www.thestar.com Open in urlscan Pro
13.32.21.33 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://thestar.com/
Effective URL:
https://www.thestar.com/?redirect=true
Submission: On April 29 via api (April 29th 2022, 8:07:35 pm UTC) from GB — Scanned from GB

Summary HTTP 355 Redirects Links 17 Behaviour Indicators

Summary

This website contacted 83 IPs in 10 countries across 64 domains to perform 355 HTTP transactions. The main IP is 13.32.21.33, located in United States and belongs to AMAZON-02, US. The main domain is www.thestar.com. The Cisco Umbrella rank of the primary domain is 82277.
TLS certificate: Issued by Trustwave Organization Validation SHA... on September 20th 2021. Valid for: a year.

This is the only time www.thestar.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	99.86.7.83 99.86.7.83	16509 (AMAZON-02) (AMAZON-02)
2 53	13.32.21.33 13.32.21.33	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:800::200a	15169 (GOOGLE) (GOOGLE)
3	143.204.201.48 143.204.201.48	16509 (AMAZON-02) (AMAZON-02)
24	65.9.68.36 65.9.68.36	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6812:551	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	69.192.161.152 69.192.161.152	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	2606:2800:234... 2606:2800:234:59:254c:406:2366:268c	15133 (EDGECAST) (EDGECAST)
2	199.232.136.157 199.232.136.157	54113 (FASTLY) (FASTLY)
2	52.206.166.185 52.206.166.185	14618 (AMAZON-AES) (AMAZON-AES)
1	150.136.200.75 150.136.200.75	31898 (ORACLE-BM...) (ORACLE-BMC-31898)
8	99.86.7.104 99.86.7.104	16509 (AMAZON-02) (AMAZON-02)
5	2a00:1450:400... 2a00:1450:4001:802::2008	15169 (GOOGLE) (GOOGLE)
6	34.96.102.137 34.96.102.137	15169 (GOOGLE) (GOOGLE)
1	143.204.214.118 143.204.214.118	16509 (AMAZON-02) (AMAZON-02)
1	35.241.9.51 35.241.9.51	15169 (GOOGLE) (GOOGLE)
1 3	37.252.172.249 37.252.172.249	29990 (ASN-APPNEX) (ASN-APPNEX)
7	34.107.254.252 34.107.254.252	15169 (GOOGLE) (GOOGLE)
9	51.104.28.77 51.104.28.77	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2 4	69.192.160.245 69.192.160.245	16625 (AKAMAI-AS) (AKAMAI-AS)
4	99.86.7.70 99.86.7.70	16509 (AMAZON-02) (AMAZON-02)
3	104.244.42.195 104.244.42.195	13414 (TWITTER) (TWITTER)
3	104.244.42.69 104.244.42.69	13414 (TWITTER) (TWITTER)
2	2a03:2880:f02... 2a03:2880:f02d:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1 3	99.86.7.38 99.86.7.38	16509 (AMAZON-02) (AMAZON-02)
1	65.9.58.162 65.9.58.162	16509 (AMAZON-02) (AMAZON-02)
1	65.9.58.150 65.9.58.150	16509 (AMAZON-02) (AMAZON-02)
1	151.139.128.11 151.139.128.11	20446 (STACKPATH...) (STACKPATH-CDN)
4	65.9.66.173 65.9.66.173	16509 (AMAZON-02) (AMAZON-02)
1	18.168.215.250 18.168.215.250	16509 (AMAZON-02) (AMAZON-02)
3	52.139.4.139 52.139.4.139	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	52.30.130.246 52.30.130.246	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:813::200e	15169 (GOOGLE) (GOOGLE)
2 3	2606:4700::68... 2606:4700::6810:7daf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
1	65.9.61.60 65.9.61.60	16509 (AMAZON-02) (AMAZON-02)
2	15.236.176.210 15.236.176.210	16509 (AMAZON-02) (AMAZON-02)
1 1	63.32.133.51 63.32.133.51	16509 (AMAZON-02) (AMAZON-02)
21	35.190.14.224 35.190.14.224	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c08::9b	15169 (GOOGLE) (GOOGLE)
1 2	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
1	34.120.133.55 34.120.133.55	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
7	2a02:26f0:6c0... 2a02:26f0:6c00::210:bae8	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
6	172.217.16.130 172.217.16.130	15169 (GOOGLE) (GOOGLE)
4	52.205.167.202 52.205.167.202	14618 (AMAZON-AES) (AMAZON-AES)
2	143.204.201.41 143.204.201.41	16509 (AMAZON-02) (AMAZON-02)
13	34.241.134.108 34.241.134.108	16509 (AMAZON-02) (AMAZON-02)
2	104.16.68.69 104.16.68.69	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	184.31.84.150 184.31.84.150	16625 (AKAMAI-AS) (AKAMAI-AS)
6	52.28.203.152 52.28.203.152	16509 (AMAZON-02) (AMAZON-02)
1	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
4	37.252.173.27 37.252.173.27	29990 (ASN-APPNEX) (ASN-APPNEX)
4	2602:803:c003... 2602:803:c003:200::61	26667 (RUBICONPR...) (RUBICONPROJECT)
9	2a02:26f0:6c0... 2a02:26f0:6c00::210:bab3	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a04:4e42:400... 2a04:4e42:400::396	54113 (FASTLY) (FASTLY)
1 4	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a02:26f0:350... 2a02:26f0:3500:7::17d8:4dc8	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 3	142.250.186.166 142.250.186.166	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2001	15169 (GOOGLE) (GOOGLE)
1	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
3 3	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a04:4e42:200... 2a04:4e42:200::396	54113 (FASTLY) (FASTLY)
10	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
2	20.84.22.197 20.84.22.197	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 2	52.142.114.2 52.142.114.2	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
24	2a02:26f0:6c0... 2a02:26f0:6c00::210:ba79	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 5	2a00:1450:400... 2a00:1450:4001:812::2004	15169 (GOOGLE) (GOOGLE)
2	2a02:26f0:6c0... 2a02:26f0:6c00:28f::1931	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	172.217.18.98 172.217.18.98	15169 (GOOGLE) (GOOGLE)
2	54.242.234.216 54.242.234.216	14618 (AMAZON-AES) (AMAZON-AES)
2	2a03:2880:f12... 2a03:2880:f12d:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
10	2a00:1450:400... 2a00:1450:4001:810::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
2	104.75.88.209 104.75.88.209	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	18.197.25.166 18.197.25.166	16509 (AMAZON-02) (AMAZON-02)
2 2	52.19.103.233 52.19.103.233	16509 (AMAZON-02) (AMAZON-02)
1	72.251.249.14 72.251.249.14	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
1	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
2 2	34.255.218.80 34.255.218.80	16509 (AMAZON-02) (AMAZON-02)
1 1	185.86.139.94 185.86.139.94	201081 (SMARTADSE...) (SMARTADSERVER)
1	37.157.6.253 37.157.6.253	198622 (ADFORM) (ADFORM)
2 2	18.194.211.85 18.194.211.85	() ()
2 2	34.243.37.252 34.243.37.252	() ()
1	69.192.160.199 69.192.160.199	() ()
1	185.64.190.78 185.64.190.78	() ()
2 2	13.248.245.213 13.248.245.213	() ()
1	35.227.252.103 35.227.252.103	() ()
355	83

1 99.86.7.83 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-99-86-7-83.fra6.r.cloudfront.net

thestar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

53 13.32.21.33 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-32-21-33.fra56.r.cloudfront.net

www.thestar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 143.204.201.48 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-201-48.fra53.r.cloudfront.net

prebid.the-ozone-project.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 65.9.68.36 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-68-36.fra56.r.cloudfront.net

e377.thestar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
images.thestar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:551 (United States)

ASN13335 (CLOUDFLARENET, US)

be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 69.192.161.152 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a69-192-161-152.deploy.static.akamaitechnologies.com

sejs.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
px.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:2800:234:59:254c:406:2366:268c (United States) 1 redirects

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 199.232.136.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.206.166.185 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-206-166-185.compute-1.amazonaws.com

torstar.blueconic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 150.136.200.75 (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)

torstar.gscontxt.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 99.86.7.104 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-7-104.fra6.r.cloudfront.net

resources.thestar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:802::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 34.96.102.137 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 137.102.96.34.bc.googleusercontent.com

dev.visualwebsiteoptimizer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.214.118 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-214-118.fra53.r.cloudfront.net

d5phz18u4wuww.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.241.9.51 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 51.9.241.35.bc.googleusercontent.com

be54a597-6b6d-4e2d-9d31-642310a8db25.prmutv.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.252.172.249 (Frankfurt am Main, Germany) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 34.107.254.252 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 252.254.107.34.bc.googleusercontent.com

api.permutive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 51.104.28.77 (London, United Kingdom)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

adserver.pressboard.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sr.studiostack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 69.192.160.245 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a69-192-160-245.deploy.static.akamaitechnologies.com

js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
as-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssum.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 99.86.7.70 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-7-70.fra6.r.cloudfront.net

misc.thestar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.244.42.195 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.244.42.69 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 99.86.7.38 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-99-86-7-38.fra6.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.58.162 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-58-162.fra56.r.cloudfront.net

d1nxn87txdj54y.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.58.150 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-58-150.fra56.r.cloudfront.net

d1z2jf7jlzjs58.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.139.128.11 (United States)

ASN20446 (STACKPATH-CDN, US)

cdn.petametrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 65.9.66.173 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-173.fra56.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.168.215.250 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-168-215-250.eu-west-2.compute.amazonaws.com

mb.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.139.4.139 (Toronto, Canada)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

data.ontario.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.30.130.246 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-130-246.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
torontostarnewspaperslimited.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6810:7daf (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.61.60 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-61-60.fra56.r.cloudfront.net

cdn.parsely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 15.236.176.210 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-15-236-176-210.eu-west-3.compute.amazonaws.com

s.thestar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.32.133.51 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-63-32-133-51.eu-west-1.compute.amazonaws.com

cm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 35.190.14.224 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 224.14.190.35.bc.googleusercontent.com

query.petametrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c08::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.33.220.150 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.133.55 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 55.133.120.34.bc.googleusercontent.com

api.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a02:26f0:6c00::210:bae8 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

widgets.media.sportradar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 172.217.16.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.205.167.202 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-205-167-202.compute-1.amazonaws.com

p1.parsely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 143.204.201.41 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-201-41.fra53.r.cloudfront.net

api.thestar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 34.241.134.108 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-241-134-108.eu-west-1.compute.amazonaws.com

elb.the-ozone-project.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.16.68.69 (None, )

ASN13335 (CLOUDFLARENET, US)

dmx.districtm.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.31.84.150 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-31-84-150.deploy.static.akamaitechnologies.com

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 52.28.203.152 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com

c2shb.ssp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

torontostar-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.252.173.27 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2602:803:c003:200::61 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a02:26f0:6c00::210:bab3 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

uswidgets.fn.sportradar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:400::396 (United States)

ASN54113 (FASTLY, US)

www.redditstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:7::17d8:4dc8 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.186.166 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
10230056.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

38fc71d3a7f71811905cf382c4928eaf.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:21::14 (United States) 3 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:200::396 (United States)

ASN54113 (FASTLY, US)

alb.reddit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.84.22.197 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

f.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.142.114.2 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2a02:26f0:6c00::210:ba79 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

img.sportradar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:812::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:6c00:28f::1931 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

s.pinimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.18.98 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s05-in-f98.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.242.234.216 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-242-234-216.compute-1.amazonaws.com

oitwxo.thestar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f12d:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.75.88.209 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-88-209.deploy.static.akamaitechnologies.com

ct.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.197.25.166 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-197-25-166.eu-central-1.compute.amazonaws.com

match.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.19.103.233 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-19-103-233.eu-west-1.compute.amazonaws.com

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 72.251.249.14 (Amsterdam, Netherlands)

ASN29791 (VOXEL-DOT-NET, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.255.218.80 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-255-218-80.eu-west-1.compute.amazonaws.com

ad2.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.139.94 (France) 1 redirects

ASN201081 (SMARTADSERVER, FR)

ssbsync-global.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.6.253 (Denmark)

ASN198622 (ADFORM, DK)
PTR: s1.adform.net

cm.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.194.211.85 (None, ) 2 redirects

ASN- ()

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.243.37.252 (None, ) 2 redirects

ASN- ()

ads.avct.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.192.160.199 (None, )

ASN- ()

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.78 (None, )

ASN- ()

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.248.245.213 (None, ) 2 redirects

ASN- ()

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.227.252.103 (None, )

ASN- ()

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
96	thestar.com 3 redirects thestar.com — Cisco Umbrella Rank: 50976 www.thestar.com — Cisco Umbrella Rank: 82277 e377.thestar.com — Cisco Umbrella Rank: 245064 images.thestar.com — Cisco Umbrella Rank: 81911 resources.thestar.com — Cisco Umbrella Rank: 164500 misc.thestar.com — Cisco Umbrella Rank: 705835 s.thestar.com — Cisco Umbrella Rank: 232777 api.thestar.com — Cisco Umbrella Rank: 257616 oitwxo.thestar.com — Cisco Umbrella Rank: 304628	2 MB
40	sportradar.com widgets.media.sportradar.com — Cisco Umbrella Rank: 64341 uswidgets.fn.sportradar.com — Cisco Umbrella Rank: 187485 img.sportradar.com — Cisco Umbrella Rank: 106106	807 KB
22	petametrics.com cdn.petametrics.com — Cisco Umbrella Rank: 9816 query.petametrics.com — Cisco Umbrella Rank: 10677	67 KB
18	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 90 38fc71d3a7f71811905cf382c4928eaf.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 123	103 KB
16	the-ozone-project.com prebid.the-ozone-project.com — Cisco Umbrella Rank: 51043 elb.the-ozone-project.com — Cisco Umbrella Rank: 9006	92 KB
13	doubleclick.net 1 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 71 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 166 ad.doubleclick.net — Cisco Umbrella Rank: 185 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 277 10230056.fls.doubleclick.net — Cisco Umbrella Rank: 310917 googleads.g.doubleclick.net — Cisco Umbrella Rank: 38	170 KB
10	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 368	222 KB
9	moatads.com sejs.moatads.com — Cisco Umbrella Rank: 5245 z.moatads.com — Cisco Umbrella Rank: 326 mb.moatads.com — Cisco Umbrella Rank: 555 px.moatads.com — Cisco Umbrella Rank: 372	146 KB
8	studiostack.com sr.studiostack.com — Cisco Umbrella Rank: 36774	26 KB
7	google.com 1 redirects adservice.google.com — Cisco Umbrella Rank: 61 www.google.com — Cisco Umbrella Rank: 2	2 KB
7	permutive.com api.permutive.com — Cisco Umbrella Rank: 1801	898 B
7	adnxs.com 1 redirects ib.adnxs.com — Cisco Umbrella Rank: 217 secure.adnxs.com — Cisco Umbrella Rank: 377	8 KB
6	yahoo.com c2shb.ssp.yahoo.com — Cisco Umbrella Rank: 793	777 B
6	visualwebsiteoptimizer.com dev.visualwebsiteoptimizer.com — Cisco Umbrella Rank: 4577	110 KB
5	rubiconproject.com fastlane.rubiconproject.com — Cisco Umbrella Rank: 440 pixel.rubiconproject.com — Cisco Umbrella Rank: 313	5 KB
5	parsely.com cdn.parsely.com — Cisco Umbrella Rank: 2512 p1.parsely.com — Cisco Umbrella Rank: 1976	27 KB
5	gstatic.com fonts.gstatic.com	119 KB
5	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 53	229 KB
4	clarity.ms 1 redirects f.clarity.ms — Cisco Umbrella Rank: 1861 c.clarity.ms — Cisco Umbrella Rank: 613	24 KB
4	linkedin.com 3 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 382 www.linkedin.com — Cisco Umbrella Rank: 585 px4.ads.linkedin.com — Cisco Umbrella Rank: 4726	4 KB
4	bing.com 1 redirects bat.bing.com — Cisco Umbrella Rank: 329 c.bing.com — Cisco Umbrella Rank: 201	13 KB
4	casalemedia.com 2 redirects htlb.casalemedia.com — Cisco Umbrella Rank: 438 as-sec.casalemedia.com — Cisco Umbrella Rank: 1245 ssum.casalemedia.com	2 KB
4	amazon-adsystem.com c.amazon-adsystem.com — Cisco Umbrella Rank: 279	40 KB
4	twitter.com 1 redirects platform.twitter.com — Cisco Umbrella Rank: 616 analytics.twitter.com — Cisco Umbrella Rank: 490	926 B
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 39	3 KB
3	unpkg.com 2 redirects unpkg.com — Cisco Umbrella Rank: 823	2 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 32	20 KB
3	demdex.net dpm.demdex.net — Cisco Umbrella Rank: 200 torontostarnewspaperslimited.demdex.net — Cisco Umbrella Rank: 197306	5 KB
3	ontario.ca data.ontario.ca — Cisco Umbrella Rank: 567643	101 KB
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com — Cisco Umbrella Rank: 127	2 KB
3	t.co t.co — Cisco Umbrella Rank: 484	514 B
3	cloudfront.net d5phz18u4wuww.cloudfront.net d1nxn87txdj54y.cloudfront.net d1z2jf7jlzjs58.cloudfront.net	58 KB
2	3lift.com 2 redirects eb2.3lift.com	808 B
2	pubmatic.com ads.pubmatic.com image6.pubmatic.com	6 KB
2	avct.cloud 2 redirects ads.avct.cloud	1001 B
2	bidswitch.net 2 redirects x.bidswitch.net	1 KB
2	360yield.com 2 redirects ad2.360yield.com — Cisco Umbrella Rank: 19839	681 B
2	bidr.io 2 redirects match.prod.bidr.io — Cisco Umbrella Rank: 431	1 KB
2	pinterest.com ct.pinterest.com — Cisco Umbrella Rank: 820	1 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 101	428 B
2	pinimg.com s.pinimg.com — Cisco Umbrella Rank: 707	19 KB
2	google.co.uk adservice.google.co.uk — Cisco Umbrella Rank: 5284 www.google.co.uk — Cisco Umbrella Rank: 3402	1 KB
2	openx.net torontostar-d.openx.net — Cisco Umbrella Rank: 334657 rtb.openx.net	789 B
2	districtm.io dmx.districtm.io — Cisco Umbrella Rank: 1795	344 B
2	adsrvr.org 1 redirects match.adsrvr.org — Cisco Umbrella Rank: 325	1020 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 131	171 KB
2	blueconic.net torstar.blueconic.net — Cisco Umbrella Rank: 250011	2 KB
2	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 570	19 KB
1	adform.net cm.adform.net — Cisco Umbrella Rank: 2052	106 B
1	smartadserver.com 1 redirects ssbsync-global.smartadserver.com — Cisco Umbrella Rank: 2252	336 B
1	lijit.com ap.lijit.com — Cisco Umbrella Rank: 545	277 B
1	sharethrough.com 1 redirects match.sharethrough.com — Cisco Umbrella Rank: 563	260 B
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 105	15 KB
1	reddit.com alb.reddit.com — Cisco Umbrella Rank: 1511	157 B
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 747	3 KB
1	redditstatic.com www.redditstatic.com — Cisco Umbrella Rank: 1371	7 KB
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 158	29 KB
1	rlcdn.com api.rlcdn.com — Cisco Umbrella Rank: 758	360 B
1	everesttech.net 1 redirects cm.everesttech.net — Cisco Umbrella Rank: 917	517 B
1	indexww.com js-sec.indexww.com — Cisco Umbrella Rank: 671	39 KB
1	pressboard.ca adserver.pressboard.ca — Cisco Umbrella Rank: 54943	789 B
1	prmutv.co be54a597-6b6d-4e2d-9d31-642310a8db25.prmutv.co — Cisco Umbrella Rank: 250359	394 B
1	gscontxt.net torstar.gscontxt.net — Cisco Umbrella Rank: 201864	497 B
1	permutive.app be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app — Cisco Umbrella Rank: 192341	143 KB
355	64

	Domain	Requested by
53	www.thestar.com	2 redirects www.thestar.com
24	img.sportradar.com
21	query.petametrics.com	www.thestar.com
13	elb.the-ozone-project.com	prebid.the-ozone-project.com elb.the-ozone-project.com
12	images.thestar.com	www.thestar.com
12	e377.thestar.com	www.thestar.com e377.thestar.com
10	cdn.ampproject.org	securepubads.g.doubleclick.net
10	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com www.thestar.com
9	uswidgets.fn.sportradar.com	widgets.media.sportradar.com
8	sr.studiostack.com	adserver.pressboard.ca sr.studiostack.com
8	resources.thestar.com	www.thestar.com resources.thestar.com
7	pagead2.googlesyndication.com	securepubads.g.doubleclick.net ad.doubleclick.net tpc.googlesyndication.com
7	widgets.media.sportradar.com	www.thestar.com widgets.media.sportradar.com
7	api.permutive.com	be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app
6	c2shb.ssp.yahoo.com	js-sec.indexww.com
6	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net www.thestar.com
6	dev.visualwebsiteoptimizer.com	www.thestar.com dev.visualwebsiteoptimizer.com d5phz18u4wuww.cloudfront.net
5	www.google.com	1 redirects tpc.googlesyndication.com www.thestar.com
5	px.moatads.com	www.thestar.com
5	fonts.gstatic.com	fonts.googleapis.com
5	www.googletagmanager.com	www.thestar.com www.googletagmanager.com
4	fastlane.rubiconproject.com	js-sec.indexww.com
4	secure.adnxs.com	js-sec.indexww.com
4	p1.parsely.com	cdn.parsely.com www.thestar.com
4	c.amazon-adsystem.com	www.thestar.com c.amazon-adsystem.com
4	misc.thestar.com	www.thestar.com misc.thestar.com
4	fonts.googleapis.com	www.thestar.com misc.thestar.com client securepubads.g.doubleclick.net
3	bat.bing.com	www.googletagmanager.com bat.bing.com
3	unpkg.com	2 redirects www.thestar.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	data.ontario.ca	misc.thestar.com
3	sb.scorecardresearch.com	1 redirects www.thestar.com
3	t.co	www.thestar.com
3	analytics.twitter.com	www.thestar.com
3	ib.adnxs.com	1 redirects be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app js-sec.indexww.com
3	prebid.the-ozone-project.com	www.thestar.com prebid.the-ozone-project.com
2	eb2.3lift.com	2 redirects
2	ssum.casalemedia.com	2 redirects
2	ads.avct.cloud	2 redirects
2	x.bidswitch.net	2 redirects
2	ad2.360yield.com	2 redirects
2	match.prod.bidr.io	2 redirects
2	ct.pinterest.com	s.pinimg.com
2	googleads.g.doubleclick.net	www.googleadservices.com www.thestar.com
2	www.facebook.com
2	oitwxo.thestar.com	connect.facebook.net
2	10230056.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	s.pinimg.com	www.thestar.com s.pinimg.com
2	c.clarity.ms	1 redirects
2	f.clarity.ms	bat.bing.com f.clarity.ms
2	px.ads.linkedin.com	2 redirects
2	adservice.google.com	securepubads.g.doubleclick.net 10230056.fls.doubleclick.net
2	dmx.districtm.io	js-sec.indexww.com
2	api.thestar.com	www.thestar.com
2	match.adsrvr.org	1 redirects js-sec.indexww.com
2	s.thestar.com	resources.thestar.com
2	dpm.demdex.net	resources.thestar.com www.thestar.com
2	connect.facebook.net	www.thestar.com connect.facebook.net
2	z.moatads.com	www.thestar.com sejs.moatads.com
2	torstar.blueconic.net	e377.thestar.com
2	static.ads-twitter.com	www.thestar.com www.googletagmanager.com
1	rtb.openx.net
1	image6.pubmatic.com	ads.pubmatic.com
1	ads.pubmatic.com	elb.the-ozone-project.com
1	cm.adform.net
1	ssbsync-global.smartadserver.com	1 redirects
1	pixel.rubiconproject.com
1	ap.lijit.com
1	match.sharethrough.com	1 redirects
1	www.google.co.uk
1	www.googleadservices.com	www.googletagmanager.com
1	c.bing.com	1 redirects
1	alb.reddit.com
1	px4.ads.linkedin.com
1	www.linkedin.com	1 redirects
1	googleads4.g.doubleclick.net	ad.doubleclick.net
1	38fc71d3a7f71811905cf382c4928eaf.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	as-sec.casalemedia.com	js-sec.indexww.com
1	adservice.google.co.uk	securepubads.g.doubleclick.net
1	ad.doubleclick.net	www.thestar.com
1	snap.licdn.com	www.googletagmanager.com
1	www.redditstatic.com	www.googletagmanager.com
1	torontostar-d.openx.net	js-sec.indexww.com
1	htlb.casalemedia.com	js-sec.indexww.com
1	www.googletagservices.com	www.thestar.com
1	api.rlcdn.com	js-sec.indexww.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	cm.everesttech.net	1 redirects
1	torontostarnewspaperslimited.demdex.net	resources.thestar.com
1	cdn.parsely.com	d1z2jf7jlzjs58.cloudfront.net
1	mb.moatads.com	sejs.moatads.com
1	cdn.petametrics.com	www.thestar.com
1	d1z2jf7jlzjs58.cloudfront.net	www.thestar.com
1	d1nxn87txdj54y.cloudfront.net	www.thestar.com
1	js-sec.indexww.com	www.thestar.com
1	adserver.pressboard.ca	www.thestar.com
1	be54a597-6b6d-4e2d-9d31-642310a8db25.prmutv.co	be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app
1	d5phz18u4wuww.cloudfront.net	www.thestar.com
1	torstar.gscontxt.net	www.thestar.com
1	platform.twitter.com	1 redirects
1	sejs.moatads.com	www.thestar.com
1	be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app	www.thestar.com
1	thestar.com	1 redirects
355	103

This site contains links to these domains. Also see Links.

Domain
diversions.thestar.com
www.homefinder.ca
www.tsoffers.ca
toriservices.newscyclecloud.com
torontostar.pressreader.com
www.thestaradvisers.com
www.classroomconnection.ca
pagesofthepast.ca
www.facebook.com
twitter.com
www.youtube.com
www.instagram.com
apps.apple.com
play.google.com
notices.torstar.com

Subject Issuer	Validity	Valid
*.thestar.com Trustwave Organization Validation SHA256 CA, Level 1	`2021-09-20` - `2022-10-19`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
*.the-ozone-project.com Amazon	`2021-12-23` - `2023-01-20`	a year	crt.sh
bc.niagarafallsreview.ca Amazon	`2022-02-28` - `2023-03-29`	a year	crt.sh
permutive.app Cloudflare Inc ECC CA-3	`2022-03-17` - `2022-06-15`	3 months	crt.sh
moatads.com DigiCert SHA2 Secure Server CA	`2021-11-27` - `2022-11-29`	a year	crt.sh
*.blueconic.net Amazon	`2021-08-07` - `2022-09-05`	a year	crt.sh
*.gscontxt.net DigiCert TLS RSA SHA256 2020 CA1	`2021-12-08` - `2022-12-08`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
*.visualwebsiteoptimizer.com Starfield Secure Certificate Authority - G2	`2020-06-19` - `2022-07-06`	2 years	crt.sh
*.cloudfront.net Amazon	`2022-02-01` - `2023-01-31`	a year	crt.sh
*.prmutv.co R3	`2022-04-12` - `2022-07-11`	3 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2022-02-11` - `2023-03-14`	a year	crt.sh
api.permutive.com R3	`2022-02-18` - `2022-05-19`	3 months	crt.sh
*.pressboard.ca Go Daddy Secure Certificate Authority - G2	`2022-03-17` - `2023-03-17`	a year	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-12-12` - `2022-12-13`	a year	crt.sh
*.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-10-31` - `2022-10-30`	a year	crt.sh
t.co DigiCert TLS RSA SHA256 2020 CA1	`2021-12-13` - `2022-12-12`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-02-06` - `2022-05-07`	3 months	crt.sh
*.scorecardresearch.com Amazon	`2022-01-29` - `2023-02-27`	a year	crt.sh
cdn.liftigniter.com R3	`2022-03-03` - `2022-06-01`	3 months	crt.sh
c.amazon-adsystem.com Amazon	`2021-07-06` - `2022-06-27`	a year	crt.sh
*.moatads.com DigiCert TLS RSA SHA256 2020 CA1	`2021-05-25` - `2022-06-25`	a year	crt.sh
data.ontario.ca Entrust Certification Authority - L1K	`2021-10-01` - `2022-10-18`	a year	crt.sh
*.demdex.net DigiCert TLS RSA SHA256 2020 CA1	`2021-10-19` - `2022-11-19`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
*.parsely.com Amazon	`2021-07-05` - `2022-08-03`	a year	crt.sh
*.studiostack.com Go Daddy Secure Certificate Authority - G2	`2021-11-16` - `2022-12-18`	a year	crt.sh
s.thestar.com DigiCert TLS RSA SHA256 2020 CA1	`2021-07-20` - `2022-08-20`	a year	crt.sh
*.liftigniter.com R3	`2022-04-11` - `2022-07-10`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2022-02-03` - `2023-02-25`	a year	crt.sh
widgets.media.sportradar.com R3	`2022-03-22` - `2022-06-20`	3 months	crt.sh
*.ozpr.net Amazon	`2021-06-07` - `2022-07-06`	a year	crt.sh
districtm.io Cloudflare Inc ECC CA-3	`2021-06-02` - `2022-06-01`	a year	crt.sh
web.ssp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-03-08` - `2022-08-31`	6 months	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2021-07-08` - `2022-08-08`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-08` - `2023-04-04`	a year	crt.sh
fn.sportradar.com R3	`2022-04-28` - `2022-07-27`	3 months	crt.sh
www.redditstatic.com DigiCert TLS RSA SHA256 2020 CA1	`2022-02-17` - `2022-08-16`	6 months	crt.sh
www.bing.com Microsoft RSA TLS CA 01	`2022-03-16` - `2022-09-16`	6 months	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2022-03-01` - `2023-03-01`	a year	crt.sh
ads-twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-07-21` - `2022-07-26`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
*.google.co.uk GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
*.reddit.com DigiCert TLS RSA SHA256 2020 CA1	`2022-02-17` - `2022-08-16`	6 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
a.clarity.ms Microsoft RSA TLS CA 01	`2021-07-27` - `2022-07-27`	a year	crt.sh
img.sportradar.com R3	`2022-04-28` - `2022-07-27`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
*.pinterest.com DigiCert TLS RSA SHA256 2020 CA1	`2021-07-26` - `2022-08-05`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
Kubernetes Ingress Controller Fake Certificate Kubernetes Ingress Controller Fake Certificate	`2022-04-19` - `2023-04-19`	a year	crt.sh
misc-sni.google.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
www.google.co.uk GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2022-03-11` - `2023-04-12`	a year	crt.sh
*.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2021-05-28` - `2022-06-15`	a year	crt.sh
*.pubmatic.com DigiCert SHA2 Secure Server CA	`2022-02-04` - `2023-02-03`	a year	crt.sh

This page contains 13 frames:

Primary Page: https://www.thestar.com/?redirect=true
Frame ID: CD19E94C5236B90350A9727FD315DD54
Requests: 282 HTTP requests in this frame

Frame: https://misc.thestar.com/interactivegraphic/2020/coronavirus-dashboard/homepage-banner/hp-widget-2022.html
Frame ID: 44D60B4840474E8C9EC1963FCB8145D3
Requests: 9 HTTP requests in this frame

Frame: https://z.moatads.com/hd09824092/iframe.html
Frame ID: AEAF34E523E1E286B7B2EA0022575635
Requests: 1 HTTP requests in this frame

Frame: https://torontostarnewspaperslimited.demdex.net/dest5.html?d_nsid=0
Frame ID: B2592A8D448CBD2B127B57CA35A71683
Requests: 1 HTTP requests in this frame

Frame: https://38fc71d3a7f71811905cf382c4928eaf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 8C3DD5BC47F8AAFC328983A6A060115C
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 38D3CA5EBEB9330576844722D27F7889
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: D624476673D74EB458493E37D472B74C
Requests: 2 HTTP requests in this frame

Frame: https://10230056.fls.doubleclick.net/activityi;dc_pre=CKb_8buJuvcCFVYfBgAdZCMNMQ;src=10230056;type=ret01;cat=land01;ord=8231822019442;gtm=2od4r0;auiddc=1737323163.1651262848;~oref=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue
Frame ID: 9778314556EA651A73830328D6218D20
Requests: 2 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012203150226000/amp4ads-v0.mjs
Frame ID: 4CF7B5C59ED1AAC0B24F1BE2EAB01CA2
Requests: 13 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012203150226000/amp4ads-v0.mjs
Frame ID: D061123B553865EC6C96EF06D295ABF9
Requests: 17 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 483C040C659334D51478FD3BCCD13A72
Requests: 1 HTTP requests in this frame

Frame: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&pubcid=30836999-b814-44b7-a5fe-21dcda32eec1&publisherId=TKN100000001&siteId=4204204311&cb=1651262847063&bidder=ozone
Frame ID: B7E35B1E45D7FBF274BDB2DCA780057E
Requests: 17 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26uid%3D
Frame ID: F04D52C04FF8598DBEA1D5C6B4737C8C
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

thestar.com | The Star | Canada's largest daily

Page URL History Show full URLs

http://thestar.com/ HTTP 301
https://www.thestar.com/ HTTP 302
https://www.thestar.com/?redirect=true Page URL

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Moat (Analytics) Expand

Overall confidence: 100%
Detected patterns

moatads\.com

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

VWO (Analytics) Expand

Overall confidence: 100%
Detected patterns

dev\.visualwebsiteoptimizer\.com/?([\d.]+)

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

Page Statistics

355
Requests

93 %
HTTPS

32 %
IPv6

64
Domains

103
Subdomains

83
IPs

10
Countries

5156 kB
Transfer

18310 kB
Size

90
Cookies

17 Outgoing links

These are links going to different origins than the main page.

URL: https://diversions.thestar.com/
Title: fun & games

Search URL Search Domain Scan URL

URL: https://diversions.thestar.com/comics.html
Title: comics

Search URL Search Domain Scan URL

URL: https://www.homefinder.ca/
Title: Homefinder.ca

Search URL Search Domain Scan URL

URL: https://www.tsoffers.ca/
Title: Subscribe to Home Delivery

Search URL Search Domain Scan URL

URL: https://toriservices.newscyclecloud.com/cgi-bin/cmo_tor-c-cmdb-01.sh/custservice/web/login.html?SiteID=TS
Title: Manage Home Delivery Subscription

Search URL Search Domain Scan URL

URL: http://torontostar.pressreader.com/
Title: Star ePaper Edition

Search URL Search Domain Scan URL

URL: https://www.thestaradvisers.com/Portal/default.aspx
Title: Star Advisers

Search URL Search Domain Scan URL

URL: http://www.classroomconnection.ca/
Title: Classroom Connection

Search URL Search Domain Scan URL

URL: http://pagesofthepast.ca/
Title: Toronto Star Archives

Search URL Search Domain Scan URL

URL: https://www.facebook.com/torontostar

Search URL Search Domain Scan URL

URL: https://twitter.com/torontostar

Search URL Search Domain Scan URL

URL: https://www.youtube.com/TorontoStar

Search URL Search Domain Scan URL

URL: https://www.instagram.com/thetorontostar/

Search URL Search Domain Scan URL

URL: https://apps.apple.com/ca/app/thestar-com-iphone/id379481068

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.thestar.www

Search URL Search Domain Scan URL

URL: http://notices.torstar.com/privacy-policy/index.html
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: http://notices.torstar.com/main_terms_of_use_daily_and_community_brands_EN/
Title: Terms of use

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://thestar.com/ HTTP 301
https://www.thestar.com/ HTTP 302
https://www.thestar.com/?redirect=true Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 29

https://platform.twitter.com/oct.js HTTP 301
https://static.ads-twitter.com/oct.js

Request Chain 80

https://unpkg.com/web-vitals HTTP 302
https://unpkg.com/web-vitals@2.1.4 HTTP 302
https://unpkg.com/web-vitals@2.1.4/dist/web-vitals.umd.js

Request Chain 81

https://sb.scorecardresearch.com/b?c1=2&c2=3005674&ns__t=1651262844193&ns_c=UTF-8&cv=3.5&c8=thestar.com%20%7C%20The%20Star%20%7C%20Canada%27s%20largest%20daily&c7=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=3005674&ns__t=1651262844193&ns_c=UTF-8&cv=3.5&c8=thestar.com%20%7C%20The%20Star%20%7C%20Canada%27s%20largest%20daily&c7=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&c9=

Request Chain 88

https://cm.everesttech.net/cm/dd?d_uuid=29626355058355905060618333060927225407 HTTP 302
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YmxFfAAAAIII4wQE

Request Chain 200

https://www.thestar.com/static/clients/torontostar/TorstarDeckCondensed-Roman.woff2 HTTP 302
https://www.thestar.com/static/clients/torontostar/TorstarDeckCondensed-Roman.woff2?rf

Request Chain 228

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1671964&time=1651262847377&url=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1671964%26time%3D1651262847377%26url%3Dhttps%253A%252F%252Fwww.thestar.com%252F%253Fredirect%253Dtrue%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1671964&time=1651262847377&url=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1671964&time=1651262847377&url=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&liSync=true&e_ipv6=AQKHynVA9FpqWAAAAYB273szVe8Lq4bemzVmHeJIvkrpxhcSwqRRtUzSNMqCBIE2k8I

Request Chain 234

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?CtsSyncId=47F2A7B6E18D4F96AAE4391A45008535&RedC=c.clarity.ms&MXFR=01CFB7261DCB68CF0F86A6B319CB6614 HTTP 302
https://c.clarity.ms/c.gif?CtsSyncId=47F2A7B6E18D4F96AAE4391A45008535&MUID=12CBB3BDA07769AA1694A228A18C68D7

Request Chain 279

https://10230056.fls.doubleclick.net/activityi;src=10230056;type=ret01;cat=land01;ord=8231822019442;gtm=2od4r0;auiddc=1737323163.1651262848;~oref=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue HTTP 302
https://10230056.fls.doubleclick.net/activityi;dc_pre=CKb_8buJuvcCFVYfBgAdZCMNMQ;src=10230056;type=ret01;cat=land01;ord=8231822019442;gtm=2od4r0;auiddc=1737323163.1651262848;~oref=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue

Request Chain 313

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 330

https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dsharethrough%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID HTTP 302
https://elb.the-ozone-project.com/setuid?bidder=sharethrough&gdpr=0&gdpr_consent=&uid=01c8833b-5d84-4971-b5ed-444bdffea0f4

Request Chain 331

https://match.prod.bidr.io/cookie-sync/ozo?url=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dbeeswax%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID HTTP 303
https://match.prod.bidr.io/cookie-sync/ozo?url=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dbeeswax%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID&_bee_ppp=1 HTTP 303
https://elb.the-ozone-project.com/setuid?bidder=beeswax&uid=AAHI007E2IsAADwCEHaxsw

Request Chain 335

https://ad2.360yield.com/server_match?r=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dimprovedigital%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%7BPUB_USER_ID%7D HTTP 302
https://ad2.360yield.com/ul_cb/server_match?r=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dimprovedigital%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%7BPUB_USER_ID%7D HTTP 302
https://elb.the-ozone-project.com/setuid?bidder=improvedigital&gdpr=0&gdpr_consent=&uid=03e242e3-0687-461c-93b3-ed363815a666

Request Chain 336

https://match.adsrvr.org/track/cmf/generic?ttd_pid=u40cpuw&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://elb.the-ozone-project.com/setuid?bidder=ttd&uid=ea5684eb-889b-4bf0-b4af-fc6d7391e0bc

Request Chain 337

https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&redirectUri=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dsmart%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%5Bssb_sync_pid%5D HTTP 302
https://elb.the-ozone-project.com/setuid?bidder=smart&gdpr=0&gdpr_consent=&uid=4665581278415574951

Request Chain 340

https://x.bidswitch.net/check_uuid/https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dgrid%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24%7BBSW_UUID%7D?gdpr=0&gdpr_consent=&us_privacy={{us_privacy}} HTTP 302
https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dgrid%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24%7BBSW_UUID%7D?gdpr=0&gdpr_consent=&us_privacy={{us_privacy}} HTTP 302
https://elb.the-ozone-project.com/setuid?bidder=grid&gdpr=0&gdpr_consent=&uid=0349ba1d-5c75-41c0-a2d8-d4060924586b

Request Chain 341

https://ads.avct.cloud/getuid?&gdpr=0&gdpr_consent=&us_privacy={{us_privacy}}&url=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Davocet%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%7B%7BUUID%7D%7D HTTP 307
https://ads.avct.cloud/getuid?bounce=true&&gdpr=0&gdpr_consent=&us_privacy={{us_privacy}}&url=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Davocet%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%7B%7BUUID%7D%7D HTTP 302
https://elb.the-ozone-project.com/setuid?bidder=avocet&gdpr=0&gdpr_consent=&uid=3391c585-cfb7-40dc-b993-12fcfa66d623

Request Chain 346

https://ssum.casalemedia.com/usermatchredir?s=189937&cb=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dix%26gdpr%3D0%26gdpr_consent%3D%26uid%3D HTTP 302
https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dix%26gdpr%3D0%26gdpr_consent%3D%26uid%3D&s=189937&C=1 HTTP 302
https://elb.the-ozone-project.com/setuid?bidder=ix&gdpr=0&gdpr_consent=&uid=YmxFhXv6103SwNcqgTtBhAAA%26691

Request Chain 347

https://ib.adnxs.com/getuid?https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dadnxs%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID HTTP 302
https://elb.the-ozone-project.com/setuid?bidder=adnxs&gdpr=0&gdpr_consent=&uid=666379492276465437

Request Chain 348

https://eb2.3lift.com/getuid?gdpr=0&cmp_cs=&us_privacy={{us_privacy}}&redir=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID HTTP 302
https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy={{us_privacy}}&redir=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID HTTP 302
https://elb.the-ozone-project.com/setuid?bidder=triplelift&gdpr=0&gdpr_consent=&uid=1837590591732259717645

355 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.thestar.com/
Redirect Chain

http://thestar.com/
https://www.thestar.com/
https://www.thestar.com/?redirect=true

391 KB
74 KB

84ms
84ms

Document
text/html

13.32.21.33
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.21.33 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-21-33.fra56.r.cloudfront.net

Software

Apache/2.4.53 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

2f930f1d60bae4e11b1aa9e6d50457aa5f03068b85e92235a126708b54ed6853

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

access-control-allow-origin: https://amp.thestar.com
age: 102
cache-control: max-age=180
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Fri, 29 Apr 2022 20:05:41 GMT
etag: W/"61b70-SzhMDugEQiui8wuIbCJNGFeAY9k"
server: Apache/2.4.53 (Unix) OpenSSL/1.1.1n
vary: Accept-Encoding
via: 1.1 0d5d2d408eb42296c7636196e25ef8a2.cloudfront.net (CloudFront)
x-amz-cf-id: AsIv5K5Ra0YxTFF-4w9cYpyCCsVcat6Xm5B1C1BUtJyx0itcs6BrcA==
x-amz-cf-pop: FRA56-C2
x-cache: Hit from cloudfront
x-frame-options: SAMEORIGIN
x-powered-by: Express

Redirect headers

content-length: 0
date: Fri, 29 Apr 2022 20:07:22 GMT
location: https://www.thestar.com/?redirect=true
server: CloudFront
via: 1.1 0d5d2d408eb42296c7636196e25ef8a2.cloudfront.net (CloudFront)
x-amz-cf-id: f35IW7APUEyaUkwTwOmLvL7D6jeTwJuUA2HwRYMYlXoz2PhtcG6Yew==
x-amz-cf-pop: FRA56-C2
x-cache: LambdaGeneratedResponse from cloudfront

GET
H2 200 css2
fonts.googleapis.com/ 2 KB
1 KB 142ms
50ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@500&display=swap

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c6f02ea61b580dd0d3d5fd8b473d8584ab32e741a5a969704928df2d2753a44e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 29 Apr 2022 19:18:25 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 29 Apr 2022 20:07:23 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 29 Apr 2022 20:07:23 GMT

GET
H2 200 TorstarTextO3-Roman.ttf
www.thestar.com/assets/fonts/ 24 KB
15 KB 68ms
66ms Font
font/ttf 13.32.21.33
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/assets/fonts/TorstarTextO3-Roman.ttf

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.21.33 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-21-33.fra56.r.cloudfront.net

Software

Apache/2.4.53 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

502a19bd8010b390245ee5ce7cab84a4250da24d548828b555a53a68cfbd8db9

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.thestar.com/?redirect=true
Origin: https://www.thestar.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 19:25:00 GMT
content-encoding: gzip
age: 2543
x-powered-by: Express
x-cache: Hit from cloudfront
access-control-allow-origin: https://amp.thestar.com
last-modified: Tue, 19 Apr 2022 17:37:58 GMT
server: Apache/2.4.53 (Unix) OpenSSL/1.1.1n
x-frame-options: SAMEORIGIN
etag: W/"6028-18042e704f0"
vary: Accept-Encoding
content-type: font/ttf
via: 1.1 0d5d2d408eb42296c7636196e25ef8a2.cloudfront.net (CloudFront)
cache-control: max-age=14400
x-amz-cf-pop: FRA56-C2
x-amz-cf-id: beMSxvVO9JbCpYDU4PHdMRwoeEpug1HzHE-yBaKudObhJNwEQiFpNw==

GET
H2 200 TorstarTextO3-Italic.woff2
www.thestar.com/assets/fonts/ 18 KB
18 KB 151ms
148ms Font
font/woff2 13.32.21.33
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/assets/fonts/TorstarTextO3-Italic.woff2

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.21.33 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-21-33.fra56.r.cloudfront.net

Software

Apache/2.4.53 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

448edd4a71b4ca28931010c1c2166872801702a420ff549a7c757edf863d7530

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.thestar.com/?redirect=true
Origin: https://www.thestar.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 17:25:11 GMT
via: 1.1 0d5d2d408eb42296c7636196e25ef8a2.cloudfront.net (CloudFront)
age: 9732
x-powered-by: Express
x-cache: Hit from cloudfront
content-length: 18316
last-modified: Tue, 19 Apr 2022 17:37:58 GMT
server: Apache/2.4.53 (Unix) OpenSSL/1.1.1n
etag: W/"478c-18042e704f0"
x-frame-options: SAMEORIGIN
content-type: font/woff2
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=14400
x-amz-cf-pop: FRA56-C2
accept-ranges: bytes
x-amz-cf-id: IFsC62QpfKtKjTB7nP2yxz7sj98pA6jPwNGaWGJ5PjIdtUTZHqsIIA==

GET
H2 200 TorstarTextO3-Bold.woff2
www.thestar.com/assets/fonts/ 18 KB
18 KB 81ms
78ms Font
font/woff2 13.32.21.33
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/assets/fonts/TorstarTextO3-Bold.woff2

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.21.33 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-21-33.fra56.r.cloudfront.net

Software

Apache/2.4.53 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

38254c821b6bec9ee36bb8116cf81a16b0a9c2a51f97cacdb483b4fdeb6e3821

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.thestar.com/?redirect=true
Origin: https://www.thestar.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 17:23:07 GMT
via: 1.1 0d5d2d408eb42296c7636196e25ef8a2.cloudfront.net (CloudFront)
age: 9856
x-powered-by: Express
x-cache: Hit from cloudfront
content-length: 18276
last-modified: Tue, 19 Apr 2022 17:37:58 GMT
server: Apache/2.4.53 (Unix) OpenSSL/1.1.1n
etag: W/"4764-18042e704f0"
x-frame-options: SAMEORIGIN
content-type: font/woff2
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=14400
x-amz-cf-pop: FRA56-C2
accept-ranges: bytes
x-amz-cf-id: 2h1RHKEwH23N6BGWBnt7Q04EJNqUPb6B43s6cL6xlp3NDjBdjN0Uiw==

GET
H2 200 TorstarDeckCondensed-Roman.woff2
www.thestar.com/assets/fonts/ 19 KB
19 KB 74ms
71ms Font
font/woff2 13.32.21.33
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/assets/fonts/TorstarDeckCondensed-Roman.woff2

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.21.33 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-21-33.fra56.r.cloudfront.net

Software

Apache/2.4.53 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

5f8f2739eab8542e8316b8d27f96040f31ae37bba3f5247dc55a7a32d1eac773

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.thestar.com/?redirect=true
Origin: https://www.thestar.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 17:48:18 GMT
via: 1.1 0d5d2d408eb42296c7636196e25ef8a2.cloudfront.net (CloudFront)
age: 8345
x-powered-by: Express
x-cache: Hit from cloudfront
content-length: 19052
last-modified: Tue, 19 Apr 2022 17:37:58 GMT
server: Apache/2.4.53 (Unix) OpenSSL/1.1.1n
etag: W/"4a6c-18042e704f0"
x-frame-options: SAMEORIGIN
content-type: font/woff2
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=14400
x-amz-cf-pop: FRA56-C2
accept-ranges: bytes
x-amz-cf-id: HU1SbKmzCbFjJ8pxdn2laDcW-kFBVXmXF6xK4TfiibZ665plRw74QA==

GET
H2 200 TorstarDeckCondensed-Semibold.woff2
www.thestar.com/assets/fonts/ 18 KB
19 KB 110ms
107ms Font
font/woff2 13.32.21.33
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/assets/fonts/TorstarDeckCondensed-Semibold.woff2

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.21.33 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-21-33.fra56.r.cloudfront.net

Software

Apache/2.4.53 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

bc2dee2d7bba673bee2abc6490f270aedec3e93055882daa0cd0a474388265b9

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.thestar.com/?redirect=true
Origin: https://www.thestar.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 16:37:01 GMT
via: 1.1 0d5d2d408eb42296c7636196e25ef8a2.cloudfront.net (CloudFront)
age: 12622
x-powered-by: Express
x-cache: Hit from cloudfront
content-length: 18736
last-modified: Tue, 19 Apr 2022 17:37:58 GMT
server: Apache/2.4.53 (Unix) OpenSSL/1.1.1n
etag: W/"4930-18042e704f0"
x-frame-options: SAMEORIGIN
content-type: font/woff2
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=14400
x-amz-cf-pop: FRA56-C2
accept-ranges: bytes
x-amz-cf-id: L1H17pI-qRyYKpbNGGqGWf3M2rCqq-yHCN2ueYAnThgxphrQUdLzPg==

GET
H2 200 MerriweatherSans-Regular.woff2
www.thestar.com/assets/fonts/merriweather/ 54 KB
54 KB 130ms
128ms Font
font/woff2 13.32.21.33
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/assets/fonts/merriweather/MerriweatherSans-Regular.woff2

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.21.33 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-21-33.fra56.r.cloudfront.net

Software

Apache/2.4.53 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

4b123f8e3a4b0db9c32f6add4b53ac3b66afecd0ac6c0b17a90e1451642f7418

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.thestar.com/?redirect=true
Origin: https://www.thestar.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 19:49:14 GMT
via: 1.1 0d5d2d408eb42296c7636196e25ef8a2.cloudfront.net (CloudFront)
age: 1089
x-powered-by: Express
x-cache: Hit from cloudfront
content-length: 55032
last-modified: Tue, 19 Apr 2022 17:37:58 GMT
server: Apache/2.4.53 (Unix) OpenSSL/1.1.1n
etag: W/"d6f8-18042e704f0"
x-frame-options: SAMEORIGIN
content-type: font/woff2
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=14400
x-amz-cf-pop: FRA56-C2
accept-ranges: bytes
x-amz-cf-id: Qn2hv0UBqr9qQqPPAnFfnNc29ggocquDHC-y6qwbyrIEbGNdzV34TQ==

GET
H2 200 MerriweatherSans-Italic.woff2
www.thestar.com/assets/fonts/merriweather/ 52 KB
53 KB 116ms
114ms Font
font/woff2 13.32.21.33
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/assets/fonts/merriweather/MerriweatherSans-Italic.woff2

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.21.33 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-21-33.fra56.r.cloudfront.net

Software

Apache/2.4.53 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

6a5d134ce0702f55663b83e6d4a9d300e38f9328f96f1651419111712f9f02cb

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.thestar.com/?redirect=true
Origin: https://www.thestar.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 17:47:38 GMT
via: 1.1 0d5d2d408eb42296c7636196e25ef8a2.cloudfront.net (CloudFront)
age: 8385
x-powered-by: Express
x-cache: Hit from cloudfront
content-length: 53664
last-modified: Tue, 19 Apr 2022 17:37:58 GMT
server: Apache/2.4.53 (Unix) OpenSSL/1.1.1n
etag: W/"d1a0-18042e704f0"
x-frame-options: SAMEORIGIN
content-type: font/woff2
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=14400
x-amz-cf-pop: FRA56-C2
accept-ranges: bytes
x-amz-cf-id: X3E8UY6LtblLu3m5T-KPPsfmbUVYH0qvVOJ4rJ8bnDq-nI0KdDFpag==

GET
H2 200 MerriweatherSans-Bold.woff2
www.thestar.com/assets/fonts/merriweather/ 55 KB
56 KB 147ms
145ms Font
font/woff2 13.32.21.33
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/assets/fonts/merriweather/MerriweatherSans-Bold.woff2

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.21.33 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-21-33.fra56.r.cloudfront.net

Software

Apache/2.4.53 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

6c6bd4f1d599be4d43843b7dbf5ec5e134cd7aec0c900ac1c030ead10bbe4ea1

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.thestar.com/?redirect=true
Origin: https://www.thestar.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 19:52:21 GMT
via: 1.1 0d5d2d408eb42296c7636196e25ef8a2.cloudfront.net (CloudFront)
age: 901
x-powered-by: Express
x-cache: Hit from cloudfront
content-length: 56380
last-modified: Tue, 19 Apr 2022 17:37:58 GMT
server: Apache/2.4.53 (Unix) OpenSSL/1.1.1n
etag: W/"dc3c-18042e704f0"
x-frame-options: SAMEORIGIN
content-type: font/woff2
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=14400
x-amz-cf-pop: FRA56-C2
accept-ranges: bytes
x-amz-cf-id: J_H5N3sNrkL9poErV2r2kZVf2ZDgA1JIBc5RMRBpRoEuGF9v-c-F7g==

GET
H2 200 MerriweatherSans-BoldItalic.woff2
www.thestar.com/assets/fonts/merriweather/ 54 KB
54 KB 86ms
84ms Font
font/woff2 13.32.21.33
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/assets/fonts/merriweather/MerriweatherSans-BoldItalic.woff2

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.21.33 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-21-33.fra56.r.cloudfront.net

Software

Apache/2.4.53 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

b8dd12b4cc0283b0d20c31c231b8ae14fa61c1b64d594cd8f8c0ed1948acb3b5

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.thestar.com/?redirect=true
Origin: https://www.thestar.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 17:25:11 GMT
via: 1.1 0d5d2d408eb42296c7636196e25ef8a2.cloudfront.net (CloudFront)
age: 9732
x-powered-by: Express
x-cache: Hit from cloudfront
content-length: 54800
last-modified: Tue, 19 Apr 2022 17:37:58 GMT
server: Apache/2.4.53 (Unix) OpenSSL/1.1.1n
etag: W/"d610-18042e704f0"
x-frame-options: SAMEORIGIN
content-type: font/woff2
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=14400
x-amz-cf-pop: FRA56-C2
accept-ranges: bytes
x-amz-cf-id: Y58Im4BSlxN8uDcshLLbAB8DPGZfkY1QpJj_UNXOKgxxA0aNdNVt8w==

GET
H2 200 MerriweatherSans-Black.woff2
www.thestar.com/assets/fonts/merriweather/ 53 KB
54 KB 157ms
156ms Font
font/woff2 13.32.21.33
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/assets/fonts/merriweather/MerriweatherSans-Black.woff2

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.21.33 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-21-33.fra56.r.cloudfront.net

Software

Apache/2.4.53 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

098ac1fe26b8dcbf76d32aa5db27e6112d093743f9a3e4df1dc529c131df4363

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.thestar.com/?redirect=true
Origin: https://www.thestar.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 19:29:28 GMT
via: 1.1 0d5d2d408eb42296c7636196e25ef8a2.cloudfront.net (CloudFront)
age: 2275
x-powered-by: Express
x-cache: Hit from cloudfront
content-length: 54304
last-modified: Tue, 19 Apr 2022 17:37:58 GMT
server: Apache/2.4.53 (Unix) OpenSSL/1.1.1n
etag: W/"d420-18042e704f0"
x-frame-options: SAMEORIGIN
content-type: font/woff2
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=14400
x-amz-cf-pop: FRA56-C2
accept-ranges: bytes
x-amz-cf-id: ZLdD2Ebgij3TM4Lr5fbWbv5Zs2i-A5CVJbCUzS8VBEP9_GjLs6jnlw==

GET
H2 200 toronto-star-adunits.js Show response
prebid.the-ozone-project.com/hw/torstar/ 4 KB
2 KB 139ms
41ms Script
application/javascript 143.204.201.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.the-ozone-project.com/hw/torstar/toronto-star-adunits.js
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.201.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-201-48.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ac217fa597b7754bca874304308db97d8db94d4733d9027cccae8d7eff7eeceb

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 06:12:19 GMT
content-encoding: gzip
last-modified: Fri, 18 Feb 2022 02:13:55 GMT
server: AmazonS3
age: 50364
etag: W/"47ec15276ab051ddd124dd65b61efb8f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 511c8b6c7e903efca023a504d527516a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: yXn_6bMYa3BE4Wic-VXBhffp2e1SscsNYYLUNvgVAw99p4Wu8Fha6Q==

GET
H2 200 script.js Show response
e377.thestar.com/ 147 KB
42 KB 157ms
47ms Script
text/javascript 65.9.68.36
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://e377.thestar.com/script.js

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.68.36 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-68-36.fra56.r.cloudfront.net

Software

- /

Resource Hash

849056f7f6a3149a9f6b288c7847dccc5348347c3c6101be78ddeec1a2df13f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 19:59:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
age: 477
x-cache: Hit from cloudfront
p3p: policyref="", CP="DSP"
content-length: 42303
x-xss-protection: 1; mode=block
last-modified: Tue, 26 Apr 2022 00:38:21 GMT
server: -
etag: 402c2f3fc850e3b5f3999c76aca4b04f
content-type: text/javascript; charset=utf-8
via: 1.1 b8fb5d47d5536b63dd25111404e6e2e4.cloudfront.net (CloudFront)
cache-control: public, no-cache="Set-Cookie", max-age=600
x-amz-cf-pop: FRA56-C1
x-robots-tag: noindex, nofollow
x-amz-cf-id: 8OfsT-cqQZuiEQHKZGIdkR4NYyIL095ZmgkVSg0-rauckBzoVM25hw==
expires: Fri, 29 Apr 2022 20:09:26 GMT

GET
H2 200 72.css
www.thestar.com/static/ 8 KB
3 KB 44ms
43ms Stylesheet
text/css 13.32.21.33
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/static/72.css?v=6512062dc50d28c14dca

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.21.33 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-21-33.fra56.r.cloudfront.net

Software

Apache/2.4.53 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

221da5b9abab5ff408ee5174a127f762c0fbf4cd9a9bf368e0545b643419d1f8

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.thestar.com/?redirect=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 18:32:12 GMT
content-encoding: gzip
age: 5711
x-powered-by: Express
x-cache: Hit from cloudfront
access-control-allow-origin: https://amp.thestar.com
last-modified: Tue, 19 Apr 2022 17:43:16 GMT
server: Apache/2.4.53 (Unix) OpenSSL/1.1.1n
x-frame-options: SAMEORIGIN
etag: W/"205b-18042ebdf20"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
via: 1.1 0d5d2d408eb42296c7636196e25ef8a2.cloudfront.net (CloudFront)
cache-control: max-age=300
x-amz-cf-pop: FRA56-C2
x-amz-cf-id: NonSsCJZiRuWzYM9a3v-aSWl0p7HfDwu2DPLMb75ymhqASO8lt6i-g==

GET
H2 200 bundle.css
www.thestar.com/static/ 404 KB
52 KB 139ms
138ms Stylesheet
text/css 13.32.21.33
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/static/bundle.css?v=acebe239acc465c60b82

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.21.33 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-21-33.fra56.r.cloudfront.net

Software

Apache/2.4.53 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

0e0597c66b4c19f9a2f09795677cb7e5932d373d87b6853c6b474d68f72d0b63

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.thestar.com/?redirect=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 18:32:12 GMT
content-encoding: gzip
age: 5711
x-powered-by: Express
x-cache: Hit from cloudfront
access-control-allow-origin: https://amp.thestar.com
last-modified: Tue, 19 Apr 2022 17:43:16 GMT
server: Apache/2.4.53 (Unix) OpenSSL/1.1.1n
x-frame-options: SAMEORIGIN
etag: W/"65139-18042ebdf20"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
via: 1.1 0d5d2d408eb42296c7636196e25ef8a2.cloudfront.net (CloudFront)
cache-control: max-age=300
x-amz-cf-pop: FRA56-C2
x-amz-cf-id: kmf1UsUAMW2E0G_MaNssueQIh_GwAJMup28aCwxSDlMHeC8RFbEkiQ==

GET
H2 200 be54a597-6b6d-4e2d-9d31-642310a8db25-web.js Show response
be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app/ 494 KB
143 KB 203ms
88ms Script
application/javascript 2606:4700::6812:551
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app/be54a597-6b6d-4e2d-9d31-642310a8db25-web.js
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:551 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3d7d03febc73a1c4dbd37a3df1ef55dd6f1303149ff39ea35ad3e9b0f6dc1637

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 20:07:23 GMT
content-encoding: br
cf-cache-status: HIT
x-goog-meta-oid: be54a597-6b6d-4e2d-9d31-642310a8db25
age: 2522
x-guploader-uploadid: ADPycdu63BqG2T2GH-gNnzbhRVmRyYb6IQpoMnf_muwhf-63DMg4P_Pvp2YjD8rRyCCnACCFbHD55__WOI__ksIVBXPrLg
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
content-type: application/javascript
last-modified: Thu, 28 Apr 2022 19:03:55 GMT
server: cloudflare
etag: W/"e26cb18fc3ab24066988124995552d23"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=JOtaHQ==, md5=4myxj8OrJAZpiBJJlVUtIw==
x-goog-generation: 1651172635103903
cache-control: public, max-age=900
x-goog-stored-content-length: 149562
cf-ray: 703aa9e36ee3233d-ZRH
expires: Fri, 29 Apr 2022 20:22:23 GMT

GET
H/1.1 200
OK yi.js Show response
sejs.moatads.com/torontoprebidheader623296055317/ 246 KB
85 KB 176ms
60ms Script
application/x-javascript 69.192.161.152
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sejs.moatads.com/torontoprebidheader623296055317/yi.js
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 69.192.161.152 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a69-192-161-152.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 5d8e2a45b87836c8fc0b8c319fd2bfaa775a1496e72b08fdf5c13337e1dcc961

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Fri, 29 Apr 2022 20:07:23 GMT
Content-Encoding: gzip
Server: AmazonS3
x-amz-request-id: PQG4DETJRX8H23GD
ETag: "2b2e743dec21817b8854738d32ca34fd"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=12399
Transfer-Encoding: chunked
Connection: keep-alive, Transfer-Encoding
x-amz-id-2: K+OjWLs9EHX9aDtzLLXpw2SUuYkmUzJFbZmXVy5zKVbd8V2W3wovTwsxPbumqEqEqEGSSgsCho4=

GET
H2 200 ads.js Show response
www.thestar.com/assets/js/ 22 B
467 B 123ms
123ms Script
application/javascript 13.32.21.33
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/assets/js/ads.js

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.21.33 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-21-33.fra56.r.cloudfront.net

Software

Apache/2.4.53 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

be2277c99594557635d0993ac606fdc4994494e43408bc1be5c6ac9bfabc5dac

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.thestar.com/?redirect=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 17:48:54 GMT
via: 1.1 0d5d2d408eb42296c7636196e25ef8a2.cloudfront.net (CloudFront)
age: 8309
x-powered-by: Express
x-cache: Hit from cloudfront
content-length: 22
last-modified: Tue, 19 Apr 2022 17:37:59 GMT
server: Apache/2.4.53 (Unix) OpenSSL/1.1.1n
etag: W/"16-18042e708d8"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=14400
x-amz-cf-pop: FRA56-C2
accept-ranges: bytes
x-amz-cf-id: hvPv3PPLpBxD1yoFSHMMpIgS_hutOdUoqK_Xen_T6orak8lUGZ51Vg==

GET
H2 200 logo-toronto.svg
www.thestar.com/assets/svg/ 7 KB
3 KB 59ms
58ms Image
image/svg+xml 13.32.21.33
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thestar.com/assets/svg/logo-toronto.svg

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.21.33 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-21-33.fra56.r.cloudfront.net

Software

Apache/2.4.53 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

4466f366b2897f4839ba95e1b5d96fa3c3e11cadb7fe0096afb3a5a97b872ffb

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.thestar.com/?redirect=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 19:50:51 GMT
content-encoding: gzip
age: 992
x-powered-by: Express
x-cache: Hit from cloudfront
access-control-allow-origin: https://amp.thestar.com
last-modified: Tue, 19 Apr 2022 17:37:59 GMT
server: Apache/2.4.53 (Unix) OpenSSL/1.1.1n
x-frame-options: SAMEORIGIN
etag: W/"1df3-18042e708d8"
vary: Accept-Encoding
content-type: image/svg+xml
via: 1.1 0d5d2d408eb42296c7636196e25ef8a2.cloudfront.net (CloudFront)
cache-control: max-age=14400
x-amz-cf-pop: FRA56-C2
x-amz-cf-id: acPlT9AkyPkRm0i1ZxrvNHTPvfxDAXX2p_Vijo3txArxzEKPSxngIA==

GET
H2 200 logo-round-thestar.svg
www.thestar.com/assets/svg/ 589 B
1 KB 55ms
52ms Image
image/svg+xml 13.32.21.33
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thestar.com/assets/svg/logo-round-thestar.svg

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.21.33 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-21-33.fra56.r.cloudfront.net

Software

Apache/2.4.53 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

95f4db14172013eb07b61d3933cdcee02d39e70569f86e2d445e637db2d62547

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.thestar.com/?redirect=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 18:37:55 GMT
via: 1.1 0d5d2d408eb42296c7636196e25ef8a2.cloudfront.net (CloudFront)
age: 5368
x-powered-by: Express
x-cache: Hit from cloudfront
content-length: 589
last-modified: Tue, 19 Apr 2022 17:37:59 GMT
server: Apache/2.4.53 (Unix) OpenSSL/1.1.1n
etag: W/"24d-18042e708d8"
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=14400
x-amz-cf-pop: FRA56-C2
accept-ranges: bytes
x-amz-cf-id: NARCWc-uGGpNfmS6jOb0TIJzzlfV5STlg96V8P6LvqOdzZmGm28C8Q==

GET
H2 200 logo-thestar.svg
www.thestar.com/assets/svg/ 2 KB
1 KB 61ms
57ms Image
image/svg+xml 13.32.21.33
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thestar.com/assets/svg/logo-thestar.svg

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.21.33 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-21-33.fra56.r.cloudfront.net

Software

Apache/2.4.53 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

ab199625a90b8111a0ae408ef6b43ae28dd55ad6d2fa2524666c169b5b1262bc

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.thestar.com/?redirect=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 19:25:31 GMT
content-encoding: gzip
age: 2512
x-powered-by: Express
x-cache: Hit from cloudfront
access-control-allow-origin: https://amp.thestar.com
last-modified: Tue, 19 Apr 2022 17:37:59 GMT
server: Apache/2.4.53 (Unix) OpenSSL/1.1.1n
x-frame-options: SAMEORIGIN
etag: W/"73e-18042e708d8"
vary: Accept-Encoding
content-type: image/svg+xml
via: 1.1 0d5d2d408eb42296c7636196e25ef8a2.cloudfront.net (CloudFront)
cache-control: max-age=14400
x-amz-cf-pop: FRA56-C2
x-amz-cf-id: DRuLynt2qSVJHWQTA7WAZXZu7FFk7ButTqrJD1cKSu6rpk-duXTjww==

GET
H2 200 Smith_Doug_logo2015W.jpg
images.thestar.com/SLYlcdVkZGZpot5wARkMAHlI4uU=/100x100/smart/https://www.thestar.com/content/dam/thestar/columnist_logos/ 2 KB
3 KB 143ms
40ms Image
image/jpeg 65.9.68.36
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.thestar.com/SLYlcdVkZGZpot5wARkMAHlI4uU=/100x100/smart/https://www.thestar.com/content/dam/thestar/columnist_logos/Smith_Doug_logo2015W.jpg
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.68.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-68-36.fra56.r.cloudfront.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: d3d530638642efb47e9251b6c6f29f801725961a6b998ed5280f85dddcbb86a8

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 22:53:06 GMT
via: 1.1 e39402e2cf62b31f7774452c905f38f2.cloudfront.net (CloudFront)
server: nginx/1.14.0 (Ubuntu)
age: 4223657
etag: "1b56e4a4418d2ada439c294e7204b56b92cc089d"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=315360000
x-amz-cf-pop: FRA56-C1
content-length: 2239
x-amz-cf-id: _d3kWM91VokdTMEfPhGhDMbww9yOGQvW1HBybPESlSUX8lCTmW2l-A==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 DiManno_Rosie_logo2015.JPG
images.thestar.com/x2cEM_MObMppPWahZfcIF-jFgOU=/100x100/smart/https://www.thestar.com/content/dam/thestar/columnist_logos/ 3 KB
3 KB 144ms
41ms Image
image/jpeg 65.9.68.36
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.thestar.com/x2cEM_MObMppPWahZfcIF-jFgOU=/100x100/smart/https://www.thestar.com/content/dam/thestar/columnist_logos/DiManno_Rosie_logo2015.JPG
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.68.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-68-36.fra56.r.cloudfront.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 182fb2b790fe5834246d223be4978a2e56d480b6d2226cb1df834519086205d8

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sun, 13 Feb 2022 23:53:19 GMT
via: 1.1 e39402e2cf62b31f7774452c905f38f2.cloudfront.net (CloudFront)
server: nginx/1.14.0 (Ubuntu)
age: 6466443
etag: "4e821b61fc91fae540b114d909a38e3e1f364024"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=315360000
x-amz-cf-pop: FRA56-C1
content-length: 2989
x-amz-cf-id: Q7DTlfssrn1ectiR2QvqT99xAp_YG2Gcydw3Lr4ADD9btsJwOJ6a_A==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Barnea_Amir_logo2020.jpg
images.thestar.com/UJX9TnP1fHBQ2UD6578kGAlocFs=/100x100/smart/https://www.thestar.com/content/dam/thestar/columnist_logos/ 3 KB
3 KB 145ms
43ms Image
image/jpeg 65.9.68.36
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.thestar.com/UJX9TnP1fHBQ2UD6578kGAlocFs=/100x100/smart/https://www.thestar.com/content/dam/thestar/columnist_logos/Barnea_Amir_logo2020.jpg
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.68.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-68-36.fra56.r.cloudfront.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: de3739c1ae7026582c92bfee95724b3d3710e3d5dd55c4f045e68b730e93b4a7

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 15:22:45 GMT
via: 1.1 e39402e2cf62b31f7774452c905f38f2.cloudfront.net (CloudFront)
server: nginx/1.14.0 (Ubuntu)
age: 189878
etag: "79322a9d7abaf903d0f2fa687466d5935fb37148"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=315360000
x-amz-cf-pop: FRA56-C1
content-length: 2670
x-amz-cf-id: eECRAVZBvdjxwYJ51L3d5WaV8iFldt7z_xZJQcJeT9s_Js_tJzMLYA==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Campion%20Smith_Bruce_logo%202015.JPG
images.thestar.com/IZPSgD6jujHkZkiGewWxhcBo4CU=/100x100/smart/https://www.thestar.com/content/dam/thestar/columnist_logos/ 3 KB
3 KB 146ms
44ms Image
image/jpeg 65.9.68.36
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.thestar.com/IZPSgD6jujHkZkiGewWxhcBo4CU=/100x100/smart/https://www.thestar.com/content/dam/thestar/columnist_logos/Campion%20Smith_Bruce_logo%202015.JPG
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.68.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-68-36.fra56.r.cloudfront.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: db70b5f10de529bb8e1d7eafea5815049ba4d360d9ec87910eb55efe6d7d24c6

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 06:15:26 GMT
via: 1.1 e39402e2cf62b31f7774452c905f38f2.cloudfront.net (CloudFront)
server: nginx/1.14.0 (Ubuntu)
age: 13528317
etag: "3cf45cba8d1bcfb178991cd0633aa024350fa454"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=315360000
x-amz-cf-pop: FRA56-C1
content-length: 2603
x-amz-cf-id: h-yJgpm51axoEKLY6xL95fQYTAKPDJVlRJTfa9JqcdBES5fYkpAUwg==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 ontario-votes-web-light-version.svg
www.thestar.com/content/dam/thestar/static_images/editorial/ 4 KB
5 KB 233ms
230ms Image
image/svg+xml 13.32.21.33
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thestar.com/content/dam/thestar/static_images/editorial/ontario-votes-web-light-version.svg

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.21.33 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-21-33.fra56.r.cloudfront.net

Software

Apache/2.4.52 () OpenSSL/1.0.2k-fips Communique/4.3.3 /

Resource Hash

18ee6c158ecdcabd472f582e3c5718be76aa9f1e910aeb355ea1cca99dbac31f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.thestar.com/?redirect=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 20:07:23 GMT
via: 1.1 0d5d2d408eb42296c7636196e25ef8a2.cloudfront.net (CloudFront)
x-content-type-options: nosniff
last-modified: Fri, 22 Apr 2022 05:26:12 GMT
server: Apache/2.4.52 () OpenSSL/1.0.2k-fips Communique/4.3.3
x-amz-cf-pop: FRA56-C2
x-cache: RefreshHit from cloudfront
content-type: image/svg+xml
cache-control: max-age=900
content-disposition: attachment; filename="ontario-votes-web-light-version.svg"
accept-ranges: bytes
content-length: 4215
x-amz-cf-id: pHWqfj5ch7CVVVku7h6f6byUPLJjr_xQ0Qj52vcQxYOtTwoaoM1axA==
expires: Fri, 29 Apr 2022 20:22:23 GMT

GET
H2 200 brandmark-thestar.svg
www.thestar.com/assets/svg/ 263 B
703 B 72ms
69ms Image
image/svg+xml 13.32.21.33
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thestar.com/assets/svg/brandmark-thestar.svg

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.21.33 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-21-33.fra56.r.cloudfront.net

Software

Apache/2.4.53 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

9b4fd2bac023c59fa666614872a2a06a413659ca1b03eb71c3ad32298b2366dd

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.thestar.com/?redirect=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 19:03:14 GMT
via: 1.1 0d5d2d408eb42296c7636196e25ef8a2.cloudfront.net (CloudFront)
age: 3849
x-powered-by: Express
x-cache: Hit from cloudfront
content-length: 263
last-modified: Tue, 19 Apr 2022 17:37:59 GMT
server: Apache/2.4.53 (Unix) OpenSSL/1.1.1n
etag: W/"107-18042e708d8"
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=14400
x-amz-cf-pop: FRA56-C2
accept-ranges: bytes
x-amz-cf-id: N7RnEykmBaayvR5HZ1bobDUN5I3Gq-84K9Q8xgXB9gbMFTd043v1Pg==

GET
H2 200 app-store.svg
www.thestar.com/assets/svg/ 8 KB
4 KB 58ms
54ms Image
image/svg+xml 13.32.21.33
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thestar.com/assets/svg/app-store.svg

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.21.33 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-21-33.fra56.r.cloudfront.net

Software

Apache/2.4.53 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

133d99ecc7e1f65d2e0bdc9d04fae746f2e9b820213b2a2df7fed60ba073475e

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.thestar.com/?redirect=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 18:10:32 GMT
content-encoding: gzip
age: 7011
x-powered-by: Express
x-cache: Hit from cloudfront
access-control-allow-origin: https://amp.thestar.com
last-modified: Tue, 19 Apr 2022 17:37:59 GMT
server: Apache/2.4.53 (Unix) OpenSSL/1.1.1n
x-frame-options: SAMEORIGIN
etag: W/"1e63-18042e708d8"
vary: Accept-Encoding
content-type: image/svg+xml
via: 1.1 0d5d2d408eb42296c7636196e25ef8a2.cloudfront.net (CloudFront)
cache-control: max-age=14400
x-amz-cf-pop: FRA56-C2
x-amz-cf-id: 318VmZQBQKsy2vvw-dsZmbDzjxg4WcSXKEzHjkPO_xdfoS9NMh2bBg==

GET
H2 200 google-play.svg
www.thestar.com/assets/svg/ 10 KB
5 KB 55ms
52ms Image
image/svg+xml 13.32.21.33
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thestar.com/assets/svg/google-play.svg

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.21.33 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-21-33.fra56.r.cloudfront.net

Software

Apache/2.4.53 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

b0ab2f21243b940db6c6b986e1cedb149ffcc296b62b326e9214366585d1040d

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.thestar.com/?redirect=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 18:14:28 GMT
content-encoding: gzip
age: 6775
x-powered-by: Express
x-cache: Hit from cloudfront
access-control-allow-origin: https://amp.thestar.com
last-modified: Tue, 19 Apr 2022 17:37:59 GMT
server: Apache/2.4.53 (Unix) OpenSSL/1.1.1n
x-frame-options: SAMEORIGIN
etag: W/"2859-18042e708d8"
vary: Accept-Encoding
content-type: image/svg+xml
via: 1.1 0d5d2d408eb42296c7636196e25ef8a2.cloudfront.net (CloudFront)
cache-control: max-age=14400
x-amz-cf-pop: FRA56-C2
x-amz-cf-id: SclrSZzF4U5vq0JLGb_T-IpIhLaNel1fmLF4X2P05n_nBApva7rAPA==

GET
H2

200

oct.js Show response
static.ads-twitter.com/
Redirect Chain

https://platform.twitter.com/oct.js
https://static.ads-twitter.com/oct.js

28 KB
10 KB

151ms
55ms

Script
application/javascript

199.232.136.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/oct.js
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Server: 199.232.136.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 70d4c4423dab9cf00b6e9bcf57518eeafff00e9d2499f4463498b03bef2bdc33

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 20:07:23 GMT
content-encoding: gzip
last-modified: Thu, 21 Apr 2022 18:44:51 GMT
etag: "c47a9d4becaab89e22af7ba863c58452+gzip+gzip"
vary: Accept-Encoding,Host
x-tw-cdn: FT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache
x-cache: HIT, HIT
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
content-length: 9501
x-served-by: cache-iad-kiad7000133-IAD, cache-hhn11576-HHN

Redirect headers

x-tw-cdn: VZ
Date: Fri, 29 Apr 2022 20:07:23 GMT
Server: ECS (mil/6CF5)
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Location: https://static.ads-twitter.com/oct.js
Server-Timing: "x-cache;desc= ,x-tw-cdn;desc=VZ",edge;dur=1
Content-Length: 0

GET
H2 200 vendors~bundle.chunk.js Show response
www.thestar.com/static/ 2 MB
567 KB 229ms
226ms Script
application/javascript 13.32.21.33
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/static/vendors~bundle.chunk.js?v=7b2d449e

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.21.33 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-21-33.fra56.r.cloudfront.net

Software

Apache/2.4.53 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

12e402c8de3c3603b70c055f81df40f21301988fedc71caed5a35bf1abf4d480

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.thestar.com/?redirect=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 20:07:23 GMT
content-encoding: gzip
vary: Accept-Encoding
last-modified: Tue, 19 Apr 2022 17:43:16 GMT
server: Apache/2.4.53 (Unix) OpenSSL/1.1.1n
x-amz-cf-pop: FRA56-C2
x-powered-by: Express
etag: W/"201f0b-18042ebdf20"
x-frame-options: SAMEORIGIN
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=300
x-amz-cf-id: -esN6h2JnupLOx7beBo_KD70QaC5rapvjtTEGvLcpjSvmDT71X5iew==
via: 1.1 0d5d2d408eb42296c7636196e25ef8a2.cloudfront.net (CloudFront)

GET
H2 200 bundle.js Show response
www.thestar.com/static/ 1 MB
232 KB 232ms
229ms Script
application/javascript 13.32.21.33
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/static/bundle.js?v=685f0e30

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.21.33 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-21-33.fra56.r.cloudfront.net

Software

Apache/2.4.53 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

3d6f8a866403ef7ca21b58674a73d365d4a8a20ba189da5b45c594eda4453919

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.thestar.com/?redirect=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 20:07:23 GMT
content-encoding: gzip
vary: Accept-Encoding
last-modified: Tue, 19 Apr 2022 17:43:16 GMT
server: Apache/2.4.53 (Unix) OpenSSL/1.1.1n
x-amz-cf-pop: FRA56-C2
x-powered-by: Express
etag: W/"12da53-18042ebdf20"
x-frame-options: SAMEORIGIN
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=300
x-amz-cf-id: stsCDLYEAuKbTVWkx8RT0ruO7Jm597i1RUmx86uXmFmD5qfQ7r1L6Q==
via: 1.1 0d5d2d408eb42296c7636196e25ef8a2.cloudfront.net (CloudFront)

GET
H2 200 ozpb.js Show response
prebid.the-ozone-project.com/hw/torstar/ 203 KB
63 KB 44ms
41ms Script
application/javascript 143.204.201.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.the-ozone-project.com/hw/torstar/ozpb.js
Requested by: Host: prebid.the-ozone-project.com
URL: https://prebid.the-ozone-project.com/hw/torstar/toronto-star-adunits.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.201.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-201-48.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 25e5c10cb58300c92e6d6065fa0ea49a206499c58a2f1152af1deea8f34a5066

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 05:03:13 GMT
content-encoding: gzip
last-modified: Mon, 21 Mar 2022 18:26:56 GMT
server: AmazonS3
age: 56841
etag: W/"e08e5a6e68f37184e1c046d32d471d44"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 511c8b6c7e903efca023a504d527516a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: Bc8pKTsLxLfP0MlyxtiHqJQXNxmJcTVK6DixhSvUc1yNHnBABbytgQ==

GET
H2 200 ozp_global_int.min.js Show response
prebid.the-ozone-project.com/hw/torstar/ 6 KB
2 KB 46ms
43ms Script
application/javascript 143.204.201.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.the-ozone-project.com/hw/torstar/ozp_global_int.min.js
Requested by: Host: prebid.the-ozone-project.com
URL: https://prebid.the-ozone-project.com/hw/torstar/toronto-star-adunits.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.201.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-201-48.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9255f9f186056d9c722c47bb75bf71f79690a0a85fdccf83481c6eca62552623

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 14:12:02 GMT
content-encoding: br
last-modified: Thu, 28 Apr 2022 14:10:53 GMT
server: AmazonS3
age: 21349
etag: W/"c6e67d08c7c4a89b3155020045b68eb1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 511c8b6c7e903efca023a504d527516a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: nxQkILg1qFTmD7_7W8_UE3HIV6I9B9c58swVI_dcWeNywxXbmzFA7w==

GET
H2 200 cs Show response
torstar.blueconic.net/DG/DEFAULT/ 17 B
699 B 377ms
118ms Script
text/javascript 52.206.166.185
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://torstar.blueconic.net/DG/DEFAULT/cs?&callback=bc_json1080

Requested by

Host: e377.thestar.com
URL: https://e377.thestar.com/script.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.206.166.185 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-206-166-185.compute-1.amazonaws.com

Software

- /

Resource Hash

ea0f3c8f9bad08cd59e22c48fcb4d27509a1bfdfde46dc5c047ff14689740f02

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Apr 2022 20:07:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: -
x-robots-tag: noindex, nofollow
p3p: policyref="", CP="DSP"
x-permitted-cross-domain-policies: master-only
cache-control: no-cache, no-store, no-transform, must-revalidate, private
content-type: text/javascript; charset=utf-8
content-length: 37
x-xss-protection: 1; mode=block
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK channels.cgi Show response
torstar.gscontxt.net/main/ 419 B
497 B 1072ms
107ms Script
application/javascript 150.136.200.75
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL: https://torstar.gscontxt.net/main/channels.cgi?url=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 150.136.200.75 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: /
Resource Hash: c4444219574c6a63a1c7a9112884a6b5dbaae69b0d93d9d5591eaf2614fe05dd

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Length: 419
Content-Type: application/javascript

GET
H2 200 launch-EN5e55511c260e4c0cb05872ba3729b255.min.js Show response
resources.thestar.com/ 336 KB
73 KB 151ms
40ms Script
text/javascript 99.86.7.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.thestar.com/launch-EN5e55511c260e4c0cb05872ba3729b255.min.js
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.7.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-7-104.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 902564d87ddfe92c327260fdd506b03b6d19cd61c9f9c5736e069eba3c7fada9

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 19:32:28 GMT
content-encoding: gzip
last-modified: Fri, 29 Apr 2022 19:32:21 GMT
server: AmazonS3
age: 2096
etag: W/"ad5dba8b2f63a341b170ddd62e63a43f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: AJGtSlf1Q1TOKqFCu_Hb.fo_ELv_8jPW
via: 1.1 2f471134491a4de5cfcaef646caf9dde.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
content-type: text/javascript
x-amz-cf-id: Py7EshUkMC15TNOfxdi7n_fBJD2p_UIP-EcMCZExEKIEdMOpHsESmA==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 218 KB
77 KB 150ms
50ms Script
application/javascript 2a00:1450:4001:802::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-P86MZHL&gtm_auth=6lA8dG63UaQ5ed3gQljsjQ&gtm_preview=env-2&gtm_cookies_win=x

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

fbfad689067acb8e893b001d3b227174a6a02d9bef89c4bcd49702a3b9434cbe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 20:07:23 GMT
content-encoding: br
vary: *
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 78144
x-xss-protection: 0
pragma: no-cache
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js_visitor_settings.php Show response
dev.visualwebsiteoptimizer.com/deploy/ 12 KB
3 KB 94ms
32ms Script
application/javascript 34.96.102.137
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/deploy/js_visitor_settings.php?v=1&a=354908&url=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&random=0.9099634130351753
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: glon1 /
Resource Hash: fb366afb54e20432cee4e1287a424fea45f4fbcf10b298f400cf27842b1ef91b

Request headers

Referer: https://www.thestar.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Fri, 29 Apr 2022 20:07:22 GMT
via: 1.1 google
server: glon1
content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-type: application/javascript; charset=UTF-8

GET
H2 200 track-3a8c03cc83fd9c554b5af6e1cc1ffa80.js Show response
dev.visualwebsiteoptimizer.com/7.0/ 12 KB
4 KB 31ms
31ms Script
text/javascript 34.96.102.137
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/7.0/track-3a8c03cc83fd9c554b5af6e1cc1ffa80.js
Requested by: Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/deploy/js_visitor_settings.php?v=1&a=354908&url=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&random=0.9099634130351753
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: glon1 /
Resource Hash: 032c30c45274a913d19addce026ce51624405e7325a36b512270e375eed14e16

Request headers

Referer: https://www.thestar.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Fri, 29 Apr 2022 20:07:22 GMT
content-encoding: br
last-modified: Fri, 29 Apr 2022 15:38:46 GMT
server: glon1
etag: "626c0686-e80"
vary: Accept-Encoding, User-Agent
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3712
via: 1.1 google

GET
H2 200 opa-608d8314e5c4b9c6caefe04b8ad484ca.js Show response
dev.visualwebsiteoptimizer.com/analysis/4.0/ 104 KB
27 KB 33ms
33ms Script
application/javascript 34.96.102.137
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/analysis/4.0/opa-608d8314e5c4b9c6caefe04b8ad484ca.js
Requested by: Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/deploy/js_visitor_settings.php?v=1&a=354908&url=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&random=0.9099634130351753
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: glon1 /
Resource Hash: d293615bf31154b942130f428df78234bc997f8f42ac0aa70d4d48a044833a96

Request headers

Referer: https://www.thestar.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Fri, 29 Apr 2022 20:07:22 GMT
content-encoding: br
last-modified: Fri, 29 Apr 2022 15:38:42 GMT
server: glon1
etag: "626c0682-6bca"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27594
via: 1.1 google

GET
H3 200 v.gif
dev.visualwebsiteoptimizer.com/ 35 B
52 B 109ms
108ms Image
image/gif 34.96.102.137
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dev.visualwebsiteoptimizer.com/v.gif?cd=0&a=354908&d=thestar.com&u=D40D42F3ED0F9542F9BD263C3D5BDDDBF&h=6a26759a29b678a0f77a4971846826e1&r=0.2914323722335195

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

QUIC, , AES_128_GCM

Server

34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

137.102.96.34.bc.googleusercontent.com

Software

gnv1c /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Apr 2022 20:07:23 GMT
via: 1.1 google
x-content-type-options: nosniff
server: gnv1c
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 10 Jan 2005 00:00:01 GMT

GET
H/1.1 200
OK vis_opt.js Show response
d5phz18u4wuww.cloudfront.net/ 168 KB
56 KB 139ms
45ms Script
text/javascript 143.204.214.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d5phz18u4wuww.cloudfront.net/vis_opt.js
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.214.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-214-118.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e96ee4202dd697f4757a0c1502f5b3ae79c0d59d0823d80a80ac3ed97132d861

Request headers

Referer: https://www.thestar.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date: Fri, 29 Apr 2022 19:52:19 GMT
Content-Encoding: gzip
Connection: keep-alive
Last-Modified: Thu, 02 May 2019 08:14:16 GMT
Server: AmazonS3
Age: 906
ETag: "85932b0cd7c8dce121fa1923529a3189"
X-Cache: Hit from cloudfront
Content-Type: text/javascript
Via: 1.1 a75b67932d84d80b40e12159613deb16.cloudfront.net (CloudFront)
Cache-Control: max-age=3600
X-Amz-Cf-Pop: FRA53-C1
Accept-Ranges: bytes
Content-Length: 57240
X-Amz-Cf-Id: CdQQg7S-am1bN5f05RaGj1A4T3rzVI_e92Z5iZx0lIszb2c1edddAg==

GET
H2 200 pxid Show response
be54a597-6b6d-4e2d-9d31-642310a8db25.prmutv.co/v2.0/ 46 B
394 B 151ms
39ms XHR
application/json 35.241.9.51
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://be54a597-6b6d-4e2d-9d31-642310a8db25.prmutv.co/v2.0/pxid?k=025ad678-bf0a-4fe2-b383-8487592159bc
Requested by: Host: be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app
URL: https://be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app/be54a597-6b6d-4e2d-9d31-642310a8db25-web.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.9.51 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 51.9.241.35.bc.googleusercontent.com
Software: Permutive /
Resource Hash: 8a0ddcefbec80dc817a376397e1038899b26857cb63c350da76db996be5ee510

Request headers

Referer: https://www.thestar.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
content-type: text/plain

Response headers

date: Fri, 29 Apr 2022 20:07:23 GMT
content-encoding: gzip
server: Permutive
vary: Origin
content-type: application/json
access-control-allow-origin: https://www.thestar.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66
via: 1.1 google

GET
H/1.1 200
OK getuidj Show response
ib.adnxs.com/ 11 B
705 B 141ms
51ms XHR
application/json 37.252.172.249
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/getuidj

Requested by

Host: be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app
URL: https://be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app/be54a597-6b6d-4e2d-9d31-642310a8db25-web.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.249 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.thestar.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
content-type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 29 Apr 2022 20:07:23 GMT
X-Proxy-Origin: 217.138.196.108; 217.138.196.108; 534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 551ebb16-dcac-4fcc-ba60-8d6823e1b24d
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.thestar.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 11
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 geoip Show response
api.permutive.com/v2.0/ 258 B
364 B 106ms
39ms XHR
application/json 34.107.254.252
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/v2.0/geoip?include=geo&include=isp&include=ip_hash&k=025ad678-bf0a-4fe2-b383-8487592159bc
Requested by: Host: be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app
URL: https://be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app/be54a597-6b6d-4e2d-9d31-642310a8db25-web.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: 7c585543eb96408d6e90889b9edcaa9d3b612b23ab38d8c0d52c79365876f1ca

Request headers

Referer: https://www.thestar.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
content-type: text/plain

Response headers

date: Fri, 29 Apr 2022 20:07:23 GMT
content-encoding: gzip
server: Permutive
vary: Origin
content-type: application/json
access-control-allow-origin: https://www.thestar.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
via: 1.1 google

GET
BLOB 200
OK 52cdde8f-942c-4ad1-881f-e7490470e1ec
https://www.thestar.com/ 276 KB
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thestar.com/52cdde8f-942c-4ad1-881f-e7490470e1ec
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9fd107036554e5b3dbf02b85868958ec91ff3981aad030a3ab4c4fb65590b884

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Length: 282394

GET
BLOB 200
OK 481cc349-5825-4b2a-9b22-04941173ef03
https://www.thestar.com/ 19 KB
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thestar.com/481cc349-5825-4b2a-9b22-04941173ef03
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6276cf74233056334460de6cfa0f7b1bca813eaa2bab243cb8998b7d81fbb4aa

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Length: 19782

GET
H3 200 vis_opt-3a8c03cc83fd9c554b5af6e1cc1ffa80.js Show response
dev.visualwebsiteoptimizer.com/7.0/ 221 KB
63 KB 97ms
96ms Script
text/javascript 34.96.102.137
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/7.0/vis_opt-3a8c03cc83fd9c554b5af6e1cc1ffa80.js
Requested by: Host: d5phz18u4wuww.cloudfront.net
URL: https://d5phz18u4wuww.cloudfront.net/vis_opt.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: glon1 /
Resource Hash: 59c59b194ac28c56c539f1008f33f1f2b40c4e081f9b8499e6c21c7480011868

Request headers

Referer: https://www.thestar.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Fri, 29 Apr 2022 20:07:23 GMT
content-encoding: br
last-modified: Fri, 29 Apr 2022 15:38:46 GMT
server: glon1
etag: "626c0686-fad3"
vary: Accept-Encoding, User-Agent
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 64211
via: 1.1 google

POST
H3 200 identify Show response
api.permutive.com/v2.0/ 50 B
88 B 107ms
46ms XHR
application/json 34.107.254.252
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/v2.0/identify?k=025ad678-bf0a-4fe2-b383-8487592159bc
Requested by: Host: be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app
URL: https://be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app/be54a597-6b6d-4e2d-9d31-642310a8db25-web.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: 70c14afe4d8b8e671d2e0cd9cf55cf877e2e27d035cb7d814ff9c9856ed9c98d

Request headers

Referer: https://www.thestar.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
content-type: text/plain

Response headers

date: Fri, 29 Apr 2022 20:07:23 GMT
content-encoding: gzip
server: Permutive
vary: Origin
content-type: application/json
access-control-allow-origin: https://www.thestar.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 70
via: 1.1 google

GET
H/1.1 200
OK embedder Show response
adserver.pressboard.ca/v3/ 351 B
789 B 439ms
42ms Script
application/x-javascript 51.104.28.77
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://adserver.pressboard.ca/v3/embedder?media=130507
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.104.28.77 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 4da8f4d2d20833c254b092ab30d0ebaee5e3d93716e320773ff55c27c353796b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 29 Apr 2022 20:07:23 GMT
Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD, PUT
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Expires: 0
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 351
request-context: appId=cid-v1:872aa76c-939e-4ab5-93a1-49e977059583

GET
H/1.1 200
OK 181778-254412191205210.js Show response
js-sec.indexww.com/ht/p/ 139 KB
39 KB 850ms
716ms Script
text/javascript 69.192.160.245
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/ht/p/181778-254412191205210.js
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 69.192.160.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a69-192-160-245.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: acf47ed08e03deb30050e6cc80f2972698f083352e87deda1ef3f3b1bef79e1a

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Fri, 29 Apr 2022 20:07:24 GMT
Content-Encoding: gzip
Last-Modified: Fri, 29 Apr 2022 20:05:52 GMT
Server: Apache
ETag: "760cd9-22b48-5ddd091c666be"
Vary: Accept-Encoding
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: text/javascript
Content-Length: 39661
Expires: Fri, 29 Apr 2022 21:07:24 GMT

GET
H2 200 moatcontent.js Show response
z.moatads.com/torontocontentstarcontent37863992/ 165 KB
54 KB 133ms
48ms Script
application/x-javascript 69.192.161.152
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/torontocontentstarcontent37863992/moatcontent.js
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 69.192.161.152 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a69-192-161-152.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: d85850c885fe92574f866d77f638250a2747c691aa7f537b4922e28b368cd51a

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 20:07:24 GMT
content-encoding: gzip
last-modified: Mon, 24 Aug 2020 17:22:35 GMT
server: AmazonS3
x-amz-request-id: 31EA48740775C598
etag: "491121b0fb1268b17bdb2c53880291f2"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=16658
accept-ranges: bytes
content-length: 54912
x-amz-id-2: 8hhs+vCZD2zll4I07kFl07NUwG/grOjziIprXcQdATPWtbNQOVG5mHNoX1yRKDoCe/Fog07Zw3s=

GET
H2 200 material-icons-base-400-normal.woff2
www.thestar.com/static/assets/ 101 KB
102 KB 56ms
56ms Font
font/woff2 13.32.21.33
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/static/assets/material-icons-base-400-normal.woff2?v=fe7e45c2

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/72.css?v=6512062dc50d28c14dca

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.21.33 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-21-33.fra56.r.cloudfront.net

Software

Apache/2.4.53 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

53e47f0803e3983ae0b26db5f39e87c0bfd327981749c02c9e2f955341e34d7b

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.thestar.com/static/72.css?v=6512062dc50d28c14dca
Origin: https://www.thestar.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 20:07:23 GMT
via: 1.1 0d5d2d408eb42296c7636196e25ef8a2.cloudfront.net (CloudFront)
age: 13
x-powered-by: Express
x-cache: Hit from cloudfront
content-length: 103852
last-modified: Tue, 19 Apr 2022 17:43:16 GMT
server: Apache/2.4.53 (Unix) OpenSSL/1.1.1n
etag: W/"195ac-18042ebdf20"
x-frame-options: SAMEORIGIN
content-type: font/woff2
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=300
x-amz-cf-pop: FRA56-C2
accept-ranges: bytes
x-amz-cf-id: SS3QPDwH5y8td4uX2uYJRqNCM-GhU90lMdvxunWmzDDQzRIrZ40v9g==

GET
H2 200 hp-widget-2022.html Show response
misc.thestar.com/interactivegraphic/2020/coronavirus-dashboard/homepage-banner/ Frame 44D6 23 KB
6 KB 141ms
44ms Document
text/html 99.86.7.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://misc.thestar.com/interactivegraphic/2020/coronavirus-dashboard/homepage-banner/hp-widget-2022.html
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.7.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-7-70.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 058d1a8a629c82f344bb897688af943b1ee5041381f487250241ca16bb24a300

Request headers

Referer: https://www.thestar.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 146
content-encoding: gzip
content-type: text/html
date: Fri, 29 Apr 2022 20:07:24 GMT
etag: W/"efa8a5cdbaf0721798da89d3f5e4b095"
last-modified: Tue, 15 Mar 2022 13:48:39 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 d8e97d2c28917e4c41ab79bb1e94b844.cloudfront.net (CloudFront)
x-amz-cf-id: Yl6MvnoClxZCdb8EcTi3SgZqkKrEpb_xK90e32TIbjSIYV0nVC324g==
x-amz-cf-pop: FRA6-C1
x-amz-meta-version-id: zuaWmlrl.URWbdMHTz_ljp08.7tdSnPL
x-amz-version-id: Lr9JnYLEjix1UWK9Mg6y89PE.TsM4BuA
x-cache: Hit from cloudfront

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
355 B 262ms
147ms Image
image/gif 104.244.42.195
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?type=javascript&version=2.3.2&p_id=Twitter&p_user_id=0&txn_id=nuz9l&tw_order_quantity=0&tw_sale_amount=0&tw_iframe_status=0&event_id=a78e2513-7ea1-45a2-a456-273244a44c98&tw_document_href=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.195 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_f /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-response-time: 105
date: Fri, 29 Apr 2022 20:07:23 GMT
server: tsa_f
strict-transport-security: max-age=631138519
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
x-connection-hash: 2d42158f98dbeb59953c3badc72b8ef3085aca10f4b718c9fae66eeda7cd25e9
content-length: 43

GET
H2 200 adsct
t.co/i/ 43 B
336 B 240ms
146ms Image
image/gif 104.244.42.69
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?type=javascript&version=2.3.2&p_id=Twitter&p_user_id=0&txn_id=nuz9l&tw_order_quantity=0&tw_sale_amount=0&tw_iframe_status=0&event_id=a78e2513-7ea1-45a2-a456-273244a44c98&tw_document_href=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.69 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_f /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-response-time: 104
date: Fri, 29 Apr 2022 20:07:23 GMT
server: tsa_f
strict-transport-security: max-age=0
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
x-connection-hash: caafdd26b64a277c33b734425608b90d22806eea9f62eddc2f2775cfb4d940c0
content-length: 43

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 99 KB
27 KB 125ms
42ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

086f1c868f8f769ef0039b238b415fc3c46d97e342309dc8c61cefb40868212e

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26311
x-xss-protection: 0
pragma: public
x-fb-debug: XzqzcwMQ9NfZNqufrBTXLYArHylDSU0J7YN1+4k0+M3MenwaPj1lqYMzuAPs6Kj80lgpreD2bzmUyKUxwfNrBA==
x-fb-trip-id: 917726464
x-frame-options: DENY
date: Fri, 29 Apr 2022 20:07:24 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 1 KB
1 KB 136ms
41ms Script
application/javascript 99.86.7.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.7.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-7-38.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 03:00:53 GMT
content-encoding: gzip
etag: W/"1827f116c73f319409b97f10b8a58ade"
last-modified: Fri, 26 Feb 2021 14:35:05 GMT
server: AmazonS3
age: 61602
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 a0a81637cc76d6981e4e29044a73b7f6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: hQGS9ZuPU-XHTTJqVS7jI6mb4vUkka_cnA7gEpt2hISuR_fIYbAFdw==

GET
H/1.1 200
OK /
d1nxn87txdj54y.cloudfront.net/ 43 B
524 B 525ms
412ms Image
image/gif 65.9.58.162
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1nxn87txdj54y.cloudfront.net/?a=40727dc8cfba4185b5b471b11fed6eb9
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.58.162 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-58-162.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Fri, 29 Apr 2022 20:07:25 GMT
Via: 1.1 910fc18161f0602555cc5b6397ca26f2.cloudfront.net (CloudFront)
Last-Modified: Mon, 22 Apr 2013 19:31:32 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA56-C1
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
X-Cache: RefreshHit from cloudfront
Content-Type: image/gif
Cache-Control: no-cache
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
X-Amz-Cf-Id: 7jFH87LQez6-x7XoaMVxjCb-WUfivxDp57Hs0aFfD3x9adOMkmza_A==

GET
H/1.1 200
OK p.js Show response
d1z2jf7jlzjs58.cloudfront.net/ 930 B
1 KB 150ms
39ms Script
application/javascript 65.9.58.150
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1z2jf7jlzjs58.cloudfront.net/p.js
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.58.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-58-150.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 62f586be8571b23584eb4a60a45a3157ff7c8388b1b1e3b4e8890e243b3e47de

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Fri, 29 Apr 2022 02:39:49 GMT
Via: 1.1 58c21e16c9e093deb494fbb4de260efa.cloudfront.net (CloudFront)
Age: 62857
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 930
Pragma: public
Last-Modified: Wed, 06 May 2020 20:19:48 GMT
Server: nginx
ETag: "5eb31be4-3a2"
Content-Type: application/javascript
Cache-Control: max-age=86400, public
X-Amz-Cf-Pop: FRA56-C1
Accept-Ranges: bytes
X-Amz-Cf-Id: eegpcaBpeB0KJwgUKWHbRhvGjhHFEZqB49DuxBlhSwBIJiACFY4XeQ==
Expires: Sat, 30 Apr 2022 02:39:47 GMT

GET
H2 200 q9fqmmutk5a97trs-nbc.js Show response
cdn.petametrics.com/ 157 KB
46 KB 111ms
36ms Script
application/javascript 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.petametrics.com/q9fqmmutk5a97trs-nbc.js?ts=458684
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 02dd647cf98e249d624ffd3db638c04b1e0381bc3d34bedbbffa4a440eb3c4a4

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 20:07:24 GMT
content-encoding: gzip
last-modified: Wed, 16 Feb 2022 20:20:09 GMT
server: AmazonS3
x-amz-request-id: MYJED1HC06G3ZGTT
etag: "9a641477338b3d37265acf599cd17fde"
x-hw: 1651262844.cds076.lo4.hn,1651262844.cds077.lo4.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400, s-maxage=31536000
content-length: 46600
accept-ranges: bytes
x-amz-version-id: Kt7yVs60jDHQzVMEmqSmzZUltniCZ.1l
x-amz-id-2: EiYXvzFFJtjSMiHQGBnjd0UsXuHSc53EDLnlsidlbJQFmfSvPwAl1MNaLoZ1maZoFv3+zryB3Nw=

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 135 KB
37 KB 157ms
54ms Script
application/javascript 65.9.66.173
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.173 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-173.fra56.r.cloudfront.net
Software: Server /
Resource Hash: 1909b2a83fd41494d94862c4323944d9d0aa1f1e653f252ea5a73fc5944308b0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-amz-version-id: 6RTeJ.t3xDSJXjTxhAMtPfr9IcIsozAE
content-encoding: gzip
etag: 4abd427e43cd6822329a2c05539e321f
age: 610
x-cache: Hit from cloudfront
server: Server
x-amz-rid: 1KHJM1QSG8B44TXQAXX6
date: Fri, 29 Apr 2022 20:07:24 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 3dd91613764eafe7ad199013ce202442.cloudfront.net (CloudFront)
cache-control: public, max-age=900
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: er3Rwnc4aK1mAm4jTMgxIuYT_lD0m8slCanZlq3FP5Mf7eTXNnJURw==

GET
H2 200 indicator-icon-aggregation.svg
www.thestar.com/assets/img/ 703 B
1 KB 57ms
56ms Image
image/svg+xml 13.32.21.33
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thestar.com/assets/img/indicator-icon-aggregation.svg

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/bundle.css?v=acebe239acc465c60b82

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.21.33 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-21-33.fra56.r.cloudfront.net

Software

Apache/2.4.53 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

a00823cb2fb19c0e87a1f41a6bd5352c93f463511f5eb42d27769074da319a42

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.thestar.com/static/bundle.css?v=acebe239acc465c60b82
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 16:52:52 GMT
via: 1.1 0d5d2d408eb42296c7636196e25ef8a2.cloudfront.net (CloudFront)
age: 11671
x-powered-by: Express
x-cache: Hit from cloudfront
content-length: 703
last-modified: Tue, 19 Apr 2022 17:37:59 GMT
server: Apache/2.4.53 (Unix) OpenSSL/1.1.1n
etag: W/"2bf-18042e708d8"
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=14400
x-amz-cf-pop: FRA56-C2
accept-ranges: bytes
x-amz-cf-id: uT_ygSJLOy-SwD8qFNc1gIpbf07O0VldP3XMWPwy5HC97yY7XofQpg==

GET
H2 200 star-icons.ttf
www.thestar.com/static/ 21 KB
12 KB 63ms
62ms Font
font/ttf 13.32.21.33
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/static/star-icons.ttf?9550a1c926a47398dae39c37d99739d0

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/72.css?v=6512062dc50d28c14dca

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.21.33 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-21-33.fra56.r.cloudfront.net

Software

Apache/2.4.53 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

c00545c81d97ab6aaa4ce46fd9b026817a8079477283eba5cced4003551eaf8c

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.thestar.com/static/72.css?v=6512062dc50d28c14dca
Origin: https://www.thestar.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 20:03:29 GMT
content-encoding: gzip
age: 234
x-powered-by: Express
x-cache: Hit from cloudfront
access-control-allow-origin: https://amp.thestar.com
last-modified: Tue, 19 Apr 2022 17:43:16 GMT
server: Apache/2.4.53 (Unix) OpenSSL/1.1.1n
x-frame-options: SAMEORIGIN
etag: W/"54e8-18042ebdf20"
vary: Accept-Encoding
content-type: font/ttf
via: 1.1 0d5d2d408eb42296c7636196e25ef8a2.cloudfront.net (CloudFront)
cache-control: max-age=300
x-amz-cf-pop: FRA56-C2
x-amz-cf-id: bcH_JHUseij9d_NizY3CY-CusyVXdOtdEKGiq7WJqGjWvSnATrtfTw==

GET
H2 200 TorstarCompressed-Bold.woff2
www.thestar.com/assets/fonts/ 23 KB
23 KB 53ms
52ms Font
font/woff2 13.32.21.33
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/assets/fonts/TorstarCompressed-Bold.woff2

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/bundle.css?v=acebe239acc465c60b82

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.21.33 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-21-33.fra56.r.cloudfront.net

Software

Apache/2.4.53 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

97a8cb323b800e312421b5f10b9292a19c964f2de15e15703bbed583e1d78639

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.thestar.com/static/bundle.css?v=acebe239acc465c60b82
Origin: https://www.thestar.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 19:53:11 GMT
via: 1.1 0d5d2d408eb42296c7636196e25ef8a2.cloudfront.net (CloudFront)
age: 852
x-powered-by: Express
x-cache: Hit from cloudfront
content-length: 23168
last-modified: Tue, 19 Apr 2022 17:37:58 GMT
server: Apache/2.4.53 (Unix) OpenSSL/1.1.1n
etag: W/"5a80-18042e704f0"
x-frame-options: SAMEORIGIN
content-type: font/woff2
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=14400
x-amz-cf-pop: FRA56-C2
accept-ranges: bytes
x-amz-cf-id: 63EApYYtTZtghW36o71I5hZCGVjgPqA2exvCJK_DtVmGlQVN4HexIw==

GET
H3 200 worker-70faafffa0475802f5ee03ca5ff74179.js Show response
dev.visualwebsiteoptimizer.com/analysis/ 47 KB
13 KB 66ms
33ms XHR
application/javascript 34.96.102.137
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/analysis/worker-70faafffa0475802f5ee03ca5ff74179.js
Requested by: Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/analysis/4.0/opa-608d8314e5c4b9c6caefe04b8ad484ca.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: glon1 /
Resource Hash: e916478d94814b1a0c2680424c323db0514f4a022d16835cd7bcc754722308f4

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 20:07:24 GMT
content-encoding: br
last-modified: Fri, 29 Apr 2022 15:38:42 GMT
server: glon1
etag: "626c0682-351f"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13599
via: 1.1 google

GET
H2 200 v2 Show response
mb.moatads.com/yi/ 4 KB
4 KB 129ms
40ms Script
text/html 18.168.215.250
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mb.moatads.com/yi/v2?ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5B98bjmPghU%3C4Y%24%26Pz9.aS%3B4oD%7D%60%3Fjc!L2LmqMs%3Cex1bxNTK7%2BuCTpY%3CZ.T%5B%2B%22gbzbSSr1r4YvKUntB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rb=2-XArw4k53N9kCRqL5D8s2wrvkFEQaXcVXbaABZPHbHacu4%2BXMPJmawdw%3D&rs=1-izGQnTcST%2BDrDg%3D%3D&sc=1&os=1-5g%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&url=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&pcode=torontoprebidheader623296055317&rx=79510749020&callback=MoatNadoAllJsonpRequest_56821384
Requested by: Host: sejs.moatads.com
URL: https://sejs.moatads.com/torontoprebidheader623296055317/yi.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.168.215.250 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-168-215-250.eu-west-2.compute.amazonaws.com
Software: TornadoServer/5.1.1 /
Resource Hash: cb37d0e01a4a707ffafae4f7b08b9eb695840f34036bcb5ce403d72ffc54a3e9

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 20:07:24 GMT
cache-control: max-age=900
server: TornadoServer/5.1.1
timing-allow-origin: *
etag: "37859f3e0acbb3586e95345f32943ab847fd653b"
content-length: 3813
content-type: text/html; charset=UTF-8

GET
H2 200 iframe.html Show response
z.moatads.com/hd09824092/ Frame AEAF 1 KB
2 KB 51ms
43ms Document
text/html 69.192.161.152
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/hd09824092/iframe.html
Requested by: Host: sejs.moatads.com
URL: https://sejs.moatads.com/torontoprebidheader623296055317/yi.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 69.192.161.152 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a69-192-161-152.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 49d65831c7e98a7d885d223699a41198204329efff9d1904c8af71323f613d68

Request headers

Referer: https://www.thestar.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=1868
content-length: 1374
content-type: text/html
date: Fri, 29 Apr 2022 20:07:24 GMT
etag: "4a9cbc2e5bc164313dace42a58bef141"
last-modified: Tue, 26 Jan 2021 22:41:39 GMT
server: AmazonS3
x-amz-id-2: bLl72GtpcxM8rSKIodQlKgK0BRPdEbxIV8PPGYh9PcLqpR363i0Z1TjhY7+mRyWYYTxnhPRiG5Y=
x-amz-request-id: A3423FE5772816F0

GET
H3 200 css2
fonts.googleapis.com/ Frame 44D6 4 KB
613 B 133ms
49ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Inter:wght@400;600&display=swap

Requested by

Host: misc.thestar.com
URL: https://misc.thestar.com/interactivegraphic/2020/coronavirus-dashboard/homepage-banner/hp-widget-2022.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fc1c4f09ff158c02c23a035afb72d4221d9e9e58a6a01b01d93191295edbc4fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://misc.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 29 Apr 2022 19:11:34 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 29 Apr 2022 20:07:24 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 29 Apr 2022 20:07:24 GMT

GET
H2 200 d3v4.min.js Show response
misc.thestar.com/interactivegraphic/libraries/ Frame 44D6 207 KB
69 KB 49ms
49ms Script
application/javascript 99.86.7.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://misc.thestar.com/interactivegraphic/libraries/d3v4.min.js
Requested by: Host: misc.thestar.com
URL: https://misc.thestar.com/interactivegraphic/2020/coronavirus-dashboard/homepage-banner/hp-widget-2022.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.7.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-7-70.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c99734749ad79de9e3e31e74c52248541454b72c2bed5fcb0747c78fa4b052fa

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://misc.thestar.com/interactivegraphic/2020/coronavirus-dashboard/homepage-banner/hp-widget-2022.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
last-modified: Wed, 10 Aug 2016 20:14:14 GMT
server: AmazonS3
age: 102
etag: W/"f332c3bb6d8a840f320b33fbb3d53a5b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 d8e97d2c28917e4c41ab79bb1e94b844.cloudfront.net (CloudFront)
date: Fri, 29 Apr 2022 20:07:24 GMT
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: IeyU7OLPDs2-rCtdFwUu8djiFB_USB4-eQFEyOk1K1oQW_R00O9D0Q==

GET
H2 200 needle.svg
misc.thestar.com/interactivegraphic/2020/coronavirus-dashboard/homepage-banner/ Frame 44D6 470 B
882 B 45ms
45ms Image
image/svg+xml 99.86.7.70
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://misc.thestar.com/interactivegraphic/2020/coronavirus-dashboard/homepage-banner/needle.svg
Requested by: Host: misc.thestar.com
URL: https://misc.thestar.com/interactivegraphic/2020/coronavirus-dashboard/homepage-banner/hp-widget-2022.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.7.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-7-70.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a77b14fa718d5e2296ca2fa7007a8e8f52dfb07633f607181451eab75e631b3f

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://misc.thestar.com/interactivegraphic/2020/coronavirus-dashboard/homepage-banner/hp-widget-2022.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-amz-version-id: PHp84jahms4CJNjldWqFykMudiRkBAyd
via: 1.1 d8e97d2c28917e4c41ab79bb1e94b844.cloudfront.net (CloudFront)
last-modified: Fri, 15 Jan 2021 18:23:00 GMT
server: AmazonS3
age: 48
etag: "7b192d8826a89c17b265266118be34e4"
x-cache: Hit from cloudfront
content-type: image/svg+xml
date: Fri, 29 Apr 2022 20:07:24 GMT
x-amz-meta-version-id: MV9uaQT60tDgvyFTmtizWztglNGxBqZN
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
content-length: 470
x-amz-cf-id: NRjNbcx_66YTIxYmnSzHrrhFqmb_aNp0hxwaNDSJLE_BEgE8AluDJA==

GET
H2 200 greyneedle.svg
misc.thestar.com/interactivegraphic/2020/coronavirus-dashboard/homepage-banner/ Frame 44D6 465 B
833 B 56ms
56ms Image
image/svg+xml 99.86.7.70
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://misc.thestar.com/interactivegraphic/2020/coronavirus-dashboard/homepage-banner/greyneedle.svg
Requested by: Host: misc.thestar.com
URL: https://misc.thestar.com/interactivegraphic/2020/coronavirus-dashboard/homepage-banner/hp-widget-2022.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.7.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-7-70.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 515239a85055e3ce255def75ee13d72d166e04154099ac2d8e61dec9417850ab

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://misc.thestar.com/interactivegraphic/2020/coronavirus-dashboard/homepage-banner/hp-widget-2022.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-amz-version-id: jfLD05iZMIZ7gkaEXfKmtY6Chs0LH8kp
via: 1.1 d8e97d2c28917e4c41ab79bb1e94b844.cloudfront.net (CloudFront)
last-modified: Tue, 27 Apr 2021 15:34:40 GMT
server: AmazonS3
age: 48
etag: "7a9e2f9f869c3b5f5c1b0bc84c743854"
x-cache: Hit from cloudfront
content-type: image/svg+xml
date: Fri, 29 Apr 2022 20:07:24 GMT
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
content-length: 465
x-amz-cf-id: 0rkTe5cnM21p7QDZUcG-UiZhbb3UcT7MxMwEBHYySc3bCyYKf7ag1w==

GET
H/1.1 200
OK datastore_search Show response
data.ontario.ca/api/3/action/ Frame 44D6 911 KB
63 KB 612ms
241ms Script
application/javascript 52.139.4.139
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://data.ontario.ca/api/3/action/datastore_search?resource_id=ed270bb8-340b-41f9-a7c6-e8ef587e6d11&offset=17&limit=1000&callback=getCaseData
Requested by: Host: misc.thestar.com
URL: https://misc.thestar.com/interactivegraphic/2020/coronavirus-dashboard/homepage-banner/hp-widget-2022.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.139.4.139 Toronto, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 5426dc1a3330d1796eca952eb69f57e489be32406ff15ddfaf2d99cc2ef5cba3

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://misc.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Fri, 29 Apr 2022 20:07:24 GMT
Content-Encoding: gzip
Server: nginx/1.14.0 (Ubuntu)
X-Cache-Status: HIT
Vary: Accept-Encoding
Content-Type: application/javascript;charset=utf-8
Cache-Control: max-age=1800
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Content-Type, Content-Length, X-Requested-With, X-Authorization
Expires: Fri, 29 Apr 2022 20:37:24 GMT

GET
H/1.1 200
OK datastore_search Show response
data.ontario.ca/api/3/action/ Frame 44D6 209 KB
15 KB 587ms
238ms Script
application/javascript 52.139.4.139
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://data.ontario.ca/api/3/action/datastore_search?resource_id=0f8b343e-fc28-4ca5-9aab-c3a1d2c919f1&limit=2000&callback=getLTCData
Requested by: Host: misc.thestar.com
URL: https://misc.thestar.com/interactivegraphic/2020/coronavirus-dashboard/homepage-banner/hp-widget-2022.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.139.4.139 Toronto, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: d99ca202813ffad492f6147cf4629d242c854d14f6f2544a9f1df9795aa69115

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://misc.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Fri, 29 Apr 2022 20:07:24 GMT
Content-Encoding: gzip
Server: nginx/1.14.0 (Ubuntu)
X-Cache-Status: HIT
Vary: Accept-Encoding
Content-Type: application/javascript;charset=utf-8
Cache-Control: max-age=1800
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Content-Type, Content-Length, X-Requested-With, X-Authorization
Expires: Fri, 29 Apr 2022 20:37:24 GMT

GET
H/1.1 200
OK datastore_search Show response
data.ontario.ca/api/3/action/ Frame 44D6 217 KB
23 KB 575ms
239ms Script
application/javascript 52.139.4.139
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://data.ontario.ca/api/3/action/datastore_search?resource_id=8a89caa9-511c-4568-af89-7f2174b4378c&limit=1000&callback=getVaccineData
Requested by: Host: misc.thestar.com
URL: https://misc.thestar.com/interactivegraphic/2020/coronavirus-dashboard/homepage-banner/hp-widget-2022.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.139.4.139 Toronto, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: ea853f85c2899e807cf652814c66d1d9a6007e93b6db875ba811824d80585e97

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://misc.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Fri, 29 Apr 2022 20:07:24 GMT
Content-Encoding: gzip
Server: nginx/1.14.0 (Ubuntu)
X-Cache-Status: HIT
Vary: Accept-Encoding
Content-Type: application/javascript;charset=utf-8
Cache-Control: max-age=1800
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Content-Type, Content-Length, X-Requested-With, X-Authorization
Expires: Fri, 29 Apr 2022 20:37:24 GMT

GET
H/1.1 200
OK id Show response
dpm.demdex.net/ 387 B
1 KB 184ms
50ms XHR
application/json 52.30.130.246
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id?d_visid_ver=5.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=19A568F454F72DAF0A4C98A6%40AdobeOrg&d_nsid=0&ts=1651262844138

Requested by

Host: resources.thestar.com
URL: https://resources.thestar.com/launch-EN5e55511c260e4c0cb05872ba3729b255.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.30.130.246 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-30-130-246.eu-west-1.compute.amazonaws.com

Software

Resource Hash

33afc8e71d59f428189a4e10d350838300df69111543a0df6b60c7c135cfb921

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.thestar.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

DCS: dcs-prod-irl1-1-v031-0770276c3.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-TID: K+s8UdpFTk0=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://www.thestar.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json;charset=utf-8
Content-Length: 327
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 AppMeasurement.min.js Show response
resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/0637acba3b96/hostedLibFiles/EP171e731c9ba34f1c950c36d26e3efd61/ 33 KB
12 KB 46ms
45ms Script
text/javascript 99.86.7.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/0637acba3b96/hostedLibFiles/EP171e731c9ba34f1c950c36d26e3efd61/AppMeasurement.min.js
Requested by: Host: resources.thestar.com
URL: https://resources.thestar.com/launch-EN5e55511c260e4c0cb05872ba3729b255.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.7.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-7-104.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9219086b4f2c3bf77854b2e06ccd97ad32b9b7a140e65ff8b974a3bae6c7854c

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 19:32:30 GMT
content-encoding: gzip
last-modified: Fri, 29 Apr 2022 19:31:37 GMT
server: AmazonS3
age: 2095
etag: W/"d860c16ac938f7d839f0ec158d02d0f0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: Y.iP5NzbQnYqgG03gGOiELjCUWOjXHBf
via: 1.1 2f471134491a4de5cfcaef646caf9dde.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
content-type: text/javascript
x-amz-cf-id: 8tLHl-dnsdhqbXqsDlNe6Ix4BfJ0RulLkntDmbQSiWVzCE2v1cHzrw==

GET
H2 200 AppMeasurement_Module_ActivityMap.min.js Show response
resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/0637acba3b96/hostedLibFiles/EP171e731c9ba34f1c950c36d26e3efd61/ 3 KB
2 KB 46ms
45ms Script
text/javascript 99.86.7.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/0637acba3b96/hostedLibFiles/EP171e731c9ba34f1c950c36d26e3efd61/AppMeasurement_Module_ActivityMap.min.js
Requested by: Host: resources.thestar.com
URL: https://resources.thestar.com/launch-EN5e55511c260e4c0cb05872ba3729b255.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.7.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-7-104.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 462a66acbf50e933685e7587e9f1441df8225b2bb4d6b7bc5e757eccf4ff6575

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 19:32:30 GMT
content-encoding: gzip
last-modified: Fri, 29 Apr 2022 19:31:37 GMT
server: AmazonS3
age: 2094
etag: W/"2d1382c349d480b6b41574ac0c1af066"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: Emw6ufB3NXz12fdAvA14N6JY.GxERvRI
via: 1.1 2f471134491a4de5cfcaef646caf9dde.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
content-type: text/javascript
x-amz-cf-id: CcPBZXaR0JfEX04iEbN8jNobzoMy6vIUQ2xu87F8UhgkLZjmw6RP-A==

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 131ms
41ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P86MZHL&gtm_auth=6lA8dG63UaQ5ed3gQljsjQ&gtm_preview=env-2&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 1954
date: Fri, 29 Apr 2022 19:34:50 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Fri, 29 Apr 2022 21:34:50 GMT

GET
H2

200

web-vitals.umd.js Show response
unpkg.com/web-vitals@2.1.4/dist/
Redirect Chain

https://unpkg.com/web-vitals
https://unpkg.com/web-vitals@2.1.4
https://unpkg.com/web-vitals@2.1.4/dist/web-vitals.umd.js

5 KB
2 KB

68ms
67ms

Script
application/javascript

2606:4700::6810:7daf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/web-vitals@2.1.4/dist/web-vitals.umd.js

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Server

2606:4700::6810:7daf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

52cac1193a3683e35353723a38e01a9bcc0c5f9bf2be42d29c96905527c7923d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 20:07:24 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
age: 8531700
fly-request-id: 01FSX6G1QVHCEFQ5K9M6V6JX3K
content-encoding: br
vary: Accept-Encoding
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
server: cloudflare
etag: W/"120b-0F8cYs4ysxGP6ebngBlASGivDqM"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 703aa9e9f8a20225-ZRH

Redirect headers

date: Fri, 29 Apr 2022 20:07:24 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
fly-request-id: 01FSX6G1H6HMMGWM8JDB016PND
server: cloudflare
age: 8531700
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: text/plain; charset=utf-8
location: /web-vitals@2.1.4/dist/web-vitals.umd.js
cache-control: public, max-age=31536000
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 703aa9e9980e0225-ZRH
access-control-allow-origin: *

GET
H2

204

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=3005674&ns__t=1651262844193&ns_c=UTF-8&cv=3.5&c8=thestar.com%20%7C%20The%20Star%20%7C%20Canada%27s%20largest%20daily&c7=https%3A%2F%2Fwww.thestar.com%2F%3...
https://sb.scorecardresearch.com/b2?c1=2&c2=3005674&ns__t=1651262844193&ns_c=UTF-8&cv=3.5&c8=thestar.com%20%7C%20The%20Star%20%7C%20Canada%27s%20largest%20daily&c7=https%3A%2F%2Fwww.thestar.com%2F%...

0
189 B

44ms
43ms

Image
text/plain

99.86.7.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=3005674&ns__t=1651262844193&ns_c=UTF-8&cv=3.5&c8=thestar.com%20%7C%20The%20Star%20%7C%20Canada%27s%20largest%20daily&c7=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&c9=
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Server: 99.86.7.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-7-38.fra6.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 20:07:24 GMT
via: 1.1 a0a81637cc76d6981e4e29044a73b7f6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: KZ5rYCB7zL2YVV_bA_wixVUk-1GLAGARs4252nmmwakUgJZN12nNbA==
x-cache: Miss from cloudfront

Redirect headers

location: /b2?c1=2&c2=3005674&ns__t=1651262844193&ns_c=UTF-8&cv=3.5&c8=thestar.com%20%7C%20The%20Star%20%7C%20Canada%27s%20largest%20daily&c7=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&c9=
date: Fri, 29 Apr 2022 20:07:24 GMT
via: 1.1 a0a81637cc76d6981e4e29044a73b7f6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
content-length: 0
x-amz-cf-id: _q432aVSauewg-gXY9lj5KdJp07DyP5RkPhLjwvHAFuxj5ydnmUy8g==
x-cache: Miss from cloudfront

POST
H2 200 1079 Show response
e377.thestar.com/DG/DEFAULT/rest/rpc/ 67 KB
13 KB 449ms
449ms XHR
application/json 65.9.68.36
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://e377.thestar.com/DG/DEFAULT/rest/rpc/1079?referer=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&bcsessionid=&bctempid=&overruleReferrer=&time=2022-04-29T20%3A07%3A24%2B00%3A00&ts=1651262844207

Requested by

Host: e377.thestar.com
URL: https://e377.thestar.com/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.68.36 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-68-36.fra56.r.cloudfront.net

Software

- /

Resource Hash

fb0071040453327499fb9339d72e664d19a57e8f0efac2f76444a9086c90e302

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.thestar.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 29 Apr 2022 20:07:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA56-C1
x-cache: Miss from cloudfront
p3p: policyref="", CP="DSP"
content-length: 11952
x-xss-protection: 1; mode=block
pragma: no-cache
access-control-allow-origin: https://www.thestar.com
server: -
content-type: application/json; charset=utf-8
via: 1.1 b8fb5d47d5536b63dd25111404e6e2e4.cloudfront.net (CloudFront)
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
x-amz-cf-id: uQMnU1Z16Ji8guIpMMxYcCZU1wTITB0giUWJeDrrKnu1qxqcGgRd6w==
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
fonts.gstatic.com/s/inter/v11/ Frame 44D6 37 KB
37 KB 131ms
41ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/inter/v11/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@400;600&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b97c99a69a6275c8f90703cd4c0864089a74fd08383a1cc75a8a4d0c2cb60cce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://misc.thestar.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 26 Apr 2022 17:07:46 GMT
x-content-type-options: nosniff
age: 269978
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37716
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:29:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 26 Apr 2023 17:07:46 GMT

GET
H2 200 p.js Show response
cdn.parsely.com/keys/thestar.com/ 73 KB
26 KB 134ms
40ms Script
application/javascript 65.9.61.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.parsely.com/keys/thestar.com/p.js
Requested by: Host: d1z2jf7jlzjs58.cloudfront.net
URL: https://d1z2jf7jlzjs58.cloudfront.net/p.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.61.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-61-60.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: eedabdd2b23f98813d6e180e614bfd6a42b38291996622b21c715259ebff0ba9

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: public
date: Fri, 29 Apr 2022 03:54:45 GMT
content-encoding: gzip
last-modified: Mon, 31 Jan 2022 15:53:19 GMT
server: nginx
age: 58359
etag: W/"61f805ef-12236"
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 4f114016fe4d6c05531b0486ec2868be.cloudfront.net (CloudFront)
cache-control: max-age=86400, public
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: vXwyOnQrC4gt0lueXGCi1aEAVDTVQX8_Nzak7Z66BraZC1KouQLLDw==
expires: Sat, 30 Apr 2022 03:54:45 GMT

GET
H/1.1 200
OK services Show response
sr.studiostack.com/v3/ 24 KB
24 KB 153ms
33ms Script
application/x-javascript 51.104.28.77
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://sr.studiostack.com/v3/services
Requested by: Host: adserver.pressboard.ca
URL: https://adserver.pressboard.ca/v3/embedder?media=130507
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.104.28.77 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e38a7221552e1e6c95ac96060c2db2246a3eb205c741ce16e06eecc17b7f4408

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 29 Apr 2022 20:07:24 GMT
Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD, PUT
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Expires: 0
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 24454
request-context: appId=cid-v1:872aa76c-939e-4ab5-93a1-49e977059583

GET
H/1.1 200
OK dest5.html Show response
torontostarnewspaperslimited.demdex.net/ Frame B259 7 KB
3 KB 176ms
41ms Document
text/html 52.30.130.246
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://torontostarnewspaperslimited.demdex.net/dest5.html?d_nsid=0

Requested by

Host: resources.thestar.com
URL: https://resources.thestar.com/launch-EN5e55511c260e4c0cb05872ba3729b255.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.30.130.246 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-30-130-246.eu-west-1.compute.amazonaws.com

Software

Resource Hash

7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.thestar.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Accept-Ranges: bytes
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 2791
Content-Type: text/html;charset=UTF-8
DCS: dcs-prod-irl1-2-v031-05ef3562a.edge-irl1.demdex.com UNKNOWN
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: EJb7KiJySWY=
content-encoding: gzip
date: Fri, 29 Apr 2022 20:07:24 GMT
last-modified: Wed, 27 Apr 2022 09:29:21 GMT
vary: accept-encoding

GET
H2 200 id Show response
s.thestar.com/ 48 B
508 B 152ms
47ms XHR
application/x-javascript 15.236.176.210
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.thestar.com/id?d_visid_ver=5.4.0&d_fieldgroup=A&mcorgid=19A568F454F72DAF0A4C98A6%40AdobeOrg&mid=29589706611566247360619746105851323445&ts=1651262844331

Requested by

Host: resources.thestar.com
URL: https://resources.thestar.com/launch-EN5e55511c260e4c0cb05872ba3729b255.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.236.176.210 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-236-176-210.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

9c4be6c58ae881da54dd35951ebdf40ef2577bcab0323949fcf7039fc4b5a0c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.thestar.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Fri, 29 Apr 2022 20:07:24 GMT
x-content-type-options: nosniff
server: jag
xserver: anedge-b4b698fcd-wm7gk
vary: Origin
x-c: main-1640.Id95fac.M0-564
p3p: CP="This is not a P3P policy"
access-control-allow-origin: https://www.thestar.com
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/x-javascript;charset=utf-8
content-length: 48
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

ibs:dpid=411&dpuuid=YmxFfAAAAIII4wQE
dpm.demdex.net/
Redirect Chain

https://cm.everesttech.net/cm/dd?d_uuid=29626355058355905060618333060927225407
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YmxFfAAAAIII4wQE

42 B
945 B

44ms
44ms

Image
image/gif

52.30.130.246
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=411&dpuuid=YmxFfAAAAIII4wQE

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

HTTP/1.1

Server

52.30.130.246 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-30-130-246.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v031-08ace46bf.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: nfPfpPWHQME=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=YmxFfAAAAIII4wQE
Date: Fri, 29 Apr 2022 20:07:24 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H2 200 __activity.gif
query.petametrics.com/v3/q9fqmmutk5a97trs/876b178f-bf25-481d-d401-32d18b918af1/ 35 B
175 B 208ms
122ms Image
image/gif 35.190.14.224
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://query.petametrics.com/v3/q9fqmmutk5a97trs/876b178f-bf25-481d-d401-32d18b918af1/__activity.gif?e=pageview&ct=thestar.com+%7C+The+Star+%7C+Canada%27s+largest+daily&ccu=https%3A%2F%2Fwww.thestar.com%2F&tspl=1877&blst=1430&ist=1871&iet=1875&bdst=1431&bdet=1855&bcttt=6&jsfv=nbc&ts=1651262844348&jsk=q9fqmmutk5a97trs&jsv=20220216&cu=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&uid=876b178f-bf25-481d-d401-32d18b918af1&sid=4113f550-8fbd-49a4-f622-8617238b8c7d&pvid=d1d7013a-bc96-4d6d-ed3d-9b5a283e449d&ua=Mozilla%2F5.0+(Windows+NT+10.0%3B+Win64%3B+x64)+AppleWebKit%2F537.36+(KHTML%2C+like+Gecko)+Chrome%2F101.0.4951.41+Safari%2F537.36&l=en-US&os=Linux+x86_64&cet=4g&crtt=-1&cdl=9.8&saveData=false&ctyp=unknown&tzo=0&sdk=bc-pixel
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.14.190.35.bc.googleusercontent.com
Software: openresty/1.13.6.2 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 29 Apr 2022 20:07:24 GMT
via: 1.1 google
server: openresty/1.13.6.2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
content-type: image/gif

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 131ms
47ms XHR
text/plain 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1128545712&t=pageview&_s=1&dl=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&ul=en-us&de=UTF-8&dt=thestar.com%20%7C%20The%20Star%20%7C%20Canada%27s%20largest%20daily&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAAABAAAAAC~&jid=1461858580&gjid=356747778&cid=267430075.1651262844&tid=UA-70431129-1&_gid=349834138.1651262844&_r=1&gtm=2wg4r0P86MZHL&cd9=web&cd14=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F101.0.4951.41%20Safari%2F537.36&z=498324813

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.thestar.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 29 Apr 2022 20:07:24 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.thestar.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 128ms
48ms XHR
text/plain 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1128545712&t=pageview&_s=1&dl=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&ul=en-us&de=UTF-8&dt=thestar.com%20%7C%20The%20Star%20%7C%20Canada%27s%20largest%20daily&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEDAAAABAAAAAC~&jid=305120371&gjid=2045663798&cid=267430075.1651262844&tid=UA-73335503-3&_gid=349834138.1651262844&_r=1&gtm=2wg4r0P86MZHL&z=1132641140

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.thestar.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 29 Apr 2022 20:07:24 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.thestar.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 config Show response
c.amazon-adsystem.com/cdn/prod/ 0
309 B 45ms
44ms XHR
text/plain 65.9.66.173
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=5028&u=https%3A%2F%2Fwww.thestar.com
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.173 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-173.fra56.r.cloudfront.net
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 14:13:35 GMT
via: 1.1 3dd91613764eafe7ad199013ce202442.cloudfront.net (CloudFront)
server: Server
age: 21228
x-cache: Hit from cloudfront
access-control-allow-origin: https://www.thestar.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: wEg50WhfiDL0nKepVEetWkgXJyi1jt_HUwrWah6PCdy4sawFEdw_yw==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 124ms
40ms XHR
application/javascript 65.9.66.173
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.173 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-173.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-amz-version-id: aaJeHz3g2a7aWr9hYquBq.aDaObnNoK3
content-encoding: gzip
etag: W/"a4d296427fc806b21335359e398c025c"
age: 66351
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Thu, 28 Apr 2022 01:41:20 GMT
server: AmazonS3
date: Fri, 29 Apr 2022 01:45:26 GMT
vary: Origin
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 72e8bbddfffeeec486003f867d631024.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: 00cArIZLD85MXKV-nQ9fI2wS0xPAOyADpbQ1Ptf53j6cs5U8NGKMqA==

OPTIONS
H/1.1 200
OK attention-event
sr.studiostack.com/track/ Frame 0
0 126ms
34ms Preflight
text/html 51.104.28.77
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://sr.studiostack.com/track/attention-event
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.104.28.77 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.thestar.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD, PUT
Access-Control-Allow-Origin: *
Allow: POST
Cache-Control: no-cache, no-store, must-revalidate
Content-Length: 4
Content-Type: text/html; charset=utf-8
Date: Fri, 29 Apr 2022 20:07:24 GMT
ETag: W/"4-Yf+Bwwqjx254r+pisuO9HfpJ6FQ"
Expires: 0
Pragma: no-cache
request-context: appId=cid-v1:872aa76c-939e-4ab5-93a1-49e977059583

POST
H/1.1 200
OK attention-event Show response
sr.studiostack.com/track/ 0
396 B 33ms
32ms XHR
text/plain 51.104.28.77
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://sr.studiostack.com/track/attention-event
Requested by: Host: sr.studiostack.com
URL: https://sr.studiostack.com/v3/services
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.104.28.77 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.thestar.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

Pragma: no-cache
Date: Fri, 29 Apr 2022 20:07:24 GMT
Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD, PUT
Access-Control-Allow-Origin: *
Expires: 0
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 0
request-context: appId=cid-v1:872aa76c-939e-4ab5-93a1-49e977059583

GET
H/1.1 200
OK attention-data Show response
sr.studiostack.com/track/ 121 B
608 B 452ms
361ms XHR
application/json 51.104.28.77
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://sr.studiostack.com/track/attention-data?media=130507&ref=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue
Requested by: Host: sr.studiostack.com
URL: https://sr.studiostack.com/v3/services
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.104.28.77 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 5bafa8250e85946ba21ee50f908f071ecda51576eb9fb3aff3a26871c578b9da

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 29 Apr 2022 20:07:24 GMT
ETag: W/"79-bj3QPCF3ntC99mAcFVNa+5AdGPM"
Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD, PUT
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Expires: 0
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 121
request-context: appId=cid-v1:872aa76c-939e-4ab5-93a1-49e977059583

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
439 B 103ms
34ms XHR
text/plain 2a00:1450:400c:c08::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-70431129-1&cid=267430075.1651262844&jid=1461858580&gjid=356747778&_gid=349834138.1651262844&_u=YEBAAAAAAAAAAC~&z=1539716659

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.thestar.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 29 Apr 2022 20:07:24 GMT
content-type: text/plain
access-control-allow-origin: https://www.thestar.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dfb2a2ecc2fe5626f957f876349d1dae Show response
e377.thestar.com/plugin/plugin/ 205 KB
44 KB 48ms
48ms Script
text/javascript 65.9.68.36
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://e377.thestar.com/plugin/plugin/dfb2a2ecc2fe5626f957f876349d1dae

Requested by

Host: e377.thestar.com
URL: https://e377.thestar.com/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.68.36 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-68-36.fra56.r.cloudfront.net

Software

- /

Resource Hash

7b24cbf8cced6ddb17e985fe5329d186750b005210ad2589c6f5146eafa0d2ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 26 Apr 2022 06:23:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
age: 308652
x-cache: Hit from cloudfront
p3p: policyref="", CP="DSP"
content-length: 44103
x-xss-protection: 1; mode=block
last-modified: Mon, 25 Apr 2022 06:23:12 GMT
server: -
etag: dfb2a2ecc2fe5626f957f876349d1dae
content-type: text/javascript; charset=utf-8
via: 1.1 b8fb5d47d5536b63dd25111404e6e2e4.cloudfront.net (CloudFront)
cache-control: public, no-cache="Set-Cookie", max-age=31536000
x-amz-cf-pop: FRA56-C1
x-robots-tag: noindex, nofollow
x-amz-cf-id: t19PSP2P0mFEkdOl27lHEghA6ukA-k1Tg0aK7wEVoWoj12QAelVS_A==
expires: Wed, 26 Apr 2023 06:23:12 GMT

GET
H2 200 mdc.textfield.min.js Show response
e377.thestar.com/plugins/toolbar_whatcounts/ts_d3dd9500cca2bd121600d736b16f4f6c/frontend/src/scripts/ 66 KB
12 KB 48ms
48ms Script
text/javascript 65.9.68.36
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://e377.thestar.com/plugins/toolbar_whatcounts/ts_d3dd9500cca2bd121600d736b16f4f6c/frontend/src/scripts/mdc.textfield.min.js

Requested by

Host: e377.thestar.com
URL: https://e377.thestar.com/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.68.36 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-68-36.fra56.r.cloudfront.net

Software

- /

Resource Hash

2d767fe00284ba315844a0f61f8f69721df84ca58781e8b960455fee618c9778

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 00:52:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
age: 2142913
x-cache: Hit from cloudfront
p3p: policyref="", CP="DSP"
content-length: 11561
x-xss-protection: 1; mode=block
last-modified: Mon, 04 Apr 2022 00:52:11 GMT
server: -
etag: 6255d33f94b82e67e60ed3d71ba26fe3
content-type: text/javascript; charset=utf-8
via: 1.1 b8fb5d47d5536b63dd25111404e6e2e4.cloudfront.net (CloudFront)
cache-control: public, no-cache="Set-Cookie", max-age=31536000
x-amz-cf-pop: FRA56-C1
x-robots-tag: noindex, nofollow
x-amz-cf-id: skKvoTeMID6G7f5Blye82s5FBpV-5wP8K7GcROYJjhSnxvJN9NSehw==
expires: Wed, 05 Apr 2023 00:52:11 GMT

GET
H2 200 a268306985406412cef9984caba78d44 Show response
e377.thestar.com/plugin/library/ 470 KB
149 KB 52ms
51ms Script
text/javascript 65.9.68.36
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://e377.thestar.com/plugin/library/a268306985406412cef9984caba78d44

Requested by

Host: e377.thestar.com
URL: https://e377.thestar.com/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.68.36 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-68-36.fra56.r.cloudfront.net

Software

- /

Resource Hash

6eba7efe25b102daba8ab72f4f16cb18ba3915a767864a9fb3f5ee965f16ca15

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 26 Apr 2022 06:23:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
age: 308652
x-cache: Hit from cloudfront
p3p: policyref="", CP="DSP"
content-length: 152290
x-xss-protection: 1; mode=block
last-modified: Mon, 25 Apr 2022 06:23:12 GMT
server: -
etag: a268306985406412cef9984caba78d44
content-type: text/javascript; charset=utf-8
via: 1.1 b8fb5d47d5536b63dd25111404e6e2e4.cloudfront.net (CloudFront)
cache-control: public, no-cache="Set-Cookie", max-age=31536000
x-amz-cf-pop: FRA56-C1
x-robots-tag: noindex, nofollow
x-amz-cf-id: rltiLQOjSxBhtRsqBJANLOqZh4DIpMBZaT11948Xkr60iAXPFdmE8w==
expires: Wed, 26 Apr 2023 06:23:12 GMT

POST
H2 200 LB-Zone-2 Show response
e377.thestar.com/DG/DEFAULT/rest/rpc/1079/ 2 KB
2 KB 410ms
409ms XHR
application/json 65.9.68.36
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://e377.thestar.com/DG/DEFAULT/rest/rpc/1079/LB-Zone-2?referer=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&bcsessionid=&bctempid=d54a1e3f-7362-4bc2-bca7-d2d422074297&overruleReferrer=&time=2022-04-29T20%3A07%3A24%2B00%3A00&ts=1651262844737

Requested by

Host: e377.thestar.com
URL: https://e377.thestar.com/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.68.36 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-68-36.fra56.r.cloudfront.net

Software

- /

Resource Hash

23c07ada50fe521ad2b5149e0266d90c4186ab69d4b9006409c078fd6d2bcee0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.thestar.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 29 Apr 2022 20:07:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA56-C1
x-cache: Miss from cloudfront
p3p: policyref="", CP="DSP"
content-length: 898
x-xss-protection: 1; mode=block
pragma: no-cache
access-control-allow-origin: https://www.thestar.com
server: -
content-type: application/json; charset=utf-8
via: 1.1 b8fb5d47d5536b63dd25111404e6e2e4.cloudfront.net (CloudFront)
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
x-amz-cf-id: 41O5JOpyouaDEO0S1UigWWFDHxqXOB46MY5treQbotCccVqbJrKblA==
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 rid Show response
match.adsrvr.org/track/ 109 B
544 B 254ms
50ms XHR
application/json 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=casale&fmt=json&p=181778
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/181778-254412191205210.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 211749c6bc4c32f751b4ca5e707c585e181205711141f814eb9712fee91531f3

Request headers

Referer: https://www.thestar.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Fri, 29 Apr 2022 20:07:25 GMT
x-aspnet-version: 4.0.30319
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.thestar.com
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 109
expires: Sun, 29 May 2022 20:07:25 GMT

GET
H2 451 identity Show response
api.rlcdn.com/api/ 44 B
360 B 243ms
39ms XHR
text/plain 34.120.133.55
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api.rlcdn.com/api/identity?pid=2&rt=envelope

Requested by

Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/181778-254412191205210.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.133.55 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

55.133.120.34.bc.googleusercontent.com

Software

Resource Hash

da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.thestar.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Fri, 29 Apr 2022 20:07:25 GMT
via: 1.1 google
x-content-type-options: nosniff
access-control-allow-headers: Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
access-control-allow-methods: GET, OPTIONS
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.thestar.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44

POST
H2 200 1079 Show response
e377.thestar.com/DG/DEFAULT/rest/rpc/ 6 KB
3 KB 417ms
417ms XHR
application/json 65.9.68.36
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://e377.thestar.com/DG/DEFAULT/rest/rpc/1079?referer=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&bcsessionid=d54a1e3f-7362-4bc2-bca7-d2d422074297&bctempid=&overruleReferrer=&time=2022-04-29T20%3A07%3A25%2B00%3A00&ts=1651262845183

Requested by

Host: e377.thestar.com
URL: https://e377.thestar.com/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.68.36 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-68-36.fra56.r.cloudfront.net

Software

- /

Resource Hash

f6a1057db824aa68f48084a3186a7c77d998c2ba443104125e4ae49aa9a559b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.thestar.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 29 Apr 2022 20:07:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA56-C1
x-cache: Miss from cloudfront
p3p: policyref="", CP="DSP"
content-length: 2240
x-xss-protection: 1; mode=block
pragma: no-cache
access-control-allow-origin: https://www.thestar.com
server: -
content-type: application/json; charset=utf-8
via: 1.1 b8fb5d47d5536b63dd25111404e6e2e4.cloudfront.net (CloudFront)
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
x-amz-cf-id: iCChACSnivM3p3rSMXkUOFXTOlnaR4KtP4m9b7LIB4GxuUqaQPGAoQ==
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 toaster_v3.css
e377.thestar.com/plugins/toaster_torstar/ts_b1e85bf2b70709204478ac8389c74777/frontend/src/css/ 1 KB
1 KB 42ms
41ms Stylesheet
text/css 65.9.68.36
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://e377.thestar.com/plugins/toaster_torstar/ts_b1e85bf2b70709204478ac8389c74777/frontend/src/css/toaster_v3.css

Requested by

Host: e377.thestar.com
URL: https://e377.thestar.com/plugin/plugin/dfb2a2ecc2fe5626f957f876349d1dae

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.68.36 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-68-36.fra56.r.cloudfront.net

Software

- /

Resource Hash

ee9c02b6ef7c57f2b83a0e88dab977f839560afb553d57eae49731bc5fa252ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 19:54:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
age: 2765589
x-cache: Hit from cloudfront
p3p: policyref="", CP="DSP"
content-length: 485
x-xss-protection: 1; mode=block
last-modified: Sun, 27 Mar 2022 19:54:16 GMT
server: -
etag: c6066030d2b28fbf58f4c7c3d8e5b9b0
content-type: text/css; charset=utf-8
via: 1.1 b8fb5d47d5536b63dd25111404e6e2e4.cloudfront.net (CloudFront)
cache-control: public, no-cache="Set-Cookie", max-age=31536000
x-amz-cf-pop: FRA56-C1
x-robots-tag: noindex, nofollow
x-amz-cf-id: 9eeIzq4CcA__NLEr4n3uxhRRfcnkrcf4N33nIkw5hfDVbe13ABt9AQ==
expires: Tue, 28 Mar 2023 19:54:16 GMT

POST
H2 200 1079 Show response
e377.thestar.com/DG/DEFAULT/rest/rpc/ 562 B
1 KB 425ms
425ms XHR
application/json 65.9.68.36
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: e377.thestar.com
URL: https://e377.thestar.com/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.68.36 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-68-36.fra56.r.cloudfront.net

Software

- /

Resource Hash

646f5c35daec357192466a68929e8ddd70909a7e96e57cd7c4b7edcb18f4a029

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.thestar.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 29 Apr 2022 20:07:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA56-C1
x-cache: Miss from cloudfront
p3p: policyref="", CP="DSP"
content-length: 162
x-xss-protection: 1; mode=block
pragma: no-cache
access-control-allow-origin: https://www.thestar.com
server: -
content-type: application/json; charset=utf-8
via: 1.1 b8fb5d47d5536b63dd25111404e6e2e4.cloudfront.net (CloudFront)
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
x-amz-cf-id: OK_7oirA_z_S8430RJRKsaGtubbm6xUiH0ucLhHKneRO1zi-2xLYLQ==
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 200 1079 Show response
e377.thestar.com/DG/DEFAULT/rest/rpc/ 369 B
1 KB 420ms
420ms XHR
application/json 65.9.68.36
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: e377.thestar.com
URL: https://e377.thestar.com/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.68.36 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-68-36.fra56.r.cloudfront.net

Software

- /

Resource Hash

bf6f164dab70a202db5af3aeaab9d5856725354e781a349cb2372f800391ec0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.thestar.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 29 Apr 2022 20:07:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA56-C1
x-cache: Miss from cloudfront
p3p: policyref="", CP="DSP"
content-length: 176
x-xss-protection: 1; mode=block
pragma: no-cache
access-control-allow-origin: https://www.thestar.com
server: -
content-type: application/json; charset=utf-8
via: 1.1 b8fb5d47d5536b63dd25111404e6e2e4.cloudfront.net (CloudFront)
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
x-amz-cf-id: 03YqaqzVNSi7MRM9Ksjd-gwbWbpGD7wRjTlM0ED2ucNBIWjKFbB_1Q==
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 __activity.gif
query.petametrics.com/v3/q9fqmmutk5a97trs/876b178f-bf25-481d-d401-32d18b918af1/ 35 B
49 B 183ms
121ms Image
image/gif 35.190.14.224
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://query.petametrics.com/v3/q9fqmmutk5a97trs/876b178f-bf25-481d-d401-32d18b918af1/__activity.gif?e=conversion_shown&ct=thestar.com+%7C+The+Star+%7C+Canada%27s+largest+daily&ccu=https%3A%2F%2Fwww.thestar.com%2F&tspl=2715&blst=1430&ist=1871&iet=1875&bdst=1431&bdet=1855&bcttt=8&jsfv=nbc&ts=1651262845187&jsk=q9fqmmutk5a97trs&jsv=20220216&cu=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&uid=876b178f-bf25-481d-d401-32d18b918af1&sid=4113f550-8fbd-49a4-f622-8617238b8c7d&pvid=d1d7013a-bc96-4d6d-ed3d-9b5a283e449d&ua=Mozilla%2F5.0+(Windows+NT+10.0%3B+Win64%3B+x64)+AppleWebKit%2F537.36+(KHTML%2C+like+Gecko)+Chrome%2F101.0.4951.41+Safari%2F537.36&l=en-US&os=Linux+x86_64&cet=4g&crtt=-1&cdl=9.8&saveData=false&ctyp=unknown&tzo=0&conversion_t=%5BSTAR%5D%20HeaderCTAButtonMobile_NonSubs_Subscribe_Q122_Sale&sdk=bc-pixel
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.14.190.35.bc.googleusercontent.com
Software: openresty/1.13.6.2 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 29 Apr 2022 20:07:25 GMT
via: 1.1 google
server: openresty/1.13.6.2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
content-type: image/gif

GET
H3 200 __activity.gif
query.petametrics.com/v3/q9fqmmutk5a97trs/876b178f-bf25-481d-d401-32d18b918af1/ 35 B
49 B 181ms
120ms Image
image/gif 35.190.14.224
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://query.petametrics.com/v3/q9fqmmutk5a97trs/876b178f-bf25-481d-d401-32d18b918af1/__activity.gif?e=conversion_shown&ct=thestar.com+%7C+The+Star+%7C+Canada%27s+largest+daily&ccu=https%3A%2F%2Fwww.thestar.com%2F&tspl=2716&blst=1430&ist=1871&iet=1875&bdst=1431&bdet=1855&bcttt=9&jsfv=nbc&ts=1651262845188&jsk=q9fqmmutk5a97trs&jsv=20220216&cu=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&uid=876b178f-bf25-481d-d401-32d18b918af1&sid=4113f550-8fbd-49a4-f622-8617238b8c7d&pvid=d1d7013a-bc96-4d6d-ed3d-9b5a283e449d&ua=Mozilla%2F5.0+(Windows+NT+10.0%3B+Win64%3B+x64)+AppleWebKit%2F537.36+(KHTML%2C+like+Gecko)+Chrome%2F101.0.4951.41+Safari%2F537.36&l=en-US&os=Linux+x86_64&cet=4g&crtt=-1&cdl=9.8&saveData=false&ctyp=unknown&tzo=0&conversion_t=%5BSTAR%5D%20HeaderCTAButtonStickyMenu_NonSubs_Subscribe_Q122_Sale&sdk=bc-pixel
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.14.190.35.bc.googleusercontent.com
Software: openresty/1.13.6.2 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 29 Apr 2022 20:07:25 GMT
via: 1.1 google
server: openresty/1.13.6.2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
content-type: image/gif

POST
H2 200 1079 Show response
e377.thestar.com/DG/DEFAULT/rest/rpc/ 185 B
1 KB 420ms
420ms XHR
application/json 65.9.68.36
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: e377.thestar.com
URL: https://e377.thestar.com/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.68.36 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-68-36.fra56.r.cloudfront.net

Software

- /

Resource Hash

75467a479ac69bdda32a1fbaf9568ab1244d1ee77e9e1e920195edbfca26370d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.thestar.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 29 Apr 2022 20:07:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA56-C1
x-cache: Miss from cloudfront
p3p: policyref="", CP="DSP"
content-length: 165
x-xss-protection: 1; mode=block
pragma: no-cache
access-control-allow-origin: https://www.thestar.com
server: -
content-type: application/json; charset=utf-8
via: 1.1 b8fb5d47d5536b63dd25111404e6e2e4.cloudfront.net (CloudFront)
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
x-amz-cf-id: Dk_VXOMkvNFxsKBj2wNT3s19X9ALT84WKfpH-KVNbQ5CZ_DuUcl6PA==
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 cs Show response
torstar.blueconic.net/DG/DEFAULT/ 67 B
861 B 118ms
118ms Script
text/javascript 52.206.166.185
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://torstar.blueconic.net/DG/DEFAULT/cs?bcsessionid=d54a1e3f-7362-4bc2-bca7-d2d422074297&&callback=bc_json1081

Requested by

Host: e377.thestar.com
URL: https://e377.thestar.com/script.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.206.166.185 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-206-166-185.compute-1.amazonaws.com

Software

- /

Resource Hash

04eeaa17ce5102fa9ba11989d4beb1ce6a65b8e2dc9bd49efec41369f7921f3a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Apr 2022 20:07:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: -
x-robots-tag: noindex, nofollow
p3p: policyref="", CP="DSP"
x-permitted-cross-domain-policies: master-only
cache-control: no-cache, no-store, no-transform, must-revalidate, private
content-type: text/javascript; charset=utf-8
content-length: 87
x-xss-protection: 1; mode=block
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 __activity.gif
query.petametrics.com/v3/q9fqmmutk5a97trs/876b178f-bf25-481d-d401-32d18b918af1/ 35 B
49 B 145ms
123ms Image
image/gif 35.190.14.224
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://query.petametrics.com/v3/q9fqmmutk5a97trs/876b178f-bf25-481d-d401-32d18b918af1/__activity.gif?e=conversion_shown&ct=thestar.com+%7C+The+Star+%7C+Canada%27s+largest+daily&ccu=https%3A%2F%2Fwww.thestar.com%2F&tspl=2767&blst=1430&ist=1871&iet=1875&bdst=1431&bdet=1855&bcttt=9&jsfv=nbc&ts=1651262845239&jsk=q9fqmmutk5a97trs&jsv=20220216&cu=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&uid=876b178f-bf25-481d-d401-32d18b918af1&sid=4113f550-8fbd-49a4-f622-8617238b8c7d&pvid=d1d7013a-bc96-4d6d-ed3d-9b5a283e449d&ua=Mozilla%2F5.0+(Windows+NT+10.0%3B+Win64%3B+x64)+AppleWebKit%2F537.36+(KHTML%2C+like+Gecko)+Chrome%2F101.0.4951.41+Safari%2F537.36&l=en-US&os=Linux+x86_64&cet=4g&crtt=-1&cdl=9.8&saveData=false&ctyp=unknown&tzo=0&conversion_t=%5BSTAR%5D%20NBanner_FirstUpNewsletter_Q122_Control&sdk=bc-pixel
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.14.190.35.bc.googleusercontent.com
Software: openresty/1.13.6.2 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 29 Apr 2022 20:07:25 GMT
via: 1.1 google
server: openresty/1.13.6.2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
content-type: image/gif

POST
H2 200 1079 Show response
e377.thestar.com/DG/DEFAULT/rest/rpc/ 188 B
1 KB 526ms
526ms XHR
application/json 65.9.68.36
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: e377.thestar.com
URL: https://e377.thestar.com/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.68.36 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-68-36.fra56.r.cloudfront.net

Software

- /

Resource Hash

f17e3a5ad9fa5fdd05d12cd7c6b9a5e4f47df302c3d4fc1094406a450a1fa9c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.thestar.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 29 Apr 2022 20:07:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA56-C1
x-cache: Miss from cloudfront
p3p: policyref="", CP="DSP"
content-length: 151
x-xss-protection: 1; mode=block
pragma: no-cache
access-control-allow-origin: https://www.thestar.com
server: -
content-type: application/json; charset=utf-8
via: 1.1 b8fb5d47d5536b63dd25111404e6e2e4.cloudfront.net (CloudFront)
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
x-amz-cf-id: lHPKeOhrBe6opL3CALVE5z1aCrv7q3Pmp08ceBtn6GU733i5o_szvg==
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 83 KB
29 KB 165ms
48ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/bundle.js?v=685f0e30

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

661deeccee00065fd0750f64a666790c6df48ab08d044ec346fc29ef9574c5a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 20:07:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28616
x-xss-protection: 0
server: sffe
etag: "1200 / 161 of 1000 / last-modified: 1651253508"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 29 Apr 2022 20:07:25 GMT

GET
H2 200 breakingnews Show response
www.thestar.com/api/alerts/ 19 B
431 B 43ms
42ms XHR
application/json 13.32.21.33
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/api/alerts/breakingnews

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=7b2d449e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.21.33 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-21-33.fra56.r.cloudfront.net

Software

Apache/2.4.53 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

b3abab8c0524b6f876d36f99aedd1fb14317c2e3758d2bdf093362d458f6f199

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 20:03:19 GMT
via: 1.1 0d5d2d408eb42296c7636196e25ef8a2.cloudfront.net (CloudFront)
server: Apache/2.4.53 (Unix) OpenSSL/1.1.1n
age: 246
x-powered-by: Express
etag: W/"13-Ke/+pN/k0l2LXDxWablmwTVvPYs"
x-frame-options: SAMEORIGIN
x-cache: Hit from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=180
x-amz-cf-pop: FRA56-C2
content-length: 19
x-amz-cf-id: MfHKVCakp4oUa6MU1KS4iYXSKjpSMRlbcVL8gxAJaOsGc62B1foGkg==

GET
H2 200 updates Show response
www.thestar.com/api/alerts/ 19 B
432 B 43ms
43ms XHR
application/json 13.32.21.33
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/api/alerts/updates

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=7b2d449e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.21.33 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-21-33.fra56.r.cloudfront.net

Software

Apache/2.4.53 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

b3abab8c0524b6f876d36f99aedd1fb14317c2e3758d2bdf093362d458f6f199

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 20:03:19 GMT
via: 1.1 0d5d2d408eb42296c7636196e25ef8a2.cloudfront.net (CloudFront)
server: Apache/2.4.53 (Unix) OpenSSL/1.1.1n
age: 246
x-powered-by: Express
etag: W/"13-Ke/+pN/k0l2LXDxWablmwTVvPYs"
x-frame-options: SAMEORIGIN
x-cache: Hit from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=180
x-amz-cf-pop: FRA56-C2
content-length: 19
x-amz-cf-id: pXu4NpPyVAABIYAIqJd4rERQvY69UviomYbmO3qSQpZtFQAJLp8LJg==

POST
H3 200 identify Show response
api.permutive.com/v2.0/ 50 B
88 B 51ms
51ms XHR
application/json 34.107.254.252
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/v2.0/identify?k=025ad678-bf0a-4fe2-b383-8487592159bc
Requested by: Host: be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app
URL: https://be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app/be54a597-6b6d-4e2d-9d31-642310a8db25-web.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: 70c14afe4d8b8e671d2e0cd9cf55cf877e2e27d035cb7d814ff9c9856ed9c98d

Request headers

Referer: https://www.thestar.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
content-type: text/plain

Response headers

date: Fri, 29 Apr 2022 20:07:25 GMT
content-encoding: gzip
server: Permutive
vary: Origin
content-type: application/json
access-control-allow-origin: https://www.thestar.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 70
via: 1.1 google

GET
H2 200 all-home-0-default-default.json Show response
www.thestar.com/ts/api/trending/ 19 KB
19 KB 447ms
447ms XHR
application/octet-stream 13.32.21.33
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thestar.com/ts/api/trending/all-home-0-default-default.json
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=7b2d449e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.21.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-21-33.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0723972e9d5f7c83445321d5a47695fe42dd19cb91f1e76cd827c2867c420a46

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 20:07:27 GMT
via: 1.1 0d5d2d408eb42296c7636196e25ef8a2.cloudfront.net (CloudFront)
last-modified: Fri, 29 Apr 2022 20:02:31 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C2
etag: "22adbf4907de12ae0e89777d04a8ab48"
x-cache: Miss from cloudfront
x-amz-version-id: P_ZNf7BBbASS_i5yzVd8oamc_eG8zx15
accept-ranges: bytes
content-type: application/octet-stream
content-length: 19311
x-amz-cf-id: qy0MP_lgpyRQaQW6IPvQK47LQctui2Ivp12MCUW8BN7y_oRtuXxgUw==

GET
H2 200 all-home-0-default-default.json Show response
www.thestar.com/ts/api/trending/ 19 KB
19 KB 446ms
446ms XHR
application/octet-stream 13.32.21.33
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thestar.com/ts/api/trending/all-home-0-default-default.json
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=7b2d449e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.21.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-21-33.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0723972e9d5f7c83445321d5a47695fe42dd19cb91f1e76cd827c2867c420a46

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 20:07:27 GMT
via: 1.1 0d5d2d408eb42296c7636196e25ef8a2.cloudfront.net (CloudFront)
last-modified: Fri, 29 Apr 2022 20:02:31 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C2
etag: "22adbf4907de12ae0e89777d04a8ab48"
x-cache: Hit from cloudfront
x-amz-version-id: P_ZNf7BBbASS_i5yzVd8oamc_eG8zx15
accept-ranges: bytes
content-type: application/octet-stream
content-length: 19311
x-amz-cf-id: zCJM3ReK_9-nSJkuIoJVhzGAl4NN2rYv0Nrhygvf4nWRKeK9HQTS5Q==

GET
H/1.1 200
OK widgetloader Show response
widgets.media.sportradar.com/torontostar/ 159 KB
39 KB 703ms
538ms Script
application/javascript 2a02:26f0:6c00::210:bae8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.media.sportradar.com/torontostar/widgetloader

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/bundle.js?v=685f0e30

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:bae8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

/ Express

Resource Hash

fe3688f5bf2dbc368c25ac47ac6e3984b9fd53a133bd0b034f22a740e2ab99d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15724800; includeSubDomains
Content-Encoding: gzip
ETag: "b8b3452fbaff54d7712bd8f42a74f976-56e32a7acb6a0ea771e295484f2c3c3a"
X-Powered-By: Express
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=120, stale-while-revalidate=60, immutable
Date: Fri, 29 Apr 2022 20:07:26 GMT
Connection: keep-alive
Content-Length: 39570

POST
H3 200 model Show response
query.petametrics.com/v3/q9fqmmutk5a97trs/876b178f-bf25-481d-d401-32d18b918af1/ 10 KB
3 KB 286ms
225ms XHR
application/json 35.190.14.224
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://query.petametrics.com/v3/q9fqmmutk5a97trs/876b178f-bf25-481d-d401-32d18b918af1/model
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=7b2d449e
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.14.190.35.bc.googleusercontent.com
Software: openresty/1.13.6.2 /
Resource Hash: eb519c22ccd746aa3a9a0735008fb708b1fc0bd0e88da908d9b04956b41d0c2a

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: *
date: Fri, 29 Apr 2022 20:07:26 GMT
content-encoding: gzip
server: openresty/1.13.6.2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via: 1.1 google
content-type: application/json

POST
H3 200 model Show response
query.petametrics.com/v3/q9fqmmutk5a97trs/876b178f-bf25-481d-d401-32d18b918af1/ 5 KB
2 KB 303ms
214ms XHR
application/json 35.190.14.224
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://query.petametrics.com/v3/q9fqmmutk5a97trs/876b178f-bf25-481d-d401-32d18b918af1/model
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=7b2d449e
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.14.190.35.bc.googleusercontent.com
Software: openresty/1.13.6.2 /
Resource Hash: 7b98633cc9794f8479409e5c49ed029163e87e61c952841700e8345d6be8616c

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: *
date: Fri, 29 Apr 2022 20:07:26 GMT
content-encoding: gzip
server: openresty/1.13.6.2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via: 1.1 google
content-type: application/json

POST
H3 200 model Show response
query.petametrics.com/v3/q9fqmmutk5a97trs/876b178f-bf25-481d-d401-32d18b918af1/ 8 KB
3 KB 291ms
225ms XHR
application/json 35.190.14.224
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://query.petametrics.com/v3/q9fqmmutk5a97trs/876b178f-bf25-481d-d401-32d18b918af1/model
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=7b2d449e
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.14.190.35.bc.googleusercontent.com
Software: openresty/1.13.6.2 /
Resource Hash: fec6d1a6c1334a24ba35a7fe1eb40b55fe92d6f6aa0cba54861df165c5c4077c

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: *
date: Fri, 29 Apr 2022 20:07:26 GMT
content-encoding: gzip
server: openresty/1.13.6.2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via: 1.1 google
content-type: application/json

POST
H3 200 model Show response
query.petametrics.com/v3/q9fqmmutk5a97trs/876b178f-bf25-481d-d401-32d18b918af1/ 6 KB
2 KB 259ms
193ms XHR
application/json 35.190.14.224
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://query.petametrics.com/v3/q9fqmmutk5a97trs/876b178f-bf25-481d-d401-32d18b918af1/model
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=7b2d449e
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.14.190.35.bc.googleusercontent.com
Software: openresty/1.13.6.2 /
Resource Hash: 4700fae072009548d8a98c58e8f48fce6f625d2efc7abb855ac8983f353fc408

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: *
date: Fri, 29 Apr 2022 20:07:26 GMT
content-encoding: gzip
server: openresty/1.13.6.2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via: 1.1 google
content-type: application/json

POST
H3 200 model Show response
query.petametrics.com/v3/q9fqmmutk5a97trs/876b178f-bf25-481d-d401-32d18b918af1/ 11 KB
4 KB 294ms
231ms XHR
application/json 35.190.14.224
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://query.petametrics.com/v3/q9fqmmutk5a97trs/876b178f-bf25-481d-d401-32d18b918af1/model
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=7b2d449e
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.14.190.35.bc.googleusercontent.com
Software: openresty/1.13.6.2 /
Resource Hash: 03a5a532fabdd875f0cf26c31d54af224838bfb8ced410611f20d66c7f426c52

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: *
date: Fri, 29 Apr 2022 20:07:26 GMT
content-encoding: gzip
server: openresty/1.13.6.2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via: 1.1 google
content-type: application/json

POST
H3 200 model Show response
query.petametrics.com/v3/q9fqmmutk5a97trs/876b178f-bf25-481d-d401-32d18b918af1/ 5 KB
2 KB 285ms
227ms XHR
application/json 35.190.14.224
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://query.petametrics.com/v3/q9fqmmutk5a97trs/876b178f-bf25-481d-d401-32d18b918af1/model
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=7b2d449e
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.14.190.35.bc.googleusercontent.com
Software: openresty/1.13.6.2 /
Resource Hash: 305dd4cf1fbb8907eb5625cb4c9220032ed73f6d97ac5a3ff66fb00337e59917

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: *
date: Fri, 29 Apr 2022 20:07:26 GMT
content-encoding: gzip
server: openresty/1.13.6.2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via: 1.1 google
content-type: application/json

POST
H3 200 model Show response
query.petametrics.com/v3/q9fqmmutk5a97trs/876b178f-bf25-481d-d401-32d18b918af1/ 14 KB
4 KB 257ms
204ms XHR
application/json 35.190.14.224
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://query.petametrics.com/v3/q9fqmmutk5a97trs/876b178f-bf25-481d-d401-32d18b918af1/model
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=7b2d449e
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.14.190.35.bc.googleusercontent.com
Software: openresty/1.13.6.2 /
Resource Hash: abeab53042ac0c64fea02be8d8293099a5d93a4e6bb097746cb8e6924f7a2e7c

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: *
date: Fri, 29 Apr 2022 20:07:26 GMT
content-encoding: gzip
server: openresty/1.13.6.2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via: 1.1 google
content-type: application/json

POST
H3 200 model Show response
query.petametrics.com/v3/q9fqmmutk5a97trs/876b178f-bf25-481d-d401-32d18b918af1/ 5 KB
2 KB 274ms
219ms XHR
application/json 35.190.14.224
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://query.petametrics.com/v3/q9fqmmutk5a97trs/876b178f-bf25-481d-d401-32d18b918af1/model
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=7b2d449e
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.14.190.35.bc.googleusercontent.com
Software: openresty/1.13.6.2 /
Resource Hash: 613280fcdb2fa53339fcdd72130e5ab43686226528c33e428c1c850a11d7dcaf

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: *
date: Fri, 29 Apr 2022 20:07:26 GMT
content-encoding: gzip
server: openresty/1.13.6.2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via: 1.1 google
content-type: application/json

GET
H2 200 ramer_2_.jpg
images.thestar.com/Ad3Yfk5eoQYd6bRFQ2WLzQqliSA=/0x0:1200x800/690x460/smart/https://www.thestar.com/content/dam/thestar/news/gta/2022/04/29/extra-officers-more-cameras-and-road-blocks-toronto-police... 32 KB
32 KB 48ms
47ms Image
image/jpeg 65.9.68.36
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.thestar.com/Ad3Yfk5eoQYd6bRFQ2WLzQqliSA=/0x0:1200x800/690x460/smart/https://www.thestar.com/content/dam/thestar/news/gta/2022/04/29/extra-officers-more-cameras-and-road-blocks-toronto-police-prepare-for-14-protests-this-weekend/ramer_2_.jpg
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.68.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-68-36.fra56.r.cloudfront.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e02d9f87b3d49d701987e22f985f3c234203ec892e3f72fc95413537ec5cee93

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 18:37:53 GMT
via: 1.1 e39402e2cf62b31f7774452c905f38f2.cloudfront.net (CloudFront)
server: nginx/1.14.0 (Ubuntu)
age: 5373
etag: "91c9561f86db16ead2e6850405bc0217bf24cc56"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=315360000
x-amz-cf-pop: FRA56-C1
content-length: 32610
x-amz-cf-id: dKYxNL5KE0ZL1O8bQu7vVStP3SqxYXSrz4Eai9cUMeZC9Dtud-g64g==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 trucker_protest.jpg
images.thestar.com/ZEIhKVuQC84u4LFS5ppHHenr6l0=/0x0:1200x800/690x460/smart/https://www.thestar.com/content/dam/thestar/politics/federal/2022/04/28/rolling-thunder-demonstrators-are-coming-to-ottawa... 55 KB
55 KB 82ms
81ms Image
image/jpeg 65.9.68.36
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.thestar.com/ZEIhKVuQC84u4LFS5ppHHenr6l0=/0x0:1200x800/690x460/smart/https://www.thestar.com/content/dam/thestar/politics/federal/2022/04/28/rolling-thunder-demonstrators-are-coming-to-ottawa-heres-what-we-know-about-their-links-to-the-truck-convoy/trucker_protest.jpg
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.68.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-68-36.fra56.r.cloudfront.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 1c8aed41d3b5cce6c42feb4938d2e1c36721ed775e9f19550deecce290fae826

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 28 Apr 2022 21:05:00 GMT
via: 1.1 e39402e2cf62b31f7774452c905f38f2.cloudfront.net (CloudFront)
server: nginx/1.14.0 (Ubuntu)
age: 82946
etag: "bd6d97a67c135deccd1a3181d415ecdcb364d215"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=315360000
x-amz-cf-pop: FRA56-C1
content-length: 56114
x-amz-cf-id: U5_LuNqxT3UqARN9DJO7NVwO889JwzXZ2EUzxkaw2bHEX5YrkhxcPw==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 headerimage-0-0-0.jpg
images.thestar.com/DtgJ0UdPV8XHmqKQPnpRGok0Tbg=/139x0:1759x1080/690x460/smart/https://www.thestar.com/content/dam/thestar/uploads/2022/02/28/ 56 KB
56 KB 132ms
131ms Image
image/jpeg 65.9.68.36
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.thestar.com/DtgJ0UdPV8XHmqKQPnpRGok0Tbg=/139x0:1759x1080/690x460/smart/https://www.thestar.com/content/dam/thestar/uploads/2022/02/28/headerimage-0-0-0.jpg
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.68.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-68-36.fra56.r.cloudfront.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 5b2833099997251581945de32e3251b1ae41af2108d2a4e7ab88c31f56753040

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 20:43:14 GMT
via: 1.1 e39402e2cf62b31f7774452c905f38f2.cloudfront.net (CloudFront)
server: nginx/1.14.0 (Ubuntu)
age: 1293852
etag: "6b6c73191750d35c015bec724f06ddda450fb739"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=315360000
x-amz-cf-pop: FRA56-C1
content-length: 57227
x-amz-cf-id: ujg2qTk8U-pKof8KtNRg2D8-KLLRmxBpTipDezzRvejzan6ph2FzJQ==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 auston_matthews.jpg
images.thestar.com/h6k0WcmgCPhjXsXCHQ_r4Ac1TT4=/0x0:1134x756/690x460/smart/https://www.thestar.com/content/dam/thestar/sports/leafs/2022/04/19/auston-matthews-to-miss-second-straight-leafs-game-wit... 55 KB
56 KB 119ms
118ms Image
image/jpeg 65.9.68.36
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.thestar.com/h6k0WcmgCPhjXsXCHQ_r4Ac1TT4=/0x0:1134x756/690x460/smart/https://www.thestar.com/content/dam/thestar/sports/leafs/2022/04/19/auston-matthews-to-miss-second-straight-leafs-game-with-undisclosed-injury/auston_matthews.jpg
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.68.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-68-36.fra56.r.cloudfront.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: ea87a07d4af191b2ff23c12c8e741cc3c9fd47415fd08f80da5b0d948ff94902

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 16:01:35 GMT
via: 1.1 e39402e2cf62b31f7774452c905f38f2.cloudfront.net (CloudFront)
server: nginx/1.14.0 (Ubuntu)
age: 14751
etag: "cd883b3cb6b34125b7cd4ae959a0adf4c74f80cf"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=315360000
x-amz-cf-pop: FRA56-C1
content-length: 56657
x-amz-cf-id: _vLk3JY7KK3gfxmXI4aOauup8BFkCibBHhfcOoiTI0meQI1B2EO4-A==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 16 KB
16 KB 123ms
40ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@500&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.thestar.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 26 Apr 2022 14:02:01 GMT
x-content-type-options: nosniff
age: 281125
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:21 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 26 Apr 2023 14:02:01 GMT

GET
H2 200 it_s_political_rectangle_althia_parliament.jpg
images.thestar.com/x6FXXfabImeNtkPVKiQl96aQlV4=/330x220/smart/https://www.thestar.com/content/dam/thestar/podcasts/its-political/2022/04/29/introducing-its-political-with-althia-raj-a-new-canadian-... 8 KB
8 KB 65ms
64ms Image
image/jpeg 65.9.68.36
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.thestar.com/x6FXXfabImeNtkPVKiQl96aQlV4=/330x220/smart/https://www.thestar.com/content/dam/thestar/podcasts/its-political/2022/04/29/introducing-its-political-with-althia-raj-a-new-canadian-politics-podcast/it_s_political_rectangle_althia_parliament.jpg
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.68.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-68-36.fra56.r.cloudfront.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 8fb681f67297e898ce5b908c30d67d62e6bc1be4f4e430af73b858282581c34e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 13:49:22 GMT
via: 1.1 e39402e2cf62b31f7774452c905f38f2.cloudfront.net (CloudFront)
server: nginx/1.14.0 (Ubuntu)
age: 22684
etag: "cf7411ff6627b82138a284ce5f21c701301214a8"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=315360000
x-amz-cf-pop: FRA56-C1
content-length: 7680
x-amz-cf-id: ekgLw5toD8u9raZ0b1He0LojxIQ0WnjEpiO_cbYS91aVS5w5DaCOTw==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 pedal_pub.jpg
images.thestar.com/kNay8c7kxNvKXymyIezTrI67uTc=/114x76/smart/https://www.thestar.com/content/dam/thestar/news/gta/2022/04/29/city-councillors-steer-pedal-pubs-one-step-closer-to-toronto-streets/ 4 KB
4 KB 65ms
64ms Image
image/jpeg 65.9.68.36
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.thestar.com/kNay8c7kxNvKXymyIezTrI67uTc=/114x76/smart/https://www.thestar.com/content/dam/thestar/news/gta/2022/04/29/city-councillors-steer-pedal-pubs-one-step-closer-to-toronto-streets/pedal_pub.jpg
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.68.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-68-36.fra56.r.cloudfront.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 57ebbdf292d11caf6685535cc6821bee2ae483a1b289d63242fa5e294f469e7c

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 19:48:32 GMT
via: 1.1 e39402e2cf62b31f7774452c905f38f2.cloudfront.net (CloudFront)
server: nginx/1.14.0 (Ubuntu)
age: 1134
etag: "0b7d93eb1b0de98f3420cd78869ce02b1d7f4df8"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=315360000
x-amz-cf-pop: FRA56-C1
content-length: 3675
x-amz-cf-id: PanpAesjghA3bvWQyavp-lmVscKCXfM01AnSGIwTmMwYCkqvsescWA==
expires: Thu, 31 Dec 2037 23:55:55 GMT

POST
H3 200 tpd Show response
api.permutive.com/v2.0/ 2 B
39 B 102ms
43ms XHR
application/json 34.107.254.252
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/v2.0/tpd?k=025ad678-bf0a-4fe2-b383-8487592159bc
Requested by: Host: be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app
URL: https://be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app/be54a597-6b6d-4e2d-9d31-642310a8db25-web.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://www.thestar.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
content-type: text/plain

Response headers

date: Fri, 29 Apr 2022 20:07:26 GMT
content-encoding: gzip
server: Permutive
vary: Origin
content-type: application/json
access-control-allow-origin: https://www.thestar.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22
via: 1.1 google

GET
H2 200 pubads_impl_2022042601.js Show response
securepubads.g.doubleclick.net/gpt/ 367 KB
125 KB 328ms
40ms Script
text/javascript 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042601.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

sffe /

Resource Hash

43700b9800ddc7b26ee1bf46a878b942908a720bd48a1809163d3a26de2944c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 26 Apr 2022 10:35:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 293519
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 127613
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 08:34:12 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 26 Apr 2023 10:35:27 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 203 B
770 B 337ms
51ms XHR
application/json 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.thestar.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

db488298b49c859f2174b078a55b8d9a29aeec85baff6aec893cb26fb28abedd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 29 Apr 2022 20:07:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 133
x-xss-protection: 0
expires: Fri, 29 Apr 2022 20:07:26 GMT

GET
H/1.1 200
OK / Show response
p1.parsely.com/plogger/ 43 B
257 B 493ms
117ms Fetch
image/gif 52.205.167.202
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://p1.parsely.com/plogger/?rand=1651262846165&plid=11592495&idsite=thestar.com&url=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%7D&sid=1&surl=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&sref=&sts=1651262844416&slts=0&date=Fri+Apr+29+2022+20%3A07%3A26+GMT%2B0000+(GMT)&action=heartbeat&inc=2&tt=1702&u=pid%3D37da393c1dc21a1b5ef2137e714b4f9a
Requested by: Host: cdn.parsely.com
URL: https://cdn.parsely.com/keys/thestar.com/p.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.205.167.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-205-167-202.compute-1.amazonaws.com
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Fri, 29 Apr 2022 20:07:26 GMT
Cache-Control: no-cache
Last-Modified: Friday, 29-Apr-2022 20:07:26 GMT
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2 200 ruleenginedata Show response
www.thestar.com/api/ 11 KB
3 KB 42ms
41ms XHR
application/json 13.32.21.33
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/api/ruleenginedata

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=7b2d449e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.21.33 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-21-33.fra56.r.cloudfront.net

Software

Apache/2.4.53 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

7dd31f9a44dda77f55c5dc425aaed2fec6b1e3a1fad5f7eceaa6e8af9626cff5

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 20:03:31 GMT
content-encoding: gzip
vary: Accept-Encoding
server: Apache/2.4.53 (Unix) OpenSSL/1.1.1n
age: 235
x-powered-by: Express
etag: W/"2c82-vxaf9CqvmaiMBjzb90UcYUiksn4"
x-frame-options: SAMEORIGIN
x-cache: Hit from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=180
x-amz-cf-pop: FRA56-C2
x-amz-cf-id: Dfvy77irzmBQnhBXlqx1YPJxm_Pnvy8RUZDlNcp1nmtZubRk2HWzzQ==
via: 1.1 0d5d2d408eb42296c7636196e25ef8a2.cloudfront.net (CloudFront)

GET
H/1.1 200
OK /
p1.parsely.com/plogger/ 43 B
257 B 487ms
116ms Image
image/gif 52.205.167.202
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p1.parsely.com/plogger/?rand=1651262846170&plid=11592495&idsite=thestar.com&url=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%22_scrollIncrement%22%3A1%2C%22_scrollMethod%22%3A%22heartbeat%22%2C%22_y%22%3A0%2C%22_bodyHeight%22%3A10969%7D&sid=1&surl=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&sref=&sts=1651262844416&slts=0&title=thestar.com+%7C+The+Star+%7C+Canada%27s+largest+daily&date=Fri+Apr+29+2022+20%3A07%3A26+GMT%2B0000+(GMT)&action=_scroll&u=pid%3D37da393c1dc21a1b5ef2137e714b4f9a
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.205.167.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-205-167-202.compute-1.amazonaws.com
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Fri, 29 Apr 2022 20:07:26 GMT
Cache-Control: no-cache
Last-Modified: Friday, 29-Apr-2022 20:07:26 GMT
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H/1.1 200
OK /
p1.parsely.com/plogger/ 43 B
257 B 488ms
116ms Image
image/gif 52.205.167.202
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p1.parsely.com/plogger/?rand=1651262846171&plid=11592495&idsite=thestar.com&url=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%22_scrollIncrement%22%3A0%2C%22_scrollMethod%22%3A%22pageview%22%2C%22_y%22%3A0%2C%22_bodyHeight%22%3A10969%7D&sid=1&surl=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&sref=&sts=1651262844416&slts=0&title=thestar.com+%7C+The+Star+%7C+Canada%27s+largest+daily&date=Fri+Apr+29+2022+20%3A07%3A26+GMT%2B0000+(GMT)&action=pageview&js=1&pvid=6110863&u=pid%3D37da393c1dc21a1b5ef2137e714b4f9a
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.205.167.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-205-167-202.compute-1.amazonaws.com
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Fri, 29 Apr 2022 20:07:26 GMT
Cache-Control: no-cache
Last-Modified: Friday, 29-Apr-2022 20:07:26 GMT
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2 200 29589706611566247360619746105851323445 Show response
api.thestar.com/users/data/anonymous/sitename/thestar/id/ 51 B
418 B 336ms
335ms XHR
application/json 143.204.201.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.thestar.com/users/data/anonymous/sitename/thestar/id/29589706611566247360619746105851323445
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=7b2d449e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.201.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-201-41.fra53.r.cloudfront.net
Software: /
Resource Hash: a0ec8793ecc2c9d97dcceac6cce1de315e1a0cf7b6c5180060916c2d047c9a1c

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
x-api-key: b07LQ46EyU42X8fc14kd08w8gAyfSf337nbF5L8b

Response headers

date: Fri, 29 Apr 2022 20:07:26 GMT
via: 1.1 15d3b4db3728feaae1780610a1bac86e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
x-amzn-requestid: 76b3dbc0-cbfa-44d1-a56e-ff47d43e67f9
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
x-amzn-trace-id: Root=1-626c457e-49a395251860aa9d6b767778;Sampled=0
x-amz-apigw-id: RW_L2H7bIAMFVLw=
content-length: 51
x-amz-cf-id: Vi2yjagubCzWz1ErKv05QJpyxn3HfwZ44Rt2ZPkymEOTrpWWMSulnw==

POST
H2 200 images Show response
www.thestar.com/api/liftigniter/ 11 KB
2 KB 224ms
224ms XHR
application/json 13.32.21.33
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/api/liftigniter/images

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=7b2d449e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.21.33 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-21-33.fra56.r.cloudfront.net

Software

Apache/2.4.53 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

482f91a1f3f0a72ea0434da8fdda1a797589a5c443f9678cb4dd25f2e320a951

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 29 Apr 2022 20:07:26 GMT
content-encoding: gzip
etag: W/"2b3e-d9ECMxe69BVPgl7S95Fw/Om8hl0"
server: Apache/2.4.53 (Unix) OpenSSL/1.1.1n
x-amz-cf-pop: FRA56-C2
x-frame-options: SAMEORIGIN
x-powered-by: Express
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=180
x-amz-cf-id: y1lb--2zoRpue69QxErWGm_pSzyD_SAswIxZGLp1KoOnNNL8kRhJZg==
via: 1.1 0d5d2d408eb42296c7636196e25ef8a2.cloudfront.net (CloudFront)

POST
H2 200 images Show response
www.thestar.com/api/liftigniter/ 4 KB
1 KB 224ms
224ms XHR
application/json 13.32.21.33
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/api/liftigniter/images

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=7b2d449e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.21.33 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-21-33.fra56.r.cloudfront.net

Software

Apache/2.4.53 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

3bea2c4c3c8308852c379f187b3d86687f48038a041b69e85c4a939b770c0e05

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 29 Apr 2022 20:07:26 GMT
content-encoding: gzip
etag: W/"1081-TlVqYt33ANbDt9jsW+7JvseciU4"
server: Apache/2.4.53 (Unix) OpenSSL/1.1.1n
x-amz-cf-pop: FRA56-C2
x-frame-options: SAMEORIGIN
x-powered-by: Express
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=180
x-amz-cf-id: 6lbia8YSN4IFohvLtIuXZrIx8JTg5CVELvfwoayv75hoToc4cbvEaA==
via: 1.1 0d5d2d408eb42296c7636196e25ef8a2.cloudfront.net (CloudFront)

POST
H2 200 images Show response
www.thestar.com/api/liftigniter/ 4 KB
1 KB 133ms
132ms XHR
application/json 13.32.21.33
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/api/liftigniter/images

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=7b2d449e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.21.33 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-21-33.fra56.r.cloudfront.net

Software

Apache/2.4.53 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

0135a0a9b04f1f4b73b6a761f079938e1d9bf8352fec56dfa532ab0821b7bf41

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 29 Apr 2022 20:07:26 GMT
content-encoding: gzip
etag: W/"10ae-KGZCYKylaYaG17EJtBs52/xlKyw"
server: Apache/2.4.53 (Unix) OpenSSL/1.1.1n
x-amz-cf-pop: FRA56-C2
x-frame-options: SAMEORIGIN
x-powered-by: Express
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=180
x-amz-cf-id: Bj6biH7Fr70E_Zgz33_00c56tGKQiYEn3KuIMCbwGqbt1iS4ZRgKXg==
via: 1.1 0d5d2d408eb42296c7636196e25ef8a2.cloudfront.net (CloudFront)

POST
H2 200 images Show response
www.thestar.com/api/liftigniter/ 8 KB
2 KB 222ms
222ms XHR
application/json 13.32.21.33
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/api/liftigniter/images

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=7b2d449e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.21.33 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-21-33.fra56.r.cloudfront.net

Software

Apache/2.4.53 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

ab87bb27c86d1981c66808a740c6a480cb7c9471a5e8f275dfec4450342b7ff8

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 29 Apr 2022 20:07:26 GMT
content-encoding: gzip
etag: W/"1ea4-CHPWcgEffFGHLXuVGnWrssdtm3Q"
server: Apache/2.4.53 (Unix) OpenSSL/1.1.1n
x-amz-cf-pop: FRA56-C2
x-frame-options: SAMEORIGIN
x-powered-by: Express
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=180
x-amz-cf-id: nsTz97zYSsno0cHDrihzSeWB7hd05bthxaohSlSErV81wIrOq0iX0Q==
via: 1.1 0d5d2d408eb42296c7636196e25ef8a2.cloudfront.net (CloudFront)

POST
H2 200 images Show response
www.thestar.com/api/liftigniter/ 4 KB
1 KB 235ms
235ms XHR
application/json 13.32.21.33
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/api/liftigniter/images

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=7b2d449e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.21.33 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-21-33.fra56.r.cloudfront.net

Software

Apache/2.4.53 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

c04c54179051ccba5447e33eccdd3307ee930f5a13e144811ba44eaf4e5eae12

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 29 Apr 2022 20:07:26 GMT
content-encoding: gzip
etag: W/"1077-g274LW73gknpWzv+aE4I/xrZfpE"
server: Apache/2.4.53 (Unix) OpenSSL/1.1.1n
x-amz-cf-pop: FRA56-C2
x-frame-options: SAMEORIGIN
x-powered-by: Express
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=180
x-amz-cf-id: hoqmfrTvjUIv-uZ0tCbl38yAuAi9Un-ZmOnIop-94tQrNMf08MgLQQ==
via: 1.1 0d5d2d408eb42296c7636196e25ef8a2.cloudfront.net (CloudFront)

POST
H2 200 images Show response
www.thestar.com/api/liftigniter/ 5 KB
2 KB 233ms
232ms XHR
application/json 13.32.21.33
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/api/liftigniter/images

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=7b2d449e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.21.33 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-21-33.fra56.r.cloudfront.net

Software

Apache/2.4.53 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

f3a9fff032ac492b08e1c978c7a1ffafb56c052d5b76ab2a8476c556a06b3fe6

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 29 Apr 2022 20:07:26 GMT
content-encoding: gzip
etag: W/"15b7-tc86C8x621jbtiFRyDoAgqwZzZ8"
server: Apache/2.4.53 (Unix) OpenSSL/1.1.1n
x-amz-cf-pop: FRA56-C2
x-frame-options: SAMEORIGIN
x-powered-by: Express
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=180
x-amz-cf-id: QRQO-gUnNMuNumrlISZWbT99Gm8-X_DCtCE717oJXrm9XCGGQ3myhQ==
via: 1.1 0d5d2d408eb42296c7636196e25ef8a2.cloudfront.net (CloudFront)

POST
H2 200 images Show response
www.thestar.com/api/liftigniter/ 8 KB
2 KB 228ms
227ms XHR
application/json 13.32.21.33
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/api/liftigniter/images

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=7b2d449e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.21.33 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-21-33.fra56.r.cloudfront.net

Software

Apache/2.4.53 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

c94f5186c74a7e1fa82a06e639286d482c42c84f5a1262b94774d70f8234d6f2

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 29 Apr 2022 20:07:26 GMT
content-encoding: gzip
etag: W/"1e04-ZVxC5DcWS4bhNYM/nlKeOIZn1SQ"
server: Apache/2.4.53 (Unix) OpenSSL/1.1.1n
x-amz-cf-pop: FRA56-C2
x-frame-options: SAMEORIGIN
x-powered-by: Express
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=180
x-amz-cf-id: UXnWreyyWXOO-RpjLZVRgGO-bknlTGpwGhofj7Ql0iuX7cu6bCBMnw==
via: 1.1 0d5d2d408eb42296c7636196e25ef8a2.cloudfront.net (CloudFront)

POST
H2 200 images Show response
www.thestar.com/api/liftigniter/ 4 KB
1 KB 221ms
220ms XHR
application/json 13.32.21.33
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/api/liftigniter/images

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=7b2d449e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.21.33 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-21-33.fra56.r.cloudfront.net

Software

Apache/2.4.53 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

143ba2c45703df981edb26afe32d1887f9a0f0ee36965656ec9e197dac9acf21

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 29 Apr 2022 20:07:26 GMT
content-encoding: gzip
etag: W/"1090-7fElGxcupMNTJE6yuaQGsOzxcO8"
server: Apache/2.4.53 (Unix) OpenSSL/1.1.1n
x-amz-cf-pop: FRA56-C2
x-frame-options: SAMEORIGIN
x-powered-by: Express
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=180
x-amz-cf-id: mFo5a_JfuURuyVa3YnmMLkIqJM_iVcEtryRe-lB00jtHvEbiDHcXqA==
via: 1.1 0d5d2d408eb42296c7636196e25ef8a2.cloudfront.net (CloudFront)

OPTIONS
H2 200 29589706611566247360619746105851323445
api.thestar.com/users/data/anonymous/sitename/thestar/id/ Frame 0
0 344ms
133ms Preflight
application/json 143.204.201.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.thestar.com/users/data/anonymous/sitename/thestar/id/29589706611566247360619746105851323445
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.201.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-201-41.fra53.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-api-key
Access-Control-Request-Method: GET
Origin: https://www.thestar.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

access-control-allow-headers: Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token
access-control-allow-methods: GET,OPTIONS
access-control-allow-origin: *
content-length: 0
content-type: application/json
date: Fri, 29 Apr 2022 20:07:26 GMT
via: 1.1 15d3b4db3728feaae1780610a1bac86e.cloudfront.net (CloudFront)
x-amz-apigw-id: RW_LyE9doAMFkeA=
x-amz-cf-id: ruYWxM0Mak35XH5l48UI2SsBS0I5_wj08lWUW5_zmTS7VhVzVJZP-A==
x-amz-cf-pop: FRA53-C1
x-amzn-requestid: 720f9d7d-7ea6-47ea-91d7-3c96038c0264
x-cache: Miss from cloudfront

POST
H2 200 images Show response
www.thestar.com/api/liftigniter/ 864 B
1 KB 225ms
224ms XHR
application/json 13.32.21.33
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/api/liftigniter/images

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=7b2d449e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.21.33 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-21-33.fra56.r.cloudfront.net

Software

Apache/2.4.53 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

d2520b3a586d1146ff5c63e367c0ebdda1f27de3606223916c3cf7a67ade81ed

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 29 Apr 2022 20:07:26 GMT
via: 1.1 0d5d2d408eb42296c7636196e25ef8a2.cloudfront.net (CloudFront)
etag: W/"360-AyC9rz19drK8dl+f5n2ZF2Z35zU"
server: Apache/2.4.53 (Unix) OpenSSL/1.1.1n
x-amz-cf-pop: FRA56-C2
x-powered-by: Express
x-frame-options: SAMEORIGIN
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=180
content-length: 864
x-amz-cf-id: WGvoGLtKQqkn1PMBJJ0x4L8jCcwAJ1UPaCqaOtb0YvSpuj5Hawq-EQ==

POST
H2 200 images Show response
www.thestar.com/api/liftigniter/ 3 KB
4 KB 219ms
219ms XHR
application/json 13.32.21.33
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/api/liftigniter/images

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=7b2d449e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.21.33 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-21-33.fra56.r.cloudfront.net

Software

Apache/2.4.53 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

5ebe835bb7372c5a95baeeceaf1c8efcc9d724cd06d987745ee836784166f49a

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 29 Apr 2022 20:07:26 GMT
via: 1.1 0d5d2d408eb42296c7636196e25ef8a2.cloudfront.net (CloudFront)
etag: W/"d5f-rr/Z+lCagOCchfjr9e0l7jcEVa4"
server: Apache/2.4.53 (Unix) OpenSSL/1.1.1n
x-amz-cf-pop: FRA56-C2
x-powered-by: Express
x-frame-options: SAMEORIGIN
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=180
content-length: 3423
x-amz-cf-id: Kqm2JuX4ULbMFNKty4K6pUA3efBaexuQaaBeAIh8yciabrHH0Kqgsw==

POST
H2 200 images Show response
www.thestar.com/api/liftigniter/ 2 KB
2 KB 221ms
221ms XHR
application/json 13.32.21.33
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/api/liftigniter/images

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=7b2d449e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.21.33 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-21-33.fra56.r.cloudfront.net

Software

Apache/2.4.53 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

301eb9a39230e2218766da3b201b9292aaad1bd63b9104d852d2b9ecd9fff8c0

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 29 Apr 2022 20:07:26 GMT
via: 1.1 0d5d2d408eb42296c7636196e25ef8a2.cloudfront.net (CloudFront)
etag: W/"6ce-dqBMuBYImE7z6QrUW8psnZw74FI"
server: Apache/2.4.53 (Unix) OpenSSL/1.1.1n
x-amz-cf-pop: FRA56-C2
x-powered-by: Express
x-frame-options: SAMEORIGIN
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=180
content-length: 1742
x-amz-cf-id: nCVRva1oERQSZNmnsc7LYaKAARY4adSDLlzhTj7ymER9Q0PBEwF2lA==

POST
H2 200 images Show response
www.thestar.com/api/liftigniter/ 3 KB
4 KB 221ms
220ms XHR
application/json 13.32.21.33
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/api/liftigniter/images

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=7b2d449e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.21.33 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-21-33.fra56.r.cloudfront.net

Software

Apache/2.4.53 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

addb6e8611e3b8170b1b21fa5bb2b53d401631be87075a095ca39d95a1744bc9

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 29 Apr 2022 20:07:26 GMT
via: 1.1 0d5d2d408eb42296c7636196e25ef8a2.cloudfront.net (CloudFront)
etag: W/"d4b-AYEW/fsPLr74ZSilNdofcvWI7/o"
server: Apache/2.4.53 (Unix) OpenSSL/1.1.1n
x-amz-cf-pop: FRA56-C2
x-powered-by: Express
x-frame-options: SAMEORIGIN
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=180
content-length: 3403
x-amz-cf-id: SkZI6EiPQedXFIh272LRLQe9lBOq66AnYhjfy1IgOmPicqNpam4JXw==

POST
H2 200 images Show response
www.thestar.com/api/liftigniter/ 2 KB
2 KB 220ms
219ms XHR
application/json 13.32.21.33
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/api/liftigniter/images

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=7b2d449e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.21.33 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-21-33.fra56.r.cloudfront.net

Software

Apache/2.4.53 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

280a0633962581a6308a11e1d2b5c55094dbe6d8a28c6b0e45282c643d039177

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 29 Apr 2022 20:07:26 GMT
via: 1.1 0d5d2d408eb42296c7636196e25ef8a2.cloudfront.net (CloudFront)
etag: W/"6a6-xW5lLOoSGFj9BoSziEN9+SrKikk"
server: Apache/2.4.53 (Unix) OpenSSL/1.1.1n
x-amz-cf-pop: FRA56-C2
x-powered-by: Express
x-frame-options: SAMEORIGIN
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=180
content-length: 1702
x-amz-cf-id: 5IbDzl8dLbwq2eaIRP2CCu24nEwo8oEPyCSYoVOiIQZ_GeIt8nZlFQ==

POST
H2 200 images Show response
www.thestar.com/api/liftigniter/ 2 KB
2 KB 220ms
219ms XHR
application/json 13.32.21.33
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/api/liftigniter/images

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=7b2d449e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.21.33 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-21-33.fra56.r.cloudfront.net

Software

Apache/2.4.53 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

418d5e0aef45240c498a96f167de630c7e1815f352daf45ac2ae4132d328998d

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 29 Apr 2022 20:07:26 GMT
via: 1.1 0d5d2d408eb42296c7636196e25ef8a2.cloudfront.net (CloudFront)
etag: W/"6ba-+3woyhEeS+FaUUKWwctRGIu3FGE"
server: Apache/2.4.53 (Unix) OpenSSL/1.1.1n
x-amz-cf-pop: FRA56-C2
x-powered-by: Express
x-frame-options: SAMEORIGIN
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=180
content-length: 1722
x-amz-cf-id: 7-G6zq01Gsv0164wBMdiUIYODM1XVIphZjmeIfbXPhua2de6vcMQVw==

POST
H2 200 images Show response
www.thestar.com/api/liftigniter/ 869 B
1 KB 220ms
220ms XHR
application/json 13.32.21.33
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/api/liftigniter/images

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=7b2d449e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.21.33 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-21-33.fra56.r.cloudfront.net

Software

Apache/2.4.53 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

eb8a409a0c5e1684082bf754274b5d9a89316cf76168b4e8f51a5fe5bff6e67a

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 29 Apr 2022 20:07:26 GMT
via: 1.1 0d5d2d408eb42296c7636196e25ef8a2.cloudfront.net (CloudFront)
etag: W/"365-TsymI9d5uber+RPOL4BJliLjElE"
server: Apache/2.4.53 (Unix) OpenSSL/1.1.1n
x-amz-cf-pop: FRA56-C2
x-powered-by: Express
x-frame-options: SAMEORIGIN
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=180
content-length: 869
x-amz-cf-id: Tu4y3mWPrEr24FxLWO2_hkTe97DI9Y0-4e82YyqT5Ao2qBsRwTDzsw==

POST
H2 200 images Show response
www.thestar.com/api/liftigniter/ 854 B
1 KB 220ms
219ms XHR
application/json 13.32.21.33
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/api/liftigniter/images

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=7b2d449e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.21.33 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-21-33.fra56.r.cloudfront.net

Software

Apache/2.4.53 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

f502504402eb855b7bd6cfedb5f7e3f873563d4b20417f6528df0e0122c660b7

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 29 Apr 2022 20:07:26 GMT
via: 1.1 0d5d2d408eb42296c7636196e25ef8a2.cloudfront.net (CloudFront)
etag: W/"356-G47MLwc2X02GKVBH4KG1fWngYyg"
server: Apache/2.4.53 (Unix) OpenSSL/1.1.1n
x-amz-cf-pop: FRA56-C2
x-powered-by: Express
x-frame-options: SAMEORIGIN
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=180
content-length: 854
x-amz-cf-id: oyGBW0zH5wuvsdyS1p6QmqLY1GlFtgYRr4rTlC4m3456pWfdTUKX4Q==

POST
H2 200 auction Show response
elb.the-ozone-project.com/openrtb2/ 125 B
335 B 415ms
314ms XHR
application/json 34.241.134.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://elb.the-ozone-project.com/openrtb2/auction
Requested by: Host: prebid.the-ozone-project.com
URL: https://prebid.the-ozone-project.com/hw/torstar/ozpb.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.241.134.108 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-241-134-108.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 200ed1c24014fe4a91d477ad2c51cd81342818f4fd37bcd0f00d201c8735fd6f

Request headers

Referer: https://www.thestar.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 29 Apr 2022 20:07:27 GMT
vary: Origin
content-type: application/json
access-control-allow-origin: https://www.thestar.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 125
expires: 0

GET
H/1.1 200
OK common_widgets.8589ae3af2adb132fb8c.js Show response
widgets.media.sportradar.com/assets/ 453 KB
136 KB 54ms
53ms Script
application/javascript 2a02:26f0:6c00::210:bae8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.media.sportradar.com/assets/common_widgets.8589ae3af2adb132fb8c.js

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:bae8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

/ Express

Resource Hash

fad70b38dad6db3caf536265085c3c8b620c3b0686ff6226bbd6b58ddf117f62

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15724800; includeSubDomains
Content-Encoding: gzip
ETag: "c4d89af5354819bacbc7a77cc9f83c63"
Last-Modified: Thu, 28 Apr 2022 19:16:00 GMT
X-Served-At: Thu, 28 Apr 2022 19:55:47 GMT
X-Powered-By: Express
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: public, max-age=2678400, stale-while-revalidate=604800, immutable
Date: Fri, 29 Apr 2022 20:07:26 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 138906
Expires: Sun, 29 May 2022 19:55:47 GMT

GET
H/1.1 200
OK us.common.scoreTicker.f39423d26a7638e3aa26.js Show response
widgets.media.sportradar.com/assets/ 513 KB
137 KB 130ms
46ms Script
application/javascript 2a02:26f0:6c00::210:bae8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.media.sportradar.com/assets/us.common.scoreTicker.f39423d26a7638e3aa26.js

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:bae8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

/ Express

Resource Hash

6aff8f4ca1717f69640e467baed4269d2cfa984520465862f3cfed7d73b68f25

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15724800; includeSubDomains
Content-Encoding: gzip
ETag: "d464a40e8377352b0f6891a7e8048235"
Last-Modified: Tue, 26 Apr 2022 08:18:19 GMT
X-Served-At: Tue, 26 Apr 2022 13:31:54 GMT
X-Powered-By: Express
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: public, max-age=2678400, stale-while-revalidate=604800, immutable
Date: Fri, 29 Apr 2022 20:07:26 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 139804
Expires: Fri, 27 May 2022 13:31:54 GMT

GET
H/1.1 200
OK react.dd3e20b87f1945ba1b06.js Show response
widgets.media.sportradar.com/assets/ 117 KB
38 KB 130ms
46ms Script
application/javascript 2a02:26f0:6c00::210:bae8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.media.sportradar.com/assets/react.dd3e20b87f1945ba1b06.js

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:bae8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

/ Express

Resource Hash

b668a9c686c57e43fb993bc43fb45f8710c8cc4bf8aeb3fc7064310d17e23bb2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15724800; includeSubDomains
Content-Encoding: gzip
ETag: "e58fd9f883567eabdd530d53a2529305"
Last-Modified: Mon, 25 Apr 2022 08:36:42 GMT
X-Served-At: Mon, 25 Apr 2022 12:19:53 GMT
X-Powered-By: Express
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: public, max-age=2678400, stale-while-revalidate=604800, immutable
Date: Fri, 29 Apr 2022 20:07:26 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 37929
Expires: Thu, 26 May 2022 12:19:53 GMT

GET
H/1.1 200
OK en_us.json Show response
widgets.media.sportradar.com/translations/ 107 KB
27 KB 206ms
82ms XHR
application/json 2a02:26f0:6c00::210:bae8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.media.sportradar.com/translations/en_us.json?v=1651172488765&h=fd214d998f6c53fb8f811bf5629e82c5

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:bae8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

/ Express

Resource Hash

f130ce2b6e40370973a245e7bb5bfba96229e57b0c24a51dc28ebfab56b45c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15724800; includeSubDomains
Content-Encoding: gzip
Last-Modified: Thu, 28 Apr 2022 19:01:28 GMT
X-Powered-By: Express
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=5270400, stale-while-revalidate=604800, immutable
Date: Fri, 29 Apr 2022 20:07:26 GMT
Connection: keep-alive
Content-Length: 26711

GET
H/1.1 200
OK css Show response
widgets.media.sportradar.com/torontostar/ 30 KB
4 KB 288ms
162ms XHR
text/css 2a02:26f0:6c00::210:bae8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.media.sportradar.com/torontostar/css

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:bae8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

/ Express

Resource Hash

37d2a19c463e69fb9b7a3ce46c0991f8a8486c6cea18da01fec6bba21bb9286d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15724800; includeSubDomains
Content-Encoding: gzip
Last-Modified: Thu, 28 Apr 2022 19:01:52 GMT
X-Powered-By: Express
Vary: Accept-Encoding
Content-Type: text/css; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=30, stale-while-revalidate=60, immutable
Date: Fri, 29 Apr 2022 20:07:26 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3932

GET
H/1.1 200
OK licensing Show response
widgets.media.sportradar.com/torontostar/ 12 KB
9 KB 283ms
157ms XHR
text/plain 2a02:26f0:6c00::210:bae8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.media.sportradar.com/torontostar/licensing

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:bae8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

/ Express

Resource Hash

ea49d637d2993f9f26da88b7afe451335908eca2d3918de5bfc3f4ce9e4f874f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15724800; includeSubDomains
Content-Encoding: gzip
ETag: "4298a94736f72f87a220503196cc821b"
X-Powered-By: Express
Vary: Accept-Encoding
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=200, stale-while-revalidate=60, immutable
Date: Fri, 29 Apr 2022 20:07:26 GMT
Connection: keep-alive
Content-Length: 9174

POST
H3 200 events Show response
api.permutive.com/v2.0/batch/ 101 B
127 B 39ms
39ms XHR
application/json 34.107.254.252
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/v2.0/batch/events?enrich=false&sdkp=true&k=025ad678-bf0a-4fe2-b383-8487592159bc
Requested by: Host: be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app
URL: https://be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app/be54a597-6b6d-4e2d-9d31-642310a8db25-web.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: 4d3cdf7100f2b52b13e8a7ac921bf71f03e950cba859f4e177266596efc380d6

Request headers

Referer: https://www.thestar.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
content-type: text/plain

Response headers

date: Fri, 29 Apr 2022 20:07:26 GMT
content-encoding: gzip
server: Permutive
vary: Origin
content-type: application/json
access-control-allow-origin: https://www.thestar.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 109
via: 1.1 google

GET
H3 200 __activity.gif
query.petametrics.com/v3/q9fqmmutk5a97trs/876b178f-bf25-481d-d401-32d18b918af1/ 35 B
49 B 122ms
121ms Image
image/gif 35.190.14.224
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://query.petametrics.com/v3/q9fqmmutk5a97trs/876b178f-bf25-481d-d401-32d18b918af1/__activity.gif?e=widget_shown&ct=thestar.com+%7C+The+Star+%7C+Canada%27s+largest+daily&ccu=https%3A%2F%2Fwww.thestar.com%2F&tspl=4191&blst=1430&ist=1871&iet=1875&bdst=1431&bdet=1855&bcttt=10&jsfv=nbc&ts=1651262846663&jsk=q9fqmmutk5a97trs&jsv=20220216&cu=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&uid=876b178f-bf25-481d-d401-32d18b918af1&sid=4113f550-8fbd-49a4-f622-8617238b8c7d&pvid=d1d7013a-bc96-4d6d-ed3d-9b5a283e449d&ua=Mozilla%2F5.0+(Windows+NT+10.0%3B+Win64%3B+x64)+AppleWebKit%2F537.36+(KHTML%2C+like+Gecko)+Chrome%2F101.0.4951.41+Safari%2F537.36&l=en-US&os=Linux+x86_64&cet=4g&crtt=-1&cdl=9.8&saveData=false&ctyp=unknown&tzo=0&w=thestar_entertainment&source=LI&pl=null&tr=null&st=4191&vi=%5B%22https%3A%2F%2Fwww.thestar.com%2Fentertainment%2Fbooks%2F2022%2F04%2F27%2Fprince-charles-will-probably-be-fine-harry-and-meghan-maybe-not-says-the-palace-papers-author-tina-brown.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fentertainment%2Ftelevision%2F2022%2F04%2F29%2Fcanadian-jeopardy-champ-mattea-roach-continues-streak-has-shot-at-new-milestone.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fentertainment%2Fmusic%2F2022%2F04%2F26%2Figgy-azalea-rips-airline-for-stranding-her-and-toddler-in-miami-but-there-was-a-reason.html%22%5D&sdk=bc-pixel
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.14.190.35.bc.googleusercontent.com
Software: openresty/1.13.6.2 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 29 Apr 2022 20:07:26 GMT
via: 1.1 google
server: openresty/1.13.6.2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
content-type: image/gif

GET
H2 200 2022-04-Bergeron_DeBrusk_Celebration_042922.jpg
images.thestar.com/_JjH2bSkFZAmBejIiVpvdS_dmVs=/690x460/smart/https://www.thestar.com/content/dam/thestar/sports/sports-betting/2022/04/29/bruins-vs-maple-leafs-picks-and-odds-boston-takes-advantag... 54 KB
55 KB 46ms
45ms Image
image/jpeg 65.9.68.36
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.thestar.com/_JjH2bSkFZAmBejIiVpvdS_dmVs=/690x460/smart/https://www.thestar.com/content/dam/thestar/sports/sports-betting/2022/04/29/bruins-vs-maple-leafs-picks-and-odds-boston-takes-advantage-of-toronto-resting-stars/2022-04-Bergeron_DeBrusk_Celebration_042922.jpg
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.68.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-68-36.fra56.r.cloudfront.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e2bb2e8d1c787e8ee676e610a834a6baad27f2c603ef35f2def72123ed20ac1f

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 16:40:23 GMT
via: 1.1 e39402e2cf62b31f7774452c905f38f2.cloudfront.net (CloudFront)
server: nginx/1.14.0 (Ubuntu)
age: 12423
etag: "e59ea0c06726cd0d9b57aef4e8b939fd15e72428"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=315360000
x-amz-cf-pop: FRA56-C1
content-length: 55801
x-amz-cf-id: WPcxOodW62rqxTHdhHtjeNVBQLYEbcPUjeGgDs5UXIpCTbsbL-AT7g==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 __activity.gif
query.petametrics.com/v3/q9fqmmutk5a97trs/876b178f-bf25-481d-d401-32d18b918af1/ 35 B
49 B 122ms
122ms Image
image/gif 35.190.14.224
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://query.petametrics.com/v3/q9fqmmutk5a97trs/876b178f-bf25-481d-d401-32d18b918af1/__activity.gif?e=widget_shown&ct=thestar.com+%7C+The+Star+%7C+Canada%27s+largest+daily&ccu=https%3A%2F%2Fwww.thestar.com%2F&tspl=4208&blst=1430&ist=1871&iet=1875&bdst=1431&bdet=1855&bcttt=15&jsfv=nbc&ts=1651262846679&jsk=q9fqmmutk5a97trs&jsv=20220216&cu=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&uid=876b178f-bf25-481d-d401-32d18b918af1&sid=4113f550-8fbd-49a4-f622-8617238b8c7d&pvid=d1d7013a-bc96-4d6d-ed3d-9b5a283e449d&ua=Mozilla%2F5.0+(Windows+NT+10.0%3B+Win64%3B+x64)+AppleWebKit%2F537.36+(KHTML%2C+like+Gecko)+Chrome%2F101.0.4951.41+Safari%2F537.36&l=en-US&os=Linux+x86_64&cet=4g&crtt=-1&cdl=9.8&saveData=false&ctyp=unknown&tzo=0&w=thestar_sports&source=LI&pl=null&tr=null&st=4207&vi=%5B%22https%3A%2F%2Fwww.thestar.com%2Fsports%2Fsports-betting%2F2022%2F04%2F29%2Fbruins-vs-maple-leafs-picks-and-odds-boston-takes-advantage-of-toronto-resting-stars.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fsports%2Fbluejays%2Fopinion%2F2022%2F04%2F28%2Fhes-just-nasty-man-call-blue-jay-alek-manoah-whatever-you-like-but-hes-ace-material.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fsports%2Fraptors%2Fopinion%2F2022%2F04%2F28%2Fthe-young-raptors-gave-the-sixers-a-scare-and-fans-a-thrill-but-in-the-end-it-felt-like-more-was-possible.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fsports%2Fraptors%2Fopinion%2F2022%2F04%2F29%2Fthis-raptors-team-is-the-most-fascinating-one-ive-ever-covered-in-franchise-history-heres-why.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fsports%2Fraptors%2F2022%2F04%2F28%2Fexcited-for-the-future-raptors-fans-react-after-season-ends-with-game-6-loss-to-sixers.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fsports%2Ffootball%2F2022%2F04%2F29%2Fits-a-reunion-top-2-packers-picks-from-georgia-defense.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fsports%2Fraptors%2Fanalysis%2F2022%2F04%2F28%2Fthe-raptors-season-ends-in-game-6-against-the-sixers-it-was-quite-a-ride.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fsports%2Ffootball%2F2022%2F04%2F29%2Fbreaking-down-players-selected-in-1st-round-of-nfl-draft.html%22%5D&sdk=bc-pixel
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.14.190.35.bc.googleusercontent.com
Software: openresty/1.13.6.2 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 29 Apr 2022 20:07:26 GMT
via: 1.1 google
server: openresty/1.13.6.2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
content-type: image/gif

GET
H3 200 __activity.gif
query.petametrics.com/v3/q9fqmmutk5a97trs/876b178f-bf25-481d-d401-32d18b918af1/ 35 B
49 B 121ms
120ms Image
image/gif 35.190.14.224
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://query.petametrics.com/v3/q9fqmmutk5a97trs/876b178f-bf25-481d-d401-32d18b918af1/__activity.gif?e=widget_shown&ct=thestar.com+%7C+The+Star+%7C+Canada%27s+largest+daily&ccu=https%3A%2F%2Fwww.thestar.com%2F&tspl=4223&blst=1430&ist=1871&iet=1875&bdst=1431&bdet=1855&bcttt=20&jsfv=nbc&ts=1651262846695&jsk=q9fqmmutk5a97trs&jsv=20220216&cu=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&uid=876b178f-bf25-481d-d401-32d18b918af1&sid=4113f550-8fbd-49a4-f622-8617238b8c7d&pvid=d1d7013a-bc96-4d6d-ed3d-9b5a283e449d&ua=Mozilla%2F5.0+(Windows+NT+10.0%3B+Win64%3B+x64)+AppleWebKit%2F537.36+(KHTML%2C+like+Gecko)+Chrome%2F101.0.4951.41+Safari%2F537.36&l=en-US&os=Linux+x86_64&cet=4g&crtt=-1&cdl=9.8&saveData=false&ctyp=unknown&tzo=0&w=thestar_politics&source=LI&pl=null&tr=null&st=4220&vi=%5B%22https%3A%2F%2Fwww.thestar.com%2Fpolitics%2Fprovincial%2F2022%2F04%2F28%2Fwhat-you-need-to-know-7-highlights-from-ontarios-largest-spending-budget-in-history.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fpolitics%2Fprovincial%2F2022%2F04%2F27%2Fwill-doug-ford-be-re-elected-the-stars-online-poll-of-polls-tracks-ontarios-election-race.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fpolitics%2Ffederal%2F2022%2F04%2F25%2Fseven-weeks-almost-500000-applications-heres-why-canadians-are-facing-epic-lineups-to-renew-passports.html%22%5D&sdk=bc-pixel
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.14.190.35.bc.googleusercontent.com
Software: openresty/1.13.6.2 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 29 Apr 2022 20:07:26 GMT
via: 1.1 google
server: openresty/1.13.6.2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
content-type: image/gif

GET
H3 200 __activity.gif
query.petametrics.com/v3/q9fqmmutk5a97trs/876b178f-bf25-481d-d401-32d18b918af1/ 35 B
49 B 127ms
122ms Image
image/gif 35.190.14.224
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://query.petametrics.com/v3/q9fqmmutk5a97trs/876b178f-bf25-481d-d401-32d18b918af1/__activity.gif?e=widget_shown&ct=thestar.com+%7C+The+Star+%7C+Canada%27s+largest+daily&ccu=https%3A%2F%2Fwww.thestar.com%2F&tspl=4243&blst=1430&ist=1871&iet=1875&bdst=1431&bdet=1855&bcttt=25&jsfv=nbc&ts=1651262846714&jsk=q9fqmmutk5a97trs&jsv=20220216&cu=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&uid=876b178f-bf25-481d-d401-32d18b918af1&sid=4113f550-8fbd-49a4-f622-8617238b8c7d&pvid=d1d7013a-bc96-4d6d-ed3d-9b5a283e449d&ua=Mozilla%2F5.0+(Windows+NT+10.0%3B+Win64%3B+x64)+AppleWebKit%2F537.36+(KHTML%2C+like+Gecko)+Chrome%2F101.0.4951.41+Safari%2F537.36&l=en-US&os=Linux+x86_64&cet=4g&crtt=-1&cdl=9.8&saveData=false&ctyp=unknown&tzo=0&w=thestar_recommended_for_you&source=LI&pl=null&tr=null&st=4242&vi=%5B%22https%3A%2F%2Fwww.thestar.com%2Flife%2Frelationships%2Fadvice%2F2022%2F04%2F29%2Four-daughters-special-day-included-a-wedding-crasher-how-should-this-be-handled-ask-ellie.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Flife%2Frelationships%2Fadvice%2F2022%2F04%2F27%2Fi-love-my-wife-but-she-has-lost-all-interest-in-sex-what-to-do-ask-ellie.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Flife%2Frelationships%2Fadvice%2F2022%2F04%2F28%2Fmy-husband-cheated-and-left-and-our-daughter-blames-me-ask-ellie.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fworld%2Feurope%2F2022%2F04%2F29%2Fukraine-cracks-down-on-traitors-helping-russian-troops.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fopinion%2Feditorial_cartoon%2F2022%2F04%2F13%2Ftheo-moudakis-see-hear-speak.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fbusiness%2F2022%2F04%2F28%2Fare-canadas-largest-pensions-putting-your-retirement-at-risk-a-growing-chorus-of-experts-say-they-are.html%22%5D&sdk=bc-pixel
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.14.190.35.bc.googleusercontent.com
Software: openresty/1.13.6.2 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 29 Apr 2022 20:07:26 GMT
via: 1.1 google
server: openresty/1.13.6.2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
content-type: image/gif

GET
H3 200 __activity.gif
query.petametrics.com/v3/q9fqmmutk5a97trs/876b178f-bf25-481d-d401-32d18b918af1/ 35 B
49 B 129ms
129ms Image
image/gif 35.190.14.224
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://query.petametrics.com/v3/q9fqmmutk5a97trs/876b178f-bf25-481d-d401-32d18b918af1/__activity.gif?e=widget_shown&ct=thestar.com+%7C+The+Star+%7C+Canada%27s+largest+daily&ccu=https%3A%2F%2Fwww.thestar.com%2F&tspl=4260&blst=1430&ist=1871&iet=1875&bdst=1431&bdet=1855&bcttt=26&jsfv=nbc&ts=1651262846731&jsk=q9fqmmutk5a97trs&jsv=20220216&cu=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&uid=876b178f-bf25-481d-d401-32d18b918af1&sid=4113f550-8fbd-49a4-f622-8617238b8c7d&pvid=d1d7013a-bc96-4d6d-ed3d-9b5a283e449d&ua=Mozilla%2F5.0+(Windows+NT+10.0%3B+Win64%3B+x64)+AppleWebKit%2F537.36+(KHTML%2C+like+Gecko)+Chrome%2F101.0.4951.41+Safari%2F537.36&l=en-US&os=Linux+x86_64&cet=4g&crtt=-1&cdl=9.8&saveData=false&ctyp=unknown&tzo=0&w=thestar_life&source=LI&pl=null&tr=null&st=4259&vi=%5B%22https%3A%2F%2Fwww.thestar.com%2Flife%2Frelationships%2Fadvice%2F2022%2F04%2F29%2Four-daughters-special-day-included-a-wedding-crasher-how-should-this-be-handled-ask-ellie.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Flife%2Ftravel%2F2022%2F04%2F29%2Fnot-your-average-destination-wedding-adventure-elopements-marry-romance-with-natures-most-dramatic-venues.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Flife%2Fhomes%2F2022%2F04%2F27%2Fbudget-22-may-rattle-the-resale-of-pre-built-condos.html%22%5D&sdk=bc-pixel
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.14.190.35.bc.googleusercontent.com
Software: openresty/1.13.6.2 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 29 Apr 2022 20:07:26 GMT
via: 1.1 google
server: openresty/1.13.6.2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
content-type: image/gif

GET
H3 200 __activity.gif
query.petametrics.com/v3/q9fqmmutk5a97trs/876b178f-bf25-481d-d401-32d18b918af1/ 35 B
49 B 122ms
121ms Image
image/gif 35.190.14.224
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://query.petametrics.com/v3/q9fqmmutk5a97trs/876b178f-bf25-481d-d401-32d18b918af1/__activity.gif?e=widget_shown&ct=thestar.com+%7C+The+Star+%7C+Canada%27s+largest+daily&ccu=https%3A%2F%2Fwww.thestar.com%2F&tspl=4267&blst=1430&ist=1871&iet=1875&bdst=1431&bdet=1855&bcttt=28&jsfv=nbc&ts=1651262846739&jsk=q9fqmmutk5a97trs&jsv=20220216&cu=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&uid=876b178f-bf25-481d-d401-32d18b918af1&sid=4113f550-8fbd-49a4-f622-8617238b8c7d&pvid=d1d7013a-bc96-4d6d-ed3d-9b5a283e449d&ua=Mozilla%2F5.0+(Windows+NT+10.0%3B+Win64%3B+x64)+AppleWebKit%2F537.36+(KHTML%2C+like+Gecko)+Chrome%2F101.0.4951.41+Safari%2F537.36&l=en-US&os=Linux+x86_64&cet=4g&crtt=-1&cdl=9.8&saveData=false&ctyp=unknown&tzo=0&w=thestar_canada&source=LI&pl=null&tr=null&st=4266&vi=%5B%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fcanada%2F2022%2F04%2F26%2Fjeopardy-champ-mattea-roach-says-buying-a-home-in-canada-in-her-20s-only-realistic-because-of-game-show-windfall.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fcanada%2F2022%2F04%2F27%2Fcanada-now-has-picture-of-trans-and-non-binary-population-census-data-shows.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fcanada%2F2022%2F04%2F29%2Finvestigation-into-cn-train-derailment-in-manitoba-finds-repair-error-played-a-role.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fcanada%2F2022%2F04%2F28%2Fretail-theft-ring-taken-down-several-young-teens-charged-peel-police.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fcanada%2F2022%2F04%2F29%2Fwinnipeg-football-coach-charged-with-additional-offences-in-sexual-assault-case.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fcanada%2F2022%2F04%2F29%2Fcanadian-military-not-ready-to-waive-citizenship-requirement.html%22%5D&sdk=bc-pixel
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.14.190.35.bc.googleusercontent.com
Software: openresty/1.13.6.2 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 29 Apr 2022 20:07:26 GMT
via: 1.1 google
server: openresty/1.13.6.2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
content-type: image/gif

GET
H2 200 20220428170420-626b0549cab318ac7fd60d21jpeg.jpg
images.thestar.com/AlyoK0U7iu2xVMn9Gd6xgpuoZ50=/690x460/smart/https://www.thestar.com/content/dam/thestar/news/world/2022/04/28/man-charged-with-killing-18-in-texas-convicted-of-1-murder/ 36 KB
37 KB 42ms
42ms Image
image/jpeg 65.9.68.36
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.thestar.com/AlyoK0U7iu2xVMn9Gd6xgpuoZ50=/690x460/smart/https://www.thestar.com/content/dam/thestar/news/world/2022/04/28/man-charged-with-killing-18-in-texas-convicted-of-1-murder/20220428170420-626b0549cab318ac7fd60d21jpeg.jpg
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.68.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-68-36.fra56.r.cloudfront.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: f0f8b5cf5142f3e2a9cf89c8bdd56aa6a61bed32ff32e7f790d5bca3e113a9e8

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 01:31:56 GMT
via: 1.1 e39402e2cf62b31f7774452c905f38f2.cloudfront.net (CloudFront)
server: nginx/1.14.0 (Ubuntu)
age: 66930
etag: "d1f3d13896cf2cc55de052dc917824cf742780b1"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=315360000
x-amz-cf-pop: FRA56-C1
content-length: 37281
x-amz-cf-id: ZAnoukIgyoanc9ExCjM8kYTE9eezKQZPmlBhzYDSTH4cdQsZugdVUQ==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 __activity.gif
query.petametrics.com/v3/q9fqmmutk5a97trs/876b178f-bf25-481d-d401-32d18b918af1/ 35 B
49 B 120ms
119ms Image
image/gif 35.190.14.224
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://query.petametrics.com/v3/q9fqmmutk5a97trs/876b178f-bf25-481d-d401-32d18b918af1/__activity.gif?e=widget_shown&ct=thestar.com+%7C+The+Star+%7C+Canada%27s+largest+daily&ccu=https%3A%2F%2Fwww.thestar.com%2F&tspl=4277&blst=1430&ist=1871&iet=1875&bdst=1431&bdet=1855&bcttt=30&jsfv=nbc&ts=1651262846749&jsk=q9fqmmutk5a97trs&jsv=20220216&cu=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&uid=876b178f-bf25-481d-d401-32d18b918af1&sid=4113f550-8fbd-49a4-f622-8617238b8c7d&pvid=d1d7013a-bc96-4d6d-ed3d-9b5a283e449d&ua=Mozilla%2F5.0+(Windows+NT+10.0%3B+Win64%3B+x64)+AppleWebKit%2F537.36+(KHTML%2C+like+Gecko)+Chrome%2F101.0.4951.41+Safari%2F537.36&l=en-US&os=Linux+x86_64&cet=4g&crtt=-1&cdl=9.8&saveData=false&ctyp=unknown&tzo=0&w=thestar_world&source=LI&pl=null&tr=null&st=4274&vi=%5B%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fworld%2F2022%2F04%2F28%2Fjury-gets-case-in-texas-trial-of-man-charged-with-killing-18.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fworld%2Feurope%2F2022%2F04%2F29%2Fukraine-cracks-down-on-traitors-helping-russian-troops.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fworld%2Fus%2F2022%2F04%2F28%2Fwoman-arrested-in-baby-kidnapping-met-family-at-church.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fworld%2F2022%2F04%2F28%2Fa-true-friend-americas-top-military-leader-heaps-praise-on-canada.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fworld%2Feurope%2F2022%2F04%2F29%2Fwar-has-shown-zelenskyys-true-qualities-to-all-wife-says.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fworld%2Fus%2F2022%2F04%2F28%2Fman-on-trial-in-capitol-riot-case-blames-rogue-cop.html%22%5D&sdk=bc-pixel
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.14.190.35.bc.googleusercontent.com
Software: openresty/1.13.6.2 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 29 Apr 2022 20:07:26 GMT
via: 1.1 google
server: openresty/1.13.6.2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
content-type: image/gif

GET
H3 200 __activity.gif
query.petametrics.com/v3/q9fqmmutk5a97trs/876b178f-bf25-481d-d401-32d18b918af1/ 35 B
49 B 187ms
186ms Image
image/gif 35.190.14.224
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://query.petametrics.com/v3/q9fqmmutk5a97trs/876b178f-bf25-481d-d401-32d18b918af1/__activity.gif?e=widget_shown&ct=thestar.com+%7C+The+Star+%7C+Canada%27s+largest+daily&ccu=https%3A%2F%2Fwww.thestar.com%2F&tspl=4292&blst=1430&ist=1871&iet=1875&bdst=1431&bdet=1855&bcttt=37&jsfv=nbc&ts=1651262846764&jsk=q9fqmmutk5a97trs&jsv=20220216&cu=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&uid=876b178f-bf25-481d-d401-32d18b918af1&sid=4113f550-8fbd-49a4-f622-8617238b8c7d&pvid=d1d7013a-bc96-4d6d-ed3d-9b5a283e449d&ua=Mozilla%2F5.0+(Windows+NT+10.0%3B+Win64%3B+x64)+AppleWebKit%2F537.36+(KHTML%2C+like+Gecko)+Chrome%2F101.0.4951.41+Safari%2F537.36&l=en-US&os=Linux+x86_64&cet=4g&crtt=-1&cdl=9.8&saveData=false&ctyp=unknown&tzo=0&w=thestar_business&source=LI&pl=null&tr=null&st=4289&vi=%5B%22https%3A%2F%2Fwww.thestar.com%2Fbusiness%2F2022%2F04%2F29%2Fwhy-is-the-board-of-directors-of-canada-pension-plan-investment-board-accountable-only-to-itself.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fbusiness%2F2022%2F04%2F29%2Fsome-in-nunavut-community-question-where-money-from-mining-company-has-gone.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fbusiness%2F2022%2F04%2F29%2Fsptsx-composite-down-more-than-100-points-us-stock-markets-also-fall.html%22%5D&sdk=bc-pixel
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.14.190.35.bc.googleusercontent.com
Software: openresty/1.13.6.2 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 29 Apr 2022 20:07:26 GMT
via: 1.1 google
server: openresty/1.13.6.2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
content-type: image/gif

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 23 B
491 B 79ms
78ms XHR
text/javascript 65.9.66.173
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.amazon-adsystem.com/e/dtb/bid?src=5028&u=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&pid=B6Xoc0ddqTbr8&cb=0&ws=1600x1200&v=7.75.0&t=2000&slots=%5B%7B%22sd%22%3A%22div-gpt-ad-large-homepage-1%22%2C%22s%22%3A%5B%221x1%22%5D%2C%22sn%22%3A%2258580620%2Fthestar.com%2Fhomepage%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-large-homepage-2%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%2258580620%2Fthestar.com%2Fhomepage%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-large-homepage-3%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%2C%22sn%22%3A%2258580620%2Fthestar.com%2Fhomepage%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-large-homepage-4%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x250%22%5D%2C%22sn%22%3A%2258580620%2Fthestar.com%2Fhomepage%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-large-homepage-5%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x250%22%5D%2C%22sn%22%3A%2258580620%2Fthestar.com%2Fhomepage%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-large-homepage-6%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x250%22%5D%2C%22sn%22%3A%2258580620%2Fthestar.com%2Fhomepage%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-large-homepage-7%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x250%22%5D%2C%22sn%22%3A%2258580620%2Fthestar.com%2Fhomepage%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-large-homepage-8%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%2C%22sn%22%3A%2258580620%2Fthestar.com%2Fhomepage%22%7D%5D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.66.173 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-66-173.fra56.r.cloudfront.net

Software

Server /

Resource Hash

745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 20:07:26 GMT
via: 1.1 3dd91613764eafe7ad199013ce202442.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-C1
x-amz-rid: V8ERN1MY4GM6X5CD460W
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.thestar.com
access-control-allow-credentials: true
permissions-policy: interest-cohort=()
strict-transport-security: max-age=47474747; includeSubDomains; preload
timing-allow-origin: *
content-length: 23
x-amz-cf-id: OY5ay1IFxuLKN5ucJP5v1VCn8rtyM_WbxEZU-bUo6v7QJASO_j0Sog==

POST
H2 204 v1 Show response
dmx.districtm.io/b/ 0
284 B 115ms
44ms XHR
text/plain 104.16.68.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dmx.districtm.io/b/v1
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/181778-254412191205210.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.68.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.thestar.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 29 Apr 2022 20:07:26 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, POST, OPTIONS
access-control-allow-origin: https://www.thestar.com
access-control-allow-credentials: true
cf-ray: 703aa9f96c46d20c-MAN
access-control-allow-headers: Content-Type, Origin

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ 78 B
411 B 430ms
301ms XHR
text/javascript 184.31.84.150
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?v=7.2&s=157269&fn=headertag.IndexExchangeHtb.adResponseCallback&sd=1&r=%7B%22id%22%3A%2200764147%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue%22%7D%2C%22imp%22%3A%5B%7B%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22sid%22%3A%2211%22%2C%22siteID%22%3A%22268338%22%7D%7D%5D%7D%2C%22id%22%3A%221%22%7D%2C%7B%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22sid%22%3A%2223%22%2C%22siteID%22%3A%22157269%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A250%2C%22ext%22%3A%7B%22sid%22%3A%2224%22%2C%22siteID%22%3A%22157269%22%7D%7D%5D%7D%2C%22id%22%3A%222%22%7D%2C%7B%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22sid%22%3A%2223%22%2C%22siteID%22%3A%22157269%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A250%2C%22ext%22%3A%7B%22sid%22%3A%2224%22%2C%22siteID%22%3A%22157269%22%7D%7D%5D%7D%2C%22id%22%3A%223%22%7D%2C%7B%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22sid%22%3A%2223%22%2C%22siteID%22%3A%22157269%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A250%2C%22ext%22%3A%7B%22sid%22%3A%2224%22%2C%22siteID%22%3A%22157269%22%7D%7D%5D%7D%2C%22id%22%3A%224%22%7D%2C%7B%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22sid%22%3A%2213%22%2C%22siteID%22%3A%22268340%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A250%2C%22ext%22%3A%7B%22sid%22%3A%2214%22%2C%22siteID%22%3A%22268341%22%7D%7D%5D%7D%2C%22id%22%3A%225%22%7D%2C%7B%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22sid%22%3A%225%22%2C%22siteID%22%3A%22268332%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A600%2C%22ext%22%3A%7B%22sid%22%3A%226%22%2C%22siteID%22%3A%22268333%22%7D%7D%5D%7D%2C%22id%22%3A%226%22%7D%2C%7B%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22sid%22%3A%228%22%2C%22siteID%22%3A%22268335%22%7D%7D%5D%7D%2C%22id%22%3A%227%22%7D%5D%2C%22ext%22%3A%7B%22source%22%3A%22ixwrapper%22%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22adserver.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22ea5684eb-889b-4bf0-b4af-fc6d7391e0bc%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID%22%7D%7D%2C%7B%22id%22%3A%22FALSE%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID_LOOKUP%22%7D%7D%2C%7B%22id%22%3A%222022-04-29T20%3A07%3A25%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID_CREATED_AT%22%7D%7D%5D%7D%5D%7D%7D
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/181778-254412191205210.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.31.84.150 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-31-84-150.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 1a7c8fc98f02009c03d2ea20681a804188a55e65d4cf1d0dcd93370acebf0ec0

Request headers

Referer: https://www.thestar.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 29 Apr 2022 20:07:27 GMT
content-encoding: gzip
x-ak-initial-geo: CC:[GB], RC:[EN], CN:[EU], CIP:[217.138.196.108], XFF:[]
server: Apache
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: https://www.thestar.com
x-cs-client-geo: 27
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 96
x-ak-client-geo: 27
expires: Fri, 29 Apr 2022 20:07:27 GMT

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
117 B 154ms
52ms XHR
application/json 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a9698d20177773960f13aa96d380022&pos=the_star_desktop_7_btf_300x250_pos2&secure=1
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/181778-254412191205210.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.46 /
Resource Hash: 2621e252a9ada6cfdac776361277f559a9d7fa0b2371c99374c532a5820d4def

Request headers

Referer: https://www.thestar.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Fri, 29 Apr 2022 20:07:27 GMT
server: ATS/9.1.0.46
age: 1
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.thestar.com
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 158ms
57ms XHR
application/json 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a9698d20177773960f13aa96d380022&pos=the_star_desktop_8_btf_728x90_post2&secure=1
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/181778-254412191205210.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.46 /
Resource Hash: ed83927a23a16d11aede01c57e2557a7f4e0cba3f936c457782a06a26bdf44fb

Request headers

Referer: https://www.thestar.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Fri, 29 Apr 2022 20:07:27 GMT
server: ATS/9.1.0.46
age: 1
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.thestar.com
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 168ms
67ms XHR
application/json 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a9698d20177773960f13aa96d380022&pos=the_star_desktop_9_btf_970x250_pos2&secure=1
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/181778-254412191205210.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.46 /
Resource Hash: 4132298af9205b3d2b87fd7007d3064794ab560b649f045f4c0f16fa50748869

Request headers

Referer: https://www.thestar.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Fri, 29 Apr 2022 20:07:27 GMT
server: ATS/9.1.0.46
age: 1
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.thestar.com
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 156ms
55ms XHR
application/json 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a9698d20177773960f13aa96d380022&pos=the_star_desktop_3_btf_300x250_pos1&secure=1
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/181778-254412191205210.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.46 /
Resource Hash: 78406ca8eace84633eb6036813545df90aec4bcbea5e570e308fb15570ccdc50

Request headers

Referer: https://www.thestar.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Fri, 29 Apr 2022 20:07:27 GMT
server: ATS/9.1.0.46
age: 1
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.thestar.com
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 157ms
56ms XHR
application/json 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a9698d20177773960f13aa96d380022&pos=the_star_desktop_3_btf_300x600_pos1&secure=1
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/181778-254412191205210.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.46 /
Resource Hash: db0aa87e4c4915fe16f61fd7e65e0da584f53341c1ff5928386fdb5c67b30e67

Request headers

Referer: https://www.thestar.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Fri, 29 Apr 2022 20:07:27 GMT
server: ATS/9.1.0.46
age: 1
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.thestar.com
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
292 B 152ms
51ms XHR
application/json 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a9698d20177773960f13aa96d380022&pos=the_star_desktop_5_atf_728x90_pos1&secure=1
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/181778-254412191205210.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.46 /
Resource Hash: 755ebafbc5aeabb3884800544739a3e86e08c4ad8eaa9a8d41edf91e0db2767e

Request headers

Referer: https://www.thestar.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Fri, 29 Apr 2022 20:07:26 GMT
server: ATS/9.1.0.46
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.thestar.com
access-control-allow-credentials: true
content-length: 62

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 53 B
747 B 41ms
41ms XHR
application/json 37.252.172.249
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/181778-254412191205210.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.249 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

a68a70f7be9281f3f7148b38d7f5971f1dc946d3034a40e55021d0fb6fb78d73

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.thestar.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 29 Apr 2022 20:07:26 GMT
X-Proxy-Origin: 217.138.196.108; 217.138.196.108; 534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: e854bb93-4390-4b3a-b534-a9a55a83898a
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.thestar.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 53
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 arj Show response
torontostar-d.openx.net/w/1.0/ 131 B
438 B 118ms
43ms XHR
application/json 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://torontostar-d.openx.net/w/1.0/arj?auid=540273842%2C540273844%2C540273838%2C540273840&aus=300x250%7C728x90%2C970x250%7C300x250%2C300x600%7C728x90&ju=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&jr=&ch=UTF-8&tz=0&bc=hb_ix_2.1.3&be=1&res=1600x1200&tws=1600x1200&ifr=0&callback=window.headertag.OpenXHtb.adResponseCallbacks._FfcPi8hu&cache=1651262846868&ttduuid=ea5684eb-889b-4bf0-b4af-fc6d7391e0bc
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/181778-254412191205210.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/18.1.0 /
Resource Hash: d6a7c2c8cba480cd7462bad1363f7bbcaa2adf888f541acdfe03f1f6161165c8

Request headers

Referer: https://www.thestar.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 29 Apr 2022 20:07:26 GMT
content-encoding: gzip
server: OXGW/18.1.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.thestar.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK jpt Show response
secure.adnxs.com/ 100 B
1 KB 241ms
151ms XHR
application/javascript 37.252.173.27
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/jpt?id=14439260&size=300x250&callback=headertag.DistrictMHtb.adResponseCallback&callback_uid=CHszLVsi&psa=0&referrer=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue

Requested by

Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/181778-254412191205210.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

02f1c2e2b0dcd4dda84b6fd14ce389351c074b618ec404d6b3a156068aa09a7e

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.thestar.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma: no-cache
Date: Fri, 29 Apr 2022 20:07:27 GMT
X-Proxy-Origin: 217.138.196.108; 217.138.196.108; 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 3c70fb12-0e1d-4df8-9ab3-dc5525b4082f
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.thestar.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8
Content-Length: 100
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK jpt Show response
secure.adnxs.com/ 100 B
1 KB 230ms
140ms XHR
application/javascript 37.252.173.27
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/jpt?id=14439268&size=728x90&callback=headertag.DistrictMHtb.adResponseCallback&callback_uid=PpGSDJGS&psa=0&promo_sizes=970x250&referrer=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue

Requested by

Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/181778-254412191205210.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

428c24bdc9179e3918ed7abed626e122a27038eb28f7993ff07464c29508ca33

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.thestar.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma: no-cache
Date: Fri, 29 Apr 2022 20:07:27 GMT
X-Proxy-Origin: 217.138.196.108; 217.138.196.108; 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: f7c82f8e-a23e-4800-be9d-87560e515ef5
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.thestar.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8
Content-Length: 100
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK jpt Show response
secure.adnxs.com/ 100 B
1 KB 351ms
262ms XHR
application/javascript 37.252.173.27
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/jpt?id=14439248&size=300x250&callback=headertag.DistrictMHtb.adResponseCallback&callback_uid=WKRTuIUF&psa=0&promo_sizes=300x600&referrer=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue

Requested by

Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/181778-254412191205210.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

bfd3a63eaedb5278996c838731087e5f7d984c9800d45f7e27cdd094358b30bc

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.thestar.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma: no-cache
Date: Fri, 29 Apr 2022 20:07:27 GMT
X-Proxy-Origin: 217.138.196.108; 217.138.196.108; 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: f627e36a-d9bd-4716-838a-c6ce855349c4
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.thestar.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8
Content-Length: 100
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK jpt Show response
secure.adnxs.com/ 100 B
1 KB 267ms
178ms XHR
application/javascript 37.252.173.27
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/jpt?id=14439253&size=728x90&callback=headertag.DistrictMHtb.adResponseCallback&callback_uid=wCOf33pm&psa=0&referrer=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue

Requested by

Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/181778-254412191205210.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

b72c3988c72be8384bc1061ab0783b55d10744455ea7ff399e7577d754e01e5c

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.thestar.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma: no-cache
Date: Fri, 29 Apr 2022 20:07:27 GMT
X-Proxy-Origin: 217.138.196.108; 217.138.196.108; 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 3c947067-a255-481b-9f66-5abd1cfd7917
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.thestar.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8
Content-Length: 100
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 241 B
1 KB 201ms
56ms XHR
application/json 2602:803:c003:200::61
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=18488&size_id=15&rp_floor=0.01&rf=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&p_screen_res=1600x1200&site_id=205444&zone_id=1011818&kw=rp.fastlane&tk_flint=index&rand=0.30140040737582674
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/181778-254412191205210.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c003:200::61 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 12f146dd166618bea1d2d4a9ea8c89362c37b592f8d4ded1d74de50f0176eee9

Request headers

Referer: https://www.thestar.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma: no-cache
Date: Fri, 29 Apr 2022 20:07:27 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.thestar.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 241
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 260 B
1 KB 422ms
277ms XHR
application/json 2602:803:c003:200::61
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=18488&size_id=2&rp_floor=0.01&rf=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&p_screen_res=1600x1200&site_id=205444&zone_id=1011818&kw=rp.fastlane&tk_flint=index&rand=0.5981383707475354&alt_size_ids=57
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/181778-254412191205210.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c003:200::61 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: e073cab5846056edb090b7f1c5c60f69a9a0840aca0ce4cebb2d654785d7c4e8

Request headers

Referer: https://www.thestar.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma: no-cache
Date: Fri, 29 Apr 2022 20:07:27 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.thestar.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 260
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 261 B
1 KB 195ms
50ms XHR
application/json 2602:803:c003:200::61
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=18488&size_id=15&rp_floor=0.01&rf=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&p_screen_res=1600x1200&site_id=205444&zone_id=1011818&kw=rp.fastlane&tk_flint=index&rand=0.16161579405024606&alt_size_ids=10
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/181778-254412191205210.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c003:200::61 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 6abd011c668f1bef92628c4df732e6a0cf156934b1bedacef75cd4387ccf1cd6

Request headers

Referer: https://www.thestar.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma: no-cache
Date: Fri, 29 Apr 2022 20:07:27 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.thestar.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 261
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 240 B
1 KB 202ms
53ms XHR
application/json 2602:803:c003:200::61
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=18488&size_id=2&rp_floor=0.01&rf=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&p_screen_res=1600x1200&site_id=205444&zone_id=1011818&kw=rp.fastlane&tk_flint=index&rand=0.604010697031155
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/181778-254412191205210.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c003:200::61 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 630de2cec4dc3913e5b2eed60189a83a03fc681afdff8d08bc8d98ee0cc59631

Request headers

Referer: https://www.thestar.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma: no-cache
Date: Fri, 29 Apr 2022 20:07:27 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.thestar.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 240
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 2022-q2-shop-election Show response
www.thestar.com/api/overlaydatarule/ 28 KB
6 KB 41ms
41ms XHR
application/json 13.32.21.33
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/api/overlaydatarule/2022-q2-shop-election

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=7b2d449e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.21.33 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-21-33.fra56.r.cloudfront.net

Software

Apache/2.4.53 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

d6c7b620a58d96c7fbbcc8eb18f4b2126fd8e9765c76410b98bb420a085c2a09

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 20:03:33 GMT
content-encoding: gzip
vary: Accept-Encoding
server: Apache/2.4.53 (Unix) OpenSSL/1.1.1n
age: 232
x-powered-by: Express
etag: W/"7036-4+i5hOBLxNmAfopnMeaMPKlLpo8"
x-frame-options: SAMEORIGIN
x-cache: Hit from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=180
x-amz-cf-pop: FRA56-C2
x-amz-cf-id: 5t1WvoWoSCcMFNApmQ18e_L7D9SFKbSwhSijwoNH3ZtEV8_24FOBqg==
via: 1.1 0d5d2d408eb42296c7636196e25ef8a2.cloudfront.net (CloudFront)

GET
H3 200 css2
fonts.googleapis.com/ 7 KB
604 B 49ms
49ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Merriweather+Sans:wght@300;400;500;700;800&display=swap

Requested by

Host: client
URL: about:client

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3de6a4fb2cbe4eb755287fd0094052835db8ce320bc715dcadfc79057cc54a18

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 29 Apr 2022 20:07:26 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 29 Apr 2022 20:07:26 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 29 Apr 2022 20:07:26 GMT

GET
H2

404

TorstarDeckCondensed-Roman.woff2
www.thestar.com/static/clients/torontostar/
Redirect Chain

https://www.thestar.com/static/clients/torontostar/TorstarDeckCondensed-Roman.woff2
https://www.thestar.com/static/clients/torontostar/TorstarDeckCondensed-Roman.woff2?rf

0
0

57ms
56ms

Font
text/html

13.32.21.33
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/static/clients/torontostar/TorstarDeckCondensed-Roman.woff2?rf

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Server

13.32.21.33 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-21-33.fra56.r.cloudfront.net

Software

Apache/2.4.53 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.thestar.com/?redirect=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 20:06:53 GMT
content-encoding: gzip
etag: W/"13f4b-zIc2vKTJnbdcglUOjIIITAFS9nw"
server: Apache/2.4.53 (Unix) OpenSSL/1.1.1n
age: 34
x-frame-options: SAMEORIGIN
x-powered-by: Express
vary: Accept-Encoding
x-cache: Error from cloudfront
content-type: text/html; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=180
x-amz-cf-pop: FRA56-C2
x-amz-cf-id: AR8zPf5CS3ajO2RtysOCPNDPKfLB2WPcDf1bIgPw5QUv3NZV5wfrPQ==
via: 1.1 0d5d2d408eb42296c7636196e25ef8a2.cloudfront.net (CloudFront)

Redirect headers

date: Fri, 29 Apr 2022 20:07:27 GMT
via: 1.1 0d5d2d408eb42296c7636196e25ef8a2.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA56-C2
x-cache: LambdaGeneratedResponse from cloudfront
location: https://www.thestar.com/static/clients/torontostar/TorstarDeckCondensed-Roman.woff2?rf
content-length: 0
x-amz-cf-id: 3vViSwm28XnaAHPw7fc3ccyB0BTtBKN2sOt2gnDMNrLI1su7_Sc-MA==

GET
H2 200 234 Show response
uswidgets.fn.sportradar.com/sportradarmlb/en_us/Etc:UTC/gismo/uniquetournament_info/ 3 KB
2 KB 233ms
71ms XHR
application/json 2a02:26f0:6c00::210:bab3
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://uswidgets.fn.sportradar.com/sportradarmlb/en_us/Etc:UTC/gismo/uniquetournament_info/234

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:bab3 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.10.3 / PHP/8.0.18

Resource Hash

66702c619662e625d541898d2444a1fdccbc8f52ed74c1124fa6c1843c242021

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
etag: W/"e40a72f11c130ed1a1e8fa923afcc4e7c277de77"
xip: 2001:ac8:21:e::9
x-srv: fishnet-prod-feedsbackvar01
xipx: 127.0.0.1
x-powered-by: PHP/8.0.18
x-feeds-web: fishnet-prod-zrh5-web6
grace: none
content-length: 929
x-feeds-fv: feeds-prod-vie1-var-ob
last-modified: Fri, 29 Apr 2022 20:02:37 GMT
server: nginx/1.10.3
date: Fri, 29 Apr 2022 20:07:27 GMT
vary: Accept-Encoding
access-control-allow-methods: GET
x-varnish: 81329515 324653806, 931327530 937394713
access-control-allow-origin: *
access-control-expose-headers: date
cache-control: public,max-age=299
xyolo
access-control-max-age: 10800
x-sbe: feeds_web_extra4
accept-ranges: bytes
content-type: application/json; charset=UTF-8
access-control-allow-headers: origin, x-requested-with, content-type, accept, cache-control, accept-encoding, accept-language
expires: Fri, 29 Apr 2022 20:07:37 GMT

GET
H2 200 overlaydata Show response
www.thestar.com/api/ 64 KB
12 KB 235ms
235ms XHR
application/json 13.32.21.33
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/api/overlaydata

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=7b2d449e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.21.33 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-21-33.fra56.r.cloudfront.net

Software

Apache/2.4.53 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

888e9303edf6e1eab95af9546eaeb63c63ad5c50195b21c9dd4bb1e22996a03c

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 20:07:27 GMT
content-encoding: gzip
vary: Accept-Encoding
server: Apache/2.4.53 (Unix) OpenSSL/1.1.1n
x-amz-cf-pop: FRA56-C2
x-powered-by: Express
etag: W/"100f2-dh1Sc6RooPp7Yaw73zurvACDWG4"
x-frame-options: SAMEORIGIN
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=180
x-amz-cf-id: Gu9zaeimGaTK21-1txMyEycsEyWSEpNpaBOkObFb_wuafRVvzSUFjg==
via: 1.1 0d5d2d408eb42296c7636196e25ef8a2.cloudfront.net (CloudFront)

GET
H3 200 2-c99IRs1JiJN1FRAMjTN5zd9vgsFHX1QjU.woff2
fonts.gstatic.com/s/merriweathersans/v21/ 35 KB
35 KB 41ms
41ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/merriweathersans/v21/2-c99IRs1JiJN1FRAMjTN5zd9vgsFHX1QjU.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Merriweather+Sans:wght@300;400;500;700;800&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

369ee86f98ea5be70470d5846d73b7d2d5f2eca5bcf6c169b260572277c90a15

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.thestar.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 26 Apr 2022 17:08:24 GMT
x-content-type-options: nosniff
age: 269943
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35436
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:27:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 26 Apr 2023 17:08:24 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 50ms
42ms Image
image/gif 69.192.161.152
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=TORONTO_PREBID_HEADER1&hp=1&wf=1&ra=5&pxm=4&sgs=6&vb=8&cm=1&zMoatIS=0&pl=1&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=11&f=0&t=1651262843985&de=992698453459&rx=79510749020&m=0&ar=bee2df476bf-clean&iw=d6445bb&q=1&cb=0&cu=1651262843985&ll=2&lm=0&ln=0&em=0&en=0&d=thestar.com%3Athestar.com%20%7C%20The%20Star%20%7C%20Canada%27s%20largest%20daily%3A__page__%3A-&zGSRC=1&gu=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&id=1&ii=4&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&gw=torontoprebidheader623296055317&fd=1&ac=1&it=500&pe=1%3A1382%3A2100%3A0%3A1491&fs=198121&na=1268882759&cs=0
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 69.192.161.152 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a69-192-161-152.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Apr 2022 20:07:27 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 29 Apr 2022 20:07:27 GMT

GET
H2 200 pixel.js Show response
www.redditstatic.com/ads/ 24 KB
7 KB 231ms
74ms Script
application/javascript 2a04:4e42:400::396
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.redditstatic.com/ads/pixel.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P86MZHL&gtm_auth=6lA8dG63UaQ5ed3gQljsjQ&gtm_preview=env-2&gtm_cookies_win=x
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:400::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: snooserv /
Resource Hash: ea011956164ed15022fb5732fd6d810bf75bb104babed05a29beb5c50302b926

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 20:07:27 GMT
via: 1.1 varnish, 1.1 varnish
last-modified: Mon, 18 Apr 2022 22:30:59 GMT
server: snooserv
etag: "5dcf2f59e7a6e0d30193fedad78db790"
vary: Accept-Encoding,Origin
content-type: application/javascript
cache-control: public, max-age=60
accept-ranges: bytes
content-encoding: gzip
content-length: 7461

GET
H2 200 bat.js Show response
bat.bing.com/ 38 KB
12 KB 123ms
58ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P86MZHL&gtm_auth=6lA8dG63UaQ5ed3gQljsjQ&gtm_preview=env-2&gtm_cookies_win=x

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

8540c5e2d2e85cc6c5d46b1b06b7f6642dce39e0314299a08976cfe6053c7c52

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
last-modified: Wed, 09 Feb 2022 23:54:49 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 287F849AF2AF43C29380CF9179B98790 Ref B: LTSEDGE0809 Ref C: 2022-04-29T20:07:27Z
etag: "806a236c101ed81:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
date: Fri, 29 Apr 2022 20:07:27 GMT
accept-ranges: bytes
content-length: 11333

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 8 KB
3 KB 188ms
60ms Script
application/x-javascript 2a02:26f0:3500:7::17d8:4dc8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P86MZHL&gtm_auth=6lA8dG63UaQ5ed3gQljsjQ&gtm_preview=env-2&gtm_cookies_win=x
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:7::17d8:4dc8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 14f2ec002b176e0dee403cb7dd4ef2274a1353080e1e3e4084678770f4c15b9c

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Fri, 29 Apr 2022 20:07:27 GMT
Content-Encoding: gzip
Last-Modified: Wed, 13 Apr 2022 23:25:22 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=27875
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3085

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 28 KB
9 KB 46ms
46ms Script
application/javascript 199.232.136.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P86MZHL&gtm_auth=6lA8dG63UaQ5ed3gQljsjQ&gtm_preview=env-2&gtm_cookies_win=x
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.136.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 70d4c4423dab9cf00b6e9bcf57518eeafff00e9d2499f4463498b03bef2bdc33

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 20:07:27 GMT
content-encoding: gzip
last-modified: Thu, 21 Apr 2022 18:44:51 GMT
etag: "c47a9d4becaab89e22af7ba863c58452+gzip+gzip"
vary: Accept-Encoding,Host
x-tw-cdn: FT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache
x-cache: HIT, HIT
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
content-length: 9501
x-served-by: cache-iad-kiad7000172-IAD, cache-hhn11576-HHN

GET
H2 200 B24540798.279406836;sz=1x2;ord=383594165561 Show response
ad.doubleclick.net/ddm/adj/N7050.197812.NSO.CODESRV/ 32 KB
12 KB 167ms
75ms Script
text/javascript 142.250.186.166
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adj/N7050.197812.NSO.CODESRV/B24540798.279406836;sz=1x2;ord=383594165561?

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.166 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f6.1e100.net

Software

cafe /

Resource Hash

00aa80a9ae69f0ef81f45f46c2faeb81c47fada0b498ea6e530906c16105db9d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Apr 2022 20:07:27 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11816
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ 84 KB
33 KB 133ms
49ms Script
application/javascript 2a00:1450:4001:802::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-57Q9DV2

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

72d47230102aac67f3d5ca7f291d6eb93279a229790d46d0f139eeac72b95231

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 20:07:27 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33438
x-xss-protection: 0
last-modified: Fri, 29 Apr 2022 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 29 Apr 2022 20:07:27 GMT

POST
H3 200 state Show response
api.permutive.com/v1.0/ 0
34 B 43ms
43ms XHR
text/plain 34.107.254.252
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/v1.0/state?fetch_unseen=true&k=025ad678-bf0a-4fe2-b383-8487592159bc
Requested by: Host: be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app
URL: https://be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app/be54a597-6b6d-4e2d-9d31-642310a8db25-web.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.thestar.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: *
date: Fri, 29 Apr 2022 20:07:27 GMT
content-encoding: gzip
server: Permutive
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20
via: 1.1 google

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 41ms
41ms Image
image/gif 69.192.161.152
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&wf=1&ra=5&pxm=4&sgs=6&vb=8&kq=1&lo=0&uk=null&pk=0&wk=1&rk=1&tk=0&ak=https%3A%2F%2Fwww.thestar.com%2F-&i=TORONTO_PREBID_HEADER1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5B98bjmPghU%3C4Y%24%26Pz9.aS%3B4oD%7D%60%3Fjc!L2LmqMs%3Cex1bxNTK7%2BuCTpY%3CZ.T%5B%2B%22gbzbSSr1r4YvKUntB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rb=2-XArw4k53N9kCRqL5D8s2wrvkFEQaXcVXbaABZPHbHacu4%2BXMPJmawdw%3D&rs=1-izGQnTcST%2BDrDg%3D%3D&sc=1&os=1-5g%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=11&g=0&h=4&w=4&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&rm=1&zGSRC=1&gu=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&id=1&ii=4&cm=1&zMoatIS=0&pl=1&f=0&t=1651262843985&de=992698453459&rx=79510749020&cu=1651262843985&m=3173&ar=bee2df476bf-clean&iw=d6445bb&cb=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=11524&le=1&ch=0&vv=0&vw=0%3A0%3A0&vp=undefined&vx=-%3A-%3A-&pe=1%3A1382%3A2100%3A0%3A1491&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=0&cd=0&ah=0&am=0&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=thestar.com%3Athestar.com%20%7C%20The%20Star%20%7C%20Canada%27s%20largest%20daily%3A__page__%3A-&gw=torontoprebidheader623296055317&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&ab=3&ac=1&fd=1&kt=null&it=500&oq=0&ot=0&zMoatJS=3%3A-&tc=0&fs=198121&na=372569784&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 69.192.161.152 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a69-192-161-152.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Apr 2022 20:07:27 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 29 Apr 2022 20:07:27 GMT

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
101 B 147ms
146ms Image
image/gif 104.244.42.195
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?type=javascript&version=2.3.2&p_id=Twitter&p_user_id=0&txn_id=o2rz8&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&tw_order_quantity=0&tw_sale_amount=0&tw_iframe_status=0&event_id=ba45c6b1-304a-4422-95c0-0d7021d70e99&tw_document_href=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.195 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_f /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-response-time: 104
date: Fri, 29 Apr 2022 20:07:26 GMT
server: tsa_f
strict-transport-security: max-age=631138519
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
x-connection-hash: 2d42158f98dbeb59953c3badc72b8ef3085aca10f4b718c9fae66eeda7cd25e9
content-length: 43

GET
H2 200 adsct
t.co/i/ 43 B
101 B 146ms
145ms Image
image/gif 104.244.42.69
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?type=javascript&version=2.3.2&p_id=Twitter&p_user_id=0&txn_id=o2rz8&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&tw_order_quantity=0&tw_sale_amount=0&tw_iframe_status=0&event_id=ba45c6b1-304a-4422-95c0-0d7021d70e99&tw_document_href=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.69 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_f /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-response-time: 102
date: Fri, 29 Apr 2022 20:07:27 GMT
server: tsa_f
strict-transport-security: max-age=0
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
x-connection-hash: caafdd26b64a277c33b734425608b90d22806eea9f62eddc2f2775cfb4d940c0
content-length: 43

GET
H2 200 85082 Show response
uswidgets.fn.sportradar.com/sportradarmlb/en_us/Etc:UTC/gismo/stats_season_meta/ 1 KB
1 KB 71ms
71ms XHR
application/json 2a02:26f0:6c00::210:bab3
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://uswidgets.fn.sportradar.com/sportradarmlb/en_us/Etc:UTC/gismo/stats_season_meta/85082

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:bab3 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.10.3 / PHP/8.0.17

Resource Hash

89396d88c6a901dfb6af9bfb3fd7c3f6aa31e1a195390b19e30673df7df910c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
etag: W/"febcc619f5651fadb4625ea898257a5cc1f807e6"
xip: 2001:ac8:21:e::9
x-srv: fishnet-prod-feedsbackvar05
xipx: 127.0.0.1
x-powered-by: PHP/8.0.17
x-feeds-web: fishnet-prod-zrh5-web2
grace: none
content-length: 725
x-feeds-fv: feeds-prod-vie1-var-ik
last-modified: Fri, 29 Apr 2022 19:52:14 GMT
server: nginx/1.10.3
date: Fri, 29 Apr 2022 20:07:27 GMT
vary: Accept-Encoding
access-control-allow-methods: GET
x-varnish: 464734750, 936512920 932841280
access-control-allow-origin: *
access-control-expose-headers: date
cache-control: public,max-age=3597
xyolo
access-control-max-age: 10800
x-sbe: feeds_zrh5_web2
accept-ranges: bytes
content-type: application/json; charset=UTF-8
access-control-allow-headers: origin, x-requested-with, content-type, accept, cache-control, accept-encoding, accept-language
expires: Fri, 29 Apr 2022 20:52:16 GMT

GET
H2 200 integrator.js Show response
adservice.google.co.uk/adsid/ 107 B
792 B 153ms
50ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.uk/adsid/integrator.js?domain=www.thestar.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 29 Apr 2022 20:07:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 139ms
49ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.thestar.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 29 Apr 2022 20:07:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

POST
H/1.1 200
OK headerstats Show response
as-sec.casalemedia.com/ 0
431 B 213ms
80ms XHR
text/plain 69.192.160.245
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://as-sec.casalemedia.com/headerstats?s=157269&u=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&v=3
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/181778-254412191205210.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 69.192.160.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a69-192-160-245.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.thestar.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma: no-cache
Date: Fri, 29 Apr 2022 20:07:27 GMT
X-AK-INITIAL-GEO: CC:[GB], RC:[EN], CN:[EU], CIP:[217.138.196.108], XFF:[]
Server: Apache
Access-Control-Allow-Origin: https://www.thestar.com
X-CS-CLIENT-GEO: 27
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
X-AK-CLIENT-GEO: 27
Expires: Fri, 29 Apr 2022 20:07:27 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 307 KB
29 KB 598ms
515ms XHR
text/plain 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3042496770545708&correlator=2870126102413057&eid=31067295&output=ldjh&gdfp_req=1&vrg=2022042601&ptt=17&impl=fifs&iu_parts=58580620%2Cthestar.com%2Chomepage&enc_prev_ius=0%2F1%2F2%2C0%2F1%2F2%2C0%2F1%2F2%2C0%2F1%2F2%2C0%2F1%2F2%2C0%2F1%2F2%2C0%2F1%2F2%2C0%2F1%2F2&prev_iu_szs=1x1%2C728x90%2C300x250%7C300x600%2C728x90%7C970x250%2C728x90%7C970x250%2C728x90%7C970x250%2C728x90%7C970x250%2C300x250%7C300x600&ifi=1&adks=2173569469%2C1887631228%2C1330620275%2C3893840796%2C3893840797%2C3893840798%2C3893840799%2C1330620276&sfv=1-0-38&ecs=20220429&fsapi=false&prev_scp=pos%3D1%26m_mv%3DslotNoSlotData%26m_gv%3DslotNoSlotData%26amznbid%3D2%26amznp%3D2%7Cpos%3D1%26m_gv%3D90%2C80%2C70%2C60%2C50%2C40%2C30%2C20%2C10%26m_mv%3D80%2C70%2C60%2C50%2C40%2C30%2C20%2C10%26amznbid%3D2%26amznp%3D2%7Cpos%3D1%26m_gv%3D50%2C40%2C30%2C20%2C10%26m_mv%3D60%2C50%2C40%2C30%2C20%2C10%26amznbid%3D2%26amznp%3D2%7Cpos%3D2%26m_gv%3D70%2C60%2C50%2C40%2C30%2C20%2C10%26m_mv%3D70%2C60%2C50%2C40%2C30%2C20%2C10%26amznbid%3D2%26amznp%3D2%7Cpos%3D3%26m_gv%3D70%2C60%2C50%2C40%2C30%2C20%2C10%26m_mv%3D70%2C60%2C50%2C40%2C30%2C20%2C10%26amznbid%3D2%26amznp%3D2%7Cpos%3D4%26m_gv%3D70%2C60%2C50%2C40%2C30%2C20%2C10%26m_mv%3D70%2C60%2C50%2C40%2C30%2C20%2C10%26amznbid%3D2%26amznp%3D2%7Cpos%3D5%26m_gv%3D70%2C60%2C50%2C40%2C30%2C20%2C10%26m_mv%3D70%2C60%2C50%2C40%2C30%2C20%2C10%26amznbid%3D2%26amznp%3D2%7Cpos%3D2%26m_gv%3D50%2C40%2C30%2C20%2C10%26m_mv%3D60%2C50%2C40%2C30%2C20%2C10%26amznbid%3D2%26amznp%3D2&eri=1&cust_params=permutive%3D%26m_data%3D1%26m_safety%3Dunsafe%26m_categories%3Dgv_death_injury%252Cgv_crime%252Cmoat_unsafe%26m_mv%3DdataAvailable%26m_gv%3DdataAvailable%26gs_channels%3Dpr_ts_pl_nws_lctns_cnd_ntnl%252Cts_pl_nws_lctns_cnd_prvncl%252Cgs_entertain%252Cgs_sport%252Cgs_law%252Cts_ent_evnt_attr_gnrl%252Cts_pl_nws_lctns_cnd_ntnl%252Cts_bz_ndstry_gnrl%252Cpr_test%252Cgs_law_misc%252Cgv_crime%252Cgs_politics_misc%252Cgv_death_injury%252Cts_sprts_ctvty_bsbll%252Cgs_news_and_weather%252Cts_sprts_ctvty_bsktbll%252Cts_bz_b2b_fld_mrktng_dvrtsng%252Cts_tmtv_ntrst_n_gnrl%252Cgs_sport_misc%252Cgs_covid19%252Cgt_negative%26tkspo%3D2%26env%3Dbeta%26referrer%3Dunknown%26environment%3Dproduction%26cutpoint%3Dlarge%26subscribed%3Dno%26registered%3Dno%26key%3Dhphub&ppid=29589706611566247360619746105851323445&sc=1&cookie_enabled=1&abxe=1&dt=1651262847323&lmt=1651262847&dlt=1651262843070&idt=3520&biw=1600&bih=1200&adxs=0%2C436%2C1059%2C436%2C436%2C436%2C436%2C245&adys=0%2C0%2C1016%2C4836%2C6061%2C7190%2C8564%2C2836&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&url=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&frm=20&vis=1&scr_x=0&scr_y=0&psz=1600x0%7C1600x90%7C300x250%7C728x90%7C728x90%7C728x90%7C728x90%7C300x250&msz=1x-1%7C1600x90%7C300x250%7C728x90%7C728x90%7C728x90%7C728x90%7C300x250&fws=0%2C0%2C512%2C0%2C0%2C0%2C0%2C512&ohw=0%2C0%2C0%2C0%2C0%2C0%2C0%2C0&ga_vid=267430075.1651262844&ga_sid=1651262847&ga_hid=1128545712&ga_fc=true&btvi=0%7C0%7C0%7C1%7C2%7C3%7C4%7C5&topics=1&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

82551cdea0858e842b84feb7d32ebce95b174544100ab6f140b4cc7a09d5ca15

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 20:07:27 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29435
x-xss-protection: 0
google-lineitem-id: -2,-1,-1,-1,-1,-1,-1,-1
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2,-1,-1,-1,-1,-1,-1,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.thestar.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 146ms
56ms XHR
application/json 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022042601&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a64087dba6a562babb68cdad60ab04a8f4709eede457013bb75c399dd837d749

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 29 Apr 2022 20:07:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10561
x-xss-protection: 0

GET
H2 200 container.html Show response
38fc71d3a7f71811905cf382c4928eaf.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 8C3D 6 KB
4 KB 164ms
49ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://38fc71d3a7f71811905cf382c4928eaf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thestar.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 29 Apr 2022 20:07:27 GMT
expires: Sat, 29 Apr 2023 20:07:27 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 13008914.js Show response
bat.bing.com/p/action/ 1 KB
980 B 155ms
155ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/13008914.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

08a8586f7eb9d887282e3f6aaec113b9886c129a90f687f1ea2c0c4a35c2a2f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 23874FAF28A94CB58FD88C197E5F13AE Ref B: LTSEDGE0809 Ref C: 2022-04-29T20:07:27Z
date: Fri, 29 Apr 2022 20:07:27 GMT
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-store,no-cache
content-length: 804

GET
H2 204 0
bat.bing.com/action/ 0
176 B 43ms
43ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=13008914&tm=gtm002&Ver=2&mid=e02938ef-2e42-488a-b9fd-1a65fb438c57&sid=fdf86a30c7f711ec8f5a8707432ef0e3&vid=fdf881e0c7f711ecac9515abcdd5a1f5&vids=1&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=thestar.com%20%7C%20The%20Star%20%7C%20Canada%27s%20largest%20daily&kw=thestar.com,%20the%20toronto%20star%20newspaper,%20the%20toronto%20star,%20world,%20sports%20news,%20GTA,%20Toronto,%20Canada&p=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&r=&lt=4701&evt=pageLoad&msclkid=N&sv=1&rn=397815

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 4BFC2E6BD45243AAA6C600AAF7E8ECB9 Ref B: LTSEDGE0809 Ref C: 2022-04-29T20:07:27Z
date: Fri, 29 Apr 2022 20:07:27 GMT
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 85082 Show response
uswidgets.fn.sportradar.com/sportradarmlb/en_us/Etc:UTC/gismo/livescore_season_fixtures/ 3 MB
244 KB 110ms
110ms XHR
application/json 2a02:26f0:6c00::210:bab3
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://uswidgets.fn.sportradar.com/sportradarmlb/en_us/Etc:UTC/gismo/livescore_season_fixtures/85082

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:bab3 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.10.3 / PHP/8.0.17

Resource Hash

dc1a8442dc994af5d9fa2ca1222090f0b1d2efb8c1a98686e767e0b32552d260

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
etag: W/"15ed1dc10a74e218e1964350aedeec2f297d1ca7"
xip: 2001:ac8:21:e::9
x-srv: fishnet-prod-feedsbackvar08
xipx: 127.0.0.1
x-powered-by: PHP/8.0.17
x-feeds-web: fishnet-feeds-dermpluc
grace: none
content-length: 248802
x-feeds-fv: feeds-prod-vie1-var-ik
last-modified: Fri, 29 Apr 2022 20:07:11 GMT
server: nginx/1.10.3
date: Fri, 29 Apr 2022 20:07:27 GMT
vary: Accept-Encoding
access-control-allow-methods: GET
x-varnish: 477266085 458584208, 934466622
access-control-allow-origin: *
access-control-expose-headers: date
cache-control: public,max-age=19
xyolo
access-control-max-age: 10800
x-sbe: feeds_web13
accept-ranges: bytes
content-type: application/json; charset=UTF-8
access-control-allow-headers: origin, x-requested-with, content-type, accept, cache-control, accept-encoding, accept-language
expires: Fri, 29 Apr 2022 20:07:31 GMT

GET
H2 200 870 Show response
uswidgets.fn.sportradar.com/sportradarmlb/en_us/Etc:UTC/gismo/uniquetournament_info/ 1 KB
1 KB 82ms
82ms XHR
application/json 2a02:26f0:6c00::210:bab3
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://uswidgets.fn.sportradar.com/sportradarmlb/en_us/Etc:UTC/gismo/uniquetournament_info/870

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:bab3 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) / PHP/8.0.17

Resource Hash

077d0d86c3975a59e92c16eaddc2635ad642afcfd3c93d0e86d63dd8b62be118

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
etag: W/"836d2ad021fda7746d59d1b8f1326f81fe088d95"
xip: 2001:ac8:21:e::9
x-srv: fishnet-prod-feedsbackvar03
xipx: 127.0.0.1
x-powered-by: PHP/8.0.17
x-feeds-web: fishnet-prod-zrh4-web2
grace: none
content-length: 610
x-feeds-fv: feeds-prod-euc1-fvauto-00ccc7be288cec041
last-modified: Fri, 29 Apr 2022 20:05:35 GMT
server: nginx/1.18.0 (Ubuntu)
date: Fri, 29 Apr 2022 20:07:27 GMT
vary: Accept-Encoding
access-control-allow-methods: GET
x-varnish: 473901028 467324291, 41637956
access-control-allow-origin: *
access-control-expose-headers: date
cache-control: public,max-age=299
xyolo
access-control-max-age: 10800
x-sbe: feeds_zrh4_web2
accept-ranges: bytes
content-type: application/json; charset=UTF-8
access-control-allow-headers: origin, x-requested-with, content-type, accept, cache-control, accept-encoding, accept-language
expires: Fri, 29 Apr 2022 20:10:35 GMT

GET
H2 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220427/r20110914/elements/html/ 8 KB
4 KB 128ms
41ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220427/r20110914/elements/html/omrhp.js

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N7050.197812.NSO.CODESRV/B24540798.279406836;sz=1x2;ord=383594165561?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 20:05:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 98
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3159
x-xss-protection: 0
server: cafe
etag: 1394524276809619753
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 13 May 2022 20:05:49 GMT

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ 0
575 B 183ms
77ms Ping
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuN35aaAs6hnwlLZGOGh2sHaQ2V7m2JrA715VvjytDu_m_Mnxq_aRiqrZR_LIGNnehtCTWOlF9dq2RZQnHnuRcPrx0aJhWDdrgBFP-xYEZes8uHoIh81AbLrCRhWQgj58izVQ&sig=Cg0ArKJSzM99K4sul0nkEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=0&cbvp=1&cisv=r20220427.69286&adurl=

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N7050.197812.NSO.CODESRV/B24540798.279406836;sz=1x2;ord=383594165561?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 29 Apr 2022 20:07:27 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1671964&time=1651262847377&url=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1671964%26time%3D1651262847377%26url%3Dhttps%253A%252F%252Fwww.thestar.com%252F%2...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1671964&time=1651262847377&url=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&liSync=true
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1671964&time=1651262847377&url=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&liSync=true&e_ipv6=AQKHynVA9FpqWAAAAYB273szVe8Lq4bemzVmHeJIvkrp...

0
482 B

195ms
124ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1671964&time=1651262847377&url=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&liSync=true&e_ipv6=AQKHynVA9FpqWAAAAYB273szVe8Lq4bemzVmHeJIvkrpxhcSwqRRtUzSNMqCBIE2k8I
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 20:07:27 GMT
nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 3D663E1AFC714517AB0CAF86461D03CA Ref B: MAN30EDGE0821 Ref C: 2022-04-29T20:07:27Z
linkedin-action: 1
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
content-type: application/javascript
x-li-proto: http/2
x-cache: CONFIG_NOCACHE
content-length: 0
x-li-uuid: AAXd0Jd8HtTUSISU1waqGQ==
x-li-fabric: prod-lva1

Redirect headers

date: Fri, 29 Apr 2022 20:07:27 GMT
nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 5DA18EB8D33944C1A6C8A8AA141EBCF2 Ref B: LTSEDGE1119 Ref C: 2022-04-29T20:07:27Z
linkedin-action: 1
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric: prod-lva1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1671964&time=1651262847377&url=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&liSync=true&e_ipv6=AQKHynVA9FpqWAAAAYB273szVe8Lq4bemzVmHeJIvkrpxhcSwqRRtUzSNMqCBIE2k8I
x-li-proto: http/2
x-cache: CONFIG_NOCACHE
content-length: 0
x-li-uuid: AAXd0Jd5Dh1pLULwwxGgsw==

GET
H2 200 rp.gif
alb.reddit.com/ 42 B
157 B 610ms
482ms Image
image/gif 2a04:4e42:200::396
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://alb.reddit.com/rp.gif?ts=1651262847424&id=t2_kcsr8bo&event=PageVisit&m.itemCount=&m.value=&m.valueDecimal=&m.currency=&m.transactionId=&m.customEventName=&m.products=&uuid=f373a926-2fd5-4f8c-90fd-15839fd4fa42&aaid=&em=&external_id=&idfa=&integration=reddit&opt_out=0&sh=1600&sw=1200&v=rdt_90e98f9f
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:200::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 20:07:27 GMT
via: 1.1 varnish
server: Varnish
content-type: image/gif
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 42
retry-after: 0

GET
H2 200 90903 Show response
uswidgets.fn.sportradar.com/sportradarmlb/en_us/Etc:UTC/gismo/livescore_season_fixtures/ 11 KB
3 KB 154ms
154ms XHR
application/json 2a02:26f0:6c00::210:bab3
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://uswidgets.fn.sportradar.com/sportradarmlb/en_us/Etc:UTC/gismo/livescore_season_fixtures/90903

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:bab3 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.10.3 / PHP/8.0.17

Resource Hash

1ba5efdd46b3c4bccd21c6299dab68a021bb2619403080efab388549d42ae1a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
etag: W/"4de1f5b31e8b349a1912c8ce46178f25c196970d"
xip: 2001:ac8:21:e::9
x-srv: fishnet-prod-feedsbackvar02
xipx: 127.0.0.1
x-powered-by: PHP/8.0.17
x-feeds-web: fishnet-feeds-cwsitukj
grace: none
content-length: 2231
x-feeds-fv: feeds-prod-vie1-var-ik
last-modified: Fri, 29 Apr 2022 20:07:26 GMT
server: nginx/1.10.3
date: Fri, 29 Apr 2022 20:07:27 GMT
vary: Accept-Encoding
access-control-allow-methods: GET
x-varnish: 473637434 474844666, 903211280
access-control-allow-origin: *
access-control-expose-headers: date
cache-control: public,max-age=19
xyolo
access-control-max-age: 10800
x-sbe: feeds_web14
accept-ranges: bytes
content-type: application/json; charset=UTF-8
access-control-allow-headers: origin, x-requested-with, content-type, accept, cache-control, accept-encoding, accept-language
expires: Fri, 29 Apr 2022 20:07:46 GMT

GET
H2 200 RC92631a6dea374f7f8c4e27bdaaf0a413-source.min.js Show response
resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/0637acba3b96/ 12 KB
5 KB 41ms
40ms Script
text/javascript 99.86.7.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/0637acba3b96/RC92631a6dea374f7f8c4e27bdaaf0a413-source.min.js
Requested by: Host: resources.thestar.com
URL: https://resources.thestar.com/launch-EN5e55511c260e4c0cb05872ba3729b255.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.7.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-7-104.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d5f0743d47591bad3a29481a356f318ece9db2782b3c74773b26fef6732468bc

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 19:32:27 GMT
content-encoding: gzip
last-modified: Fri, 29 Apr 2022 19:31:37 GMT
server: AmazonS3
age: 2101
etag: W/"85ed931307bcdaa98762074c68a92763"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: IRfkQZQA1Lx5_amXmo.AZtvqTVWq4d06
via: 1.1 2f471134491a4de5cfcaef646caf9dde.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
content-type: text/javascript
x-amz-cf-id: hNaOh8c3Cmwq-li5kfBlpElOwivp7hm9tKegM_sOmbo3qMMn7Zt6QQ==

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 148ms
55ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 20:07:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 29 Apr 2022 20:07:27 GMT

GET
H2 200 clarity.js Show response
f.clarity.ms/s/0.6.34/ 53 KB
23 KB 338ms
114ms Script
application/javascript 20.84.22.197
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://f.clarity.ms/s/0.6.34/clarity.js
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/p/action/13008914.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.84.22.197 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: ca63193ce799e4e00c9106349365981dc6e26cb77632ebf5df23dffba2aaccfa

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 20:07:27 GMT
content-encoding: br
etag: "1d84ce176162e54"
last-modified: Sun, 10 Apr 2022 13:47:04 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: public,max-age=86400
accept-ranges: bytes
content-length: 23150
request-context: appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?CtsSyncId=47F2A7B6E18D4F96AAE4391A45008535&RedC=c.clarity.ms&MXFR=01CFB7261DCB68CF0F86A6B319CB6614
https://c.clarity.ms/c.gif?CtsSyncId=47F2A7B6E18D4F96AAE4391A45008535&MUID=12CBB3BDA07769AA1694A228A18C68D7

42 B
368 B

37ms
37ms

Image
image/gif

52.142.114.2
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?CtsSyncId=47F2A7B6E18D4F96AAE4391A45008535&MUID=12CBB3BDA07769AA1694A228A18C68D7
Protocol: H2
Server: 52.142.114.2 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Apr 2022 20:07:27 GMT
last-modified: Fri, 18 Mar 2022 19:39:54 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "8120eaf0ff3ad81:0"
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-type: image/gif
content-length: 42

Redirect headers

pragma: no-cache
date: Fri, 29 Apr 2022 20:07:27 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: F3AF7CEC03BC431ABBC7313EF6E38D5A Ref B: LTSEDGE0809 Ref C: 2022-04-29T20:07:27Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?CtsSyncId=47F2A7B6E18D4F96AAE4391A45008535&MUID=12CBB3BDA07769AA1694A228A18C68D7
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H2 200 RC2c755b7ef3ef4f3882b1ae8279370b69-source.min.js Show response
resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/0637acba3b96/ 1 KB
1 KB 40ms
40ms Script
text/javascript 99.86.7.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/0637acba3b96/RC2c755b7ef3ef4f3882b1ae8279370b69-source.min.js
Requested by: Host: resources.thestar.com
URL: https://resources.thestar.com/launch-EN5e55511c260e4c0cb05872ba3729b255.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.7.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-7-104.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 777a84c87cbb0f4e41f7eb0ae5c867a2adcc60098e087cba411ea0b89af32164

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 19:32:29 GMT
content-encoding: gzip
last-modified: Fri, 29 Apr 2022 19:31:37 GMT
server: AmazonS3
age: 2098
etag: W/"67b9582dd9297145434e89ced25de763"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: bHonBZTR9NiFJizInWQ6JfXZRcP5Lq7B
via: 1.1 2f471134491a4de5cfcaef646caf9dde.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
content-type: text/javascript
x-amz-cf-id: m4LslSk-T_mEj5b9h4iZvD94UPWDEFSORkLO2JG4oBQS8xR2DbQJog==

GET
H2 200 3679.png
img.sportradar.com/ls/crest/medium/ 6 KB
6 KB 210ms
61ms Image
image/png 2a02:26f0:6c00::210:ba79
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.sportradar.com/ls/crest/medium/3679.png

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:ba79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.10.3 /

Resource Hash

9e11612aa8fdd4ea644685df7f76e8d415df784cb86ec1c2dfef935ad70583ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
last-modified: Mon, 18 Nov 2019 13:50:48 GMT
x-srv: fishnet-prod-logos-fvauto-0e30c7f49a5254ce8
etag: "5dd2a1b8-170f"
x-varnish: 363151711 363050008
cache-control: max-age=86400
date: Fri, 29 Apr 2022 20:07:27 GMT
x-sbe: logos_prod_web1
accept-ranges: bytes
content-type: image/png
content-length: 5903
server: nginx/1.10.3
expires: Sat, 30 Apr 2022 20:07:27 GMT

GET
H2 200 3689.png
img.sportradar.com/ls/crest/medium/ 6 KB
6 KB 212ms
63ms Image
image/png 2a02:26f0:6c00::210:ba79
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.sportradar.com/ls/crest/medium/3689.png

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:ba79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.10.3 /

Resource Hash

aed329f0644e7ec5ab69d50e12ccdfbb3a7a2c6378ef314c99a204e55bb5d10a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
last-modified: Mon, 18 Nov 2019 13:50:48 GMT
x-srv: fishnet-prod-logos-fvauto-0e30c7f49a5254ce8
etag: "5dd2a1b8-17cf"
x-varnish: 183985997 184811758
cache-control: max-age=86400
date: Fri, 29 Apr 2022 20:07:27 GMT
x-sbe: logos_prod_web2
accept-ranges: bytes
content-type: image/png
content-length: 6095
server: nginx/1.10.3
expires: Sat, 30 Apr 2022 20:07:27 GMT

GET
H2 200 3705.png
img.sportradar.com/ls/crest/medium/ 7 KB
7 KB 232ms
83ms Image
image/png 2a02:26f0:6c00::210:ba79
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.sportradar.com/ls/crest/medium/3705.png

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:ba79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.10.3 /

Resource Hash

4ebb8485b400a9023b86f17f168967840bcb1cfc68a2b0f6f92ea6026d0c3fc8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
last-modified: Mon, 18 Nov 2019 13:50:49 GMT
x-srv: fishnet-prod-logos-fvauto-0e30c7f49a5254ce8
etag: "5dd2a1b9-1a01"
x-varnish: 632951521 629475403
cache-control: max-age=86400
date: Fri, 29 Apr 2022 20:07:27 GMT
x-sbe: logos_prod_web2
accept-ranges: bytes
content-type: image/png
content-length: 6657
server: nginx/1.10.3
expires: Sat, 30 Apr 2022 20:07:27 GMT

GET
H2 200 3682.png
img.sportradar.com/ls/crest/medium/ 7 KB
7 KB 252ms
102ms Image
image/png 2a02:26f0:6c00::210:ba79
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.sportradar.com/ls/crest/medium/3682.png

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:ba79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.10.3 /

Resource Hash

d21cdd2d2f8a1dad3f6e38a8fef966c2695eea4140b6445372215c156751fd91

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
last-modified: Mon, 18 Nov 2019 13:50:48 GMT
x-srv: fishnet-prod-logos-fvauto-0e30c7f49a5254ce8
etag: "5dd2a1b8-1c77"
x-varnish: 24994833 22158823
cache-control: max-age=86400
date: Fri, 29 Apr 2022 20:07:27 GMT
x-sbe: logos_prod_web1
accept-ranges: bytes
content-type: image/png
content-length: 7287
server: nginx/1.10.3
expires: Sat, 30 Apr 2022 20:07:27 GMT

GET
H2 200 3696.png
img.sportradar.com/ls/crest/medium/ 5 KB
5 KB 258ms
108ms Image
image/png 2a02:26f0:6c00::210:ba79
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.sportradar.com/ls/crest/medium/3696.png

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:ba79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.10.3 /

Resource Hash

39ca7166596486e4d67c242d70fb6a1d95d2ee9462ea02026d38c882ae752177

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
last-modified: Mon, 18 Nov 2019 13:50:49 GMT
x-srv: fishnet-prod-logos-fvauto-052a95080105bd4ec
etag: "5dd2a1b9-1327"
x-varnish: 636692673 635620619
cache-control: max-age=86400
date: Fri, 29 Apr 2022 20:07:27 GMT
x-sbe: logos_prod_web2
accept-ranges: bytes
content-type: image/png
content-length: 4903
server: nginx/1.10.3
expires: Sat, 30 Apr 2022 20:07:27 GMT

GET
H2 200 3686.png
img.sportradar.com/ls/crest/medium/ 7 KB
7 KB 196ms
108ms Image
image/png 2a02:26f0:6c00::210:ba79
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.sportradar.com/ls/crest/medium/3686.png

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:ba79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.10.3 /

Resource Hash

5ea1e242279067e3e88564e4ef131143c58e7ec36929e73b31f8c94b990455a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
last-modified: Mon, 18 Nov 2019 13:50:48 GMT
x-srv: fishnet-prod-logos-fvauto-052a95080105bd4ec
etag: "5dd2a1b8-1af6"
x-varnish: 20278284 24803688
cache-control: max-age=86400
date: Fri, 29 Apr 2022 20:07:27 GMT
x-sbe: logos_prod_web2
accept-ranges: bytes
content-type: image/png
content-length: 6902
server: nginx/1.10.3
expires: Sat, 30 Apr 2022 20:07:27 GMT

GET
H2 200 3688.png
img.sportradar.com/ls/crest/medium/ 6 KB
6 KB 115ms
111ms Image
image/png 2a02:26f0:6c00::210:ba79
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.sportradar.com/ls/crest/medium/3688.png

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:ba79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.10.3 /

Resource Hash

e69846be1be704e8c2324dc7ca9e439a496a67d203a9322f1d2ab7ca5031f001

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
last-modified: Mon, 18 Nov 2019 13:50:48 GMT
x-srv: fishnet-prod-logos-fvauto-0e30c7f49a5254ce8
etag: "5dd2a1b8-1645"
x-varnish: 620813071 620437656
cache-control: max-age=86400
date: Fri, 29 Apr 2022 20:07:27 GMT
x-sbe: logos_prod_web1
accept-ranges: bytes
content-type: image/png
content-length: 5701
server: nginx/1.10.3
expires: Sat, 30 Apr 2022 20:07:27 GMT

GET
H2 200 3692.png
img.sportradar.com/ls/crest/medium/ 6 KB
6 KB 119ms
115ms Image
image/png 2a02:26f0:6c00::210:ba79
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.sportradar.com/ls/crest/medium/3692.png

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:ba79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.10.3 /

Resource Hash

092433010c83e4e157d859c0712053ad168b50d22fcc8095a7ef133e10cd3aed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
last-modified: Mon, 18 Nov 2019 13:50:48 GMT
x-srv: fishnet-prod-logos-fvauto-052a95080105bd4ec
etag: "5dd2a1b8-18e0"
x-varnish: 44565250 43811316
cache-control: max-age=86400
date: Fri, 29 Apr 2022 20:07:27 GMT
x-sbe: logos_prod_web2
accept-ranges: bytes
content-type: image/png
content-length: 6368
server: nginx/1.10.3
expires: Sat, 30 Apr 2022 20:07:27 GMT

GET
H2 200 3687.png
img.sportradar.com/ls/crest/medium/ 7 KB
7 KB 123ms
119ms Image
image/png 2a02:26f0:6c00::210:ba79
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.sportradar.com/ls/crest/medium/3687.png

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:ba79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.10.3 /

Resource Hash

cc2b3cbe3d04b4e1c8e633bb85993b369fb74102947a165e28dacca9072c423d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
last-modified: Mon, 18 Nov 2019 13:50:48 GMT
x-srv: fishnet-prod-logos-fvauto-052a95080105bd4ec
etag: "5dd2a1b8-1acb"
x-varnish: 622580677 620771078
cache-control: max-age=86400
date: Fri, 29 Apr 2022 20:07:27 GMT
x-sbe: logos_prod_web1
accept-ranges: bytes
content-type: image/png
content-length: 6859
server: nginx/1.10.3
expires: Sat, 30 Apr 2022 20:07:27 GMT

GET
H2 200 3690.png
img.sportradar.com/ls/crest/medium/ 6 KB
7 KB 137ms
133ms Image
image/png 2a02:26f0:6c00::210:ba79
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.sportradar.com/ls/crest/medium/3690.png

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:ba79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.10.3 /

Resource Hash

d4a5c90a048bebcddcc6b7e41008af3f42bb578a6d75438bce4e05da12b57c94

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
last-modified: Mon, 18 Nov 2019 13:50:48 GMT
x-srv: fishnet-prod-logos-fvauto-052a95080105bd4ec
etag: "5dd2a1b8-19d8"
x-varnish: 44012166 32489964
cache-control: max-age=86400
date: Fri, 29 Apr 2022 20:07:27 GMT
x-sbe: logos_prod_web2
accept-ranges: bytes
content-type: image/png
content-length: 6616
server: nginx/1.10.3
expires: Sat, 30 Apr 2022 20:07:27 GMT

GET
H2 200 3685.png
img.sportradar.com/ls/crest/medium/ 7 KB
7 KB 142ms
138ms Image
image/png 2a02:26f0:6c00::210:ba79
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.sportradar.com/ls/crest/medium/3685.png

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:ba79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.10.3 /

Resource Hash

15dd7383a83a39ff0aa688707cbb570e914350a5d0d6fa3bc1495ca46e5e615a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
last-modified: Mon, 18 Nov 2019 13:50:48 GMT
x-srv: fishnet-prod-logos-fvauto-052a95080105bd4ec
etag: "5dd2a1b8-1a3b"
x-varnish: 636296967 634570219
cache-control: max-age=86400
date: Fri, 29 Apr 2022 20:07:27 GMT
x-sbe: logos_prod_web1
accept-ranges: bytes
content-type: image/png
content-length: 6715
server: nginx/1.10.3
expires: Sat, 30 Apr 2022 20:07:27 GMT

GET
H2 200 3704.png
img.sportradar.com/ls/crest/medium/ 6 KB
6 KB 147ms
143ms Image
image/png 2a02:26f0:6c00::210:ba79
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.sportradar.com/ls/crest/medium/3704.png

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:ba79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.10.3 /

Resource Hash

5019e40a161c71cbf4fc8b1fc0a1809456b3cfc7fc93eadaf7b374cdb0cb9c60

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
last-modified: Mon, 18 Nov 2019 13:50:49 GMT
x-srv: fishnet-prod-logos-fvauto-0e30c7f49a5254ce8
etag: "5dd2a1b9-1744"
x-varnish: 175017920 173299464
cache-control: max-age=86400
date: Fri, 29 Apr 2022 20:07:27 GMT
x-sbe: logos_prod_web1
accept-ranges: bytes
content-type: image/png
content-length: 5956
server: nginx/1.10.3
expires: Sat, 30 Apr 2022 20:07:27 GMT

GET
H2 200 3700.png
img.sportradar.com/ls/crest/medium/ 6 KB
6 KB 145ms
141ms Image
image/png 2a02:26f0:6c00::210:ba79
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.sportradar.com/ls/crest/medium/3700.png

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:ba79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.10.3 /

Resource Hash

3184fd632cad5dc9eb8f35f6aa4337af5d37a62db990efdef3b82d390827c81b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
last-modified: Mon, 18 Nov 2019 13:50:49 GMT
x-srv: fishnet-prod-logos-fvauto-052a95080105bd4ec
etag: "5dd2a1b9-1788"
x-varnish: 44668709 43754006
cache-control: max-age=86400
date: Fri, 29 Apr 2022 20:07:27 GMT
x-sbe: logos_prod_web2
accept-ranges: bytes
content-type: image/png
content-length: 6024
server: nginx/1.10.3
expires: Sat, 30 Apr 2022 20:07:27 GMT

GET
H2 200 3699.png
img.sportradar.com/ls/crest/medium/ 5 KB
5 KB 149ms
145ms Image
image/png 2a02:26f0:6c00::210:ba79
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.sportradar.com/ls/crest/medium/3699.png

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:ba79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.10.3 /

Resource Hash

669681c2c16683192a70ad60109c4a164023b217c1d804ff8f79270319ef2ff0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
last-modified: Mon, 18 Nov 2019 13:50:49 GMT
x-srv: fishnet-prod-logos-fvauto-0e30c7f49a5254ce8
etag: "5dd2a1b9-1257"
x-varnish: 184628213 184320911
cache-control: max-age=86400
date: Fri, 29 Apr 2022 20:07:27 GMT
x-sbe: logos_prod_web1
accept-ranges: bytes
content-type: image/png
content-length: 4695
server: nginx/1.10.3
expires: Sat, 30 Apr 2022 20:07:27 GMT

GET
H2 200 3677.png
img.sportradar.com/ls/crest/medium/ 7 KB
7 KB 147ms
143ms Image
image/png 2a02:26f0:6c00::210:ba79
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.sportradar.com/ls/crest/medium/3677.png

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:ba79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.10.3 /

Resource Hash

d06eed0799cc590e2bbd48a85ff749553bf147b4ce0bc9201fd98408fbab5174

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
last-modified: Mon, 18 Nov 2019 13:50:48 GMT
x-srv: fishnet-prod-logos-fvauto-0e30c7f49a5254ce8
etag: "5dd2a1b8-1b1f"
x-varnish: 637059190 636990491
cache-control: max-age=86400
date: Fri, 29 Apr 2022 20:07:27 GMT
x-sbe: logos_prod_web2
accept-ranges: bytes
content-type: image/png
content-length: 6943
server: nginx/1.10.3
expires: Sat, 30 Apr 2022 20:07:27 GMT

GET
H2 200 3693.png
img.sportradar.com/ls/crest/medium/ 6 KB
7 KB 151ms
147ms Image
image/png 2a02:26f0:6c00::210:ba79
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.sportradar.com/ls/crest/medium/3693.png

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:ba79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.10.3 /

Resource Hash

24a77a91e337c0dc7e0a9bfa1e00fc73060a2cd005e3f49b5d88914d160e76a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
last-modified: Mon, 18 Nov 2019 13:50:48 GMT
x-srv: fishnet-prod-logos-fvauto-0e30c7f49a5254ce8
etag: "5dd2a1b8-198d"
x-varnish: 40826958 43966034
cache-control: max-age=86400
date: Fri, 29 Apr 2022 20:07:27 GMT
x-sbe: logos_prod_web1
accept-ranges: bytes
content-type: image/png
content-length: 6541
server: nginx/1.10.3
expires: Sat, 30 Apr 2022 20:07:27 GMT

GET
H2 200 3683.png
img.sportradar.com/ls/crest/medium/ 7 KB
8 KB 154ms
150ms Image
image/png 2a02:26f0:6c00::210:ba79
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.sportradar.com/ls/crest/medium/3683.png

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:ba79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.10.3 /

Resource Hash

bc8aa370962ef495a1c841c9a35690028398d0827dd7a4433cb3558f97acb55f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
last-modified: Mon, 18 Nov 2019 13:50:48 GMT
x-srv: fishnet-prod-logos-fvauto-0e30c7f49a5254ce8
etag: "5dd2a1b8-1dd7"
x-varnish: 385998459 402329116
cache-control: max-age=86400
date: Fri, 29 Apr 2022 20:07:27 GMT
x-sbe: logos_prod_web1
accept-ranges: bytes
content-type: image/png
content-length: 7639
server: nginx/1.10.3
expires: Sat, 30 Apr 2022 20:07:27 GMT

GET
H2 200 3697.png
img.sportradar.com/ls/crest/medium/ 5 KB
5 KB 157ms
154ms Image
image/png 2a02:26f0:6c00::210:ba79
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.sportradar.com/ls/crest/medium/3697.png

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:ba79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.10.3 /

Resource Hash

2b226e5d93065073bd670913a90719666f054e802a7449f347f9368c40a13d3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
last-modified: Mon, 18 Nov 2019 13:50:49 GMT
x-srv: fishnet-prod-logos-fvauto-0e30c7f49a5254ce8
etag: "5dd2a1b9-1204"
x-varnish: 44420082 44022749
cache-control: max-age=86400
date: Fri, 29 Apr 2022 20:07:27 GMT
x-sbe: logos_prod_web2
accept-ranges: bytes
content-type: image/png
content-length: 4612
server: nginx/1.10.3
expires: Sat, 30 Apr 2022 20:07:27 GMT

GET
H2 200 3691.png
img.sportradar.com/ls/crest/medium/ 5 KB
5 KB 172ms
169ms Image
image/png 2a02:26f0:6c00::210:ba79
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.sportradar.com/ls/crest/medium/3691.png

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:ba79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.10.3 /

Resource Hash

1391055c5b722a3da6707ead294507ace2df3db7891cccb53a94441f794fd33c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
last-modified: Mon, 18 Nov 2019 13:50:48 GMT
x-srv: fishnet-prod-logos-fvauto-0e30c7f49a5254ce8
etag: "5dd2a1b8-1323"
x-varnish: 43881434 43818516
cache-control: max-age=86400
date: Fri, 29 Apr 2022 20:07:27 GMT
x-sbe: logos_prod_web2
accept-ranges: bytes
content-type: image/png
content-length: 4899
server: nginx/1.10.3
expires: Sat, 30 Apr 2022 20:07:27 GMT

GET
H2 200 3701.png
img.sportradar.com/ls/crest/medium/ 7 KB
7 KB 171ms
167ms Image
image/png 2a02:26f0:6c00::210:ba79
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.sportradar.com/ls/crest/medium/3701.png

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:ba79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.10.3 /

Resource Hash

3644264a33465399ca76bee9a04de8fdd50aec96e77a27c08492b360f6922213

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
last-modified: Mon, 18 Nov 2019 13:50:49 GMT
x-srv: fishnet-prod-logos-fvauto-0e30c7f49a5254ce8
etag: "5dd2a1b9-1a3b"
x-varnish: 630686538 626751536
cache-control: max-age=86400
date: Fri, 29 Apr 2022 20:07:27 GMT
x-sbe: logos_prod_web2
accept-ranges: bytes
content-type: image/png
content-length: 6715
server: nginx/1.10.3
expires: Sat, 30 Apr 2022 20:07:27 GMT

GET
H2 200 3681.png
img.sportradar.com/ls/crest/medium/ 7 KB
7 KB 177ms
174ms Image
image/png 2a02:26f0:6c00::210:ba79
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.sportradar.com/ls/crest/medium/3681.png

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:ba79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.10.3 /

Resource Hash

e39d8e3236bd8c2790a2d7ae0aec00a007e5a0e3b48de7ad4b2f3e97d38a3bd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
last-modified: Mon, 18 Nov 2019 13:50:48 GMT
x-srv: fishnet-prod-logos-fvauto-0e30c7f49a5254ce8
etag: "5dd2a1b8-1b03"
x-varnish: 124162667 123499038
cache-control: max-age=86400
date: Fri, 29 Apr 2022 20:07:27 GMT
x-sbe: logos_prod_web2
accept-ranges: bytes
content-type: image/png
content-length: 6915
server: nginx/1.10.3
expires: Sat, 30 Apr 2022 20:07:27 GMT

GET
H2 200 3678.png
img.sportradar.com/ls/crest/medium/ 9 KB
9 KB 176ms
172ms Image
image/png 2a02:26f0:6c00::210:ba79
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.sportradar.com/ls/crest/medium/3678.png

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:ba79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.10.3 /

Resource Hash

09a36f051aa6f025ec810e84879c542995efba9e5bf8d362acb1fcfa730a866d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
last-modified: Mon, 18 Nov 2019 13:50:48 GMT
x-srv: fishnet-prod-logos-fvauto-052a95080105bd4ec
etag: "5dd2a1b8-222f"
x-varnish: 174968036 175431933
cache-control: max-age=86400
date: Fri, 29 Apr 2022 20:07:27 GMT
x-sbe: logos_prod_web2
accept-ranges: bytes
content-type: image/png
content-length: 8751
server: nginx/1.10.3
expires: Sat, 30 Apr 2022 20:07:27 GMT

GET
H2 200 3694.png
img.sportradar.com/ls/crest/medium/ 6 KB
6 KB 176ms
172ms Image
image/png 2a02:26f0:6c00::210:ba79
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.sportradar.com/ls/crest/medium/3694.png

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:ba79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.10.3 /

Resource Hash

5256e20d2385d02616639e72c3bc01f6b1ffbe75c2838d82cd25b93d0a35e1a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
last-modified: Mon, 18 Nov 2019 13:50:48 GMT
x-srv: fishnet-prod-logos-fvauto-0e30c7f49a5254ce8
etag: "5dd2a1b8-1648"
x-varnish: 43856603 43315539
cache-control: max-age=86400
date: Fri, 29 Apr 2022 20:07:27 GMT
x-sbe: logos_prod_web2
accept-ranges: bytes
content-type: image/png
content-length: 5704
server: nginx/1.10.3
expires: Sat, 30 Apr 2022 20:07:27 GMT

GET
H2 200 3703.png
img.sportradar.com/ls/crest/medium/ 7 KB
7 KB 176ms
172ms Image
image/png 2a02:26f0:6c00::210:ba79
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.sportradar.com/ls/crest/medium/3703.png

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:ba79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.10.3 /

Resource Hash

3db3fdae0e2be13c8acc57ed679246d27616e65d48bc7f2b050b21076a13c452

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
last-modified: Mon, 18 Nov 2019 13:50:49 GMT
x-srv: fishnet-prod-logos-fvauto-052a95080105bd4ec
etag: "5dd2a1b9-1c84"
x-varnish: 368375941 369209017
cache-control: max-age=86400
date: Fri, 29 Apr 2022 20:07:27 GMT
x-sbe: logos_prod_web2
accept-ranges: bytes
content-type: image/png
content-length: 7300
server: nginx/1.10.3
expires: Sat, 30 Apr 2022 20:07:27 GMT

GET
H3 200 549886031832745 Show response
connect.facebook.net/signals/config/ 494 KB
144 KB 84ms
41ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/549886031832745?v=2.9.57&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

6b8af903aa3d66430963daab0323b46f4b188de673752795e4b2b0b17a743466

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 147752
x-xss-protection: 0
pragma: public
x-fb-debug: 1sk3rXDXtqoIzCBtKp13gb5TKRKjnElwMFktd91IpQN1C6D1fMCqfN5+hSH86ufAXiDtWPG95wGasvdmBYEyhA==
x-frame-options: DENY
date: Fri, 29 Apr 2022 20:07:27 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 RC304342cd3a9f487980371091639a8dc3-source.min.js Show response
resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/0637acba3b96/ 813 B
1 KB 40ms
40ms Script
text/javascript 99.86.7.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/0637acba3b96/RC304342cd3a9f487980371091639a8dc3-source.min.js
Requested by: Host: resources.thestar.com
URL: https://resources.thestar.com/launch-EN5e55511c260e4c0cb05872ba3729b255.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.7.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-7-104.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: fb25d9cbb5a59405edffa4ebd26f8d18f84059c1071c3387b155aa3508bbb32f

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 19:32:30 GMT
via: 1.1 2f471134491a4de5cfcaef646caf9dde.cloudfront.net (CloudFront)
last-modified: Fri, 29 Apr 2022 19:31:37 GMT
server: AmazonS3
age: 2098
etag: "86c26ad809d1d092dc87a6b25743fdd6"
x-cache: Hit from cloudfront
x-amz-version-id: sRQzIAnQZAf4gVqAD3kQQR63S0E2z.KH
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
content-type: text/javascript
content-length: 813
x-amz-cf-id: FEiaMpL4djrBAUAaucr2pd0HwsPEtkTsK5MQqiwIUNFFgnVP1ZZXsw==

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 38D3 13 KB
5 KB 126ms
42ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thestar.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 3424
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 29 Apr 2022 19:10:23 GMT
expires: Sat, 29 Apr 2023 19:10:23 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame D624 783 B
1 KB 140ms
49ms Document
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

c4882f336fb783ef4a1deab25e8576b9031e3cc3e35253af1bdce2411cd9f49a

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-88irSzUwA7jkwALbunS3+Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.thestar.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-88irSzUwA7jkwALbunS3+Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 29 Apr 2022 20:07:27 GMT
expires: Fri, 29 Apr 2022 20:07:27 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 RC518669eb80134c629229b164ea843f63-source.min.js Show response
resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/0637acba3b96/ 2 KB
1 KB 40ms
40ms Script
text/javascript 99.86.7.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/0637acba3b96/RC518669eb80134c629229b164ea843f63-source.min.js
Requested by: Host: resources.thestar.com
URL: https://resources.thestar.com/launch-EN5e55511c260e4c0cb05872ba3729b255.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.7.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-7-104.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b36fa770af76aff69aee3c11fd279c11ec6fe7782f1d56f74cb35e12e13bf58b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 19:32:30 GMT
content-encoding: gzip
last-modified: Fri, 29 Apr 2022 19:31:37 GMT
server: AmazonS3
age: 2098
etag: W/"56580e08fd755b9ad73f8d95dd759ed9"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: sxy4hEY.hYC2.p7BIuktuP2fPNM_44Ex
via: 1.1 2f471134491a4de5cfcaef646caf9dde.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
content-type: text/javascript
x-amz-cf-id: C8hUVy5qKpd5JiHbwieRQOKo-janR0XyjZQGsdv8XQjdiQA9EWZwXA==

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
74 B 148ms
148ms Image
image/gif 104.244.42.195
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?type=javascript&version=2.3.2&p_id=Twitter&p_user_id=0&txn_id=nuz9l&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&tw_order_quantity=0&tw_sale_amount=0&tw_iframe_status=0&event_id=27ba37fe-478d-4267-9def-1cadcb5fd2e2&tw_document_href=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.195 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_f /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-response-time: 105
date: Fri, 29 Apr 2022 20:07:26 GMT
server: tsa_f
strict-transport-security: max-age=631138519
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
x-connection-hash: 2d42158f98dbeb59953c3badc72b8ef3085aca10f4b718c9fae66eeda7cd25e9
content-length: 43

GET
H2 200 adsct
t.co/i/ 43 B
77 B 147ms
147ms Image
image/gif 104.244.42.69
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?type=javascript&version=2.3.2&p_id=Twitter&p_user_id=0&txn_id=nuz9l&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&tw_order_quantity=0&tw_sale_amount=0&tw_iframe_status=0&event_id=27ba37fe-478d-4267-9def-1cadcb5fd2e2&tw_document_href=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.69 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_f /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-response-time: 105
date: Fri, 29 Apr 2022 20:07:27 GMT
server: tsa_f
strict-transport-security: max-age=0
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
x-connection-hash: caafdd26b64a277c33b734425608b90d22806eea9f62eddc2f2775cfb4d940c0
content-length: 43

GET
H2 200 28276610 Show response
uswidgets.fn.sportradar.com/sportradarmlb/en_us/Etc:UTC/gismo/match_info/ 5 KB
3 KB 55ms
55ms XHR
application/json 2a02:26f0:6c00::210:bab3
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://uswidgets.fn.sportradar.com/sportradarmlb/en_us/Etc:UTC/gismo/match_info/28276610

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:bab3 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) / PHP/8.0.17

Resource Hash

7bb17835479c05254306e12e931f7f6d35d9f67e24d0d16aea9628b2b3d5cfc2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
etag: W/"46158ea3ee5fb577550a34a382d5df0283490e67"
xip: 168.119.68.249
x-srv: fishnet-prod-feedsbackvar08
xipx: 127.0.0.1
x-powered-by: PHP/8.0.17
x-feeds-web: fishnet-feeds-cwsitukj
grace: none
content-length: 1974
x-feeds-fv: feeds-prod-euc1-fvauto-00ccc7be288cec041
last-modified: Fri, 29 Apr 2022 18:05:07 GMT
server: nginx/1.18.0 (Ubuntu)
date: Fri, 29 Apr 2022 20:07:27 GMT
vary: Accept-Encoding
access-control-allow-methods: GET
x-varnish: 444119464 445849045, 17916154
access-control-allow-origin: *
access-control-expose-headers: date
cache-control: public,max-age=10799
xyolo
access-control-max-age: 10800
x-sbe: feeds_web14
accept-ranges: bytes
content-type: application/json; charset=UTF-8
access-control-allow-headers: origin, x-requested-with, content-type, accept, cache-control, accept-encoding, accept-language
expires: Fri, 29 Apr 2022 21:05:07 GMT

GET
H2 200 28276606 Show response
uswidgets.fn.sportradar.com/sportradarmlb/en_us/Etc:UTC/gismo/match_info/ 5 KB
3 KB 56ms
56ms XHR
application/json 2a02:26f0:6c00::210:bab3
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://uswidgets.fn.sportradar.com/sportradarmlb/en_us/Etc:UTC/gismo/match_info/28276606

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:bab3 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.10.3 / PHP/8.0.18

Resource Hash

63b7b59e5fe2a28f3e10e6896e28249fb393b947fd56dabc4c5f485ac26da814

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
etag: W/"c3084d233742252430ccdbe7a9e0c4d398ed10bc"
xip: 168.119.65.111
x-srv: fishnet-prod-feedsbackvar05
xipx: 127.0.0.1
x-powered-by: PHP/8.0.18
x-feeds-web: fishnet-feeds-gogkqhag
grace: none
content-length: 2024
x-feeds-fv: feeds-prod-vie1-var-ne
last-modified: Fri, 29 Apr 2022 19:32:04 GMT
server: nginx/1.10.3
date: Fri, 29 Apr 2022 20:07:27 GMT
vary: Accept-Encoding
access-control-allow-methods: GET
x-varnish: 466259319 238952371, 885053425
access-control-allow-origin: *
access-control-expose-headers: date
cache-control: public,max-age=10799
xyolo
access-control-max-age: 10800
x-sbe: feeds_web11
accept-ranges: bytes
content-type: application/json; charset=UTF-8
access-control-allow-headers: origin, x-requested-with, content-type, accept, cache-control, accept-encoding, accept-language
expires: Fri, 29 Apr 2022 22:32:04 GMT

GET
H2 200 28276608 Show response
uswidgets.fn.sportradar.com/sportradarmlb/en_us/Etc:UTC/gismo/match_info/ 5 KB
3 KB 58ms
58ms XHR
application/json 2a02:26f0:6c00::210:bab3
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://uswidgets.fn.sportradar.com/sportradarmlb/en_us/Etc:UTC/gismo/match_info/28276608

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:bab3 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.10.3 / PHP/8.0.17

Resource Hash

4ae844d53a446230e6e6caa751374946c087d27bb58f2a9dfb2da54f943fb02a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
etag: W/"c29400628e56953ddfe2706305f6320191629387"
xip: 168.119.68.188
x-srv: fishnet-prod-feedsbackvar08
xipx: 127.0.0.1
x-powered-by: PHP/8.0.17
x-feeds-web: fishnet-prod-zrh4-web6
grace: none
content-length: 1977
x-feeds-fv: feeds-prod-vie1-var-ik
last-modified: Fri, 29 Apr 2022 19:09:07 GMT
server: nginx/1.10.3
date: Fri, 29 Apr 2022 20:07:27 GMT
vary: Accept-Encoding
access-control-allow-methods: GET
x-varnish: 463801297 463048822, 914519074
access-control-allow-origin: *
access-control-expose-headers: date
cache-control: public,max-age=10799
xyolo
access-control-max-age: 10800
x-sbe: feeds_web_extra2
accept-ranges: bytes
content-type: application/json; charset=UTF-8
access-control-allow-headers: origin, x-requested-with, content-type, accept, cache-control, accept-encoding, accept-language
expires: Fri, 29 Apr 2022 22:09:07 GMT

GET
H2 200 28276622 Show response
uswidgets.fn.sportradar.com/sportradarmlb/en_us/Etc:UTC/gismo/match_info/ 5 KB
3 KB 93ms
93ms XHR
application/json 2a02:26f0:6c00::210:bab3
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://uswidgets.fn.sportradar.com/sportradarmlb/en_us/Etc:UTC/gismo/match_info/28276622

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:bab3 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.10.3 / PHP/8.0.18

Resource Hash

fb4f3cff3b4e9151030e62a5fb4f8e84b208de951db36582c3cf778939754b2f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
etag: W/"4e446d1628eae7c35b573f5605b15b3752ef09b1"
xip: 2001:ac8:21:e::9
x-srv: fishnet-prod-feedsbackvar08
xipx: 127.0.0.1
x-powered-by: PHP/8.0.18
x-feeds-web: fishnet-feeds-gogkqhag
grace: none
content-length: 1967
x-feeds-fv: feeds-prod-vie1-var-ut
last-modified: Fri, 29 Apr 2022 20:07:07 GMT
server: nginx/1.10.3
date: Fri, 29 Apr 2022 20:07:27 GMT
vary: Accept-Encoding
access-control-allow-methods: GET
x-varnish: 474719080 470991968, 939007884
access-control-allow-origin: *
access-control-expose-headers: date
cache-control: public,max-age=10799
xyolo
access-control-max-age: 10800
x-sbe: feeds_web11
accept-ranges: bytes
content-type: application/json; charset=UTF-8
access-control-allow-headers: origin, x-requested-with, content-type, accept, cache-control, accept-encoding, accept-language
expires: Fri, 29 Apr 2022 23:07:07 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 105 KB
41 KB 65ms
64ms Script
application/javascript 2a00:1450:4001:802::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-698108511

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c567a530aa928692d173e91ab4a5fad8cf1864d9961782b5c4aa6d9ea3e5faf1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 20:07:27 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42201
x-xss-protection: 0
last-modified: Fri, 29 Apr 2022 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 29 Apr 2022 20:07:27 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 94 KB
37 KB 49ms
49ms Script
application/javascript 2a00:1450:4001:802::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-10230056

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9ffb7d8ae71cee2fe895c3761dfc37890e08808eb0a67f2cdcf9a6e2f279ca50

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 20:07:27 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38308
x-xss-protection: 0
last-modified: Fri, 29 Apr 2022 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 29 Apr 2022 20:07:27 GMT

GET
H2 200 RC2f54281ab7324fd39f76106466b9b969-source.min.js Show response
resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/0637acba3b96/ 1 KB
1013 B 41ms
40ms Script
text/javascript 99.86.7.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/0637acba3b96/RC2f54281ab7324fd39f76106466b9b969-source.min.js
Requested by: Host: resources.thestar.com
URL: https://resources.thestar.com/launch-EN5e55511c260e4c0cb05872ba3729b255.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.7.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-7-104.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1760d8053ceef9944a42943f4e1ff5809be73c14149145e106b04933c541874a

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 19:32:30 GMT
content-encoding: gzip
last-modified: Fri, 29 Apr 2022 19:31:37 GMT
server: AmazonS3
age: 2097
etag: W/"96d9a3d818eae6b405e8a95ba7c1ef3a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: aTiWZrBfVZF37EqcmJm4hIa7c0FxvRfj
via: 1.1 2f471134491a4de5cfcaef646caf9dde.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
content-type: text/javascript
x-amz-cf-id: r5JZldRvEr9dDhk0u56Fp_7TSzIKRRugPtX49hqwl2_5SMrILDUybg==

GET
H2 200 core.js Show response
s.pinimg.com/ct/ 1 KB
1 KB 304ms
152ms Script
application/javascript 2a02:26f0:6c00:28f::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/core.js
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:28f::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: f17de407562ed5814892a1b44c6e349761f067cf6f2360ebe2aef4f03a5bea4e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

akamai-x-true-ttl: 7200
x-cdn: akamai
etag: "c4a0eea377c5e0da574e46f4d6e838e5"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: max-age=7200
accept-ranges: bytes
content-length: 1142
access-control-expose-headers: X-CDN

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 105 KB
41 KB 54ms
54ms Script
application/javascript 2a00:1450:4001:802::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-698108511&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-10230056

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2e54673608af4bfb4ca1b786a70fb42f419429f4e5d20f81ebad42160c4d49fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 20:07:27 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42201
x-xss-protection: 0
last-modified: Fri, 29 Apr 2022 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 29 Apr 2022 20:07:27 GMT

GET
H3 200 e8WcSG94vkM93ke5SjF29cSEjmyq7vfry6EL03wtuS4.js Show response
pagead2.googlesyndication.com/bg/ Frame 38D3 35 KB
13 KB 126ms
40ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/e8WcSG94vkM93ke5SjF29cSEjmyq7vfry6EL03wtuS4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7bc59c486f78be433dde47b94a3176f5c4848e6caaeef7ebcba10bd37c2db92e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 17:31:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9381
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13654
x-xss-protection: 0
last-modified: Mon, 25 Apr 2022 12:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 29 Apr 2023 17:31:07 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame D624 0
0 162ms
80ms Image
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022042601&jk=3042496770545708&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 39 KB
15 KB 156ms
61ms Script
text/javascript 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-698108511

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

b9dff679ff9931afbbb8019d522a7d03d7787a7d7818037d48f3a502c652e2b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 20:07:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14892
x-xss-protection: 0
server: cafe
etag: 4605403730725282575
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 29 Apr 2022 20:07:28 GMT

GET
H3

200

activityi;dc_pre=CKb_8buJuvcCFVYfBgAdZCMNMQ;src=10230056;type=ret01;cat=land01;ord=8231822019442;gtm=2od4r0;auiddc=1737323163.1651262848;~oref=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue Show response
10230056.fls.doubleclick.net/ Frame 9778
Redirect Chain

https://10230056.fls.doubleclick.net/activityi;src=10230056;type=ret01;cat=land01;ord=8231822019442;gtm=2od4r0;auiddc=1737323163.1651262848;~oref=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue?
https://10230056.fls.doubleclick.net/activityi;dc_pre=CKb_8buJuvcCFVYfBgAdZCMNMQ;src=10230056;type=ret01;cat=land01;ord=8231822019442;gtm=2od4r0;auiddc=1737323163.1651262848;~oref=https%3A%2F%2Fwww...

409 B
364 B

150ms
65ms

Document
text/html

142.250.186.166
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://10230056.fls.doubleclick.net/activityi;dc_pre=CKb_8buJuvcCFVYfBgAdZCMNMQ;src=10230056;type=ret01;cat=land01;ord=8231822019442;gtm=2od4r0;auiddc=1737323163.1651262848;~oref=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-10230056

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.166 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f6.1e100.net

Software

cafe /

Resource Hash

5687f260a108c210c640fcfe70d74355621c44bba7b2d882add3e2f5cd01dd8c

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: about:blank
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=0
content-encoding: gzip
content-length: 339
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 29 Apr 2022 20:07:28 GMT
expires: Fri, 29 Apr 2022 20:07:28 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 29 Apr 2022 20:07:28 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://10230056.fls.doubleclick.net/activityi;dc_pre=CKb_8buJuvcCFVYfBgAdZCMNMQ;src=10230056;type=ret01;cat=land01;ord=8231822019442;gtm=2od4r0;auiddc=1737323163.1651262848;~oref=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 events Show response
oitwxo.thestar.com/ 0
163 B 366ms
123ms XHR
text/plain 54.242.234.216
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://oitwxo.thestar.com/events

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/signals/config/549886031832745?v=2.9.57&r=stable

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

54.242.234.216 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-242-234-216.compute-1.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.thestar.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.thestar.com
date: Fri, 29 Apr 2022 20:07:28 GMT
access-control-allow-credentials: true
vary: origin
content-length: 0
strict-transport-security: max-age=15724800; includeSubDomains

GET
H2 200 /
www.facebook.com/tr/ 44 B
410 B 124ms
40ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=549886031832745&ev=PageView&dl=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&rl=&if=false&ts=1651262848000&sw=1600&sh=1200&v=2.9.57&r=stable&ec=0&o=30&fbp=fb.1.1651262847997.1319008732&eid=ob3_plugin-set_398dbc2cfe97296bc05a80d03fcdac194fa3c38fc741ce1a75c8f2066bea0311&it=1651262847719&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 20:07:28 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Fri, 29 Apr 2022 20:07:28 GMT

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012203150226000/ Frame 4CF7 222 KB
62 KB 174ms
43ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012203150226000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b94ed570e00f5bba0eaed65da67bf6f2fc5e107446a682eb045f20dbd12ab0e8

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 120317
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 62084
x-xss-protection: 0
server: sffe
date: Thu, 28 Apr 2022 10:42:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "fa1474a6dd6481f4"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 28 Apr 2023 10:42:11 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012203150226000/v0/ Frame 4CF7 16 KB
6 KB 279ms
148ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012203150226000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aec5ee5147fdc283bcb601dc6231c234d9bec077d32756aef2a75eeedf78038f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 120317
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5728
x-xss-protection: 0
server: sffe
date: Thu, 28 Apr 2022 10:42:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "d91e62368f79b48d"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 28 Apr 2023 10:42:11 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012203150226000/v0/ Frame 4CF7 96 KB
29 KB 282ms
151ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012203150226000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

213738a8de7a1e55874dcbc92825c84599256579b64f60f19c2514e61844e6bb

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 120317
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29618
x-xss-protection: 0
server: sffe
date: Thu, 28 Apr 2022 10:42:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "9a9baa9802fa29d2"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 28 Apr 2023 10:42:11 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012203150226000/v0/ Frame 4CF7 5 KB
2 KB 294ms
164ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012203150226000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2eb2a641ec9143273f4f5ba4f1526364fd4b1a040b628b4be54b77dbe362690f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 120317
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1900
x-xss-protection: 0
server: sffe
date: Thu, 28 Apr 2022 10:42:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "3393210d007db9ca"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 28 Apr 2023 10:42:11 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012203150226000/v0/ Frame 4CF7 42 KB
13 KB 294ms
165ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012203150226000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0b43999f77e447254a78e068f55a6cc9075071b252277337b901e095e607e474

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 120317
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13669
x-xss-protection: 0
server: sffe
date: Thu, 28 Apr 2022 10:42:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "565eca32a909292d"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 28 Apr 2023 10:42:11 GMT

GET
DATA 200
OK truncated
/ Frame 4CF7 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0c1c41f17195df1205316d57b9e7bcc8c41428418d247b1e16024716f3bdc0c5

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 11677485922238365842
tpc.googlesyndication.com/simgad/ Frame 4CF7 23 KB
23 KB 42ms
42ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11677485922238365842?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qlb_EcLeknON84Zord_uLRvjxyY0A

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fc04d03deaa0c0c8a537fe0ce99f711845160df61f823e20536c98ab579a3a28

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 12:39:56 GMT
x-content-type-options: nosniff
age: 199652
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23479
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 06:38:19 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 27 Apr 2023 12:39:56 GMT

GET
H3 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 4CF7 2 KB
2 KB 41ms
40ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 09:41:38 GMT
x-content-type-options: nosniff
server: cafe
age: 37550
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 14819457070020093239
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Sat, 30 Apr 2022 09:41:38 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 4CF7 295 B
319 B 53ms
52ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 09:53:05 GMT
x-content-type-options: nosniff
server: cafe
age: 36863
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 426692510519060060
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Sat, 30 Apr 2022 09:53:05 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 4CF7 0
0 134ms
48ms Image
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTe1J3ZvbFMcXHCLKpL6RIlgshp4K-XJUGBedo-VFHgbPT6QwP-VI0CvdBS_H7b6WCi2j9L
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 4CF7 0
0 86ms
85ms Image
text/html 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C_GEUf0VsYpavHu2olQeixKioCMfp7O9poKOJ5tcP29keEAEgx-v2HmC7hoCA0AqgAfqk9OUDyAECqQLfIZSSoxC1PuACAKgDAcgDCKoEmQJP0O352GZME4OJCIB-2snhDCXRNFM_7uqW9n26y69uo6E6goKOQ5t8L50m-eGkTqznvemMCHaezBlrVBujf7aTyYQuY_NpYagOudJ8nJis9dzLvOJ-95uBIjabLCXNyzJN-u8mYCg1ootXqepmCcHknjRk-tkaDW6-e-4WyNQvszoWMNnHEV39r2G6iMNM6ss8XD8ZCQ4fo9F22MJ_cw0enzwLO3hA4XI2LswmQ_5W6sZlEDsTYdPq1Bo9AsWHA4TOGrVr90JiYLXto4MGDFJjTeOU2l-uOoKMTxJA5KwxEQczsqohAxLNsf6k6XNg2pltxUFF-L1DqefbOlaKmEDhi5dLDgSjqN2s_qcsMwqdrAXTYxPpq08BhsAE-pC6gMYD4AQBkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBgKAB8ONnjGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBCR4y_SCAkIiOGAcBABGF2ACgPICwHYEw3QFQGAFwGyFx4KHAgAEhRwdWItODE4ODQzMTQyNTUwOTk5NxiUmRQ&sigh=V4JyRLEsOfo&uach_m=[UACH]
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra15s46-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012203150226000/ Frame D061 222 KB
61 KB 210ms
88ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012203150226000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b94ed570e00f5bba0eaed65da67bf6f2fc5e107446a682eb045f20dbd12ab0e8

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 120317
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 62084
x-xss-protection: 0
server: sffe
date: Thu, 28 Apr 2022 10:42:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "fa1474a6dd6481f4"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 28 Apr 2023 10:42:11 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012203150226000/v0/ Frame D061 16 KB
6 KB 163ms
162ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012203150226000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aec5ee5147fdc283bcb601dc6231c234d9bec077d32756aef2a75eeedf78038f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 120317
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5728
x-xss-protection: 0
server: sffe
date: Thu, 28 Apr 2022 10:42:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "d91e62368f79b48d"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 28 Apr 2023 10:42:11 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012203150226000/v0/ Frame D061 96 KB
29 KB 164ms
164ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012203150226000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

213738a8de7a1e55874dcbc92825c84599256579b64f60f19c2514e61844e6bb

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 120317
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29618
x-xss-protection: 0
server: sffe
date: Thu, 28 Apr 2022 10:42:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "9a9baa9802fa29d2"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 28 Apr 2023 10:42:11 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012203150226000/v0/ Frame D061 5 KB
2 KB 173ms
172ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012203150226000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2eb2a641ec9143273f4f5ba4f1526364fd4b1a040b628b4be54b77dbe362690f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 120317
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1900
x-xss-protection: 0
server: sffe
date: Thu, 28 Apr 2022 10:42:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "3393210d007db9ca"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 28 Apr 2023 10:42:11 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012203150226000/v0/ Frame D061 42 KB
13 KB 174ms
173ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012203150226000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0b43999f77e447254a78e068f55a6cc9075071b252277337b901e095e607e474

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 120317
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13669
x-xss-protection: 0
server: sffe
date: Thu, 28 Apr 2022 10:42:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "565eca32a909292d"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 28 Apr 2023 10:42:11 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame D061 4 KB
619 B 50ms
50ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8aed12b8b95a1d49011f3e134dc8e71804a3576818d1d1334145aaa96d71aa5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 29 Apr 2022 19:04:26 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 29 Apr 2022 20:07:28 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 29 Apr 2022 20:07:28 GMT

GET
H3 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame D061 2 KB
2 KB 48ms
47ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 09:41:38 GMT
x-content-type-options: nosniff
server: cafe
age: 37550
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 14819457070020093239
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Sat, 30 Apr 2022 09:41:38 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame D061 295 B
319 B 49ms
49ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 09:53:05 GMT
x-content-type-options: nosniff
server: cafe
age: 36863
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 426692510519060060
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Sat, 30 Apr 2022 09:53:05 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame D061 0
0 128ms
48ms Image
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaS1SYF3FdTpT5qrr1w3BZWa_FcCTzGoYeZch7MK9Fmni80UldXMX2VzJbDlwUgr3OI6vSKj
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame D061 0
0 80ms
80ms Image
text/html 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C-FGLf0VsYpWvHu2olQeixKioCMn49OtpuKGowZsQ29keEAEgx-v2HmC7hoCA0AqgAYqznq8oyAEJqQKyUPtRlBhMPuACAKgDAcgDCqoEmwJP0O9giJ868liXGR2iNIUcOJ2-qW82PE9wSXsZiHOGyNXNRD6pl_40N8NMPMyTCspSoW-EgDT6z7JkudLJDhLvDC0Cpp4mUuHBbUTD-95cnmrUGQmoPRZgqukDH0wD3S9as9yvOpQy7UazM41SpE6eNjLb6dZiAm8H-j3t2CUkG7mlQnQM6m87FPFwLbL-j10LCg6qNQV0E91z3xNnU1Pne6skthNBQPCxmMug7HI9oy75lz7mrSYa44YnSk-XBxQJn5aHdYNHRrdkWRTXLzYv1ui_cyl9cwNAmJp8Eux4QdkEko7LVfvV8XeLHNwhvYToNDHbLYE9N1JlmNRC1-P3cCSfelU7lXlC8mvWM8gBsrMFbDStFimmfnu0wAT5sPT6hATgBAGgBi6AB4rr7o4DqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQ9dMN0ggJCIjhgHAQARhdgAoDyAsB2BMD0BUBgBcBshceChwIABIUcHViLTgxODg0MzE0MjU1MDk5OTcYlJkU&sigh=nFmJ5yJoofo&uach_m=[UACH]&template_id=484
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra15s46-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

GET
H3 200 6592766407814317453
tpc.googlesyndication.com/simgad/7873500028011805191/ Frame D061 30 KB
30 KB 43ms
42ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/7873500028011805191/6592766407814317453

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bec90e7e7b4c8ecdb8692c975b1f170b0ca14e8686af45028700bd7b21e34df2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 08:52:59 GMT
x-content-type-options: nosniff
age: 213269
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30235
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 19:50:51 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 27 Apr 2023 08:52:59 GMT

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/6308584723117382271/ Frame D061 1 KB
1 KB 42ms
41ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/6308584723117382271/downsize_200k_v1?w=100&h=100

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8d57f1e13983f6fd206a3f4f0e86777f2f44ddf8bc899111897ea3d0a4ab678b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 18:41:11 GMT
x-content-type-options: nosniff
age: 437177
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1396
x-xss-protection: 0
last-modified: Tue, 22 Feb 2022 14:24:50 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 24 Apr 2023 18:41:11 GMT

GET
DATA 200
OK truncated
/ Frame D061 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 86f54d4f393aa718bd334099922dc4b92bbbf4520a23bfa0707f7093fea6b65b

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ Frame D061 15 KB
15 KB 40ms
40ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.thestar.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 17:56:19 GMT
x-content-type-options: nosniff
age: 180669
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:28 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 27 Apr 2023 17:56:19 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ Frame D061 15 KB
15 KB 44ms
43ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.thestar.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 01:46:21 GMT
x-content-type-options: nosniff
age: 66067
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 29 Apr 2023 01:46:21 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/698108511/ 2 KB
2 KB 179ms
90ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/698108511/?random=1651262848123&cv=9&fst=1651262848123&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa4r0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&tiba=thestar.com%20%7C%20The%20Star%20%7C%20Canada%27s%20largest%20daily&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dd3b840c73b435ecfae30ed86ecb8e5519bb49a0674224a96c1c921664be8518

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Apr 2022 20:07:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1061
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect Show response
f.clarity.ms/ 0
70 B 107ms
107ms XHR
text/plain 20.84.22.197
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://f.clarity.ms/collect
Requested by: Host: f.clarity.ms
URL: https://f.clarity.ms/s/0.6.34/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.84.22.197 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://www.thestar.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

access-control-allow-origin: https://www.thestar.com
date: Fri, 29 Apr 2022 20:07:27 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8

GET
H2 200 main.32155010.js Show response
s.pinimg.com/ct/lib/ 52 KB
18 KB 143ms
143ms Script
application/javascript 2a02:26f0:6c00:28f::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/lib/main.32155010.js
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/core.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:28f::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 83912349e8bc8f0ec2084562dc5e71e06f33a3dfcad4899af80117a7174be14d

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

akamai-x-true-ttl: 1209600
content-encoding: gzip
x-cdn: akamai
etag: "fd86de14455274a7c147dc95b77e18e3"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 18298
access-control-expose-headers: X-CDN

GET
H3 200 dc_pre=CKb_8buJuvcCFVYfBgAdZCMNMQ;src=10230056;type=ret01;cat=land01;ord=8231822019442;gtm=2od4r0;auiddc=*;~oref=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue
adservice.google.com/ddm/fls/z/ Frame 9778 42 B
63 B 161ms
77ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CKb_8buJuvcCFVYfBgAdZCMNMQ;src=10230056;type=ret01;cat=land01;ord=8231822019442;gtm=2od4r0;auiddc=*;~oref=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue

Requested by

Host: 10230056.fls.doubleclick.net
URL: https://10230056.fls.doubleclick.net/activityi;dc_pre=CKb_8buJuvcCFVYfBgAdZCMNMQ;src=10230056;type=ret01;cat=land01;ord=8231822019442;gtm=2od4r0;auiddc=1737323163.1651262848;~oref=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue?

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://10230056.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Apr 2022 20:07:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 38D3 0
9 B 40ms
40ms Image
text/plain 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?ApdktQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 20:07:28 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 4CF7
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

180ms
97ms

Image
text/html

2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H3
Server: 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Redirect headers

date: Fri, 29 Apr 2022 20:07:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 /
www.google.com/pagead/1p-user-list/698108511/ 42 B
64 B 54ms
53ms Image
image/gif 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/698108511/?random=1651262848123&cv=9&fst=1651262400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa4r0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&tiba=thestar.com%20%7C%20The%20Star%20%7C%20Canada%27s%20largest%20daily&async=1&fmt=3&is_vtc=1&random=2326484807&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Apr 2022 20:07:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.co.uk/pagead/1p-user-list/698108511/ 42 B
548 B 141ms
51ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.uk/pagead/1p-user-list/698108511/?random=1651262848123&cv=9&fst=1651262400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa4r0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&tiba=thestar.com%20%7C%20The%20Star%20%7C%20Canada%27s%20largest%20daily&async=1&fmt=3&is_vtc=1&random=2326484807&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Apr 2022 20:07:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
ct.pinterest.com/user/ 488 B
832 B 228ms
69ms XHR
application/json 104.75.88.209
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ct.pinterest.com/user/?tid=2612846434758&cb=1651262848353

Requested by

Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.32155010.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-209.deploy.static.akamaitechnologies.com

Software

Resource Hash

dca1ae93b9c0a595ca6470fda80b9628d455812f8ba2bef0cb29edebe4290633

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 20:07:28 GMT
content-encoding: gzip
vary: Accept-Encoding
x-cdn: akamai
akamai-grn: 0.866656b8.1651262848.954fafce
x-envoy-upstream-service-time: 1
x-pinterest-rid: 8144211021127893
pin-unauth: dWlkPU5EUmlOMlV3Tm1NdFlXUTJaaTAwT0RnNUxXRmxNMkV0WlRSbE5XTXhOMlkyWWpNMw
access-control-allow-origin: https://www.thestar.com
referrer-policy: origin
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
content-type: application/json; charset=utf-8
pragma: no-cache
access-control-expose-headers: Epik,Pin-Unauth
cache-control: no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials: true
content-length: 349
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
334 B 212ms
72ms Image
image/gif 104.75.88.209
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ct.pinterest.com/v3/?tid=2612846434758&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%2232155010%22%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1651262848371

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-209.deploy.static.akamaitechnologies.com

Software

Resource Hash

37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Apr 2022 20:07:28 GMT
referrer-policy: origin
x-cdn: akamai
akamai-grn: 0.866656b8.1651262848.954fafde
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 2
content-length: 35
x-pinterest-rid: 8317933625548371
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 events Show response
oitwxo.thestar.com/ 0
162 B 118ms
117ms XHR
text/plain 54.242.234.216
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://oitwxo.thestar.com/events

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/signals/config/549886031832745?v=2.9.57&r=stable

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

54.242.234.216 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-242-234-216.compute-1.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.thestar.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.thestar.com
date: Fri, 29 Apr 2022 20:07:28 GMT
access-control-allow-credentials: true
vary: origin
content-length: 0
strict-transport-security: max-age=15724800; includeSubDomains

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 483C 0
18 B 84ms
41ms Document
text/plain 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://www.thestar.com
Referer: https://www.thestar.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://www.thestar.com
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Fri, 29 Apr 2022 20:07:28 GMT
priority: u=0
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

POST
H2 200 s44969209057387 Show response
s.thestar.com/b/ss/torontodnnlocal/1/JS-2.22.4-LCS4/ 43 B
351 B 44ms
44ms XHR
image/gif 15.236.176.210
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.thestar.com/b/ss/torontodnnlocal/1/JS-2.22.4-LCS4/s44969209057387

Requested by

Host: resources.thestar.com
URL: https://resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/0637acba3b96/hostedLibFiles/EP171e731c9ba34f1c950c36d26e3efd61/AppMeasurement.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.236.176.210 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-236-176-210.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

55c9d2f019f9d7ddfd69b2ad0351c5617338a222362aebb02b3b98a4dbc18486

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.thestar.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 29 Apr 2022 20:07:28 GMT
x-content-type-options: nosniff
x-c: main-1640.Id95fac.M0-564
p3p: CP="This is not a P3P policy"
vary: *
content-length: 43
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Sat, 30 Apr 2022 20:07:28 GMT
server: jag
xserver: anedge-b4b698fcd-qg5zm
etag: 3546059965255286784-4619892817894574623
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif;charset=utf-8
access-control-allow-origin: https://www.thestar.com
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
expires: Thu, 28 Apr 2022 20:07:28 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 107ms
106ms Image
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022042601&jk=3042496770545708&bg=!4eKl4qbNAAZNIUvJbSE7ACkAdvg8Woy_Wu38WldszwcXfmaP74jd1X_jtd7JLm1Kb27M16hBfo-eywIAAACWUgAAAANoAQeZAtXeurpvz5O1cXwps1jiVPMXTJs3f9KiQZJytqsWJ9p_FobiNkbo5dvSMdO1VlUXHZzy3MlfkecN9eYiSjjotaKc7CYjHtNrpz0GSnKYdemhqgxrtDPBmjXRsdIiUY11LiZXDio7RpBo38zZz6NyeZG1JuQs1ZJE0SyaBC4L7EbBALRbVJdQnglIRQ-HAqoIjxNYTkaXgIYGmGxSSJVlbKbQ74a3UsWppDF45gkHlLcR7oKeDjlo26D1n1ZCUNQWEnALPsiGqY4wVLLXAhgkclaGLTvYDJQfEL2fuk1XNJi9Id5Y5FUkHdP5RamVikiae-NIsQXagzbWHa1pIwuy8896BXGQzUVrCYuG9S2Gg3m4aebzfrMQP4S63KopkGcyOl1IuEhwi5pcd_bVVMTrzvDPoVan8ZIAB-F5bwgMkuAQXVUye14Owuia2UwUfpoXTVnhKO9nuSRb2SVAa7CiXZbqMS5aroG8iymlSHZkG1myCJ9N_rBkmwGQLZ4AsLqwGKQmcp0BShYaKWg6r6drRK8cIyr_IpCUwy4TpBzT0scP7uELYL7PfeCJNXG7vZREHT_YYVKDBXIItXrUmz5pxNYcxZH073UVwb_bks4IsqwZ_3t7woMYbFoyIU0ueQR-4nbtQys4p8NoFTtEH2-C27vOEt_lFl0nwQtrfclIfg-M7bkDFZm9Z4dYyIs3LsK-lBo2b69S-4YSN9pOKirTCvShaq8OsKHE5sTEkAmgdNcUwuMfiGpgsr2Zee3VBM8sSTytHvN5ESKeRYvttOWHDrmwpb6AvD7sfG8tvM-kknlevEINW4CUjWQvqiA3U_39-NYzmQqFGGdtn9RCr1_3UHnOt7HbTqlamKLZwIOxIu0QsAv3wgL0n7FEX7pb21gOg8sAWEGpr3MXKUqUObpLOVdSQVhoGzB7pdITEF_xa71WUB8CnpQa7PhMeDDL0DPKLMSbd63-GA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 4CF7 42 B
64 B 85ms
84ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuk9FVZTN4ZIBXin02RfLAQLv4klPAJkuflqMo_CdufZq6qcg2SYYvCaP9vSWFZ-ToL37Xuu98IOofR0dnygWF_urSELlpKfuQQTAbxYEIjPLx7pdHXKcLdc_m204bE9utruewBlfq2bVAKkjl2Ydk&sai=AMfl-YSaEakaLA7wu9FKzTxc0eMzwQd3_881AVpBnKyWmSHndw5Jw1Lh3FfC9si72-QMkrCcsqmhNWOdEK43JKtWRNYRSc5qPxnrNCWZuqq1nWYq8UHPaHDaHGyHnsuGPb3qc9mcJazGw5ABSwFbo6LFwok&sig=Cg0ArKJSzBohARmfPIwyEAE&cid=CAAST-RotvCmmvbQqMP7JY5yzaYQuaJYoYZwwHfGFudPzN7LBoy-kZH6dfZIn9Ua4MUJMKi8FylMSw1frhOtXIa7dgoAawyZqp0ojTTUCL3kG2Y&id=ampim&o=1059,1011&d=300,250&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=389&tls=1389&g=75.59999823570251&h=75.59999823570251&tt=1389&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=1330620275

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Apr 2022 20:07:29 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame D061 0
0 77ms
77ms Image
text/html 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=Cqd1bf0VsYpWvHu2olQeixKioCMn49OtpuKGowZsQ29keEAEgx-v2HmC7hoCA0AqgAYqznq8oyAEJqQKyUPtRlBhMPuACAKgDAaoEmwJP0O9giJ868liXGR2iNIUcOJ2-qW82PE9wSXsZiHOGyNXNRD6pl_40N8NMPMyTCspSoW-EgDT6z7JkudLJDhLvDC0Cpp4mUuHBbUTD-95cnmrUGQmoPRZgqukDH0wD3S9as9yvOpQy7UazM41SpE6eNjLb6dZiAm8H-j3t2CUkG7mlQnQM6m87FPFwLbL-j10LCg6qNQV0E91z3xNnU1Pne6skthNBQPCxmMug7HI9oy75lz7mrSYa44YnSk-XBxQJn5aHdYNHRrdkWRTXLzYv1ui_cyl9cwNAmJp8Eux4QdkEko7LVfvV8XeLHNwhvYToNDHbLYE9N1JlmNRC1-P3cCSfelU7lXlC8mvWM8gBsrMFbDStFimmfnu0wAT5sPT6hATgBAGgBi6AB4rr7o4DqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQ9dMN0ggJCIjhgHAQARhdgAoDyAsB2BMD0BUBgBcBshceChwIABIUcHViLTgxODg0MzE0MjU1MDk5OTcYlJkU&sigh=Pt0mJLqRauU&vt=1&template_id=484&uach_m=[]
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra15s46-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame D061 42 B
64 B 75ms
75ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstB3p4MKdyDdpJwYddS_YtUDzWxk6yo6xsTeatSPaVXMNySulWJXmGM4xnjR_5k_ec9fA6uoPfbW-p1FIjWUweeU6T0sMFleOyT2zdZZ7Mmqm8Zl0QqBmQ87Fr5&sai=AMfl-YSRsxeLOnizu3UBxPzjzCiT6UrfQHSRRi46eSfHleB3BcNLMvOUtheVQZr0Sz2EC8RtqEKXmtgGOqm6GxBa_eA_gtEuEeXuIxu_awQXFPtTYXiXWp3Ual_flPN3yyXCUu_19Jv3dQw63aHLrWk16XA&sig=Cg0ArKJSzOV9x-uNhUhREAE&cid=CAAST-RoW6fpNiRRb9S27w9SnZeo9s7WQ1Gh6C4ZXJRZ0vlPlT8jtagzuZDrKdYkPtW8LFJc4hBEG_qePow2aDSn_3fb41tafo_mEWm-N1e139Y&id=ampim&o=436,10&d=728,90&ss=1600,1200&bs=1600,1200&mcvt=1002&mtos=0,0,1002,1002,1002&tos=0,0,1002,0,0&tfs=387&tls=1389&g=100&h=100&tt=1389&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=1887631228

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Apr 2022 20:07:29 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H/1.1 200
OK attention-event
sr.studiostack.com/track/ Frame 0
0 32ms
32ms Preflight
text/html 51.104.28.77
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://sr.studiostack.com/track/attention-event
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.104.28.77 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.thestar.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD, PUT
Access-Control-Allow-Origin: *
Allow: POST
Cache-Control: no-cache, no-store, must-revalidate
Content-Length: 4
Content-Type: text/html; charset=utf-8
Date: Fri, 29 Apr 2022 20:07:29 GMT
ETag: W/"4-Yf+Bwwqjx254r+pisuO9HfpJ6FQ"
Expires: 0
Pragma: no-cache
request-context: appId=cid-v1:872aa76c-939e-4ab5-93a1-49e977059583

POST
H/1.1 200
OK attention-event Show response
sr.studiostack.com/track/ 0
396 B 34ms
34ms XHR
text/plain 51.104.28.77
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://sr.studiostack.com/track/attention-event
Requested by: Host: sr.studiostack.com
URL: https://sr.studiostack.com/v3/services
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.104.28.77 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.thestar.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

Pragma: no-cache
Date: Fri, 29 Apr 2022 20:07:28 GMT
Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD, PUT
Access-Control-Allow-Origin: *
Expires: 0
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 0
request-context: appId=cid-v1:872aa76c-939e-4ab5-93a1-49e977059583

GET
H2 200 load-cookie.html Show response
elb.the-ozone-project.com/static/ Frame B7E3 11 KB
12 KB 41ms
41ms Document
text/html 34.241.134.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&pubcid=30836999-b814-44b7-a5fe-21dcda32eec1&publisherId=TKN100000001&siteId=4204204311&cb=1651262847063&bidder=ozone
Requested by: Host: prebid.the-ozone-project.com
URL: https://prebid.the-ozone-project.com/hw/torstar/ozpb.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.241.134.108 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-241-134-108.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: d56d3e71b2453fa9b46b097ce633355e153b3b205e5d779d8c4bdb6c4458687b

Request headers

Referer: https://www.thestar.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
cache-control: no-cache, no-store, must-revalidate
content-length: 11722
content-type: text/html; charset=utf-8
date: Fri, 29 Apr 2022 20:07:30 GMT
expires: 0
last-modified: Fri, 29 Apr 2022 05:13:54 GMT
pragma: no-cache
vary: Origin

POST
H3 200 events Show response
api.permutive.com/v2.0/batch/ 201 B
158 B 44ms
44ms XHR
application/json 34.107.254.252
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/v2.0/batch/events?enrich=false&sdkp=true&k=025ad678-bf0a-4fe2-b383-8487592159bc
Requested by: Host: be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app
URL: https://be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app/be54a597-6b6d-4e2d-9d31-642310a8db25-web.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: 63ca0406e12ecd48dda9734d1f9058db8812bd283ae3df9596f784b687f40e63

Request headers

Referer: https://www.thestar.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
content-type: text/plain

Response headers

date: Fri, 29 Apr 2022 20:07:30 GMT
content-encoding: gzip
server: Permutive
vary: Origin
content-type: application/json
access-control-allow-origin: https://www.thestar.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 140
via: 1.1 google

POST
H2 200 cookie_sync Show response
elb.the-ozone-project.com/ Frame B7E3 4 KB
4 KB 43ms
42ms XHR
text/plain 34.241.134.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://elb.the-ozone-project.com/cookie_sync
Requested by: Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&pubcid=30836999-b814-44b7-a5fe-21dcda32eec1&publisherId=TKN100000001&siteId=4204204311&cb=1651262847063&bidder=ozone
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.241.134.108 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-241-134-108.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 8929071e05ab0ae106aebcdaa8898b93c6b424ea4bf66c3e86f8aa72a18f55bb

Request headers

Referer: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&pubcid=30836999-b814-44b7-a5fe-21dcda32eec1&publisherId=TKN100000001&siteId=4204204311&cb=1651262847063&bidder=ozone
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 29 Apr 2022 20:07:30 GMT
vary: Origin
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://elb.the-ozone-project.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
expires: 0

GET
H2

200

setuid
elb.the-ozone-project.com/ Frame B7E3
Redirect Chain

https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dsharethrough%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID
https://elb.the-ozone-project.com/setuid?bidder=sharethrough&gdpr=0&gdpr_consent=&uid=01c8833b-5d84-4971-b5ed-444bdffea0f4

0
384 B

41ms
40ms

Image
text/plain

34.241.134.108
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://elb.the-ozone-project.com/setuid?bidder=sharethrough&gdpr=0&gdpr_consent=&uid=01c8833b-5d84-4971-b5ed-444bdffea0f4
Protocol: H2
Server: 34.241.134.108 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-241-134-108.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://elb.the-ozone-project.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Apr 2022 20:07:30 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
vary: Origin
expires: 0

Redirect headers

location: https://elb.the-ozone-project.com/setuid?bidder=sharethrough&gdpr=0&gdpr_consent=&uid=01c8833b-5d84-4971-b5ed-444bdffea0f4
date: Fri, 29 Apr 2022 20:07:30 GMT
content-length: 0

GET
H2

200

setuid
elb.the-ozone-project.com/ Frame B7E3
Redirect Chain

https://match.prod.bidr.io/cookie-sync/ozo?url=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dbeeswax%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID
https://match.prod.bidr.io/cookie-sync/ozo?url=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dbeeswax%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID&_bee_ppp=1
https://elb.the-ozone-project.com/setuid?bidder=beeswax&uid=AAHI007E2IsAADwCEHaxsw

0
498 B

42ms
42ms

Image
text/plain

34.241.134.108
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://elb.the-ozone-project.com/setuid?bidder=beeswax&uid=AAHI007E2IsAADwCEHaxsw
Protocol: H2
Server: 34.241.134.108 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-241-134-108.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://elb.the-ozone-project.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Apr 2022 20:07:30 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
vary: Origin
expires: 0

Redirect headers

location: https://elb.the-ozone-project.com/setuid?bidder=beeswax&uid=AAHI007E2IsAADwCEHaxsw
Date: Fri, 29 Apr 2022 20:07:30 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0
strict-transport-security: max-age=2592000; includeSubDomains

GET
H/1.1 204
No Content pixel
ap.lijit.com/ Frame B7E3 0
277 B 139ms
43ms Image
text/plain 72.251.249.14
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ap.lijit.com/pixel?redir=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dsovrn%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://elb.the-ozone-project.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 29 Apr 2022 20:07:30 GMT
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap1ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Access-Control-Allow-Methods: GET, POST, DELETE, PUT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 41ms
41ms Image
image/gif 69.192.161.152
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=4&q=0&ai=6867&wr=6866&hp=1&wf=1&ra=5&pxm=4&sgs=6&vb=8&kq=1&lo=0&uk=null&pk=0&wk=1&rk=1&tk=0&ak=-&i=TORONTO_PREBID_HEADER1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5B98bjmPghU%3C4Y%24%26Pz9.aS%3B4oD%7D%60%3Fjc!L2LmqMs%3Cex1bxNTK7%2BuCTpY%3CZ.T%5B%2B%22gbzbSSr1r4YvKUntB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rb=2-XArw4k53N9kCRqL5D8s2wrvkFEQaXcVXbaABZPHbHacu4%2BXMPJmawdw%3D&rs=1-izGQnTcST%2BDrDg%3D%3D&sc=1&os=1-5g%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=11&g=1&fl=1&j=&xc=0&xb=0&xa=0&md=0&mc=0&lb=11537&ld=0&lc=0&la=0&cw=1600&cx=1200&sh=11524&sr=0&sb=0&sq=0&sa=0&sn=0&sj=0&sm=0&si=0&h=4&w=4&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&rm=1&zGSRC=1&gu=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&id=1&ii=4&cm=1&zMoatIS=0&pl=1&f=0&t=1651262843985&de=992698453459&rx=79510749020&cu=1651262843985&m=6868&ar=bee2df476bf-clean&iw=d6445bb&cb=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&le=1&ch=0&vv=0&vw=0%3A0%3A0&vp=undefined&vx=-%3A-%3A-&pe=1%3A1382%3A2100%3A4700%3A1491&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=3713&cd=0&ah=3713&am=0&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=thestar.com%3Athestar.com%20%7C%20The%20Star%20%7C%20Canada%27s%20largest%20daily%3A__page__%3A-&gw=torontoprebidheader623296055317&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&ab=3&ac=1&fd=1&kt=null&it=500&oq=0&ot=0&zMoatJS=3%3A-&tc=0&fs=198121&na=2142810278&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 69.192.161.152 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a69-192-161-152.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Apr 2022 20:07:30 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 29 Apr 2022 20:07:30 GMT

GET
H/1.1 204
No Content sync.php
pixel.rubiconproject.com/exchange/ Frame B7E3 0
239 B 268ms
44ms Image
image/gif 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-ozone&gdpr=0&gdpr_consent=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://elb.the-ozone-project.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 4b510f0cc5fcbc9800016ef543086418
Content-Type: image/gif

GET
H2

200

setuid
elb.the-ozone-project.com/ Frame B7E3
Redirect Chain

https://ad2.360yield.com/server_match?r=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dimprovedigital%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%7BPUB_USER_ID%7D
https://ad2.360yield.com/ul_cb/server_match?r=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dimprovedigital%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%7BPUB_USER_ID%7D
https://elb.the-ozone-project.com/setuid?bidder=improvedigital&gdpr=0&gdpr_consent=&uid=03e242e3-0687-461c-93b3-ed363815a666

0
632 B

42ms
42ms

Image
text/plain

34.241.134.108
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://elb.the-ozone-project.com/setuid?bidder=improvedigital&gdpr=0&gdpr_consent=&uid=03e242e3-0687-461c-93b3-ed363815a666
Protocol: H2
Server: 34.241.134.108 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-241-134-108.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://elb.the-ozone-project.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Apr 2022 20:07:31 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
vary: Origin
expires: 0

Redirect headers

location: https://elb.the-ozone-project.com/setuid?bidder=improvedigital&gdpr=0&gdpr_consent=&uid=03e242e3-0687-461c-93b3-ed363815a666
date: Fri, 29 Apr 2022 20:07:31 GMT
access-control-allow-origin: *
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2

200

setuid
elb.the-ozone-project.com/ Frame B7E3
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=u40cpuw&ttd_tpi=1&gdpr=0&gdpr_consent=
https://elb.the-ozone-project.com/setuid?bidder=ttd&uid=ea5684eb-889b-4bf0-b4af-fc6d7391e0bc

0
756 B

42ms
42ms

Image
text/plain

34.241.134.108
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://elb.the-ozone-project.com/setuid?bidder=ttd&uid=ea5684eb-889b-4bf0-b4af-fc6d7391e0bc
Protocol: H2
Server: 34.241.134.108 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-241-134-108.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://elb.the-ozone-project.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Apr 2022 20:07:31 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
vary: Origin
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 29 Apr 2022 20:07:31 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://elb.the-ozone-project.com/setuid?bidder=ttd&uid=ea5684eb-889b-4bf0-b4af-fc6d7391e0bc
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 215

GET
H2

200

setuid
elb.the-ozone-project.com/ Frame B7E3
Redirect Chain

https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&redirectUri=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dsmart%26gdpr%3D0%26gdpr_consent%3D%26uid%3D...
https://elb.the-ozone-project.com/setuid?bidder=smart&gdpr=0&gdpr_consent=&uid=4665581278415574951

0
864 B

42ms
41ms

Image
text/plain

34.241.134.108
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://elb.the-ozone-project.com/setuid?bidder=smart&gdpr=0&gdpr_consent=&uid=4665581278415574951
Protocol: H2
Server: 34.241.134.108 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-241-134-108.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://elb.the-ozone-project.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Apr 2022 20:07:31 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
vary: Origin
expires: 0

Redirect headers

location: https://elb.the-ozone-project.com/setuid?bidder=smart&gdpr=0&gdpr_consent=&uid=4665581278415574951
date: Fri, 29 Apr 2022 20:07:31 GMT
content-length: 0

GET
H2 200 cookie
cm.adform.net/ Frame B7E3 43 B
106 B 211ms
53ms Image
image/gif 37.157.6.253
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dadform%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.253 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS: s1.adform.net
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://elb.the-ozone-project.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 20:07:31 GMT
server: nginx
content-length: 43
content-type: image/gif

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 44ms
43ms Image
image/gif 69.192.161.152
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=31&hp=1&wf=1&ra=5&pxm=4&sgs=6&vb=8&kq=1&lo=0&uk=null&pk=0&wk=1&rk=1&tk=0&ak=-&i=TORONTO_PREBID_HEADER1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5B98bjmPghU%3C4Y%24%26Pz9.aS%3B4oD%7D%60%3Fjc!L2LmqMs%3Cex1bxNTK7%2BuCTpY%3CZ.T%5B%2B%22gbzbSSr1r4YvKUntB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rb=2-XArw4k53N9kCRqL5D8s2wrvkFEQaXcVXbaABZPHbHacu4%2BXMPJmawdw%3D&rs=1-izGQnTcST%2BDrDg%3D%3D&sc=1&os=1-5g%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=11&g=2&fl=1&j=&xc=0&xb=0&xa=0&md=10&mc=0&lb=11537&ld=1200&lc=0&la=0&cw=1600&cx=1200&sh=11537&sr=0&sb=0&sq=0&sa=0&sn=0&sj=0&sm=0&si=0&h=4&w=4&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&rm=1&zGSRC=1&gu=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&id=1&ii=4&cm=1&zMoatIS=0&pl=1&f=0&t=1651262843985&de=992698453459&rx=79510749020&cu=1651262843985&m=7869&ar=bee2df476bf-clean&iw=d6445bb&cb=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&le=1&ch=0&vv=0&vw=0%3A0%3A0&vp=undefined&vx=-%3A-%3A-&pe=1%3A1382%3A2100%3A4700%3A1491&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=4714&cd=3713&ah=4714&am=3713&xd=00&rf=0&re=0&wb=1&ai=6867&wr=6866&cl=0&at=0&d=thestar.com%3Athestar.com%20%7C%20The%20Star%20%7C%20Canada%27s%20largest%20daily%3A__page__%3A-&gw=torontoprebidheader623296055317&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&ab=3&ac=1&fd=1&kt=null&it=500&oq=0&ot=0&zMoatJS=3%3A-&tc=0&fs=198121&na=1494698403&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 69.192.161.152 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a69-192-161-152.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Apr 2022 20:07:31 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 29 Apr 2022 20:07:31 GMT

GET
H2

200

setuid
elb.the-ozone-project.com/ Frame B7E3
Redirect Chain

https://x.bidswitch.net/check_uuid/https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dgrid%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24%7BBSW_UUID%7D?gdpr=0&gdpr_consent=&us_privacy={{us_priva...
https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dgrid%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24%7BBSW_UUID%7D?gdpr=0&gdpr_consent=&us_privacy={{us...
https://elb.the-ozone-project.com/setuid?bidder=grid&gdpr=0&gdpr_consent=&uid=0349ba1d-5c75-41c0-a2d8-d4060924586b

0
986 B

43ms
42ms

Image
text/plain

34.241.134.108
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://elb.the-ozone-project.com/setuid?bidder=grid&gdpr=0&gdpr_consent=&uid=0349ba1d-5c75-41c0-a2d8-d4060924586b
Protocol: H2
Server: 34.241.134.108 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-241-134-108.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://elb.the-ozone-project.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Apr 2022 20:07:32 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
vary: Origin
expires: 0

Redirect headers

Location: https://elb.the-ozone-project.com/setuid?bidder=grid&gdpr=0&gdpr_consent=&uid=0349ba1d-5c75-41c0-a2d8-d4060924586b
Date: Fri, 29 Apr 2022 20:07:32 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H2

200

setuid
elb.the-ozone-project.com/ Frame B7E3
Redirect Chain

https://ads.avct.cloud/getuid?&gdpr=0&gdpr_consent=&us_privacy={{us_privacy}}&url=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Davocet%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%7B%7BUUID%...
https://ads.avct.cloud/getuid?bounce=true&&gdpr=0&gdpr_consent=&us_privacy={{us_privacy}}&url=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Davocet%26gdpr%3D0%26gdpr_consent%3D%26uid%3...
https://elb.the-ozone-project.com/setuid?bidder=avocet&gdpr=0&gdpr_consent=&uid=3391c585-cfb7-40dc-b993-12fcfa66d623

0
1 KB

41ms
41ms

Image
text/plain

34.241.134.108
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://elb.the-ozone-project.com/setuid?bidder=avocet&gdpr=0&gdpr_consent=&uid=3391c585-cfb7-40dc-b993-12fcfa66d623
Protocol: H2
Server: 34.241.134.108 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-241-134-108.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://elb.the-ozone-project.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Apr 2022 20:07:32 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
vary: Origin
expires: 0

Redirect headers

location: https://elb.the-ozone-project.com/setuid?bidder=avocet&gdpr=0&gdpr_consent=&uid=3391c585-cfb7-40dc-b993-12fcfa66d623
date: Fri, 29 Apr 2022 20:07:32 GMT
p3p: policyref="http://cdn.avocet.io/w3c/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-length: 151
content-type: text/html; charset=utf-8

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 43ms
43ms Image
image/gif 69.192.161.152
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&wf=1&ra=5&pxm=4&sgs=6&vb=8&kq=1&lo=0&uk=null&pk=0&wk=1&rk=1&tk=0&ak=-&i=TORONTO_PREBID_HEADER1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5B98bjmPghU%3C4Y%24%26Pz9.aS%3B4oD%7D%60%3Fjc!L2LmqMs%3Cex1bxNTK7%2BuCTpY%3CZ.T%5B%2B%22gbzbSSr1r4YvKUntB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rb=2-XArw4k53N9kCRqL5D8s2wrvkFEQaXcVXbaABZPHbHacu4%2BXMPJmawdw%3D&rs=1-izGQnTcST%2BDrDg%3D%3D&sc=1&os=1-5g%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=11&g=3&fl=1&j=&xc=0&xb=0&xa=0&md=10&mc=10&lb=11537&ld=1200&lc=1200&la=1200&cw=1600&cx=1200&sh=11537&sr=0&sb=0&sq=0&sa=0&sn=0&sj=0&sm=0&si=0&h=4&w=4&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&rm=1&zGSRC=1&gu=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&id=1&ii=4&cm=1&zMoatIS=0&pl=1&f=0&t=1651262843985&de=992698453459&rx=79510749020&cu=1651262843985&m=8402&ar=bee2df476bf-clean&iw=d6445bb&cb=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&le=1&ch=0&vv=0&vw=0%3A0%3A0&vp=undefined&vx=-%3A-%3A-&pe=1%3A1382%3A2100%3A4700%3A1491&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=5126&cd=4714&ah=5126&am=4714&xd=00&rf=0&re=0&wb=1&ai=6867&wr=6866&cl=0&at=0&d=thestar.com%3Athestar.com%20%7C%20The%20Star%20%7C%20Canada%27s%20largest%20daily%3A__page__%3A-&gw=torontoprebidheader623296055317&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&ab=3&ac=1&fd=1&kt=null&it=500&oq=0&ot=0&zMoatJS=3%3A-&tc=0&fs=198121&na=615230010&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 69.192.161.152 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a69-192-161-152.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Apr 2022 20:07:32 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 29 Apr 2022 20:07:32 GMT

GET
H2 204 101995
dmx.districtm.io/s/v1/img/s/ Frame B7E3 0
60 B 32ms
31ms Image
text/plain 104.16.68.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dmx.districtm.io/s/v1/img/s/101995
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.68.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://elb.the-ozone-project.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 20:07:32 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, POST, OPTIONS
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 703aaa1c9f4ad20c-MAN
access-control-allow-headers: Content-Type, Origin

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame F04D 15 KB
6 KB 155ms
44ms Document
text/html 69.192.160.199

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26uid%3D
Requested by: Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&pubcid=30836999-b814-44b7-a5fe-21dcda32eec1&publisherId=TKN100000001&siteId=4204204311&cb=1651262847063&bidder=ozone
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 69.192.160.199 -, , ASN (),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer: https://elb.the-ozone-project.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=89749
content-encoding: gzip
content-length: 5549
content-type: text/html; charset=UTF-8
date: Fri, 29 Apr 2022 20:07:32 GMT
etag: "1300708-3de4-5d6ef246ef4cf"
expires: Sat, 30 Apr 2022 21:03:21 GMT
last-modified: Tue, 01 Feb 2022 06:38:00 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache/2.2.15 (CentOS)
vary: Accept-Encoding

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame F04D 0
42 B 253ms
29ms Script
text/plain 185.64.190.78

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=43788055&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.78 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 20:07:30 GMT
content-length: 0

GET
H2

200

setuid
elb.the-ozone-project.com/ Frame B7E3
Redirect Chain

https://ssum.casalemedia.com/usermatchredir?s=189937&cb=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dix%26gdpr%3D0%26gdpr_consent%3D%26uid%3D
https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dix%26gdpr%3D0%26gdpr_consent%3D%26uid%3D&s=189937&C=1
https://elb.the-ozone-project.com/setuid?bidder=ix&gdpr=0&gdpr_consent=&uid=YmxFhXv6103SwNcqgTtBhAAA%26691

0
1 KB

41ms
41ms

Image
text/plain

34.241.134.108
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://elb.the-ozone-project.com/setuid?bidder=ix&gdpr=0&gdpr_consent=&uid=YmxFhXv6103SwNcqgTtBhAAA%26691
Protocol: H2
Server: 34.241.134.108 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-241-134-108.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://elb.the-ozone-project.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Apr 2022 20:07:33 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
vary: Origin
expires: 0

Redirect headers

Pragma: no-cache
Date: Fri, 29 Apr 2022 20:07:33 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://elb.the-ozone-project.com/setuid?bidder=ix&gdpr=0&gdpr_consent=&uid=YmxFhXv6103SwNcqgTtBhAAA%26691
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 302
Expires: Fri, 29 Apr 2022 20:07:33 GMT

GET
H2

200

setuid
elb.the-ozone-project.com/ Frame B7E3
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dadnxs%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID
https://elb.the-ozone-project.com/setuid?bidder=adnxs&gdpr=0&gdpr_consent=&uid=666379492276465437

0
1 KB

43ms
43ms

Image
text/plain

34.241.134.108
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://elb.the-ozone-project.com/setuid?bidder=adnxs&gdpr=0&gdpr_consent=&uid=666379492276465437
Protocol: H2
Server: 34.241.134.108 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-241-134-108.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://elb.the-ozone-project.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Apr 2022 20:07:33 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
vary: Origin
expires: 0

Redirect headers

Pragma: no-cache
Date: Fri, 29 Apr 2022 20:07:33 GMT
X-Proxy-Origin: 217.138.196.108; 217.138.196.108; 534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: da87eeb5-a1ed-44bc-8cca-10f721844fe9
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://elb.the-ozone-project.com/setuid?bidder=adnxs&gdpr=0&gdpr_consent=&uid=666379492276465437
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

setuid
elb.the-ozone-project.com/ Frame B7E3
Redirect Chain

https://eb2.3lift.com/getuid?gdpr=0&cmp_cs=&us_privacy={{us_privacy}}&redir=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID
https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy={{us_privacy}}&redir=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID
https://elb.the-ozone-project.com/setuid?bidder=triplelift&gdpr=0&gdpr_consent=&uid=1837590591732259717645

0
1 KB

43ms
43ms

Image
text/plain

34.241.134.108
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://elb.the-ozone-project.com/setuid?bidder=triplelift&gdpr=0&gdpr_consent=&uid=1837590591732259717645
Protocol: H2
Server: 34.241.134.108 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-241-134-108.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://elb.the-ozone-project.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Apr 2022 20:07:33 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
vary: Origin
expires: 0

Redirect headers

location: https://elb.the-ozone-project.com/setuid?bidder=triplelift&gdpr=0&gdpr_consent=&uid=1837590591732259717645
date: Fri, 29 Apr 2022 20:07:33 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 200 prebid
rtb.openx.net/sync/ Frame B7E3 43 B
351 B 98ms
32ms Image
image/gif 35.227.252.103

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24%7BUID%7D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 -, , ASN (),
Reverse DNS
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://elb.the-ozone-project.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Apr 2022 20:07:33 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: hk4a8arp8ofvt6l0b6a8l6bdutibcj9o

GET
H/1.1 200
OK /
p1.parsely.com/plogger/ 43 B
257 B 352ms
117ms Image
image/gif 52.205.167.202
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p1.parsely.com/plogger/?rand=1651262853904&plid=11592495&idsite=thestar.com&url=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%22_scrollIncrement%22%3A2%2C%22_scrollMethod%22%3A%22setinterval%22%2C%22_y%22%3A0%2C%22_bodyHeight%22%3A11537%7D&sid=1&surl=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&sref=&sts=1651262844416&slts=0&title=thestar.com+%7C+The+Star+%7C+Canada%27s+largest+daily&date=Fri+Apr+29+2022+20%3A07%3A33+GMT%2B0000+(GMT)&action=_scroll&pvid=6110863&u=pid%3D37da393c1dc21a1b5ef2137e714b4f9a
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.205.167.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-205-167-202.compute-1.amazonaws.com
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Fri, 29 Apr 2022 20:07:34 GMT
Cache-Control: no-cache
Last-Modified: Friday, 29-Apr-2022 20:07:34 GMT
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H3 200 __activity.gif
query.petametrics.com/v3/q9fqmmutk5a97trs/876b178f-bf25-481d-d401-32d18b918af1/ 35 B
49 B 121ms
120ms Image
image/gif 35.190.14.224
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://query.petametrics.com/v3/q9fqmmutk5a97trs/876b178f-bf25-481d-d401-32d18b918af1/__activity.gif?e=stuck_10s&ct=thestar.com+%7C+The+Star+%7C+Canada%27s+largest+daily&ccu=https%3A%2F%2Fwww.thestar.com%2F&tspl=11876&blst=1430&ist=1871&iet=1875&bdst=1431&bdet=1855&bcttt=41&jsfv=nbc&ts=1651262854347&jsk=q9fqmmutk5a97trs&jsv=20220216&cu=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&uid=876b178f-bf25-481d-d401-32d18b918af1&sid=4113f550-8fbd-49a4-f622-8617238b8c7d&pvid=d1d7013a-bc96-4d6d-ed3d-9b5a283e449d&ua=Mozilla%2F5.0+(Windows+NT+10.0%3B+Win64%3B+x64)+AppleWebKit%2F537.36+(KHTML%2C+like+Gecko)+Chrome%2F101.0.4951.41+Safari%2F537.36&l=en-US&os=Linux+x86_64&cet=4g&crtt=-1&cdl=9.8&saveData=false&ctyp=unknown&tzo=0&w=null&source=null&sdk=bc-pixel
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.14.190.35.bc.googleusercontent.com
Software: openresty/1.13.6.2 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 29 Apr 2022 20:07:34 GMT
via: 1.1 google
server: openresty/1.13.6.2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
content-type: image/gif

POST
H/1.1 200
OK attention-event Show response
sr.studiostack.com/track/ 0
396 B 34ms
34ms XHR
text/plain 51.104.28.77
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://sr.studiostack.com/track/attention-event
Requested by: Host: sr.studiostack.com
URL: https://sr.studiostack.com/v3/services
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.104.28.77 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.thestar.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

Pragma: no-cache
Date: Fri, 29 Apr 2022 20:07:34 GMT
Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD, PUT
Access-Control-Allow-Origin: *
Expires: 0
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 0
request-context: appId=cid-v1:872aa76c-939e-4ab5-93a1-49e977059583

OPTIONS
H/1.1 200
OK attention-event
sr.studiostack.com/track/ Frame 0
0 34ms
34ms Preflight
text/html 51.104.28.77
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://sr.studiostack.com/track/attention-event
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.104.28.77 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.thestar.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD, PUT
Access-Control-Allow-Origin: *
Allow: POST
Cache-Control: no-cache, no-store, must-revalidate
Content-Length: 4
Content-Type: text/html; charset=utf-8
Date: Fri, 29 Apr 2022 20:07:33 GMT
ETag: W/"4-Yf+Bwwqjx254r+pisuO9HfpJ6FQ"
Expires: 0
Pragma: no-cache
request-context: appId=cid-v1:872aa76c-939e-4ab5-93a1-49e977059583

Verdicts & Comments Add Verdict or Comment

251 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

90 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
e377.thestar.com/DG/DEFAULT	1970-01-20 12:17:02	Name: BCSessionID Value: d54a1e3f-7362-4bc2-bca7-d2d422074297
torstar.blueconic.net/DG/DEFAULT	1970-01-20 11:26:38	Name: BCSessionID Value: d54a1e3f-7362-4bc2-bca7-d2d422074297
www.thestar.com/	1970-01-20 11:26:38	Name: selectedCity Value: thestar
www.thestar.com/	1970-01-20 11:26:38	Name: last_visit_bc Value: 1651262843296
.thestar.com/	1970-01-20 11:26:38	Name: bc_tstgrp Value: 4
.thestar.com/	1970-01-20 11:28:05	Name: _vwo_uuid_v2 Value: D40D42F3ED0F9542F9BD263C3D5BDDDBF\|6a26759a29b678a0f77a4971846826e1
.thestar.com/	1970-01-20 07:04:34	Name: permutive-id Value: 2ee61887-1c72-4df3-998c-8283ef8cc984
.be54a597-6b6d-4e2d-9d31-642310a8db25.prmutv.co/	1970-01-20 04:52:05	Name: pxid Value: 0d256bbb-8bac-46b4-a81c-f19fe672a476
.thestar.com/	1970-01-20 05:05:02	Name: _vis_opt_s Value: 1%7C
.thestar.com/	1969-12-31 23:59:59	Name: _vis_opt_test_cookie Value: 1
.thestar.com/	1970-01-23 18:17:02	Name: _vwo_uuid Value: D40D42F3ED0F9542F9BD263C3D5BDDDBF
.thestar.com/	1970-01-20 02:41:04	Name: _vwo_sn Value: 0%3A1
.thestar.com/	1970-01-20 04:50:38	Name: _vwo_ds Value: 3%3At_0%2Ca_0%3A0%241651262842%3A60.63875486%3A%3A47_0%2C45_0%2C44_0%2C43_0%2C42_0%2C35_0%2C34_0%2C32_0%2C26_0%3A3_0%2C2_0%3A0
www.thestar.com/	1969-12-31 23:59:59	Name: userSegmentLogin Value: false
.t.co/	1970-01-20 20:12:14	Name: muc_ads Value: 48138b02-5517-4e58-9502-76ebc1e9f1b2
.twitter.com/	1970-01-20 20:12:14	Name: personalization_id Value: "v1_wS36dLlIcSQf9WZDPPMMVg=="
.scorecardresearch.com/	1970-01-20 19:57:50	Name: UID Value: 1C99e432afca2e4484129971651262844
.demdex.net/	1970-01-20 07:00:14	Name: demdex Value: 29626355058355905060618333060927225407
.thestar.com/	1969-12-31 23:59:59	Name: AMCVS_19A568F454F72DAF0A4C98A6%40AdobeOrg Value: 1
.thestar.com/	1969-12-31 23:59:59	Name: _igt Value: 4113f550-8fbd-49a4-f622-8617238b8c7d
.thestar.com/	1970-01-20 11:26:38	Name: _ig Value: 876b178f-bf25-481d-d401-32d18b918af1
.thestar.com/	1970-01-20 20:12:14	Name: _ga Value: GA1.2.267430075.1651262844
.thestar.com/	1970-01-20 02:42:29	Name: _gid Value: GA1.2.349834138.1651262844
.thestar.com/	1970-01-20 02:41:02	Name: _gat_UA-70431129-1 Value: 1
.thestar.com/	1970-01-20 02:41:02	Name: _gat_UA-73335503-3 Value: 1
.thestar.com/	1970-01-20 02:41:04	Name: _parsely_session Value: {%22sid%22:1%2C%22surl%22:%22https://www.thestar.com/?redirect=true%22%2C%22sref%22:%22%22%2C%22sts%22:1651262844416%2C%22slts%22:0}
.thestar.com/	1969-12-31 23:59:59	Name: __psid Value: 1651262844454
.thestar.com/	1970-01-20 20:12:14	Name: s_ecid Value: MCMID%7C29589706611566247360619746105851323445
.everesttech.net/	1970-01-20 11:26:38	Name: everest_g_v2 Value: g_surferid~YmxFfAAAAIII4wQE
.dpm.demdex.net/	1970-01-20 07:00:14	Name: dpm Value: 29626355058355905060618333060927225407
.thestar.com/	1970-01-20 20:13:41	Name: AMCV_19A568F454F72DAF0A4C98A6%40AdobeOrg Value: 1176715910%7CMCIDTS%7C19112%7CMCMID%7C29589706611566247360619746105851323445%7CMCAAMLH-1651867644%7C6%7CMCAAMB-1651867644%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1651270044s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19119%7CvVersion%7C5.4.0
.adsrvr.org/	1970-01-20 11:26:38	Name: TDID Value: ea5684eb-889b-4bf0-b4af-fc6d7391e0bc
www.thestar.com/	1969-12-31 23:59:59	Name: BCSessionID Value: d54a1e3f-7362-4bc2-bca7-d2d422074297
torstar.blueconic.net/	1970-01-20 02:51:07	Name: AWSALBCORS Value: OnAqxBT1ifpJ+XrPrKS203gpn7M9fzJZfY6s4wNpFIZyjZOgs//AaKRb3VKH7gCFCyd5eL0IAK6EfX6RvSo6NuXPPd1AS9l6LZzjSSdZZnl0xEcjSq2sej8Gj3Ry
www.thestar.com/	1970-01-20 03:24:14	Name: AccessToken Value: idv2l2kv9i54couyks09gbmn7dxd8jsvvq
www.thestar.com/	1970-01-20 02:42:29	Name: ios-smart-banner-shown Value: true
e377.thestar.com/	1970-01-20 02:51:07	Name: AWSALB Value: KyOoVDt2g742F112Ti4V2gI6t1LMGPD+bhWxOMqhcLBfG5UZDNOJPZBWBgB5XwZcPCwyUOYT6s/tfgLWz79FapbeoSgAhgTac39uusLeL4QR6vigREV0HXcTrSHe
e377.thestar.com/	1970-01-20 02:51:07	Name: AWSALBCORS Value: KyOoVDt2g742F112Ti4V2gI6t1LMGPD+bhWxOMqhcLBfG5UZDNOJPZBWBgB5XwZcPCwyUOYT6s/tfgLWz79FapbeoSgAhgTac39uusLeL4QR6vigREV0HXcTrSHe
www.thestar.com/	1969-12-31 23:59:59	Name: latestContentTier Value: 0
.thestar.com/	1970-01-20 12:10:26	Name: _parsely_visitor Value: {%22id%22:%22pid=37da393c1dc21a1b5ef2137e714b4f9a%22%2C%22session_count%22:1%2C%22last_session_ts%22:1651262844416}
www.thestar.com/	1970-01-20 11:26:38	Name: rememberMeML Value: https://www.thestar.com/?redirect=true
www.thestar.com/	1970-01-20 03:24:14	Name: _pbjs_userid_consent_data Value: 3524755945110770
.www.thestar.com/	1970-01-20 20:12:14	Name: ts_s_ecid Value: MCMID%7C29589706611566247360619746105851323445
.adnxs.com/	1970-01-20 04:50:38	Name: icu Value: ChgI8ppSEAoYASABKAEw_4qxkwY4AUABSAEQ_4qxkwYYAA..
.adnxs.com/	1970-01-20 04:50:38	Name: anj Value: dTM7k!M4/8CxrEQF']wIg2IllqH'tU!]tbP6j2F-XstGt!@Dl_$q]k*
.adnxs.com/	1970-01-20 04:50:38	Name: uuid2 Value: 666379492276465437
.rubiconproject.com/	1970-01-20 11:26:38	Name: khaos Value: L2KV9J5W-22-GM7T
.rubiconproject.com/	1970-01-20 11:26:38	Name: audit Value: 1\|naVuGyos1qraNk6+qKeI31qbBgMWySGKoH1GQZR6kugsjeDKZpe5AIVyDOlN7MlkZ5DH12jhCRGScjHPe80SWMxuhZpbWKLt+XD9g38/+iI=
.bing.com/	1970-01-20 12:02:38	Name: MUID Value: 12CBB3BDA07769AA1694A228A18C68D7
.thestar.com/	1970-01-20 02:42:29	Name: _uetsid Value: fdf86a30c7f711ec8f5a8707432ef0e3
.thestar.com/	1970-01-20 12:02:38	Name: _uetvid Value: fdf881e0c7f711ecac9515abcdd5a1f5
.thestar.com/	1970-01-20 04:50:38	Name: _rdt_uuid Value: 1651262847423.f373a926-2fd5-4f8c-90fd-15839fd4fa42
www.thestar.com/	1970-01-20 02:45:22	Name: digitalAccessOverlayStatus Value: nextPage
www.thestar.com/	1970-01-20 02:48:14	Name: digitalAccessOverlaySubscriberStatus Value: nextPage
.linkedin.com/	1970-01-20 03:24:14	Name: UserMatchHistory Value: AQLcPkhGQfuJWwAAAYB273ol7gQ-ktPZJoF_5vedaOiN5dzoPkHP7-d8aNwtzto5Jk9Yp4KUB-NhwQ
.linkedin.com/	1970-01-20 03:24:14	Name: AnalyticsSyncHistory Value: AQLi6-nm3jN72QAAAYB273olOBLAARfth5SofCMH_TVSa0nvYDzhe0PYFibBOxs-qjTsA8_jHKGH0lS-PFGe0g
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-20 20:12:56	Name: bcookie Value: "v=2&1e0ba178-f62f-49a5-8a21-fc87c24b5b90"
.linkedin.com/	1970-01-20 02:42:29	Name: lidc Value: "b=VGST06:s=V:r=V:a=V:p=V:g=2366:u=1:x=1:i=1651262847:t=1651349247:v=2:sig=AQEm7DPnYYV-F7ljdTHOzAWYPd0gLke_"
.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.www.linkedin.com/	1970-01-20 20:12:56	Name: bscookie Value: "v=1&20220429200727ead876cb-6cfb-40dd-82f5-85d54989f6ffAQE60qgimVbxuRrp7uCOofqEjitnFanE"
.linkedin.com/	1970-01-20 19:59:28	Name: li_gc Value: MTswOzE2NTEyNjI4NDc7MjswMjHtgDKTNfH98MLQVj6BsOV88dMOriTR6OMlBBjIZ5JObA==
.c.bing.com/	1970-01-20 12:02:38	Name: SRM_B Value: 12CBB3BDA07769AA1694A228A18C68D7
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-20 12:02:38	Name: MUID Value: 12CBB3BDA07769AA1694A228A18C68D7
.c.clarity.ms/	1970-01-20 02:41:03	Name: ANONCHK Value: 0
.thestar.com/	1970-01-20 04:50:38	Name: _gcl_au Value: 1.1.1737323163.1651262848
.thestar.com/	1970-01-20 12:02:38	Name: __gads Value: ID=18a943f5f307f54a-224b300487cd0096:T=1651262847:S=ALNI_MaO1xEH8f0zOtOgs8MAyf8KyPP7KA
.thestar.com/	1970-01-20 04:50:38	Name: _fbp Value: fb.1.1651262847997.1319008732
.thestar.com/	1970-01-20 11:26:38	Name: _clck Value: 12ja7fp\|1\|f11\|0
.facebook.com/	1970-01-20 04:50:38	Name: fr Value: 00gP1eM7YZK1EtnMT..BibEWA...1.0.BibEWA.
.doubleclick.net/	1970-01-20 12:02:38	Name: IDE Value: AHWqTUkPQfIl1xCVrT8sSauC5vYbeo-8-2Q2_vkRbglVyIgy8Ziykgk2b-0j51fHs8Q
.thestar.com/	1970-01-20 02:42:29	Name: _clsk Value: 1c29ssk\|1651262848274\|1\|0\|f.clarity.ms/collect
.thestar.com/	1970-01-20 03:24:14	Name: s_nr Value: 1651262848530-New
.thestar.com/	1970-01-20 11:26:38	Name: s_nr2 Value: 1651262848531-New
.thestar.com/	1969-12-31 23:59:59	Name: s_cc Value: true
.thestar.com/	1970-01-20 11:26:38	Name: _pin_unauth Value: dWlkPU5EUmlOMlV3Tm1NdFlXUTJaaTAwT0RnNUxXRmxNMkV0WlRSbE5XTXhOMlkyWWpNMw
.doubleclick.net/	1970-01-20 02:41:06	Name: DSID Value: NO_DATA
.the-ozone-project.com/	1970-01-20 04:50:38	Name: ozone_uid Value: 28UEdNLFcxfEPLq7OFAEXMqJtnr
.sharethrough.com/	1970-01-20 03:24:14	Name: stx_user_id Value: 01c8833b-5d84-4971-b5ed-444bdffea0f4
.bidr.io/	1970-01-20 12:09:36	Name: bito Value: AAHI007E2IsAADwCEHaxsw
.bidr.io/	1970-01-20 12:09:36	Name: bitoIsSecure Value: ok
.360yield.com/	1970-01-20 04:50:38	Name: tuuid Value: 03e242e3-0687-461c-93b3-ed363815a666
.360yield.com/	1970-01-20 04:50:38	Name: tuuid_lu Value: 1651262851
.adsrvr.org/	1970-01-20 11:26:38	Name: TDCPM Value: CAEYASABKAIyCwiO7o3704nVOhAFOAFaB3U0MGNwdXdgAg..
.smartadserver.com/	1970-01-20 12:11:17	Name: pid Value: 4665581278415574951
.the-ozone-project.com/	1970-01-20 04:50:38	Name: uids Value: eyJ0ZW1wVUlEcyI6eyJiZWVzd2F4Ijp7InVpZCI6IkFBSEkwMDdFMklzQUFEd0NFSGF4c3ciLCJleHBpcmVzIjoiMjAyMi0wNS0xM1QyMDowNzozMC43MDYzNzY2OVoiLCJzb3VyY2UiOiJjb29raWUifSwiaW1wcm92ZWRpZ2l0YWwiOnsidWlkIjoiMDNlMjQyZTMtMDY4Ny00NjFjLTkzYjMtZWQzNjM4MTVhNjY2IiwiZXhwaXJlcyI6IjIwMjItMDUtMTNUMjA6MDc6MzEuMzQ2MTYxMDMyWiIsInNvdXJjZSI6ImNvb2tpZSJ9LCJzaGFyZXRocm91Z2giOnsidWlkIjoiMDFjODgzM2ItNWQ4NC00OTcxLWI1ZWQtNDQ0YmRmZmVhMGY0IiwiZXhwaXJlcyI6IjIwMjItMDUtMTNUMjA6MDc6MzAuMzU1MDc5OTE5WiIsInNvdXJjZSI6ImNvb2tpZSJ9LCJzbWFydCI6eyJ1aWQiOiI0NjY1NTgxMjc4NDE1NTc0OTUxIiwiZXhwaXJlcyI6IjIwMjItMDUtMTNUMjA6MDc6MzEuNjM5OTU5ODQ0WiIsInNvdXJjZSI6ImNvb2tpZSJ9LCJ0dGQiOnsidWlkIjoiZWE1Njg0ZWItODg5Yi00YmYwLWI0YWYtZmM2ZDczOTFlMGJjIiwiZXhwaXJlcyI6IjIwMjItMDUtMTNUMjA6MDc6MzEuNDQzODM2NzQ4WiIsInNvdXJjZSI6ImNvb2tpZSJ9fSwiYmRheSI6IjIwMjItMDQtMjlUMjA6MDc6MzAuMzU1MDc3NTI2WiJ9
.bidswitch.net/	1970-01-20 11:26:38	Name: tuuid Value: 0349ba1d-5c75-41c0-a2d8-d4060924586b
.bidswitch.net/	1970-01-20 11:26:38	Name: c Value: 1651262852
.bidswitch.net/	1970-01-20 11:26:38	Name: tuuid_lu Value: 1651262852

15 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://www.thestar.com/?redirect=true(Line 122) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://dev.visualwebsiteoptimizer.com/deploy/js_visitor_settings.php?v=1&a=354908&url=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&random=0.9099634130351753, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://www.thestar.com/?redirect=true(Line 122) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://dev.visualwebsiteoptimizer.com/deploy/js_visitor_settings.php?v=1&a=354908&url=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&random=0.9099634130351753, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://dev.visualwebsiteoptimizer.com/deploy/js_visitor_settings.php?v=1&a=354908&url=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&random=0.9099634130351753(Line 2) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://dev.visualwebsiteoptimizer.com/7.0/track-3a8c03cc83fd9c554b5af6e1cc1ffa80.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://dev.visualwebsiteoptimizer.com/deploy/js_visitor_settings.php?v=1&a=354908&url=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&random=0.9099634130351753(Line 2) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://dev.visualwebsiteoptimizer.com/7.0/track-3a8c03cc83fd9c554b5af6e1cc1ffa80.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://dev.visualwebsiteoptimizer.com/deploy/js_visitor_settings.php?v=1&a=354908&url=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&random=0.9099634130351753(Line 2) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://dev.visualwebsiteoptimizer.com/analysis/4.0/opa-608d8314e5c4b9c6caefe04b8ad484ca.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://www.thestar.com/?redirect=true(Line 140) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://d5phz18u4wuww.cloudfront.net/vis_opt.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://www.thestar.com/?redirect=true(Line 140) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://d5phz18u4wuww.cloudfront.net/vis_opt.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://d5phz18u4wuww.cloudfront.net/vis_opt.js(Line 218) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://dev.visualwebsiteoptimizer.com/7.0/vis_opt-3a8c03cc83fd9c554b5af6e1cc1ffa80.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://d5phz18u4wuww.cloudfront.net/vis_opt.js(Line 218) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://dev.visualwebsiteoptimizer.com/7.0/vis_opt-3a8c03cc83fd9c554b5af6e1cc1ffa80.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network	error	URL: https://api.rlcdn.com/api/identity?pid=2&rt=envelope Message: Failed to load resource: the server responded with a status of 451 ()
network	error	URL: https://www.thestar.com/static/clients/torontostar/TorstarDeckCondensed-Roman.woff2?rf Message: Failed to load resource: the server responded with a status of 404 ()
javascript	warning	URL: https://ad.doubleclick.net/ddm/adj/N7050.197812.NSO.CODESRV/B24540798.279406836;sz=1x2;ord=383594165561? Message: Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
javascript	warning	URL: https://ad.doubleclick.net/ddm/adj/N7050.197812.NSO.CODESRV/B24540798.279406836;sz=1x2;ord=383594165561?(Line 142) Message: Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
other	warning	URL: https://cdn.ampproject.org/rtv/012203150226000/v0/amp-ad-exit-0.1.mjs(Line 1) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://cdn.ampproject.org/rtv/012203150226000/v0/amp-ad-exit-0.1.mjs(Line 1) Message: Unrecognized feature: 'attribution-reporting'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

10230056.fls.doubleclick.net
38fc71d3a7f71811905cf382c4928eaf.safeframe.googlesyndication.com
ad.doubleclick.net
ad2.360yield.com
ads.avct.cloud
ads.pubmatic.com
adserver.pressboard.ca
adservice.google.co.uk
adservice.google.com
alb.reddit.com
analytics.twitter.com
ap.lijit.com
api.permutive.com
api.rlcdn.com
api.thestar.com
as-sec.casalemedia.com
bat.bing.com
be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app
be54a597-6b6d-4e2d-9d31-642310a8db25.prmutv.co
c.amazon-adsystem.com
c.bing.com
c.clarity.ms
c2shb.ssp.yahoo.com
cdn.ampproject.org
cdn.parsely.com
cdn.petametrics.com
cm.adform.net
cm.everesttech.net
connect.facebook.net
ct.pinterest.com
d1nxn87txdj54y.cloudfront.net
d1z2jf7jlzjs58.cloudfront.net
d5phz18u4wuww.cloudfront.net
data.ontario.ca
dev.visualwebsiteoptimizer.com
dmx.districtm.io
dpm.demdex.net
e377.thestar.com
eb2.3lift.com
elb.the-ozone-project.com
f.clarity.ms
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
htlb.casalemedia.com
ib.adnxs.com
image6.pubmatic.com
images.thestar.com
img.sportradar.com
js-sec.indexww.com
match.adsrvr.org
match.prod.bidr.io
match.sharethrough.com
mb.moatads.com
misc.thestar.com
oitwxo.thestar.com
p1.parsely.com
pagead2.googlesyndication.com
pixel.rubiconproject.com
platform.twitter.com
prebid.the-ozone-project.com
px.ads.linkedin.com
px.moatads.com
px4.ads.linkedin.com
query.petametrics.com
resources.thestar.com
rtb.openx.net
s.pinimg.com
s.thestar.com
sb.scorecardresearch.com
secure.adnxs.com
securepubads.g.doubleclick.net
sejs.moatads.com
snap.licdn.com
sr.studiostack.com
ssbsync-global.smartadserver.com
ssum.casalemedia.com
static.ads-twitter.com
stats.g.doubleclick.net
t.co
thestar.com
torontostar-d.openx.net
torontostarnewspaperslimited.demdex.net
torstar.blueconic.net
torstar.gscontxt.net
tpc.googlesyndication.com
unpkg.com
uswidgets.fn.sportradar.com
widgets.media.sportradar.com
www.facebook.com
www.google-analytics.com
www.google.co.uk
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.linkedin.com
www.redditstatic.com
www.thestar.com
x.bidswitch.net
z.moatads.com
104.16.68.69
104.244.42.195
104.244.42.69
104.75.88.209
13.107.42.14
13.248.245.213
13.32.21.33
142.250.184.226
142.250.186.166
143.204.201.41
143.204.201.48
143.204.214.118
15.236.176.210
150.136.200.75
151.139.128.11
172.217.16.130
172.217.18.98
18.168.215.250
18.194.211.85
18.197.25.166
184.31.84.150
185.64.190.78
185.86.139.94
199.232.136.157
20.84.22.197
2602:803:c003:200::61
2606:2800:234:59:254c:406:2366:268c
2606:4700::6810:7daf
2606:4700::6812:551
2620:1ec:21::14
2620:1ec:c11::200
2a00:1450:4001:800::200a
2a00:1450:4001:802::2008
2a00:1450:4001:803::2002
2a00:1450:4001:80e::2003
2a00:1450:4001:80f::2002
2a00:1450:4001:810::2001
2a00:1450:4001:811::2002
2a00:1450:4001:812::2001
2a00:1450:4001:812::2004
2a00:1450:4001:813::200e
2a00:1450:4001:827::2003
2a00:1450:4001:828::2002
2a00:1450:4001:82a::2001
2a00:1450:4001:82a::2002
2a00:1450:400c:c08::9b
2a02:26f0:3500:7::17d8:4dc8
2a02:26f0:6c00:28f::1931
2a02:26f0:6c00::210:ba79
2a02:26f0:6c00::210:bab3
2a02:26f0:6c00::210:bae8
2a03:2880:f02d:100:face:b00c:0:3
2a03:2880:f12d:181:face:b00c:0:25de
2a04:4e42:200::396
2a04:4e42:400::396
3.33.220.150
34.107.254.252
34.120.133.55
34.241.134.108
34.243.37.252
34.255.218.80
34.96.102.137
35.190.14.224
35.227.252.103
35.241.9.51
35.244.159.8
37.157.6.253
37.252.172.249
37.252.173.27
51.104.28.77
52.139.4.139
52.142.114.2
52.19.103.233
52.205.167.202
52.206.166.185
52.28.203.152
52.30.130.246
54.242.234.216
63.32.133.51
65.9.58.150
65.9.58.162
65.9.61.60
65.9.66.173
65.9.68.36
69.173.144.139
69.192.160.199
69.192.160.245
69.192.161.152
72.251.249.14
99.86.7.104
99.86.7.38
99.86.7.70
99.86.7.83
00aa80a9ae69f0ef81f45f46c2faeb81c47fada0b498ea6e530906c16105db9d
0135a0a9b04f1f4b73b6a761f079938e1d9bf8352fec56dfa532ab0821b7bf41
02dd647cf98e249d624ffd3db638c04b1e0381bc3d34bedbbffa4a440eb3c4a4
02f1c2e2b0dcd4dda84b6fd14ce389351c074b618ec404d6b3a156068aa09a7e
032c30c45274a913d19addce026ce51624405e7325a36b512270e375eed14e16
03a5a532fabdd875f0cf26c31d54af224838bfb8ced410611f20d66c7f426c52
04eeaa17ce5102fa9ba11989d4beb1ce6a65b8e2dc9bd49efec41369f7921f3a
058d1a8a629c82f344bb897688af943b1ee5041381f487250241ca16bb24a300
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0723972e9d5f7c83445321d5a47695fe42dd19cb91f1e76cd827c2867c420a46
077d0d86c3975a59e92c16eaddc2635ad642afcfd3c93d0e86d63dd8b62be118
086f1c868f8f769ef0039b238b415fc3c46d97e342309dc8c61cefb40868212e
08a8586f7eb9d887282e3f6aaec113b9886c129a90f687f1ea2c0c4a35c2a2f6
092433010c83e4e157d859c0712053ad168b50d22fcc8095a7ef133e10cd3aed
098ac1fe26b8dcbf76d32aa5db27e6112d093743f9a3e4df1dc529c131df4363
09a36f051aa6f025ec810e84879c542995efba9e5bf8d362acb1fcfa730a866d
0b43999f77e447254a78e068f55a6cc9075071b252277337b901e095e607e474
0c1c41f17195df1205316d57b9e7bcc8c41428418d247b1e16024716f3bdc0c5
0e0597c66b4c19f9a2f09795677cb7e5932d373d87b6853c6b474d68f72d0b63
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
12e402c8de3c3603b70c055f81df40f21301988fedc71caed5a35bf1abf4d480
12f146dd166618bea1d2d4a9ea8c89362c37b592f8d4ded1d74de50f0176eee9
133d99ecc7e1f65d2e0bdc9d04fae746f2e9b820213b2a2df7fed60ba073475e
1391055c5b722a3da6707ead294507ace2df3db7891cccb53a94441f794fd33c
143ba2c45703df981edb26afe32d1887f9a0f0ee36965656ec9e197dac9acf21
14f2ec002b176e0dee403cb7dd4ef2274a1353080e1e3e4084678770f4c15b9c
15dd7383a83a39ff0aa688707cbb570e914350a5d0d6fa3bc1495ca46e5e615a
1760d8053ceef9944a42943f4e1ff5809be73c14149145e106b04933c541874a
182fb2b790fe5834246d223be4978a2e56d480b6d2226cb1df834519086205d8
18ee6c158ecdcabd472f582e3c5718be76aa9f1e910aeb355ea1cca99dbac31f
1909b2a83fd41494d94862c4323944d9d0aa1f1e653f252ea5a73fc5944308b0
1a7c8fc98f02009c03d2ea20681a804188a55e65d4cf1d0dcd93370acebf0ec0
1ba5efdd46b3c4bccd21c6299dab68a021bb2619403080efab388549d42ae1a2
1c8aed41d3b5cce6c42feb4938d2e1c36721ed775e9f19550deecce290fae826
200ed1c24014fe4a91d477ad2c51cd81342818f4fd37bcd0f00d201c8735fd6f
211749c6bc4c32f751b4ca5e707c585e181205711141f814eb9712fee91531f3
213738a8de7a1e55874dcbc92825c84599256579b64f60f19c2514e61844e6bb
221da5b9abab5ff408ee5174a127f762c0fbf4cd9a9bf368e0545b643419d1f8
23c07ada50fe521ad2b5149e0266d90c4186ab69d4b9006409c078fd6d2bcee0
24a77a91e337c0dc7e0a9bfa1e00fc73060a2cd005e3f49b5d88914d160e76a1
25e5c10cb58300c92e6d6065fa0ea49a206499c58a2f1152af1deea8f34a5066
2621e252a9ada6cfdac776361277f559a9d7fa0b2371c99374c532a5820d4def
280a0633962581a6308a11e1d2b5c55094dbe6d8a28c6b0e45282c643d039177
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
2b226e5d93065073bd670913a90719666f054e802a7449f347f9368c40a13d3d
2d767fe00284ba315844a0f61f8f69721df84ca58781e8b960455fee618c9778
2e54673608af4bfb4ca1b786a70fb42f419429f4e5d20f81ebad42160c4d49fb
2eb2a641ec9143273f4f5ba4f1526364fd4b1a040b628b4be54b77dbe362690f
2f930f1d60bae4e11b1aa9e6d50457aa5f03068b85e92235a126708b54ed6853
301eb9a39230e2218766da3b201b9292aaad1bd63b9104d852d2b9ecd9fff8c0
305dd4cf1fbb8907eb5625cb4c9220032ed73f6d97ac5a3ff66fb00337e59917
3184fd632cad5dc9eb8f35f6aa4337af5d37a62db990efdef3b82d390827c81b
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
33afc8e71d59f428189a4e10d350838300df69111543a0df6b60c7c135cfb921
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
3644264a33465399ca76bee9a04de8fdd50aec96e77a27c08492b360f6922213
369ee86f98ea5be70470d5846d73b7d2d5f2eca5bcf6c169b260572277c90a15
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
37d2a19c463e69fb9b7a3ce46c0991f8a8486c6cea18da01fec6bba21bb9286d
38254c821b6bec9ee36bb8116cf81a16b0a9c2a51f97cacdb483b4fdeb6e3821
39ca7166596486e4d67c242d70fb6a1d95d2ee9462ea02026d38c882ae752177
3bea2c4c3c8308852c379f187b3d86687f48038a041b69e85c4a939b770c0e05
3d6f8a866403ef7ca21b58674a73d365d4a8a20ba189da5b45c594eda4453919
3d7d03febc73a1c4dbd37a3df1ef55dd6f1303149ff39ea35ad3e9b0f6dc1637
3db3fdae0e2be13c8acc57ed679246d27616e65d48bc7f2b050b21076a13c452
3de6a4fb2cbe4eb755287fd0094052835db8ce320bc715dcadfc79057cc54a18
4132298af9205b3d2b87fd7007d3064794ab560b649f045f4c0f16fa50748869
418d5e0aef45240c498a96f167de630c7e1815f352daf45ac2ae4132d328998d
428c24bdc9179e3918ed7abed626e122a27038eb28f7993ff07464c29508ca33
43700b9800ddc7b26ee1bf46a878b942908a720bd48a1809163d3a26de2944c8
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4466f366b2897f4839ba95e1b5d96fa3c3e11cadb7fe0096afb3a5a97b872ffb
448edd4a71b4ca28931010c1c2166872801702a420ff549a7c757edf863d7530
462a66acbf50e933685e7587e9f1441df8225b2bb4d6b7bc5e757eccf4ff6575
4700fae072009548d8a98c58e8f48fce6f625d2efc7abb855ac8983f353fc408
482f91a1f3f0a72ea0434da8fdda1a797589a5c443f9678cb4dd25f2e320a951
49d65831c7e98a7d885d223699a41198204329efff9d1904c8af71323f613d68
4ae844d53a446230e6e6caa751374946c087d27bb58f2a9dfb2da54f943fb02a
4b123f8e3a4b0db9c32f6add4b53ac3b66afecd0ac6c0b17a90e1451642f7418
4d3cdf7100f2b52b13e8a7ac921bf71f03e950cba859f4e177266596efc380d6
4da8f4d2d20833c254b092ab30d0ebaee5e3d93716e320773ff55c27c353796b
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4ebb8485b400a9023b86f17f168967840bcb1cfc68a2b0f6f92ea6026d0c3fc8
5019e40a161c71cbf4fc8b1fc0a1809456b3cfc7fc93eadaf7b374cdb0cb9c60
502a19bd8010b390245ee5ce7cab84a4250da24d548828b555a53a68cfbd8db9
515239a85055e3ce255def75ee13d72d166e04154099ac2d8e61dec9417850ab
5256e20d2385d02616639e72c3bc01f6b1ffbe75c2838d82cd25b93d0a35e1a1
52cac1193a3683e35353723a38e01a9bcc0c5f9bf2be42d29c96905527c7923d
53e47f0803e3983ae0b26db5f39e87c0bfd327981749c02c9e2f955341e34d7b
5426dc1a3330d1796eca952eb69f57e489be32406ff15ddfaf2d99cc2ef5cba3
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55c9d2f019f9d7ddfd69b2ad0351c5617338a222362aebb02b3b98a4dbc18486
5687f260a108c210c640fcfe70d74355621c44bba7b2d882add3e2f5cd01dd8c
57ebbdf292d11caf6685535cc6821bee2ae483a1b289d63242fa5e294f469e7c
59c59b194ac28c56c539f1008f33f1f2b40c4e081f9b8499e6c21c7480011868
5b2833099997251581945de32e3251b1ae41af2108d2a4e7ab88c31f56753040
5bafa8250e85946ba21ee50f908f071ecda51576eb9fb3aff3a26871c578b9da
5d8e2a45b87836c8fc0b8c319fd2bfaa775a1496e72b08fdf5c13337e1dcc961
5ea1e242279067e3e88564e4ef131143c58e7ec36929e73b31f8c94b990455a4
5ebe835bb7372c5a95baeeceaf1c8efcc9d724cd06d987745ee836784166f49a
5f8f2739eab8542e8316b8d27f96040f31ae37bba3f5247dc55a7a32d1eac773
613280fcdb2fa53339fcdd72130e5ab43686226528c33e428c1c850a11d7dcaf
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6276cf74233056334460de6cfa0f7b1bca813eaa2bab243cb8998b7d81fbb4aa
62f586be8571b23584eb4a60a45a3157ff7c8388b1b1e3b4e8890e243b3e47de
630de2cec4dc3913e5b2eed60189a83a03fc681afdff8d08bc8d98ee0cc59631
63b7b59e5fe2a28f3e10e6896e28249fb393b947fd56dabc4c5f485ac26da814
63ca0406e12ecd48dda9734d1f9058db8812bd283ae3df9596f784b687f40e63
646f5c35daec357192466a68929e8ddd70909a7e96e57cd7c4b7edcb18f4a029
661deeccee00065fd0750f64a666790c6df48ab08d044ec346fc29ef9574c5a1
66702c619662e625d541898d2444a1fdccbc8f52ed74c1124fa6c1843c242021
669681c2c16683192a70ad60109c4a164023b217c1d804ff8f79270319ef2ff0
6a5d134ce0702f55663b83e6d4a9d300e38f9328f96f1651419111712f9f02cb
6abd011c668f1bef92628c4df732e6a0cf156934b1bedacef75cd4387ccf1cd6
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6aff8f4ca1717f69640e467baed4269d2cfa984520465862f3cfed7d73b68f25
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6b8af903aa3d66430963daab0323b46f4b188de673752795e4b2b0b17a743466
6c6bd4f1d599be4d43843b7dbf5ec5e134cd7aec0c900ac1c030ead10bbe4ea1
6eba7efe25b102daba8ab72f4f16cb18ba3915a767864a9fb3f5ee965f16ca15
70c14afe4d8b8e671d2e0cd9cf55cf877e2e27d035cb7d814ff9c9856ed9c98d
70d4c4423dab9cf00b6e9bcf57518eeafff00e9d2499f4463498b03bef2bdc33
72d47230102aac67f3d5ca7f291d6eb93279a229790d46d0f139eeac72b95231
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
75467a479ac69bdda32a1fbaf9568ab1244d1ee77e9e1e920195edbfca26370d
755ebafbc5aeabb3884800544739a3e86e08c4ad8eaa9a8d41edf91e0db2767e
777a84c87cbb0f4e41f7eb0ae5c867a2adcc60098e087cba411ea0b89af32164
78406ca8eace84633eb6036813545df90aec4bcbea5e570e308fb15570ccdc50
7b24cbf8cced6ddb17e985fe5329d186750b005210ad2589c6f5146eafa0d2ef
7b98633cc9794f8479409e5c49ed029163e87e61c952841700e8345d6be8616c
7bb17835479c05254306e12e931f7f6d35d9f67e24d0d16aea9628b2b3d5cfc2
7bc59c486f78be433dde47b94a3176f5c4848e6caaeef7ebcba10bd37c2db92e
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7c585543eb96408d6e90889b9edcaa9d3b612b23ab38d8c0d52c79365876f1ca
7dd31f9a44dda77f55c5dc425aaed2fec6b1e3a1fad5f7eceaa6e8af9626cff5
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
82551cdea0858e842b84feb7d32ebce95b174544100ab6f140b4cc7a09d5ca15
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83912349e8bc8f0ec2084562dc5e71e06f33a3dfcad4899af80117a7174be14d
849056f7f6a3149a9f6b288c7847dccc5348347c3c6101be78ddeec1a2df13f3
8540c5e2d2e85cc6c5d46b1b06b7f6642dce39e0314299a08976cfe6053c7c52
86f54d4f393aa718bd334099922dc4b92bbbf4520a23bfa0707f7093fea6b65b
888e9303edf6e1eab95af9546eaeb63c63ad5c50195b21c9dd4bb1e22996a03c
8929071e05ab0ae106aebcdaa8898b93c6b424ea4bf66c3e86f8aa72a18f55bb
89396d88c6a901dfb6af9bfb3fd7c3f6aa31e1a195390b19e30673df7df910c0
8a0ddcefbec80dc817a376397e1038899b26857cb63c350da76db996be5ee510
8aed12b8b95a1d49011f3e134dc8e71804a3576818d1d1334145aaa96d71aa5e
8d57f1e13983f6fd206a3f4f0e86777f2f44ddf8bc899111897ea3d0a4ab678b
8fb681f67297e898ce5b908c30d67d62e6bc1be4f4e430af73b858282581c34e
902564d87ddfe92c327260fdd506b03b6d19cd61c9f9c5736e069eba3c7fada9
9219086b4f2c3bf77854b2e06ccd97ad32b9b7a140e65ff8b974a3bae6c7854c
9255f9f186056d9c722c47bb75bf71f79690a0a85fdccf83481c6eca62552623
95f4db14172013eb07b61d3933cdcee02d39e70569f86e2d445e637db2d62547
97a8cb323b800e312421b5f10b9292a19c964f2de15e15703bbed583e1d78639
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9b4fd2bac023c59fa666614872a2a06a413659ca1b03eb71c3ad32298b2366dd
9c4be6c58ae881da54dd35951ebdf40ef2577bcab0323949fcf7039fc4b5a0c0
9e11612aa8fdd4ea644685df7f76e8d415df784cb86ec1c2dfef935ad70583ef
9fd107036554e5b3dbf02b85868958ec91ff3981aad030a3ab4c4fb65590b884
9ffb7d8ae71cee2fe895c3761dfc37890e08808eb0a67f2cdcf9a6e2f279ca50
a00823cb2fb19c0e87a1f41a6bd5352c93f463511f5eb42d27769074da319a42
a0ec8793ecc2c9d97dcceac6cce1de315e1a0cf7b6c5180060916c2d047c9a1c
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a64087dba6a562babb68cdad60ab04a8f4709eede457013bb75c399dd837d749
a68a70f7be9281f3f7148b38d7f5971f1dc946d3034a40e55021d0fb6fb78d73
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a77b14fa718d5e2296ca2fa7007a8e8f52dfb07633f607181451eab75e631b3f
ab199625a90b8111a0ae408ef6b43ae28dd55ad6d2fa2524666c169b5b1262bc
ab87bb27c86d1981c66808a740c6a480cb7c9471a5e8f275dfec4450342b7ff8
abeab53042ac0c64fea02be8d8293099a5d93a4e6bb097746cb8e6924f7a2e7c
ac217fa597b7754bca874304308db97d8db94d4733d9027cccae8d7eff7eeceb
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
acf47ed08e03deb30050e6cc80f2972698f083352e87deda1ef3f3b1bef79e1a
addb6e8611e3b8170b1b21fa5bb2b53d401631be87075a095ca39d95a1744bc9
aec5ee5147fdc283bcb601dc6231c234d9bec077d32756aef2a75eeedf78038f
aed329f0644e7ec5ab69d50e12ccdfbb3a7a2c6378ef314c99a204e55bb5d10a
b0ab2f21243b940db6c6b986e1cedb149ffcc296b62b326e9214366585d1040d
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b36fa770af76aff69aee3c11fd279c11ec6fe7782f1d56f74cb35e12e13bf58b
b3abab8c0524b6f876d36f99aedd1fb14317c2e3758d2bdf093362d458f6f199
b668a9c686c57e43fb993bc43fb45f8710c8cc4bf8aeb3fc7064310d17e23bb2
b72c3988c72be8384bc1061ab0783b55d10744455ea7ff399e7577d754e01e5c
b8dd12b4cc0283b0d20c31c231b8ae14fa61c1b64d594cd8f8c0ed1948acb3b5
b94ed570e00f5bba0eaed65da67bf6f2fc5e107446a682eb045f20dbd12ab0e8
b97c99a69a6275c8f90703cd4c0864089a74fd08383a1cc75a8a4d0c2cb60cce
b9dff679ff9931afbbb8019d522a7d03d7787a7d7818037d48f3a502c652e2b6
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
bc2dee2d7bba673bee2abc6490f270aedec3e93055882daa0cd0a474388265b9
bc8aa370962ef495a1c841c9a35690028398d0827dd7a4433cb3558f97acb55f
be2277c99594557635d0993ac606fdc4994494e43408bc1be5c6ac9bfabc5dac
bec90e7e7b4c8ecdb8692c975b1f170b0ca14e8686af45028700bd7b21e34df2
bf6f164dab70a202db5af3aeaab9d5856725354e781a349cb2372f800391ec0c
bfd3a63eaedb5278996c838731087e5f7d984c9800d45f7e27cdd094358b30bc
c00545c81d97ab6aaa4ce46fd9b026817a8079477283eba5cced4003551eaf8c
c04c54179051ccba5447e33eccdd3307ee930f5a13e144811ba44eaf4e5eae12
c4444219574c6a63a1c7a9112884a6b5dbaae69b0d93d9d5591eaf2614fe05dd
c4882f336fb783ef4a1deab25e8576b9031e3cc3e35253af1bdce2411cd9f49a
c567a530aa928692d173e91ab4a5fad8cf1864d9961782b5c4aa6d9ea3e5faf1
c6f02ea61b580dd0d3d5fd8b473d8584ab32e741a5a969704928df2d2753a44e
c94f5186c74a7e1fa82a06e639286d482c42c84f5a1262b94774d70f8234d6f2
c99734749ad79de9e3e31e74c52248541454b72c2bed5fcb0747c78fa4b052fa
ca63193ce799e4e00c9106349365981dc6e26cb77632ebf5df23dffba2aaccfa
cb37d0e01a4a707ffafae4f7b08b9eb695840f34036bcb5ce403d72ffc54a3e9
cc2b3cbe3d04b4e1c8e633bb85993b369fb74102947a165e28dacca9072c423d
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d06eed0799cc590e2bbd48a85ff749553bf147b4ce0bc9201fd98408fbab5174
d21cdd2d2f8a1dad3f6e38a8fef966c2695eea4140b6445372215c156751fd91
d2520b3a586d1146ff5c63e367c0ebdda1f27de3606223916c3cf7a67ade81ed
d293615bf31154b942130f428df78234bc997f8f42ac0aa70d4d48a044833a96
d3d530638642efb47e9251b6c6f29f801725961a6b998ed5280f85dddcbb86a8
d4a5c90a048bebcddcc6b7e41008af3f42bb578a6d75438bce4e05da12b57c94
d56d3e71b2453fa9b46b097ce633355e153b3b205e5d779d8c4bdb6c4458687b
d5f0743d47591bad3a29481a356f318ece9db2782b3c74773b26fef6732468bc
d6a7c2c8cba480cd7462bad1363f7bbcaa2adf888f541acdfe03f1f6161165c8
d6c7b620a58d96c7fbbcc8eb18f4b2126fd8e9765c76410b98bb420a085c2a09
d85850c885fe92574f866d77f638250a2747c691aa7f537b4922e28b368cd51a
d99ca202813ffad492f6147cf4629d242c854d14f6f2544a9f1df9795aa69115
da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c
db0aa87e4c4915fe16f61fd7e65e0da584f53341c1ff5928386fdb5c67b30e67
db488298b49c859f2174b078a55b8d9a29aeec85baff6aec893cb26fb28abedd
db70b5f10de529bb8e1d7eafea5815049ba4d360d9ec87910eb55efe6d7d24c6
dc1a8442dc994af5d9fa2ca1222090f0b1d2efb8c1a98686e767e0b32552d260
dca1ae93b9c0a595ca6470fda80b9628d455812f8ba2bef0cb29edebe4290633
dd3b840c73b435ecfae30ed86ecb8e5519bb49a0674224a96c1c921664be8518
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de3739c1ae7026582c92bfee95724b3d3710e3d5dd55c4f045e68b730e93b4a7
e02d9f87b3d49d701987e22f985f3c234203ec892e3f72fc95413537ec5cee93
e073cab5846056edb090b7f1c5c60f69a9a0840aca0ce4cebb2d654785d7c4e8
e2bb2e8d1c787e8ee676e610a834a6baad27f2c603ef35f2def72123ed20ac1f
e38a7221552e1e6c95ac96060c2db2246a3eb205c741ce16e06eecc17b7f4408
e39d8e3236bd8c2790a2d7ae0aec00a007e5a0e3b48de7ad4b2f3e97d38a3bd7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e69846be1be704e8c2324dc7ca9e439a496a67d203a9322f1d2ab7ca5031f001
e916478d94814b1a0c2680424c323db0514f4a022d16835cd7bcc754722308f4
e96ee4202dd697f4757a0c1502f5b3ae79c0d59d0823d80a80ac3ed97132d861
ea011956164ed15022fb5732fd6d810bf75bb104babed05a29beb5c50302b926
ea0f3c8f9bad08cd59e22c48fcb4d27509a1bfdfde46dc5c047ff14689740f02
ea49d637d2993f9f26da88b7afe451335908eca2d3918de5bfc3f4ce9e4f874f
ea853f85c2899e807cf652814c66d1d9a6007e93b6db875ba811824d80585e97
ea87a07d4af191b2ff23c12c8e741cc3c9fd47415fd08f80da5b0d948ff94902
eb519c22ccd746aa3a9a0735008fb708b1fc0bd0e88da908d9b04956b41d0c2a
eb8a409a0c5e1684082bf754274b5d9a89316cf76168b4e8f51a5fe5bff6e67a
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
ed83927a23a16d11aede01c57e2557a7f4e0cba3f936c457782a06a26bdf44fb
ee9c02b6ef7c57f2b83a0e88dab977f839560afb553d57eae49731bc5fa252ad
eedabdd2b23f98813d6e180e614bfd6a42b38291996622b21c715259ebff0ba9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0f8b5cf5142f3e2a9cf89c8bdd56aa6a61bed32ff32e7f790d5bca3e113a9e8
f130ce2b6e40370973a245e7bb5bfba96229e57b0c24a51dc28ebfab56b45c37
f17de407562ed5814892a1b44c6e349761f067cf6f2360ebe2aef4f03a5bea4e
f17e3a5ad9fa5fdd05d12cd7c6b9a5e4f47df302c3d4fc1094406a450a1fa9c8
f3a9fff032ac492b08e1c978c7a1ffafb56c052d5b76ab2a8476c556a06b3fe6
f502504402eb855b7bd6cfedb5f7e3f873563d4b20417f6528df0e0122c660b7
f6a1057db824aa68f48084a3186a7c77d998c2ba443104125e4ae49aa9a559b1
fad70b38dad6db3caf536265085c3c8b620c3b0686ff6226bbd6b58ddf117f62
fb0071040453327499fb9339d72e664d19a57e8f0efac2f76444a9086c90e302
fb25d9cbb5a59405edffa4ebd26f8d18f84059c1071c3387b155aa3508bbb32f
fb366afb54e20432cee4e1287a424fea45f4fbcf10b298f400cf27842b1ef91b
fb4f3cff3b4e9151030e62a5fb4f8e84b208de951db36582c3cf778939754b2f
fbfad689067acb8e893b001d3b227174a6a02d9bef89c4bcd49702a3b9434cbe
fc04d03deaa0c0c8a537fe0ce99f711845160df61f823e20536c98ab579a3a28
fc1c4f09ff158c02c23a035afb72d4221d9e9e58a6a01b01d93191295edbc4fa
fe3688f5bf2dbc368c25ac47ac6e3984b9fd53a133bd0b034f22a740e2ab99d3
fec6d1a6c1334a24ba35a7fe1eb40b55fe92d6f6aa0cba54861df165c5c4077c

www.thestar.com Open in urlscan Pro 13.32.21.33 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

355 Requests

93 %HTTPS

32 %IPv6

64 Domains

103 Subdomains

83 IPs

10 Countries

5156 kBTransfer

18310 kBSize

90 Cookies

17 Outgoing links

Page URL History

Redirected requests

355 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.thestar.com Open in urlscan Pro
13.32.21.33 Public Scan

Screenshot
Live screenshot

Full Image

355
Requests

93 %
HTTPS

32 %
IPv6

64
Domains

103
Subdomains

83
IPs

10
Countries

5156 kB
Transfer

18310 kB
Size

90
Cookies

355 HTTP transactions
0 data transactions