:46:49	Name: _gid Value: GA1.3.414674019.1637122696
.cxense.com/	1970-01-20 07:30:58	Name: gckp Value: cx:17fe89jztolvh96but0qgxy9r:3q68i8l9wyx6t
.casalemedia.com/	1970-01-20 00:54:58	Name: CMPRO Value: 1115
.casalemedia.com/	1970-01-20 07:30:58	Name: CMRUM3 Value: 2d619482872760CAESEIqAfn1gVcpq7Odv9b6ovyw
ads.stickyadstv.com/	1970-01-19 23:28:34	Name: UID Value: 3c29c8a1fa14b4e41c5ae79b5dc362f
ads.stickyadstv.com/	1969-12-31 23:59:59	Name: sessionId Value: 27fd970274f2024d4fd0e2a2cfa531
www.thestar.com.my/	1970-01-19 22:45:24	Name: __sts Value: {"sid":1637122695603,"tx":1637122695603,"url":"https%3A%2F%2Fwww.thestar.com.my%2Flifestyle","pet":1637122695603,"set":1637122695603}
www.thestar.com.my/	1970-01-20 16:02:10	Name: __stp Value: {"visit":"new","uuid":"bf33be35-8cbb-4143-9647-231f8205d00c"}
.adnxs.com/	1970-01-20 00:54:58	Name: anj Value: dTM7k!M41.D>6NRF']wIg2Hb_`>GZJ!1yIE`fS1ueD1W-044)d+]NDVTWrjAq!:CZX>//B(NWThTg#@/1.%lx[NA6#.g4dkXstGt!@@/!)jFAg
.openx.net/	1970-01-20 07:30:58	Name: i Value: a24e048b-ea4c-48c6-9070-c903fb25b87e\|1637122695
.vidoomy.com/	1970-01-20 07:30:58	Name: vidoomy-uids Value: eyJ1aWRzIjp7IkNFTiI6eyJ1aWQiOiJuby1jb25zZW50IiwiZXhwaXJlcyI6MTYzOTcxNDY5NX19fQ==
sites.thestar.com.my/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: j1sudggtjvzcpq3x4cxpd4jf
.yahoo.com/	1970-01-20 07:31:20	Name: A3 Value: d=AQABBIeClGECELfVKcln5FeB0OR4xewaHAsFEgEBAQHUlWGeYQAAAAAA_eMAAA&S=AQAAAqgNjDhAQQb67-WSyiEi4SA
.advertising.com/	1970-01-20 07:32:25	Name: APID Value: UP62ce996b-475d-11ec-bfe8-02eceacfbc66
.thestar.com.my/	1970-01-20 00:54:58	Name: _fbp Value: fb.2.1637122695787.182521506
.analytics.yahoo.com/	1970-01-20 07:32:25	Name: IDSYNC Value: "18yl~21ks:1762~21ks"
.yahoo.com/	1970-01-19 23:49:55	Name: APID Value: UP62ce996b-475d-11ec-bfe8-02eceacfbc66
.yahoo.com/	1970-01-19 22:46:49	Name: APIDTS Value: 1637122695
.thestar.com.my/	1970-01-20 07:30:58	Name: cX_G Value: cx%3A17fe89jztolvh96but0qgxy9r%3A3q68i8l9wyx6t
.thestar.com.my/	1970-01-19 22:45:22	Name: _gat Value: 1
www.thestar.com.my/	1970-01-19 22:59:46	Name: __stdf Value: 0
.turn.com/	1970-01-20 03:04:34	Name: uid Value: 3787999947135469336
.3lift.com/	1970-01-20 00:54:58	Name: tluid Value: 9587141377833977337
.casalemedia.com/	1970-01-19 22:46:49	Name: CMST Value: YZSCh2GUgogA
.w55c.net/	1970-01-20 08:14:10	Name: wfivefivec Value: gttrjLOg1MNcoM5
.ctnsnet.com/	1970-01-20 07:30:58	Name: cid_8b0479dc3d44473e843121cb6c872080 Value: 1
.ctnsnet.com/	1970-01-20 07:30:58	Name: cid_1be044ad923d4830bceec7ec7a9e8348 Value: 1
.adfarm1.adition.com/	1970-01-20 00:54:58	Name: UserID1 Value: 7031388438863411347
www.thestar.com.my/	1970-01-19 22:46:49	Name: __stgeo Value: "0"
.m6r.eu/	1970-01-19 22:45:26	Name: test Value: true
.w55c.net/	1970-01-19 23:28:34	Name: matchgoogle Value: 5
.everesttech.net/	1970-01-20 07:30:58	Name: everest_g_v2 Value: g_surferid~YZSCiAAFIL8l8QBR
.m6r.eu/	1970-01-20 00:54:58	Name: cct Value: 1637122696495
.m6r.eu/	1970-01-20 00:54:58	Name: id Value: 911c0d0432222e89c39d405683807514
.tribalfusion.com/	1970-01-20 00:54:58	Name: ANON_ID Value: a9ns6Es2aF9pAJsbYL7Za9mSkrdp4BIKatxZcdQtQdVZdXRvO3dqfOyqZdUCt0NwxgBcnjNJiJvFYpTbftkL2sLN
.adaptv.advertising.com/	1970-01-20 16:16:34	Name: migrated2y Value: "1"
.quantserve.com/	1970-01-20 00:54:58	Name: d Value: EGMBCQHfJIEA
.quantserve.com/	1970-01-20 08:15:37	Name: mc Value: 61948289-03545-0e9ce-8409c
.adform.net/	1970-01-19 23:28:34	Name: C Value: 1
.mathtag.com/	1970-01-20 08:11:17	Name: uuid Value: 5f966194-8288-4e00-b25f-a1ff996fce11
.mathtag.com/	1970-01-19 23:28:34	Name: mt_mop Value: 4:1637122696
.o2online.de/	1970-01-19 22:55:27	Name: webShopPV Value: ?partnerId=O2_DSP_TRA_HAV_14112_PV&mediacode=25667676_4307561_303197282_146020386_-0&ref=25667676_4307561_303197282_146020386_-0
.adform.net/	1970-01-20 00:11:46	Name: uid Value: 7444909344699071113
.thestar.com.my/	1970-01-21 01:02:10	Name: _awl Value: 3.1637122701.0.4-477589cc-5bf46c2c7222b618c2c698ae11720dee-6763652d6575726f70652d7765737431-6194828d-0

17 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
deprecation	warning	URL: https://www.thestar.com.my/lifestyle(Line 9) Message: Synchronous XMLHttpRequest on the main thread is deprecated because of its detrimental effects to the end user's experience. For more help, check https://xhr.spec.whatwg.org/.
network	error	URL: https://s0.2mdn.net/9951322/1615304082096/null Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZSCh8wdfFakTfYb34ZaCQAABFsAAAIB&google_push=AYg5qPIvZFQUnNbLKCeKK8lonrYTYkHFJAiJHL6C3MjBGnlEc7Tuh4ZLEXQr677jvGSud7frWZuFdNHHmDD8Ps9x-CSF76ww2-escA&google_gid=CAESEPTIBB9yhrid9dfSM8S67-c&google_cver=1 Message: Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
network	error	URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZSCh8wdfFakTfYb34ZaCQAABFsAAAIB&google_gid=CAESEPTIBB9yhrid9dfSM8S67-c&google_push=AYg5qPLE3wufIVoC_6_fcElCcZNolTs7Vo91H2jy58sgrAefajhp2-kqTDLfVK61MI48S46xnWFSh4_wa01QCjTK3XD5hTlY54Us&google_cver=1 Message: Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
network	error	URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZSCh8wdfFakTfYb34ZaCQAABFsAAAIB&google_gid=CAESEPTIBB9yhrid9dfSM8S67-c&google_push=AYg5qPKWbYb0BbwZB2knkm7c1ZXXRqDJP4A7IZev5NzWT6D7kB_8nFXvTk5ttCsu1sYIotoZzYjLmrIIcA1zWTvbT6zFyeLuhK6ibA&google_cver=1 Message: Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
javascript	error	URL: https://www.thestar.com.my/lifestyle Message: Access to fetch at 'https://psegment.netcoresmartech.com/user_exists?c=ADGMOT35CHFLVDHBJNIG50K968P0V61ULQ6VTDV1B4AH6RHKPIVG&uuid=bf33be35-8cbb-4143-9647-231f8205d00c&s=true' from origin 'https://www.thestar.com.my' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network	error	URL: https://psegment.netcoresmartech.com/user_exists?c=ADGMOT35CHFLVDHBJNIG50K968P0V61ULQ6VTDV1B4AH6RHKPIVG&uuid=bf33be35-8cbb-4143-9647-231f8205d00c&s=true Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://www.thestar.com.my/lifestyle Message: Access to fetch at 'https://psegment.netcoresmartech.com/user_exists?c=ADGMOT35CHFLVDHBJNIG50K968P0V61ULQ6VTDV1B4AH6RHKPIVG&uuid=bf33be35-8cbb-4143-9647-231f8205d00c&s=true' from origin 'https://www.thestar.com.my' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network	error	URL: https://psegment.netcoresmartech.com/user_exists?c=ADGMOT35CHFLVDHBJNIG50K968P0V61ULQ6VTDV1B4AH6RHKPIVG&uuid=bf33be35-8cbb-4143-9647-231f8205d00c&s=true Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://www.thestar.com.my/lifestyle Message: Access to fetch at 'https://psegment.netcoresmartech.com/user_exists?c=ADGMOT35CHFLVDHBJNIG50K968P0V61ULQ6VTDV1B4AH6RHKPIVG&uuid=bf33be35-8cbb-4143-9647-231f8205d00c&s=true' from origin 'https://www.thestar.com.my' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network	error	URL: https://psegment.netcoresmartech.com/user_exists?c=ADGMOT35CHFLVDHBJNIG50K968P0V61ULQ6VTDV1B4AH6RHKPIVG&uuid=bf33be35-8cbb-4143-9647-231f8205d00c&s=true Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://www.thestar.com.my/lifestyle Message: Access to fetch at 'https://psegment.netcoresmartech.com/user_exists?c=ADGMOT35CHFLVDHBJNIG50K968P0V61ULQ6VTDV1B4AH6RHKPIVG&uuid=bf33be35-8cbb-4143-9647-231f8205d00c&s=true' from origin 'https://www.thestar.com.my' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network	error	URL: https://psegment.netcoresmartech.com/user_exists?c=ADGMOT35CHFLVDHBJNIG50K968P0V61ULQ6VTDV1B4AH6RHKPIVG&uuid=bf33be35-8cbb-4143-9647-231f8205d00c&s=true Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://www.thestar.com.my/lifestyle Message: Access to fetch at 'https://psegment.netcoresmartech.com/user_exists?c=ADGMOT35CHFLVDHBJNIG50K968P0V61ULQ6VTDV1B4AH6RHKPIVG&uuid=bf33be35-8cbb-4143-9647-231f8205d00c&s=true' from origin 'https://www.thestar.com.my' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network	error	URL: https://psegment.netcoresmartech.com/user_exists?c=ADGMOT35CHFLVDHBJNIG50K968P0V61ULQ6VTDV1B4AH6RHKPIVG&uuid=bf33be35-8cbb-4143-9647-231f8205d00c&s=true Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://www.thestar.com.my/lifestyle Message: Access to fetch at 'https://psegment.netcoresmartech.com/user_exists?c=ADGMOT35CHFLVDHBJNIG50K968P0V61ULQ6VTDV1B4AH6RHKPIVG&uuid=bf33be35-8cbb-4143-9647-231f8205d00c&s=true' from origin 'https://www.thestar.com.my' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network	error	URL: https://psegment.netcoresmartech.com/user_exists?c=ADGMOT35CHFLVDHBJNIG50K968P0V61ULQ6VTDV1B4AH6RHKPIVG&uuid=bf33be35-8cbb-4143-9647-231f8205d00c&s=true Message: Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1af8959025b4889effcf75e52beb7e3a.safeframe.googlesyndication.com
4cywq-eqnre.ads.tremorhub.com
52a360d4000447a08efd7617080680a9.js.ubembed.com
6f3ae07be95ae97387d8b294da3b5285.safeframe.googlesyndication.com
a.tribalfusion.com
a.vidoomy.com
ad.doubleclick.net
ad.lkqd.net
ad.turn.com
ade.googlesyndication.com
ads-eu.v.ssp.yahoo.com
ads.adaptv.advertising.com
ads.stickyadstv.com
ads.vidoomy.com
ads.yahoo.com
adservice.google.com
adservice.google.de
adx.adform.net
ajax.googleapis.com
amplify.outbrain.com
analytics.google.com
api.cxense.com
apicms.thestar.com.my
assets-tracking.crazyegg.com
assets.ubembed.com
c.amazon-adsystem.com
c1.adform.net
cdn.cxense.com
cdn.jsdelivr.net
cdn.thestar.com.my
cdndc.netcoresmartech.com
cdnjs.cloudflare.com
cdnt.netcoresmartech.com
cm.g.doubleclick.net
cms.quantserve.com
comcluster.cxense.com
connect.facebook.net
creative.lkqd.net
cs.lkqd.net
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
dtm-drcn.platform.hicloud.com
eb2.3lift.com
fonts.googleapis.com
fonts.gstatic.com
gcm.ctnsnet.com
global.cloud.netacuity.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
handyfireman.com
ib.adnxs.com
id.cxense.com
j93557g.com
js.boxx.ai
m.addthis.com
match.adsrvr.org
odr.mookie1.com
p.adlooxtracking.com
p1cluster.cxense.com
pagead2.googlesyndication.com
pagestates-tracking.crazyegg.com
pixel-sync.sitescout.com
pixel.adsafeprotected.com
pixel.advertising.com
pixel.rubiconproject.com
pm.w55c.net
portal.o2online.de
pr-bh.ybp.yahoo.com
psegment.netcoresmartech.com
rtb-csync.smartadserver.com
rtbpass-us.andbeyond.media
rumcdn.geoedge.be
s.tribalfusion.com
s0.2mdn.net
s3.ap-southeast-1.amazonaws.com
s7.addthis.com
sb.scorecardresearch.com
scdn.cxense.com
script.crazyegg.com
securepubads.g.doubleclick.net
server-204.lkqd.net
sites.thestar.com.my
star2.com
static.adsafeprotected.com
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.mathtag.com
sync.search.spotxchange.com
sync.teads.tv
t.lkqd.net
tpc.googlesyndication.com
tr.outbrain.com
tracking.crazyegg.com
tracking.m6r.eu
tw.netcore.co.in
twa.netcoresmartech.com
uats3.thestar.com.my
ups.analytics.yahoo.com
us-u.openx.net
v.lkqd.net
v1.addthisedge.com
wdc.netcoresmartech.com
wrappers.geoedge.be
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.thestar.com.my
x.bidswitch.net
z.moatads.com
cm.g.doubleclick.net
dtm-drcn.platform.hicloud.com
googleads4.g.doubleclick.net
pagead2.googlesyndication.com
psegment.netcoresmartech.com
s7.addthis.com
static.adsafeprotected.com
104.111.242.245
104.75.88.126
116.202.80.167
13.127.55.210
13.224.90.44
13.224.96.106
13.224.96.126
13.224.96.13
13.224.96.50
13.224.96.60
13.224.96.7
13.224.96.73
13.224.96.82
13.228.188.75
13.235.142.106
142.250.184.226
142.250.185.66
142.250.186.162
142.250.186.98
142.250.74.198
146.20.128.202
146.20.128.38
146.20.132.52
147.75.85.120
15.197.193.217
151.101.129.131
151.101.66.49
151.139.128.11
18.156.147.57
18.156.58.231
18.157.70.90
18.196.197.61
185.29.132.241
185.33.221.52
185.86.138.143
185.94.180.125
2.18.234.190
2.18.234.21
2.18.234.233
2.18.235.40
2001:678:cb4:bbbb::11
2600:1f18:612b:4264:c589:eae1:ee6a:30d1
2600:9000:2190:0:9:a948:8e80:93a1
2600:9000:2190:4800:1c:47d:4bc0:93a1
2600:9000:2190:4c00:2:d490:4d80:93a1
2600:9000:2190:8400:4:b37b:9440:93a1
2600:9000:2190:bc00:8:48e:53c0:93a1
2606:4700::6810:125e
2606:4700::6810:5614
2606:4700::6812:d05
2606:4700::6813:9308
2620:116:800d:21:5a23:9c4e:e774:96c1
2a00:1288:110:c305::8000
2a00:1288:80:800::7001
2a00:1450:4001:802::2002
2a00:1450:4001:808::200e
2a00:1450:4001:80e::2002
2a00:1450:4001:80e::200a
2a00:1450:4001:80f::2002
2a00:1450:4001:810::200a
2a00:1450:4001:812::2006
2a00:1450:4001:828::2002
2a00:1450:4001:829::2001
2a00:1450:4001:82a::2008
2a00:1450:4001:82b::2003
2a00:1450:4001:82f::2002
2a00:1450:4001:82f::2003
2a00:1450:4001:831::2001
2a00:1450:4001:831::2003
2a00:1450:4001:831::2004
2a00:1450:4001:831::200e
2a00:1450:400c:c06::9d
2a02:26f0:1700:16::b856:fbc4
2a02:26f0:1700:181::268b
2a03:2880:f02d:100:face:b00c:0:3
2a03:2880:f12d:181:face:b00c:0:25de
3.126.56.137
3.129.250.65
3.68.1.119
3.7.18.15
34.107.231.31
34.98.64.218
34.98.67.61
35.186.193.173
35.186.249.84
35.190.74.49
37.157.2.234
37.157.6.242
52.219.132.38
52.29.208.72
52.49.172.98
52.50.243.239
54.151.228.157
54.73.172.176
66.155.71.149
69.16.175.42
69.173.144.165
70.42.32.95
72.251.244.140
74.205.28.1
76.223.111.18
82.113.101.132
85.114.159.118
040f5ac59115982f4245b22221825e1c4ea3681eb5cdb513ac97b016f334375f
042728b773152a62ed3ed8d5202d604a1e62f67a9d76ec8d7c89943e8769a4b3
047b2010d498213bc9246a93ba819dda53a216bf764ad9b5ee2e5ae471bff3df
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd
0675bb1d58e711fbe21fcd3a4abe46f171363050dac2c795d4d3508dbb3f9c37
0683f77dee618b5235085e1608e871d6165adc1a90125fddcb4c12fed2a4c86e
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
073871c472b0faf53307aa60ce6020d7f82a4a695d2caee068f606baa7951be8
07a234fd1568c80f98b54c51e1ac8a1ae0c6a45f7620cb9a63e8a8e3f2a2f49c
081d444de733f8f3e5a1fa79b128371245ed03613029cba549a07bbac5c07ecf
0880cbd683f04be47dce7fd7d756cea78d311a1a09f2dc9cf2d95bbd7f3cbef7
091bffc74d80325dfeda3fd6d7cfa7345e4c05475683bba43288e71b976b9097
0a539a92b04d60f33f99a181aa6e4a0fa8645f3d4c9e9a1375fe049fcda2fde0
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740
0cc774c9edcfacef32f5d7401c7e74d7e601de7e6a977a0a8d0b1667341cc62d
0dabbb4784d068df2f38881f0d5720cd448506f10e8c6a44febf47ce8374ab8c
0e7cabd0fab2db3bfb7cf8dea96afed2e7411e19d889f6e8ceddba5bd9365694
0ebf866bb27bc99e2583a86df1489340fc401bcc75ce476d6cb2bb1fbd397df5
102b5cf7bc2670e2dafdaebb0a359ef581924f2df58b50a0794047d2ba4c5ee5
105ba69e2aff3f8717305031c87902d1fe2019a1244e9631e94fbc13720cbe38
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
11eddc400a1e9f0709e9d7fdc797de0559c056cbbc33933d8d5826ed82da4b3c
122e0de24633a9fa3d0668b02f8ff785df8f58990d3d263b955d967a9542c682
124c07b4e8796fd121878e84b052e054d9bf8d1049180a88667ba9e9f2083daf
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
1323112ac126d2bc27da6f7e045a1f8d06a1dabaad2560ef8e8297cfc9379a2f
13633c0a5180d50a99489394c184258265ff122578dfe5bf3a1125d100d22519
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
163c3e85cf9f3f0812448da182d8f6f3d4fd4bde0ca0f05cafc0ed4e29e56668
16f4370a1530b2d1badf72a22a328259cf7c395c40fa0fe6a087879ef445742b
17dc0fa8013badc8da17b8ba9fc231cd5f29a78e7d5796145492b7596a3518d1
18c864956bf2492c5c86e79b0fec65f0ecbb4b02bfdcfe854b2c5501857fecdb
190f1df3e8b2e79514b050601e0d2e02f7f3f1f17ec100cf92c2648c66b29a26
192080a8d9731ecc5252628e00db0755e263d6cb211760794b7741eebbea4c7e
1a4595aed4bc342915f74bff218b806462c917e81030adfbfd369192c3bab6b1
1c8d27872211b897a03078825f202c2010b4180507be9a71700afdccf945f9ab
1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580
1d59759e0fd8b49078150d8baf1d177d5b954a1a73151774d9a7c65cfe2b66da
1e9ded59cc03e891a5756f567c3ee075c826e1160eccdc0448dc1cb8628f4c1b
1f0582e3b12ca3a7df37fd2dd477379a32cfcae45f5319500c26355ba3fea12e
1f65396dd4e0cd5ee18fd6cbfb2abbcbc0ac4ab15b623b19f71e7050cf7095d2
20150f4b865203e2a0c9cf776548d1a6a341fb574471b1704e082beba85511e2
21f94ed0b016f05891f49afa7c5db6668b9b22c226e9c98c4c0e44f3be5c09f7
2450f73a36bcde1d8995e0645f456f86314c06b871622c76878cce07b1a2d9dd
249491720598f893eed99f05872f325bf73976054034f2ef607a6456f8b00e0a
25803bba1f72a415b6d331bf0f67a1c1c8de52097f6238e79cb00dc3f9d68ca8
262fd74571b20241b0506bdb49bccddce8305437ce67b136556cca4694bc2a58
270c56cdecd7bd45eb74a011b460b48fb1b068cc527fa8dc8581cd03b8fb3e7e
2720ddd9dd464edc7778de15f199775a58f40e8a843dd12cf6e87ee61f39be6d
27d1f9c93289f3721ee15e9e6597faddeb56bc231b0c107e4f9800e7f82ff680
284511b6ae2f6457228a9773bce0b43bcf4956dfe75f461db32a427dd9633975
285b7c6c61191d52864ac4d2300bd4656c44b06c2e7604f0a985d7cf2628d240
2a1ac7ba856a43cf71b7cc3657ec9766bf8779d370f2f36b140aa0d3eff755af
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2b24603feab6c3be50d725bc010c30a1592ea1ae238fc993dc9bf81e6e53a0c9
2b3188194dd55d8784117eb05af34e23ba99afdc63d9cd4d50ed6a590f6f979c
2b99d7da83110b09c1b9d952a13835c84318995ba10b61d5c18a9b70d96c5cf5
2cd9a4d1f6fa9f7497b0c1833603f2273e4073ea7181a154e8b8845dce402c0e
2d16b7dd1dd51de053865b8efbaa6362956026a068c2e8786740d8486dd7a9be
2e666287f9fbe6949481feff10334c4fbdad9d459bf6d2625045e921de1c0b67
2e93ddaf28512c13d2e11ffe5c5257f0844783028ce9313714473404ab46b861
2fd66cc444617b118565d8a44c8a559936a719c216aa3c913a91bb9cc7e0e1d8
2ff5b959fa9f6b4b1d04d20a37d706e90039176ab1e2a202994d9580baeebfd6
3085aac649fa0d732e9fd1e54e0ce46f115238e1c115a7f7ce9de4bc416ab551
316344e85419e921d1f7f7f5e846f8081e17b2da631e24ee1a9dba4d544fddb1
32247e4255c9b88b04fb7c574402e134159561018b343665b43f697d64218087
32322986a3b686254b0bd0a35a1feff3886eee67ef8812baf9a7a0185df71a63
326a76064c9120bf8ec2ba9c04cb8188357cd8a9977ed748604a973115fac06d
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
32a44bcb5bce62f0754974e046774ae5d16f2f4941815d27ff22a3069de50b10
33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c
341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f
3593c5cbd1faa7470718d510d267509a03f6127ef15893f9b516c3e55661c4ec
35f5317be05f3deea33576323a15392e6957c72eef269e0528d4ba4257f5bb70
360982e60bf04856ad71239174fd4477a4164fdc45638af2e938f115ef663812
368daab67b1a5b2b2802edbbac79a2aa4ba992a2ebf9c67b98ad784d8004018c
36ae762191d24727fbba21272ea14872bb7824188961282001d50e67f7b1881c
36c0ec05d79bd9d3164effc3eca0f1962cd6f82bb1f41cb212e080910be24153
36d9e203ca5f0ae182d85e683d9efd78b0539a33cff1bd5ae0cca47790ced611
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
3727afb5c918a198e396e78d8e77e77d2423dd2c894ba774f6d6dc9a8a854436
37ded0b4eb56a3a29160e59249c93bc9a73e47f5dc62678b2c696fbda31b35c8
38487eeebe1c08174ea474f7d754dc8b65dd732ecd1ba5fdcd6ffb28624d237c
39259f689de4a4b42fe99ce88884ca2d525ccca82c0c7d99e7ab8f900bd24196
3aae7a5350992a2a5cc76a0447e626ebdff721e2480722467db3b670b048c2b9
3ab8e6f8fddfe06f50fd73a253860534077ca267ec570ad4f7db6fb041153339
3eae04d2bcf8165655a2d164bfaf44ed72b38bef84aefa1f477c273ee3cefced
3fa6d6c37bb979aca4502d51aa0e9069eddf13bf0856c8b270867978c3059445
404166d904cdc960bdeb7cbe23c164f9e991bbee5a61de80cca8299728708bd9
412d8604e875bfb9a506887717836ddcaa5ea44b99f5c4eb22258a33108cfc72
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
42ba00577dd09005be874a620fec2c0c9bef0a72ccf4ae82337f8fbb1de0a7ac
44d81ee8d5b0dd420b8bcf3d06ec944fff9e3404dbe16180bac9b27930efbd15
44df23eec24dabd68180756aa397d6ee96a6ee5db32dcb14662873b83e3ab57e
452401583c42f3b8f6992ed4d1a1c21b8c34d9b1d3475e2f7bfe09009c5e482c
45fa735c6df15f15a1293a9cb3125033408874bf284280e8bcac23f95ad8feac
4642568b405b3750fb18df621889e27def95e8162c1cdd256a21b319c9a4e24b
464f48452dc22b498ca4ea5e1ead2629c2bec90df554d9990be0eebd18f4a645
466b6211be89a10f64b78113f93049ecdcaa2f208fa32fa83f845a6aecef935e
47269f8f454fbfd295cbae0bc19f51ba58c6a1511f4f7265f273b2fd912484f3
47b79d50b3c3a076a0d004cd617e8d820fede7299fa25f7e7f5e059facfcf6fa
485c962ce095e1a1364d1a34b15c9e8b12a24736dc9dcfb365ac2ccd9cfd30ee
4a243748025f32a370d184025724a3f3f77ef50a833dfcf20e211aafe9bca558
4a85bbd945d370b499409eeca2ac0a1ca75110c514373441b77a8ec397c4d7db
4b52781951c70cc8a2ae2afdaac5d673c656c3be0f1c769fa6c1e9e4f5ed8d3b
4b53441ff024b71c72f69202b5be4edf376ebce81ceaed3be6f9cdbd54bda03e
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4bf4a9bd526fe56f0c1f728a46defffe19897d8fc49ed811d10ac3f208007c2c
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
50cc9da5b58beb7ea6c5e70219d452dd3902c06f8315bf8edc0f7935d91eaa89
5161b1d196cb6439dd988585efbe769030f86d567f23a1b21db17a2146cf2728
517466d53503e46b6e58d6d4bc22dcdf4898d460fc78b71a03550c8243580e56
51d55ed62d7cd89bc8b4835ab935e96d72f56c6334e5758ec51446bfee8aa715
52b255c86ae6d99ee7e166fb426b5bd737bd64c166bd7655a6ca995311ebe6f3
5307a9b5aaafd63262fe0c6bb14717aa1dc53fbad1e401765e0f35d989d6f803
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
54014df892f405c636e447e11a522478ec7bda248e49cc4a5e6297b212ed8a59
544e5ac961fd1b7442ec34016f6b66fae244fdbad6da779bb0e4a3b2387866d5
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54c332b1373fef56149775367df844b82963b8e229dce6fcabcd263f237af5be
554e57e0838a96c4ba5b65c9b80604446edd37cbd1fbd1c52066ea9f10849518
55b0a4a2ab61a84eef7acffed553b8bd6daca362fbce16f8b9a9cb3cb72b8789
560fe6c9877bd6b212f360b509d9c5b60aba9de45ace3c66f9d40edf01eb0ae0
5616a6e1823b43919f7d1a33817cccfa1d9f30c9f10f2deb00d9c3671f91d5f0
56fce0708ff84dbbcf0a8730598dbbe5841c5af1ec838a532edaf742b6252d2e
574c2837d5820f8891301e58a370a0990bb14c156e690f7beb7037af5d7602a3
576992dff06c4b0fcecc2012f97b0a3d8050b7418b2894d3d6f97efbd3304170
57b4a8736adf73f8686e12a5dc8b5b446c57168d97d0fd8f1ef1c840542d3d43
581e25592a67045516265f84c02caa0310999ac85b8330fdcdc79f363b33611f
583eda12fed77c078f7391866e53eedd80aec5b9b178a3537a3c4c3b09575485
5911b0a1a559ff70fee33f0cad7808735b38140022faccbdbb0d7e11a2f9cccb
5aa96b4944174c3a1689f08df1fb31143929e32189533ad9eeeccad574b0272a
5ae4871d35733c95e0f16d99f113b254a596e8630207a485eea16a9d7dfde240
5bb268a80096e97da89415934ce9ea9807c6af557f7be12e40228ae9401cbe47
5bbe3fc1b22e847e9b39b5e3d2e0a3a1d7bc3f0881af180e2a702aa3a4a10266
5bf2f3b32c0f74c4d7abad22b908284cd898266d563ac1a425f960ae9c859e1f
5cab9b172410fa583828fca2511d6200bbc4cca9be36370c3483b2fe7ed137ea
604496ee6acca620cd59265c2302f6a03fe02d65bc5306d952f0fa94d92fa5c8
60629b54ab9326a759b575073fd8c7d934fcb539dd74a2432ad8d47c70ae2dac
6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df
613c86f56c73f4877141deb6754b6eab835c30c91d5e5251cfe4848fe66fd0bc
621cf75e17642ce3823bcf62edaa78f0f46cd24c2d063ed9a3e002c1063b591d
626c2b325ac7f1ff47bc9f1598e1d4097214f4a5f5ea0a29651b6375334b2579
6330fb58911032268ef5505230db6cc38e241185c4f6b0e2b884fd104ed6bac4
638a75a4154495e5d037f94d600a318275e0334181ad66f7f3c7be2b05626e45
64c60d228acd04a4e568f74ca1192356445c20ebc4254a7a20d4ba7930851c6a
64e2027cfa89bd33663a465bbae111e5a4cb253ba68406ce689d3307f25f79c5
65255ba335c614b8ac7259426aaeccff7e9578f3a8bc0903bb597c9c4b11deec
65a9240553f9cc74f375c07060dbf8c4634a6f5ce8d05258414f036e91c34b45
65c8657f8d16589244d3eaa750e5bb928c407922bce5627bbaca1c58b6dae9f5
65cb5cd5882c666a22bf188d80f04fe01f56fbb3428e29d74aa24e3d9b1c783b
667879646d8ae08e9e41d3f95b686e80b8bae69f53d2d87943b1ce4a3a075765
66d178ce32402ac9400e4a35fb89806d6ddec78907011cee45ed8bf263882a01
671eb2326d3cabe86d9e01b1ed181397faa7d99118e65f7df820563172246009
6744513667dae41ae5913c9a9966e3b6f12dae75d3115745e5e7aeb792aa4c64
67603c946150833247a74eb079b95d0a2e90bb5727a54af9598d1ac85f141893
682a653421b444fc54a05524d6d8f7258d2748823a16b7837bf25ed7d312758d
687552a59ba72afe775e03d15e7421b277a64e8969eb30892766b926a23c7666
68c3532442a503d298666c3642cf13b54a841f302565ea0c8939771a9375497a
69b39b769a35b7575db31a2a73151c20a3fc7df2eca7ed00d719e47e41531bbf
6b4766101677974db880f025a94ba9a402c4cfa96d01986a5669f8ebe1a2b938
6c138576e7381d3ab0aa7b511adc3a7cbb7fe3a3d33768bad05577f5dfc60cad
6c2cfec355323bf0e97b26d88609cd23484a311392a94a8a7305dea86ef0200f
6c7472e2354eccc1d9e860d637ebf8791174989402a8ecd41f46f90a951939b0
6de5f10ccef7544ae2724a6baaf888e54031959cd40e133126d64fc913a005fa
6edfad1d5d6275fc7ade68ffb1f07d480fdbb39579fa359bc9c7ea1d4649fce9
6f8e2288878a6e4cd289b6b80b34002f39d4fa524efadb1ff9c2b2d4655ce844
72885c7b721704e236e38ed9af84078e146c7156c2ff91bceac0b47ee77f71a0
760144b690ee7570b72cf862a52ecf8678571ac6aecd431716c53a5e3f16d6dc
7682feca24bb60605ec4b3c7558e21a407071f73f84e590a8573f98daf743002
77f1289eb36d8bc0247c7e2f7f4e7b992fb77fb5ae801fd62bf40f8b188f8a7e
7801e6d6dfe4bb0739f38b4a875eedd3caeb86fd83907d6e8a9f840ea1253d9f
7888a75eac5f8b9dc4c448f10e8dc9030fcae612cb236f1a9e9700d56ae6ef34
78b341647e8bf718869378550c0c14b87bfe33967b4944d7dac6a2a1f3290d4c
79a48ca4e0e9b49e2cdf02fb8e1af695c0bcf48508d96aac0a9c0be160f99749
79b628a883191c8130a3382f904e50f5d4210b2abaac6227162e6b1e07f6c593
7b6bfa13f0778c40bb2a00af9819bea2f07afcb4d071e7e4f436196953a5db4d
7cfe458faed6fe5c3094bd51f1f10174604be983739ade9d828b0aad190043e5
7d4243c8e973ec0cfc707904891ae4e3efc03dbc8923acb9755f9a35c92269a6
7de862c78c063457dd1efecec6a0e18a101a1f1c6004ab1ee5e4a47fb30ad70d
7e78e48d0030ee8f1bb143e6bed1e23831aa407edc7f1f5def849ebce11a3b7c
7fb3dec10ce5dbb5a0f06884d35f4fce3734583ff1ad804d17c3127c410cd530
8088f1d161a58af558862367e42cb9d6451ffb8bd973396ebed69da04d6188a7
80c7fe7749a6e8c85fa6473e7bbba5c5dc6ffe20a86036de26d91bd4b9a4e8d4
80fc559ea054094bcda338f81004f053cc128a8bf386513ad8c2818496545165
8154cfa5cc42950d00fea81ce2d0e2326de18f558f7a8fab90c858ba35802fc4
824108d6942edfd5d4eb473c8fb180227e21f6c8c6e9590579d2e6371091eaa2
8265c5aec9ae3882691303cec1b6993e75b12e8071fe6710826f7fc6b5cbccdb
830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd
836b4bbc29fb388d4a3e4d0444561baf54188cba551b75153f231ec0db256cb1
83fdcf272f1b3595e9fb6ff516c1d97f525ba9bdb405f1d1396111ea21f2fa20
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf
85d56bd84b1fdaa79be51a248386ace108d78ba17ca60e5bf26eb6a2685af408
86137a9ac4e088c8a5789b493a801945f3d514ba55f5857f969abd97a921ff1c
871ff658d9767aa340756d6c5fa46759091ca65abc2071c3f3381cd0b09954de
8724c560720ad6f229ce95feca978ac957e0cb6931afb587e4174f1b082e52de
872d4c7764d5100ed92d4fc7eef2787e89996b62d7c0a740775e01057c1b8b26
8751e8f60194bd781cd21a3bd9dd0d5042c8d4e2f1b9e3135f07655f0d62d10c
89c9421ac39490aa9d49852dea53fd6bae0f07639ed1d50b3879b4299e64ca43
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8
8b419e3880844b388be6e5741bfba63db8a32da77ebf64237a86e1dcdbb86fa2
8c28883748bb860db758cfc7971aff049d9f2564801f609fb1887e9ad81cd548
8c6f45467304d598dd713c1f2efae51dec6b7a5cf1b0a4c1dd7fb19f91a1a9b0
8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8ea451065dca4377adb2ffaed78b5631fda3520af2593a63034011a2d890141f
8f3638a07274186824d584038c798c850e3f3229223e79346461b1595db501c6
90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f
905f7b349fac81ac3394df2283404297195961b9807183c56cd7b86baaebd62c
90767ecb25166ad6de23d6c3c47369b320bc0800c2c52cd814cc49043eb9ecf7
908d7bf8304239c4e5a374b77cbf74a331b1c23ffcdf44a63fe1131cb00a1f0c
932187d3f40ae6f081b3e5072ed87021d62cf5dca6b9847ac0fe0bbcf6ab8ca2
93b75f78a9a8bfa3b014d2a7cf2690fed0edb04d7973bece110415053a010f6b
94e4cb19c22e935d07b372642b91d6ef04fa8a8c61aed1bc5b17a5e79cdb6a54
94fd936c179a6f61421ebffb28242060644ddc0642d6038c687db51c642881cd
960560cfa615cdb50f84db0c43162eab364802808b996650ce62c348983fd06a
96594a5870fb25c08fae392cc11b5efef3748685e976288ad9eaf519342ec33f
973fe12f5130be123a73261e3956030b8a1c380f8cd8234e319b51bda6892898
978b1153b68636a7a174eebaf2eaa694b324794c24b125504d4fe66925d6e453
989a0a7fffb57d7b6fc3ad769430bf10bcd2c9da71763f305dbeee48afb7b205
98fd6d37a4d49e1651aedf49857bb021f6c61058c262aa01ed2444d3f81c5f39
998d9415269d92557b561a936955f7590d5052865044a9191a528b5a36f3afc9
9a59c5e5bf506c979d9baf8521375edc46c510007ea428f877717bdf90a81528
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9ade6964320289bb8e3ff358f771feaa8c5802b61ede8685d8678e11c0eacbf5
9b698821cb8ad51c19ae43cdc91d3fa37b0d1edc1c12a7ba1d0b940b5986c778
9bbf7e8e5a8c4faad06d203234481e0e8e7c2836a789ce4194e2f0f9e17fa46f
9cd3e52cd17d30e626da87c027d8d85e7b22aa6be1cc9672575173610ae24902
9d536ce81f02f7b89ec3a769c60165780e4ff67393290a0ad27fcb1af4241817
9db8a678d1681c1c4a3f15e1769c3f54d96f126db4a7b00cea65127c820a7763
9de09574b3b0c74b29652aa2b38db155ce59c20c765b4a515429c6934f2c3a36
9e3800923a287975f0ab2063ca56af8e49887a40db5f57a61d8a3dbeb19660d6
9e9f9260239e7601407be2529d13a0c4f672fdab1d9680e57ffd377c8efcc941
9f878be7310ae8c9cb0334970d5a3ae14b0b4418374b8e73316756fc6abd1feb
9fc359cb8bd1a9505cb76ee31404f7b8ec5fb6a665e7f1922ab42edd00acf3e5
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a2af54b567058f22878c40bcfc25d325cf490300e5ff356fa483f25084855706
a46c8bb9f57811b56cae4e39d30e026d55f302b4999a8dfc434b63eb635401df
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4e2219cd9310226c27a8dd06173b129ca94f301f6cc95382a642c5163d2e06b
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a684a7fead41f8763e01290db33ff62ce49ea93e849c65a8e1bb0260b91f991a
a7154e30d27e968a79e0ead53a408d7ddf321a39d907b910b5ae76c3a7c1daee
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a75c774a582e773336615f81fb1479409604aeca906a625e8f133fe360e5df29
a8a5bfe42e0256eb7e8b8d90f79517f59b77ee66db6d0d5e0d9e090e9d357143
a8e6eac9e00db83792c8207a85d3918f3495d19266eb6599c996a17b304a2e55
a9ca795304c8b99277dac5ad1829379ff842215e567588c388854cd952435769
aa6226cb013c006ba243f8c4161a9b2954024a784c0c665fafa50ddd2b72d56d
aa73e7abd67cd23730f89a4388a56331b70250762361a531b77dd73ef2d1c3cd
abe4ceed0dcd5f8923178012f86cf387b9c0149bd8c8540719874f9f3640a11d
ac6197aaeb7461b8b018c9ddce616d5dbed613877e15420649ec972d9720ad68
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
adf5166318214b4494ee90af8dd48f51d9743fa2c05a857fb5b77976e2c7d69e
aedc122e3866115ac4f8c4c0897a8a8f3e9ce0943cab0b2fa492a0e45d87193f
b000baee5b2289f2dd58d1e39e06d15c97b5b7b6b3cb6e17a5c536cfd975e8a4
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b18051f594fa289487e2cd1c499c689b16063577ff997f5848de10d2e2a783b4
b1ccb8141195307117c737c7f49f99de131fb55290a5f4c1431cc74ca93119dc
b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6
b28ea763936241b5164a9ed02ef8fc8e4ddc968b446c8bb8a80a58d3bcc9bb67
b4a3fd45e8a656926590b046e460571c5c387982ae0e9c4c9f5a3047e8fc4c7c
b4b593212670230567541ed4822eaad8308eea565f449d7968bf57b27a65d37e
b4cf52a428fa9eefc8798f68043c8d379b7f11fc843d8bd2b70744c14b702de1
b52c493cc0225216ff572f1a7e786a40c6c709fa510bc4b66ef696cb2e86f630
b57d6b1a23453bf8e1f8a4905cfd80328aafc63a4289d6bec6b3ef2dc18784cf
b5a4ee93e1379a85fe56c16769e11eb203372c1a230a5150c7ae4f4f542147f5
b5e0c7877aa221145bf571ae5c1852a0f46405adedc7cca11437090ecfc68e61
b61c2c4b07a9ff596ac8fb4ced20988a9de454225943dad54ec3016e4928003d
b64f53bf69d080d62a915b32b4c7c8a2b31a787b3ccf64c4a63aeba170355c22
b6f5e2d0c163cc82b4f436384379acca5764b75e93e6ea07eae82a5abe224273
b6ff02c733394664dbb2178c88a0d8ab1292602aaad412e44ee83c3ab7943faf
b7dbf05a4b421280b0827033b8a5a4852ddfcf19d6ac79948b3905086658a15d
ba8e38c6c85b0384447b0174b6e16c72c56acbd084c40db40abedf89036f080c
baa0892fb63bfb0affd093b3b974ef7f32ff1a8cafee6cae315170577c801b32
bc2dfdff47a3456e2c2f03163dc6fef00836af565fdb14e9aec1e1bfc371a66b
bd4c14105660251a9a4fdc5ccad92bba46e6f995a9ebc54675c9f3b89ed9154b
be20d3ed7bdef0c2f7fa9c3da50988bb1ae4c5aa7495bafa13f72b4cd487f35f
bf2b0219a342862381f2a65d4f67a9f1a29cbe8f48187796f9c37f4d84d417c8
bf981053815c0df7570a8e1a23d1f439060810e4a9f202186eb5177270b3eb9d
bffe93273e57aa64e0c9a1040dd0312eb77f1487b6f61ba8266e7765dea1c21f
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4
c1b1771d4d20dc6c84d8528e89c9bc735839e33083196c95cdc94fe6accb9cdc
c1f5fad82f0929232a39e5d5d89e70a7df4bf04baa542068792ea48375146ca7
c34be4417f25834d203def539d55dbbafa3c5228ea573f75f5ed732d0882a4ce
c3783d965f0a52b3b6531507e7d3dee751aa52ad9a6a34b7449e23a3c8914631
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1
c3ca5a9a576de3df2029797914e31045cc4c02038392c20774cd583218b099ae
c48cf06e3f0e6171b452da5388716c6de8be5a7df05181155280af6ba210633d
c4e20f53f5ef0ed44b783437aa3f4638a9a56cc4aa29ae83ed9212eb2807052a
c540a9231b20ee699d027d00ff6e0ff728eb955d7a54ebc6498fb75125f92c12
c610c3efbdd412fdfa342b544b70e40a5a9f923eca5a35523585732acec31e77
c7288699dc7067913f1760ac348d3370a1cd7d18fa788f0d3a1a0d4222d84ad5
c88a0b907419a70c27ab7c1f8e5fb54441a4d9c3567e4c928fa7b2091194aecf
c88db5fef86344acc9f5a2df7e9c9b882fdea254e01b7a7ca6e0659f5895a21c
c928054865b7c55e58d9ea7bc74eef4a1231011f0c3d0d3e32ba80325a9fb7aa
c92cab84b44ac37925a00450873a018ac601883a2d6e7a760ea38fdde7671004
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cc24e970a499fa71fd78aab5a09370b1021809f75b223ff73cdbc5ccb7366a4d
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
ccc81dee5d4f08881ad21894ef2965958d181cc5df36cb1cd9bef83c6cbcd744
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf6286ab735948b1b8687b6b442c55e262bc1d6ba79f781b8d7d23586f0606bf
cf9a6d2d58d42b5239d8c9405c627d9c995f11eb4e2807be1f4f142028dd5f9f
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d13ce18e8acc96169693df40fa690d67ba34264b389c415cc152324e0cf5823d
d1a4b5737534ed3628e1cfac272c9ffb0d3cb070c186b7dc93698f2ad671ac6c
d1eab120169aee7ec5e42aaec653a008d97a2ff80e37187ef96347c38b0e5d2d
d618d4869738e0dc22360f0ec0cbb6433257843f24723fac240dda0906685238
d6a79823b97a8fb159f6faf444ae13ba4dfb5c8f6f246463c8da7dbefcefdf88
d7c0cfb7dc0af573f0a97927b432f456d8864de6e694bdced18b601c98637aba
d8a3e2c87ff151b415ee2a65965a6c6459431d1430730c9a8a204ab0705b4938
d8fd2a2d3ba29a9c4df14f66b1bd33e9a5db41f9e43527d8e2341fdecf4ed7bc
d8fe0a5fd8c54e4deed0515142cc5269fc5709e07974a99399a0cb5d53477004
d93f517edf75c15040099c3476ac1a0de7c68aa1358af0203e91d21abdb7301f
dbb1c0326b4d9572acf36e40d9bc807e4ffe9de646b53a440d100dc25fec43ab
dc00d2dc19a9dd32d5f89ec3d68bfed90dd775a5fa638855b7fe00d6415f379b
dc7f6e3a40dff7ac871bb5572dc316cffd3a872d5d9142c19f50ef8c2843797a
dd1448fcedd66fd634ecd7509d683798a1832b029b85735ed1deef908f1390ff
de1e399b07289f3b0a8d35142e363e128124a1185770e214e25e58030dad48e5
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e02af7df9a190d88380e2dcec2050ecaa493ae2d23526dbeec67f6907df3a752
e30f3479d6ce52ce1c83c50e5568a4a7c1080c3214b23aacbc9d21efdd52f95a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3b957ea6cdda4e5509beca77d581506f6fedd9167de1a5c7494e89a405ca764
e3feb016374130f322d545f888f59bceb80667989dd11d9b5953f5cb1c04d1e0
e46eb58f99814c32c849b97a268129ddb14ca88e9070964ee75a2cd987c66839
e5230377bffd513e158a99813cb18c03ff740cbb726c5990bc03fcf99fe6242c
e55e5ef5602c39b965628384ccceb2438dac3f14477ed49290fa13a6b8af850d
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e6eb2bf8fb67da6affc23f05f8beacd803c2a42a38bc87f37db54ae84696f610
e7907336273196ef7b66c3c9377e5958d4c7e9691de3e67dca3a803138344a00
eb2631a273e438a2a4eecf22f4272d4abf5b4cd2564506c0597ccacdc318ea3d
eb3a99b35dd5a248dba1f06dd865e58bacd4423d84ef3de980ca2d088ecf8a61
ec4f00b991d0f3ed55cdd1c2dab2e9222ac94b4f184e06f7621b2bd285d13010
ed76cf364a8b426885319013ab0cf58b99ee6be549ef1cbc03577999885e69f0
ed8e35b378bf75a41150c818f189a3413a627d95869888ef8c5f85ab76f57249
edeffc3a54b35d31c40bd21aa88047128eeb87c177b2871cbc49e6a604cd0eac
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef549d4f64eff079682d21179b21640f4f902f34489c385e544f7f64b8a87c6e
efa875fbc07e6790f68ce847dfdeed6f81ca93a301b27b7440682b20f688023b
f14da769ae232874c66664feb6031e0f938b51108b6d224896ff75c82ad2c903
f2590ae5064ef2d9094b8cdbeb20671838c606afb975f17bbc258be3cc065ae7
f266d588bdf98ad6b3e97a9eef91f64e91f54ab5516648f60a6a945012dd717a
f292ffd2720dcc16f9f5e2f0406eaf3a8986f0f026bbe883feeeddfe56b9e21c
f3a2add0d57a32b28e0b68de5f0a99a556c55613b3b306b16cf4f6e8e763644d
f3be6ad457ba5d4425f4d105688e9cf5a32595ff156bd290c8ccbe0e6ca3a68a
f3e24ac0b49f099ddbb00e219447f8d4aa4cd7021f38bd4c94c77747dc58ed2b
f4d194bc24a9585caa944053add27041d47a22913f8891aa843488e9369cdee9
f53c6536ca85e3c0edaf368262ff3b8946bbd8096164a5248e967ebd558a8d78
f5988209651833a610498c3bd287b942b1b2fbda7c8cf1b953f52377830291de
f5f8cc2a78606c0ee2780cd3eebf4478a3c8b4b753366e7f9c62c4ae87554977
f6ee047a79a6017e2c0521ed087a5981f031d00de6cdb8ca18dbdff028401ed7
f78735d9873e865e2a13aa6599aaec6a41071ce4616b72546b6cac53df0438f5
f8117e9e4039e48e73dddefb54e3e5cf0bd2509688a8f64ed0f3c03845029cea
f93d6aac2996165254aceb217fd491b77cb5da8667b7bc90ba9f47242c98b91a
f9a8536bd32bcd9ecba5f08463ea344cfbcf4a2e0c1af51ce14089dcd4dbac51
fa7b44be8f1b6364dbbafed2ca240403303d3a03108645960d046decdeb90058
fbbc45aee6c23f17d07220ede528f0216aaf05b2b6238d47038ab3f9f0a6b374
fc490f4a3f06bde89d5e556d80fd4ee4d34df14400fe59398f85d87e63551681
fda5aa5ee4e11b687c642eade57b974abd885a338def3b3af5df484e3d79056c
fe98440db3e7d764e89e989318704e687f4ba75e7fd3bc8882ac3407a12187f0
feb49fae7fd245f703b2fbeb29c41f136a34ee8bccfa2cc7c8a5a6fbfa4439ce

www.thestar.com.my Open in urlscan Pro 13.224.96.126 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

609 Requests

89 %HTTPS

35 %IPv6

66 Domains

113 Subdomains

89 IPs

10 Countries

15090 kBTransfer

24372 kBSize

65 Cookies

60 Outgoing links

Page URL History

Redirected requests

609 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 9 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.thestar.com.my Open in urlscan Pro
13.224.96.126 Public Scan

Screenshot
Live screenshot

Full Image

609
Requests

89 %
HTTPS

35 %
IPv6

66
Domains

113
Subdomains

89
IPs

10
Countries

15090 kB
Transfer

24372 kB
Size

65
Cookies

609 HTTP transactions
9 data transactions